• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 13

    No logro desinstalar FBDownloader (Solucionado)

    Resumen del tema: No logro desinstalar FBDownloader (Solucionado) - Buen día foreros. Saludos a todos desde Buenos Aires. Recurro a vuestro consejo porque agoté mis pobres conocimientos tratando de desinstalar este bicho. En anteriores ocasiones las consultas y respuestas del foro me dieron la ...

      
    1. #1
      Usuario Avatar de manu25
      Registrado
      feb 2013
      Ubicación
      Argentina
      Mensajes
      7

      Sonrisa No logro desinstalar FBDownloader (Solucionado)

      Buen día foreros. Saludos a todos desde Buenos Aires.

      Recurro a vuestro consejo porque agoté mis pobres conocimientos tratando de desinstalar este bicho.
      En anteriores ocasiones las consultas y respuestas del foro me dieron la solución para borrar algún malware, pero esta vez no puedo quitarlo.
      Al igual que otros usuarios que he leído, pasé Malwarebytes Anti Malware, Super AntiSpyware, CCleaner, etc, y nada. Reinicio la PC y aparece nuevamente instalado como Página de Inicio y tirando Pop Ups a cada momento.
      Creo que bajó a mi maquina en alguna descarga desde Softonic

      He visto que vuestro consejo es bajar OTL.
      Ya lo hice, pero el proceso de cura escapa a mi entendimiento.

      Agradeceré cualquier tipo de guía o ayuda

      Saludos y gracias !
      Manu

    2. #2
      Moderador Gral.
      Avatar de Damianl_77
      Registrado
      ene 2008
      Ubicación
      Argentina
      Mensajes
      23.291

      Re: No logro desinstalar FBDownloader

      Hola manu25 bienvenid@ al foro de InfoSpyware

      Genera un reporte de OTL y pegalo en tu próxima respuesta

      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de manu25
      Registrado
      feb 2013
      Ubicación
      Argentina
      Mensajes
      7

      Re: No logro desinstalar FBDownloader

      Cita Originalmente publicado por Damianl_77 Ver Mensaje
      Hola manu25 bienvenid@ al foro de InfoSpyware

      Genera un reporte de OTL y pegalo en tu próxima respuesta
      Hola Damian, mil gracias por la onda.
      Ahi va el reporte:



      OTL logfile created on: 20/02/2013 12:44:20 p.m. - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Manu y Sil\Downloads
      64bit- Home Basic Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00002C0A | Country: Argentina | Language: ESS | Date Format: dd/MM/yyyy

      3,61 Gb Total Physical Memory | 2,52 Gb Available Physical Memory | 69,71% Memory free
      7,23 Gb Paging File | 5,59 Gb Available in Paging File | 77,30% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 452,46 Gb Total Space | 367,57 Gb Free Space | 81,24% Space Free | Partition Type: NTFS
      Drive D: | 13,20 Gb Total Space | 1,63 Gb Free Space | 12,32% Space Free | Partition Type: NTFS
      Drive E: | 4,33 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

      Computer Name: MANUYSIL-HP | User Name: Manu y Sil | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\Manu y Sil\Downloads\OTL.exe (OldTimer Tools)
      PRC - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
      PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
      PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
      PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
      PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
      PRC - C:\Program Files (x86)\Hewlett-Packard\HP My Display\OSDManager.exe (Portrait Displays, Inc)
      PRC - C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe (Portrait Displays, Inc.)
      PRC - C:\Program Files (x86)\PDF Complete\pdfsvc.exe (PDF Complete Inc)
      PRC - C:\Program Files (x86)\FlingPCGames\GameMonitor\GameMonitor.exe (3DiJoy Corporation)
      PRC - C:\Users\Manu y Sil\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS)
      PRC - c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink)
      PRC - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe (Portrait Displays, Inc.)
      PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
      PRC - C:\Windows\SysWOW64\ezSharedSvcHost.exe (EasyBits Software AS)
      PRC - C:\Windows\SysWOW64\ezSharedSvcHost.exe (EasyBits Software AS)
      PRC - C:\Windows\SysWOW64\ezSharedSvcHost.exe (EasyBits Software AS)
      PRC - C:\Windows\SysWOW64\ezSharedSvcHost.exe (EasyBits Software AS)
      PRC - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)


      ========== Modules (No Company Name) ==========

      MOD - C:\Program Files (x86)\Hewlett-Packard\HP My Display\ACPIDll.dll ()


      ========== Services (SafeList) ==========

      SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
      SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
      SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
      SRV:64bit: - (HPClientSvc) -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (Hewlett-Packard Company)
      SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
      SRV:64bit: - (AERTFilters) -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE (Andrea Electronics Corporation)
      SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
      SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe (McAfee, Inc.)
      SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      SRV - (HP Support Assistant Service) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (Hewlett-Packard Company)
      SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
      SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
      SRV - (DTSRVC) -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe (Portrait Displays, Inc.)
      SRV - (pdfcDispatcher) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe (PDF Complete Inc)
      SRV - (PdiService) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe (Portrait Displays, Inc.)
      SRV - (IconMan_R) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Realsil Microelectronics Inc.)
      SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
      SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
      SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
      SRV - (NOBU) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation)
      SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
      SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


      ========== Driver Services (SafeList) ==========

      DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
      DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
      DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
      DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
      DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
      DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
      DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
      DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
      DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
      DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
      DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
      DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
      DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
      DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
      DRV:64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
      DRV:64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
      DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
      DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
      DRV:64bit: - (RSPCIESTOR) -- C:\Windows\SysNative\drivers\RtsPStor.sys (Realtek Semiconductor Corp.)
      DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
      DRV:64bit: - (netr28x) -- C:\Windows\SysNative\drivers\netr28x.sys (Ralink Technology, Corp.)
      DRV:64bit: - (clwvd) -- C:\Windows\SysNative\drivers\clwvd.sys (CyberLink Corporation)
      DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices)
      DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices)
      DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
      DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
      DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
      DRV:64bit: - (FlingJoyBus) -- C:\Windows\SysNative\drivers\FlingJoyBus64.sys (3DiJoy Corporation)
      DRV:64bit: - (FlingJoystickPort) -- C:\Windows\SysNative\drivers\FlingJoyPort64.sys (3DiJoy Corporation)
      DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
      DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
      DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
      DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
      DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
      DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
      DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
      DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
      DRV:64bit: - (RimUsb) -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys (Research In Motion Limited)
      DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPALL/47
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPALL/47
      IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
      IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
      IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://ar.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
      IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://es.wikipedia.org/wiki/Special:Search?search={searchTerms}
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPALL/47
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPALL/47
      IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
      IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
      IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://ar.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
      IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://es.wikipedia.org/wiki/Special:Search?search={searchTerms}

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPALL/47
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.fbdownloader.com/?channel=sfron205
      IE - HKCU\..\SearchScopes,DefaultScope = {b7fca997-d0fb-4fe0-8afd-255e89cf9671}
      IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://search.fbdownloader.com/search.php?channel=sfron205&q={searchTerms}
      IE - HKCU\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://ar.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
      IE - HKCU\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://es.wikipedia.org/wiki/Special:Search?search={searchTerms}
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      ========== FireFox ==========

      FF - prefs.js..browser.search.defaultenginename: "Search"
      FF - prefs.js..browser.search.defaulturl: "http://search.fbdownloader.com/search.php?channel=sfron205&q="
      FF - prefs.js..browser.search.selectedEngine: "Google"
      FF - prefs.js..browser.startup.homepage: "http://search.fbdownloader.com/?channel=sfron205"
      FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0
      FF - prefs.js..keyword.URL: "http://search.fbdownloader.com/search.php?channel=sfron205&q="
      FF - user.js - File not found

      FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_149.dll File not found
      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
      FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
      FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
      FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\Manu y Sil\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1103234-0-npoctoshape.dll (Octoshape ApS)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Iminent\[email protected]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/11/18 11:52:49 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/02/19 20:03:09 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
      FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/02/19 20:03:09 | 000,000,000 | ---D | M]
      FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

      [2012/07/01 18:11:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Manu y Sil\AppData\Roaming\mozilla\Extensions
      [2013/02/20 10:48:32 | 000,002,388 | ---- | M] () -- C:\Users\Manu y Sil\AppData\Roaming\mozilla\firefox\profiles\qyj5ht74.default-1361367349980\searchplugins\search.xml
      [2013/02/19 20:02:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
      [2013/02/19 20:03:08 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
      [2012/08/29 21:47:06 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
      [2012/12/05 20:12:16 | 000,004,095 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\drae.xml
      [2012/12/05 20:12:16 | 000,001,356 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-es.xml
      [2013/02/19 20:03:06 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
      [2012/12/05 20:12:16 | 000,001,391 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-es.xml
      [2012/12/05 20:12:16 | 000,001,315 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-es.xml

      ========== Chrome ==========

      CHR - Extension: No name found = C:\Users\Manu y Sil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
      CHR - Extension: No name found = C:\Users\Manu y Sil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
      CHR - Extension: No name found = C:\Users\Manu y Sil\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.4.6_0\
      CHR - Extension: No name found = C:\Users\Manu y Sil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

      O1 HOSTS File: ([2009/06/10 18:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
      O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
      O2:64bit: - BHO: (no name) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - No CLSID value found.
      O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
      O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
      O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly Technologies Ltd)
      O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
      O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
      O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
      O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
      O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
      O4:64bit: - HKLM..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe (Hewlett-Packard)
      O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
      O4 - HKLM..\Run: [] File not found
      O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
      O4 - HKLM..\Run: [DT HPO] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe (Portrait Displays, Inc.)
      O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
      O4 - HKLM..\Run: [GameMonitor] C:\Program Files (x86)\FlingPCGames\GameMonitor\GameMonitor.exe (3DiJoy Corporation)
      O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
      O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
      O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
      O4 - HKCU..\Run: [DataMgr] C:\Users\Manu y Sil\AppData\Roaming\DataMgr\DataMgr.exe (HTTO Group, Ltd.)
      O4 - HKCU..\Run: [Octoshape Streaming Services] C:\Users\Manu y Sil\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS)
      O4 - HKCU..\Run: [SCheck] C:\Users\Manu y Sil\AppData\Roaming\SCheck\SCheck.exe ()
      O4 - HKCU..\Run: [SSync] C:\Users\Manu y Sil\AppData\Roaming\SSync\SSync.exe ()
      O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
      O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
      O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
      O1364bit: - gopher Prefix: missing
      O13 - gopher Prefix: missing
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.2
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{314556AD-E9C0-40F9-AA61-DEFDA27B236E}: DhcpNameServer = 10.0.0.2
      O18:64bit: - Protocol\Handler\livecall - No CLSID value found
      O18:64bit: - Protocol\Handler\msnim - No CLSID value found
      O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
      O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
      O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
      O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
      O32 - HKLM CDRom: AutoRun - 1
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35:64bit: - HKLM\..comfile [open] -- "%1" %*
      O35:64bit: - HKLM\..exefile [open] -- "%1" %*
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
      O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      ========== Files/Folders - Created Within 30 Days ==========

      [2013/02/19 20:02:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
      [2013/02/19 18:47:37 | 000,000,000 | ---D | C] -- C:\Users\Manu y Sil\AppData\Local\Programs
      [2013/02/17 20:42:48 | 000,000,000 | ---D | C] -- C:\Users\Manu y Sil\AppData\Local\{8BB8CDC0-50E2-40AB-A92D-3343553D85A8}
      [2013/02/17 20:32:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yontoo
      [2013/02/17 20:32:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
      [2013/02/17 20:31:06 | 000,000,000 | ---D | C] -- C:\Users\Manu y Sil\AppData\Roaming\DealPly
      [2013/02/17 20:30:13 | 000,000,000 | ---D | C] -- C:\Users\Manu y Sil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
      [2013/02/17 20:30:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DealPly
      [2013/02/17 20:29:24 | 000,000,000 | ---D | C] -- C:\Users\Manu y Sil\AppData\Roaming\DataMgr
      [2013/02/17 20:29:22 | 000,000,000 | ---D | C] -- C:\Users\Manu y Sil\AppData\Roaming\SSync
      [2013/02/17 20:29:06 | 000,000,000 | ---D | C] -- C:\Users\Manu y Sil\AppData\Roaming\SCheck
      [2013/02/17 20:29:02 | 000,000,000 | ---D | C] -- C:\Users\Manu y Sil\AppData\Roaming\Common
      [2013/02/17 20:29:01 | 000,000,000 | ---D | C] -- C:\Users\Manu y Sil\AppData\Roaming\FBDownloader
      [2013/02/17 20:28:58 | 000,000,000 | ---D | C] -- C:\Users\Manu y Sil\AppData\Local\VisualBeeClient
      [2013/02/17 20:27:31 | 000,000,000 | ---D | C] -- C:\Users\Manu y Sil\AppData\Local\VisualBeeExe
      [2013/02/17 20:24:46 | 000,000,000 | ---D | C] -- C:\ProgramData\VisualBee
      [2013/02/14 20:23:52 | 000,000,000 | ---D | C] -- C:\Users\Manu y Sil\AppData\Roaming\dvdcss
      [2013/02/13 18:55:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
      [2013/02/08 20:56:19 | 000,000,000 | ---D | C] -- C:\Users\Manu y Sil\AppData\Roaming\vlc
      [2013/02/08 20:56:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
      [2013/02/08 20:55:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
      [2013/02/07 22:20:49 | 000,000,000 | ---D | C] -- C:\Users\Manu y Sil\AppData\Roaming\BSplayer Pro
      [2013/02/07 22:20:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Webteh
      [2013/02/07 22:16:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong
      [2013/02/07 22:16:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PriceGong
      [2013/02/07 19:44:14 | 000,000,000 | ---D | C] -- C:\Users\Manu y Sil\AppData\Roaming\Nico Mak Computing
      [2013/02/07 19:44:10 | 000,018,760 | ---- | C] (WinZip Computing, S.L.(WinZip Computing)) -- C:\Windows\SysNative\roboot64.exe
      [2013/02/07 19:42:05 | 000,000,000 | ---D | C] -- C:\Users\Manu y Sil\AppData\Roaming\uTorrent

      ========== Files - Modified Within 30 Days ==========

      [2013/02/20 11:50:00 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2013/02/20 10:55:14 | 000,022,624 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2013/02/20 10:55:14 | 000,022,624 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2013/02/20 10:47:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2013/02/20 10:47:42 | 2910,302,208 | -HS- | M] () -- C:\hiberfil.sys
      [2013/02/18 17:45:53 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForManu y Sil.job
      [2013/02/14 17:34:56 | 000,267,752 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
      [2013/02/13 23:27:35 | 001,693,928 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
      [2013/02/13 23:27:35 | 000,745,680 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
      [2013/02/13 23:27:35 | 000,652,382 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
      [2013/02/13 23:27:35 | 000,157,922 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
      [2013/02/13 23:27:35 | 000,121,056 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
      [2013/02/13 18:55:13 | 000,002,048 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
      [2013/02/13 18:55:13 | 000,002,048 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
      [2013/02/08 20:56:01 | 000,001,068 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
      [2013/01/22 19:48:47 | 004,933,378 | ---- | M] () -- C:\Users\Manu y Sil\Desktop\MOV01001.MP4

      ========== Files Created - No Company Name ==========

      [2013/02/13 18:55:13 | 000,002,048 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
      [2013/02/08 20:56:01 | 000,001,068 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
      [2013/01/22 19:48:02 | 004,933,378 | ---- | C] () -- C:\Users\Manu y Sil\Desktop\MOV01001.MP4
      [2012/09/13 18:45:54 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat
      [2012/05/20 0427 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
      [2011/10/06 01:34:21 | 000,000,196 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
      [2011/10/06 01:15:32 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
      [2011/10/06 01:11:21 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
      [2011/07/06 02:34:24 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
      [2011/06/21 04:07:00 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL

      ========== ZeroAccess Check ==========

      [2009/07/14 01:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
      "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 02:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 01:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 22:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 00:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 22:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

      ========== LOP Check ==========

      [2013/02/07 22:20:49 | 000,000,000 | ---D | M] -- C:\Users\Manu y Sil\AppData\Roaming\BSplayer Pro
      [2013/02/17 20:29:02 | 000,000,000 | ---D | M] -- C:\Users\Manu y Sil\AppData\Roaming\Common
      [2013/02/17 20:29:24 | 000,000,000 | ---D | M] -- C:\Users\Manu y Sil\AppData\Roaming\DataMgr
      [2013/02/17 20:31:06 | 000,000,000 | ---D | M] -- C:\Users\Manu y Sil\AppData\Roaming\DealPly
      [2013/02/19 19:59:38 | 000,000,000 | ---D | M] -- C:\Users\Manu y Sil\AppData\Roaming\FBDownloader
      [2013/02/07 20:15:04 | 000,000,000 | ---D | M] -- C:\Users\Manu y Sil\AppData\Roaming\Nico Mak Computing
      [2012/05/25 19:27:39 | 000,000,000 | ---D | M] -- C:\Users\Manu y Sil\AppData\Roaming\Octoshape
      [2013/02/17 20:29:06 | 000,000,000 | ---D | M] -- C:\Users\Manu y Sil\AppData\Roaming\SCheck
      [2013/01/06 23:22:40 | 000,000,000 | ---D | M] -- C:\Users\Manu y Sil\AppData\Roaming\SoftGrid Client
      [2013/02/17 20:29:22 | 000,000,000 | ---D | M] -- C:\Users\Manu y Sil\AppData\Roaming\SSync
      [2012/05/19 14:11:53 | 000,000,000 | ---D | M] -- C:\Users\Manu y Sil\AppData\Roaming\TP
      [2013/02/20 0051 | 000,000,000 | ---D | M] -- C:\Users\Manu y Sil\AppData\Roaming\uTorrent
      [2012/05/19 14:00:00 | 000,000,000 | ---D | M] -- C:\Users\Manu y Sil\AppData\Roaming\WildTangent
      [2012/06/04 12:17:26 | 000,000,000 | ---D | M] -- C:\Users\Manu y Sil\AppData\Roaming\WinBatch
      [2012/05/19 17:00:20 | 000,000,000 | ---D | M] -- C:\Users\Manu y Sil\AppData\Roaming\_MDLogs

      ========== Purity Check ==========



      < End of report >

    4. #4
      Moderador Gral.
      Avatar de Damianl_77
      Registrado
      ene 2008
      Ubicación
      Argentina
      Mensajes
      23.291

      Re: No logro desinstalar FBDownloader

      Ejecutá OTL.exe


      Copiá y Pegá el código que está dentro del recuadro de abajo en la sección Análisis Personalizado / Código de Reparación



      Código:
      :OTL
      IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.fbdownloader.com/?channel=sfron205
      IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://search.fbdownloader.com/search.php?channel=sfron205&q={searchTerms}
      FF - prefs.js..browser.search.defaulturl: "http://search.fbdownloader.com/search.php?channel=sfron205&q="
      FF - prefs.js..browser.startup.homepage: "http://search.fbdownloader.com/?channel=sfron205"
      FF - prefs.js..keyword.URL: "http://search.fbdownloader.com/search.php?channel=sfron205&q="
      FF - user.js - File not found
      O2:64bit: - BHO: (no name) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - No CLSID value found.
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
      O4 - HKLM..\Run: [] File not found
      O18:64bit: - Protocol\Handler\livecall - No CLSID value found
      O18:64bit: - Protocol\Handler\msnim - No CLSID value found
      O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
      O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      [2013/02/17 20:29:01 | 000,000,000 | ---D | C] -- C:\Users\Manu y Sil\AppData\Roaming\FBDownloader
      [2013/02/17 20:29:24 | 000,000,000 | ---D | C] -- C:\Users\Manu y Sil\AppData\Roaming\DataMgr
      
      :commands
      [emptyflash]
      [emptytemp]
      [Reboot]

      Presioná el Botón Reparar para lanzar la eliminación. Presionas OK.

      OTL va a Reiniciar el ordenador para completar la eliminación.


      Guardas el nuevo reporte generado. Lo copias y pegas en Tu próxima respuesta y nos comentas como sigue la PC ahora.

      El reporte lo encontras en:
      C:\ _ OTL\MovedFiles\xxx_xxx.txt

      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de manu25
      Registrado
      feb 2013
      Ubicación
      Argentina
      Mensajes
      7

      Re: No logro desinstalar FBDownloader

      Parece que todo sigue igual.
      Todavia está istalado como pagina de inicio y el navegador funciona lento.


      All processes killed
      ========== OTL ==========
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827}\ not found.
      HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
      Prefs.js: "http://search.fbdownloader.com/search.php?channel=sfron205&q=" removed from browser.search.defaulturl
      Prefs.js: "http://search.fbdownloader.com/?channel=sfron205" removed from browser.startup.homepage
      Prefs.js: "http://search.fbdownloader.com/search.php?channel=sfron205&q=" removed from keyword.URL
      64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ deleted successfully.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ not found.
      Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
      File Protocol\Handler\livecall - No CLSID value found not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
      File Protocol\Handler\msnim - No CLSID value found not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
      File Protocol\Handler\wlmailhtml - No CLSID value found not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
      File Protocol\Handler\wlpg - No CLSID value found not found.
      Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
      C:\Users\Manu y Sil\AppData\Roaming\FBDownloader folder moved successfully.
      C:\Users\Manu y Sil\AppData\Roaming\DataMgr folder moved successfully.
      ========== COMMANDS ==========

      [EMPTYFLASH]

      User: All Users

      User: Default
      ->Flash cache emptied: 56466 bytes

      User: Default User
      ->Flash cache emptied: 0 bytes

      User: Manu y Sil
      ->Flash cache emptied: 58094 bytes

      User: Public

      Total Flash Files Cleaned = 0,00 mb


      [EMPTYTEMP]

      User: All Users

      User: Default
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes
      ->Flash cache emptied: 0 bytes

      User: Default User
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes
      ->Flash cache emptied: 0 bytes

      User: Manu y Sil
      ->Temp folder emptied: 65381188 bytes
      ->Temporary Internet Files folder emptied: 126927146 bytes
      ->FireFox cache emptied: 49913512 bytes
      ->Google Chrome cache emptied: 6163045 bytes
      ->Flash cache emptied: 0 bytes

      User: Public

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 0 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 138595104 bytes
      %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67975 bytes
      RecycleBin emptied: 26312274792 bytes

      Total Files Cleaned = 25.462,00 mb


      OTL by OldTimer - Version 3.2.69.0 log created on 02202013_132942

      Files\Folders moved on Reboot...
      C:\Users\Manu y Sil\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
      C:\Users\Manu y Sil\AppData\Local\Mozilla\Firefox\Profiles\qyj5ht74.default-1361367349980\startupCache\startupCache.4.little moved successfully.
      C:\Users\Manu y Sil\AppData\Local\Mozilla\Firefox\Profiles\qyj5ht74.default-1361367349980\Cache\_CACHE_001_ moved successfully.
      C:\Users\Manu y Sil\AppData\Local\Mozilla\Firefox\Profiles\qyj5ht74.default-1361367349980\Cache\_CACHE_002_ moved successfully.
      C:\Users\Manu y Sil\AppData\Local\Mozilla\Firefox\Profiles\qyj5ht74.default-1361367349980\Cache\_CACHE_003_ moved successfully.
      C:\Users\Manu y Sil\AppData\Local\Mozilla\Firefox\Profiles\qyj5ht74.default-1361367349980\Cache\_CACHE_MAP_ moved successfully.
      C:\Users\Manu y Sil\AppData\Local\Mozilla\Firefox\Profiles\qyj5ht74.default-1361367349980\_CACHE_CLEAN_ moved successfully.
      File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

      PendingFileRenameOperations files...

      Registry entries deleted on Reboot...

    6. #6
      Moderador Gral.
      Avatar de Damianl_77
      Registrado
      ene 2008
      Ubicación
      Argentina
      Mensajes
      23.291

      Re: No logro desinstalar FBDownloader

      • Realiza lo siguiente:
      • Descarga AT-Destroyer (Adwares/Toolbars-Destroyer) By Infospyware.
      • Ejecuta la herramienta como administrador. (Clic derecho ejecutar como administrador)
      • La herramienta desconectará el escritorio momentáneamente.
      • En caso de estar infectado,la herramienta lo indicará con lineas rojas donde se haya encontrado la infección, si no serán lineas verdes.
      • Una vez terminado el escaneo,podrás volver a ver el escritorio y se te abrirá un reporte,que deberás copiar en tu próxima respuesta comentando cómo funciona el sistema.


      Descarga y ejecuta IniRem 3 para desbloquear el navegador y reparar los archivos host.
      • Ingresar la pagina de inicio que desee tener en el navegador Internet Explorer
      • Presionar el botón Desbloquear IE (El archivo Host será restaurado)

      1 Ingrese la Pagina de Inicio que desee tener.
      2 Marque la casilla del navegador que necesite desbloquear: Internet Explorer y/o Firefox.
      3 Presione "Desbloquear"
      4 Aceptar las "advertencias"
      5 Reinicias la "PC"

      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #7
      Usuario Avatar de manu25
      Registrado
      feb 2013
      Ubicación
      Argentina
      Mensajes
      7

      Re: No logro desinstalar FBDownloader

      Gracias Damián.

      Te cuento que el ATDestroyer no puedo terminar de pasarlo.
      Si elijo la opcion Buscar y Destruir el proceso avanza hasta el 22% y queda alli clavado. Probé 3 veces con la misma suerte.
      En cambio si elijo la opción Buscar, corre completo y genera el reporte que pego debajo.

      Ejecuté tambien el IniRem 3, y parece haber debloqueado solo el Internet Explorer.
      Mozilla sigue con FBDownloader como pagina de inicio y andando lento.



      ######################## AT-Destroyer By Infospyware.
      Hora/Día/Mes/Año: 20:32:17 \\\ 21/02/2013
      AT-Destroyer 2.1 By Infospyware ---> InfoSpyware
      Última actualización: 30/11/2012
      Opción escogida: 1 :Buscar
      Versión Internet Explorer:9.0.8112.16421
      Mozilla Firefox:19.0.0.4794
      Privilegios: Manu y Sil - Administrador
      Modo Actual: Modo Normal.
      Nombre del pc: MANUYSIL-HP
      Información del sistema operativo:X64-WIN_7-Service Pack 1
      nombre del usuario:Manu y Sil
      Lenguaje del sistema: Español



      >>>>>> Servicios <<<<<<



      >>>>>> Carpetas <<<<<<

      C:\Program Files (x86)\DealPly\DealPly.crx (W32/PND.DealPly)
      C:\Program Files (x86)\DealPly\DealPly.xpi (W32/PND.DealPly)
      C:\Program Files (x86)\DealPly\DealPlyIE.dll (W32/PND.DealPly)
      C:\Program Files (x86)\DealPly\DealPlyUpdate.exe (W32/PND.DealPly)
      C:\Program Files (x86)\DealPly\DealPlyUpdate.log (W32/PND.DealPly)
      C:\Program Files (x86)\DealPly\DealPlyUpdateRun.exe (W32/PND.DealPly)
      C:\Program Files (x86)\DealPly\icon.ico (W32/PND.DealPly)
      C:\Program Files (x86)\DealPly\uninst.exe (W32/PND.DealPly)
      C:\Program Files (x86)\DealPly (W32/PND.DealPly)
      C:\Program Files (x86)\PriceGong\2.6.4 (W32/PND.PriceGong)
      C:\Program Files (x86)\PriceGong\2.6.4\PriceGong.crx (W32/PND.PriceGong)
      C:\Program Files (x86)\PriceGong\uninst.exe (W32/PND.PriceGong)
      C:\Program Files (x86)\PriceGong (W32/PND.PriceGong)
      C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504} ( )
      C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Cache ( )
      C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.dat ( )
      C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe ( )
      C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico ( )
      C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll ( )
      C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll ( )
      C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} ( )
      C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Cache ( )
      C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat ( )
      C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe ( )
      C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico ( )
      C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll ( )
      C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll ( )
      C:\ProgramData\Tarma Installer ( )


      >>>>>> Archivos <<<<<<

      Encontrado: : C:\Windows\System32\ezsidmv.dat


      >>>>>> Registro <<<<<<

      HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN| (DataMgr)~~~~"C:\Users\Manu y Sil\AppData\Roaming\DataMgr\DataMgr.exe" (W32/Hijacker.Searchqu Toolbar)
      HKCU64\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN| (DataMgr)~~~~"C:\Users\Manu y Sil\AppData\Roaming\DataMgr\DataMgr.exe" (W32/Hijacker.Searchqu Toolbar)


      >>>>>> Heurística <<<<<<



      >>>>>> Internet Explorer <<<<<<

      Start Page==http://www.infospyware.com
      Local Page==C:\WINDOWS\SYSTEM32\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      Default_Page_URL==http://go.microsoft.com/fwlink/?LinkId=69157


      ''HKCU\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.InfoSpyware.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      Default_search_url==
      Default_Page_URL==http://g.msn.com/HPALL/47


      HKEY_USERS\S-1-5-21-671115920-1060071038-1631360762-1000\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.InfoSpyware.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      Default_search_url==
      Default_Page_URL==http://g.msn.com/HPALL/47


      >>>>>> Firefox <<<<<<

      user_pref("browser.startup.homepage", "http://search.fbdownloader.com/?channel=sfron205");
      user_pref("browser.startup.homepage_override.buildID", "20130215130331");
      user_pref("browser.startup.homepage_override.mstone", "19.0");


      >>>>>> Extensiones Firefox <<<<<<


      C:\Program Files (x86)\{972ce4c6-7e08-4474-a285-3208198ce6fd}
      C:\Program Files (x86)\{972ce4c6-7e08-4474-a285-3208198ce6fd}

      >>>>>> Plugins Firefox <<<<<<

      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/McAfeeMssPlugin
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.5
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0

      >>>>>> Google Chrome <<<<<<

      {"http_throttling":{"enabled":true},"countryid_at_install":17747,"instant":{"enabled_time":"12981543089820074"},"cloud_print":{"email":""},"homepage_is_newtabpage":false,"plugins":{"enabled_nacl":true,"enabled_internal_pdf3":true},"homepage_changed":true,"default_search_provider":{"enabled":true,"encodings":"UTF-8","id":1,"keyword":"Search","suggest_url":null,"name":"Search","icon_url":"http:\/\/search.fbdownloader.com\/favicon.ico","search_url":"http:\/\/search.fbdownloader.com\/search.php?channel=sfron205&q={searchTerms}","prepopulate_id":0,"instant_url":null},"backup":null,"extensions":{"chrome_url_overrides":{"bookmarks":["chrome-extension:\/\/eemcgdkfndhakfknompkggombfjjjeno\/main.html"]},"autoupdate":{"next_check":"12981543496795597"},"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["appNotifications","management","webstorePrivate"]},"app_launcher_ordinal":"n","page_ordinal":"n"}}},"default_apps_install_state":2,"download":{"directory_upgrade":true,"extensions_to_open":""},"profile":{"name":"Primer usuario","exited_cleanly":true,"avatar_index":0,"content_settings":{"pref_version":1}},"homepage":"http:\/\/search.fbdownloader.com\/?channel=sfron205","dns_prefetching":{"startup_list":[1,"http:\/\/ssl.gstatic.com\/","http:\/\/www.google.com\/","http:\/\/www.google.es\/"],"host_referral_list":[2,["http:\/\/www.google.com\/",["http:\/\/www.google.es\/",2.6037004]],["http:\/\/www.google.es\/",["http:\/\/ssl.gstatic.com\/",2.6037004,"http:\/\/www.google.com\/",2.2733802,"http:\/\/www.google.es\/",4.5856216]]]},"browser":{"window_placement":{"maximized":false,"bottom":435,"right":630,"left":10,"work_area_bottom":446,"top":10,"work_area_top":0,"work_area_left":0,"work_area_right":640},"clear_lso_data_enabled":true},"session":{"urls_to_restore_on_startup":["http:\/\/search.fbdownloader.com\/?channel=sfron205"],"restore_on_startup_migrated":true,"restore_on_startup":4},"ntp":{"promo_build":0,"promo_end":1323071940,"sign_in_promo":{"group_max":100},"promo_group_max":0,"promo_views_max":0,"promo_views":0,"promo_start":1321862280,"promo_group":4,"promo_feature_mask":0,"promo_group_timeslice":0,"promo_platform":0,"promo_closed":false,"promo_is_logged_in_to_plus":false,"promo_line":"<a href=\"http:\/\/www.google.es\/chromebook\/index.html#utm_campaign=es&utm_source=es-ntp-holidays-es-bkws&utm_medium=ntp-holidays\">Descubre los Chromebook<\/a> – ordenador que usa Chrome","app_page_names":["Aplicaciones"],"promo_resource_cache_update":"1337069494.837288"}}


      >>>>>> Extensiones Google Chrome <<<<<<

      C:\Users\Manu y Sil\AppData\Local\Google\Chrome\User Data\Default\Extensions\4
      C:\Users\Manu y Sil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
      C:\Users\Manu y Sil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
      C:\Users\Manu y Sil\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
      C:\Users\Manu y Sil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia4
      C:\Users\Manu y Sil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
      C:\Users\Manu y Sil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
      C:\Users\Manu y Sil\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
      C:\Users\Manu y Sil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

      ======== Listado ===========

      [19/05/2012 01:18 p.m.] [19/05/2012 01:18 p.m.] -C:\Users\Manu y Sil\AppData\Roaming\ATI [DI]
      [07/02/2013 10:20 p.m.] [07/02/2013 10:20 p.m.] -C:\Users\Manu y Sil\AppData\Roaming\BSplayer Pro [DI]
      [17/02/2013 08:29 p.m.] [17/02/2013 08:29 p.m.] -C:\Users\Manu y Sil\AppData\Roaming\Common [DI]
      [22/05/2012 11:50 p.m.] [22/05/2012 11:50 p.m.] -C:\Users\Manu y Sil\AppData\Roaming\CyberLink [DI]
      [17/02/2013 08:31 p.m.] [17/02/2013 08:31 p.m.] -C:\Users\Manu y Sil\AppData\Roaming\DealPly [DI]
      [14/02/2013 08:23 p.m.] [14/02/2013 08:23 p.m.] -C:\Users\Manu y Sil\AppData\Roaming\dvdcss [DI]
      [27/05/2012 09:08 p.m.] [19/05/2012 02:11 a.m.] -C:\Users\Manu y Sil\AppData\Roaming\Hewlett-Packard [DI]
      [17/02/2013 10:02 a.m.] [20/05/2012 08:10 p.m.] -C:\Users\Manu y Sil\AppData\Roaming\HP Support Assistant [DI]
      [26/11/2012 05:40 p.m.] [04/06/2012 12:18 p.m.] -C:\Users\Manu y Sil\AppData\Roaming\hpqLog [DI]
      [17/02/2013 10:02 a.m.] [20/05/2012 01:53 p.m.] -C:\Users\Manu y Sil\AppData\Roaming\HpUpdate [DI]
      [19/05/2012 01:16 p.m.] [19/05/2012 01:16 p.m.] -C:\Users\Manu y Sil\AppData\Roaming\Identities [DI]
      [06/10/2011 01:41 a.m.] [19/05/2012 02:10 a.m.] -C:\Users\Manu y Sil\AppData\Roaming\Macromedia [DI]
      [01/07/2012 11:35 a.m.] [01/07/2012 11:35 a.m.] -C:\Users\Manu y Sil\AppData\Roaming\Malwarebytes [DI]
      [19/07/2012 10:57 p.m.] [19/05/2012 02:10 a.m.] -C:\Users\Manu y Sil\AppData\Roaming\Microsoft [SDI]
      [01/07/2012 06:11 p.m.] [19/05/2012 01:24 p.m.] -C:\Users\Manu y Sil\AppData\Roaming\Mozilla [DI]
      [07/02/2013 08:15 p.m.] [07/02/2013 07:44 p.m.] -C:\Users\Manu y Sil\AppData\Roaming\Nico Mak Computing [D]
      [25/05/2012 07:27 p.m.] [25/05/2012 07:27 p.m.] -C:\Users\Manu y Sil\AppData\Roaming\Octoshape [DI]
      [17/02/2013 08:29 p.m.] [17/02/2013 08:29 p.m.] -C:\Users\Manu y Sil\AppData\Roaming\SCheck [DI]
      [06/01/2013 11:22 p.m.] [19/05/2012 02:11 p.m.] -C:\Users\Manu y Sil\AppData\Roaming\SoftGrid Client [DI]
      [17/02/2013 08:29 p.m.] [17/02/2013 08:29 p.m.] -C:\Users\Manu y Sil\AppData\Roaming\SSync [DI]
      [01/07/2012 05:07 p.m.] [01/07/2012 05:07 p.m.] -C:\Users\Manu y Sil\AppData\Roaming\SUPERAntiSpyware.com [DI]
      [19/05/2012 02:11 p.m.] [19/05/2012 02:09 p.m.] -C:\Users\Manu y Sil\AppData\Roaming\TP [DI]
      [20/02/2013 12:10 a.m.] [07/02/2013 07:42 p.m.] -C:\Users\Manu y Sil\AppData\Roaming\uTorrent [DI]
      [20/02/2013 10:47 p.m.] [08/02/2013 08:56 p.m.] -C:\Users\Manu y Sil\AppData\Roaming\vlc [DI]
      [19/05/2012 02:00 p.m.] [19/05/2012 01:46 p.m.] -C:\Users\Manu y Sil\AppData\Roaming\WildTangent [DI]
      [04/06/2012 12:17 p.m.] [04/06/2012 12:17 p.m.] -C:\Users\Manu y Sil\AppData\Roaming\WinBatch [DI]
      [19/07/2012 10:54 p.m.] [19/07/2012 10:54 p.m.] -C:\Users\Manu y Sil\AppData\Roaming\WinRAR [DI]
      [19/05/2012 05:00 p.m.] [19/05/2012 02:55 p.m.] -C:\Users\Manu y Sil\AppData\Roaming\_MDLogs [DI]
      [06/10/2011 01:24 a.m.] [06/10/2011 01:24 a.m.] -C:\Program Files (x86)\AMD APP [D]
      [06/10/2011 01:24 a.m.] [06/10/2011 01:24 a.m.] -C:\Program Files (x86)\ATI Technologies [D]
      [19/05/2012 06:05 p.m.] [14/07/2009 12:20 a.m.] -C:\Program Files (x86)\Common Files [D]
      [06/10/2011 01:44 a.m.] [06/10/2011 01:32 a.m.] -C:\Program Files (x86)\Cyberlink [D]
      [21/02/2013 08:30 p.m.] [17/02/2013 08:30 p.m.] -C:\Program Files (x86)\DealPly [D]
      C:\Program Files (x86)\desktop.ini [HSA] 174 bytes( 0)
      [19/05/2012 05:00 p.m.] [06/10/2011 01:34 a.m.] -C:\Program Files (x86)\EasyBits For Kids [D]
      [19/05/2012 02:18 p.m.] [19/05/2012 02:08 p.m.] -C:\Program Files (x86)\FlingPCGames [D]
      [18/11/2012 12:16 p.m.] [01/07/2012 05:07 p.m.] -C:\Program Files (x86)\Google [D]
      [26/11/2012 05:41 p.m.] [06/10/2011 01:20 a.m.] -C:\Program Files (x86)\Hewlett-Packard [D]
      [06/10/2011 01:26 a.m.] [06/10/2011 01:26 a.m.] -C:\Program Files (x86)\Hp [D]
      [06/10/2011 01:39 a.m.] [06/10/2011 01:35 a.m.] -C:\Program Files (x86)\HP Games [D]
      [26/11/2012 05:47 p.m.] [06/10/2011 01:22 a.m.] -C:\Program Files (x86)\InstallShield Installation Information [HD]
      [14/02/2013 05:33 p.m.] [14/07/2009 12:20 a.m.] -C:\Program Files (x86)\Internet Explorer [D]
      [19/02/2013 06:49 p.m.] [01/07/2012 11:34 a.m.] -C:\Program Files (x86)\Malwarebytes' Anti-Malware [D]
      [13/02/2013 06:54 p.m.] [29/11/2012 06:54 p.m.] -C:\Program Files (x86)\McAfee Security Scan [D]
      [06/10/2011 01:48 a.m.] [06/10/2011 01:48 a.m.] -C:\Program Files (x86)\Microsoft [D]
      [20/05/2012 02:03 a.m.] [19/05/2012 02:09 p.m.] -C:\Program Files (x86)\Microsoft Application Virtualization Client [D]
      [19/05/2012 02:09 a.m.] [19/05/2012 02:09 a.m.] -C:\Program Files (x86)\Microsoft Mathematics [D]
      [06/10/2011 01:31 a.m.] [06/10/2011 01:30 a.m.] -C:\Program Files (x86)\Microsoft Office [D]
      [20/05/2012 01:34 a.m.] [06/10/2011 01:48 a.m.] -C:\Program Files (x86)\Microsoft Silverlight [D]
      [06/10/2011 01:52 a.m.] [06/10/2011 01:52 a.m.] -C:\Program Files (x86)\Microsoft SQL Server Compact Edition [D]
      [11/02/2011 10:48 a.m.] [11/02/2011 10:48 a.m.] -C:\Program Files (x86)\Microsoft.NET [D]
      [19/02/2013 08:03 p.m.] [19/02/2013 08:02 p.m.] -C:\Program Files (x86)\Mozilla Firefox [D]
      [20/02/2013 12:11 a.m.] [01/07/2012 06:11 p.m.] -C:\Program Files (x86)\Mozilla Maintenance Service [D]
      [14/07/2009 02:32 a.m.] [14/07/2009 02:32 a.m.] -C:\Program Files (x86)\MSBuild [D]
      [06/10/2011 01:31 a.m.] [06/10/2011 01:31 a.m.] -C:\Program Files (x86)\MSECache [D]
      [19/05/2012 02:11 a.m.] [06/10/2011 01:34 a.m.] -C:\Program Files (x86)\Online Services [RD]
      [06/10/2011 01:47 a.m.] [06/10/2011 01:47 a.m.] -C:\Program Files (x86)\PDF Complete [D]
      [07/02/2013 10:16 p.m.] [07/02/2013 10:16 p.m.] -C:\Program Files (x86)\PriceGong [D]
      [06/10/2011 01:25 a.m.] [06/10/2011 01:22 a.m.] -C:\Program Files (x86)\Realtek [D]
      [14/07/2009 02:32 a.m.] [14/07/2009 02:32 a.m.] -C:\Program Files (x86)\Reference Assemblies [D]
      [06/10/2011 01:34 a.m.] [06/10/2011 01:34 a.m.] -C:\Program Files (x86)\Symantec [D]
      [06/10/2011 01:55 a.m.] [06/10/2011 01:55 a.m.] -C:\Program Files (x86)\SymSilent [D]
      [06/10/2011 01:23 a.m.] [06/10/2011 01:22 a.m.] -C:\Program Files (x86)\Temp [HD]
      [27/06/2012 09:15 p.m.] [27/06/2012 09:15 p.m.] -C:\Program Files (x86)\UK Truck Simulator [D]
      [14/07/2009 01:57 a.m.] [14/07/2009 01:57 a.m.] -C:\Program Files (x86)\Uninstall Information [HD]
      [08/02/2013 08:55 p.m.] [08/02/2013 08:55 p.m.] -C:\Program Files (x86)\VideoLAN [D]
      [07/02/2013 10:26 p.m.] [07/02/2013 10:20 p.m.] -C:\Program Files (x86)\Webteh [D]
      [06/10/2011 01:35 a.m.] [06/10/2011 01:35 a.m.] -C:\Program Files (x86)\WildTangent Games [D]
      [25/05/2012 01:21 a.m.] [14/07/2009 02:32 a.m.] -C:\Program Files (x86)\Windows Defender [D]
      [06/10/2011 01:53 a.m.] [06/10/2011 01:50 a.m.] -C:\Program Files (x86)\Windows Live [D]
      [25/05/2012 01:21 a.m.] [14/07/2009 12:20 a.m.] -C:\Program Files (x86)\Windows Mail [D]
      [25/05/2012 01:21 a.m.] [14/07/2009 02:32 a.m.] -C:\Program Files (x86)\Windows Media Player [D]
      [14/07/2009 02:32 a.m.] [14/07/2009 12:20 a.m.] -C:\Program Files (x86)\Windows NT [D]
      [25/05/2012 01:21 a.m.] [14/07/2009 02:32 a.m.] -C:\Program Files (x86)\Windows Photo Viewer [D]
      [21/11/2010 12:31 a.m.] [14/07/2009 02:32 a.m.] -C:\Program Files (x86)\Windows Portable Devices [D]
      [25/05/2012 01:21 a.m.] [14/07/2009 02:32 a.m.] -C:\Program Files (x86)\Windows Sidebar [D]
      [19/07/2012 10:53 p.m.] [19/07/2012 10:53 p.m.] -C:\Program Files (x86)\WinRAR [D]
      [19/02/2013 10:51 p.m.] [17/02/2013 08:32 p.m.] -C:\Program Files (x86)\Yontoo [D]
      [06/10/2011 01:41 a.m.] [06/10/2011 01:41 a.m.] -C:\Program Files (x86)\Zinio Reader 4 [D]
      [29/11/2012 07:09 p.m.] [27/08/2012 06:40 p.m.] -C:\ProgramData\Adobe [DI]
      [14/07/2009 02:08 a.m.] [14/07/2009 02:08 a.m.] -C:\ProgramData\Application Data [HSDLI]
      [06/10/2011 01:25 a.m.] [06/10/2011 01:25 a.m.] -C:\ProgramData\ATI [DI]
      [19/07/2012 06:42 p.m.] [19/07/2012 06:42 p.m.] -C:\ProgramData\AVAST Software [DI]
      [06/07/2012 09:02 p.m.] [06/10/2011 01:33 a.m.] -C:\ProgramData\CyberLink [DI]
      [14/07/2009 02:08 a.m.] [14/07/2009 02:08 a.m.] -C:\ProgramData\Desktop [HSDLI]
      [14/07/2009 02:08 a.m.] [14/07/2009 02:08 a.m.] -C:\ProgramData\Documents [HSDLI]
      [14/07/2009 02:08 a.m.] [14/07/2009 02:08 a.m.] -C:\ProgramData\Favorites [HSDLI]
      [20/05/2012 04:07 a.m.] [06/10/2011 01:21 a.m.] -C:\ProgramData\Hewlett-Packard [DI]
      [01/07/2012 11:34 a.m.] [01/07/2012 11:34 a.m.] -C:\ProgramData\Malwarebytes [DI]
      [29/11/2012 06:54 p.m.] [29/11/2012 06:54 p.m.] -C:\ProgramData\McAfee [DI]
      [29/11/2012 06:54 p.m.] [29/11/2012 06:54 p.m.] -C:\ProgramData\McAfee Security Scan [DI]
      [19/05/2012 02:19 p.m.] [14/07/2009 12:20 a.m.] -C:\ProgramData\Microsoft [SDI]
      [19/05/2012 01:23 p.m.] [19/05/2012 01:23 p.m.] -C:\ProgramData\Mozilla [DI]
      [21/07/2012 11:00 a.m.] [06/10/2011 01:54 a.m.] -C:\ProgramData\Norton [DI]
      [06/10/2011 01:54 a.m.] [06/10/2011 01:54 a.m.] -C:\ProgramData\NortonInstaller [DI]
      [21/02/2013 08:26 p.m.] [06/10/2011 01:47 a.m.] -C:\ProgramData\PDFC [DI]
      [06/10/2011 01:25 a.m.] [06/10/2011 01:25 a.m.] -C:\ProgramData\Ralink Driver [DI]
      [16/06/2012 12:10 p.m.] [16/06/2012 12:10 p.m.] -C:\ProgramData\Recovery [DI]
      [14/07/2009 02:08 a.m.] [14/07/2009 02:08 a.m.] -C:\ProgramData\Start Menu [HSDLI]
      [01/07/2012 05:07 p.m.] [01/07/2012 05:07 p.m.] -C:\ProgramData\SUPERAntiSpyware.com [DI]
      [06/10/2011 01:34 a.m.] [06/10/2011 01:34 a.m.] -C:\ProgramData\Symantec [DI]
      [17/02/2013 08:32 p.m.] [17/02/2013 08:32 p.m.] -C:\ProgramData\Tarma Installer [DI]
      [06/10/2011 01:44 a.m.] [06/10/2011 01:29 a.m.] -C:\ProgramData\Temp [DI]
      [14/07/2009 02:08 a.m.] [14/07/2009 02:08 a.m.] -C:\ProgramData\Templates [HSDLI]
      [14/10/2012 11:34 a.m.] [19/05/2012 05:22 p.m.] -C:\ProgramData\VirtualizedApplications [DI]
      [17/02/2013 08:27 p.m.] [17/02/2013 08:24 p.m.] -C:\ProgramData\VisualBee [DI]
      [19/05/2012 01:59 p.m.] [06/10/2011 01:35 a.m.] -C:\ProgramData\WildTangent [DI]
      [26/11/2012 05:39 p.m.] [26/11/2012 05:39 p.m.] -C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF} [DI]
      ======================EOF=======================

    8. #8
      Moderador Gral.
      Avatar de Damianl_77
      Registrado
      ene 2008
      Ubicación
      Argentina
      Mensajes
      23.291

      Re: No logro desinstalar FBDownloader

      En modo normal

      Descarga la herramienta ComboFix.exe y guárdala en el escritorio.

      • Desactiva temporalmente el Antivirus y/o Antispyware.
      • Cierra todas las ventanas abiertas.
      • Haz doble clic al archivo ComboFix.exe para continuar. Es Importante Importante instalar Recovery Console si es solicitado por ComboFix.
      • Cuando termine, generará un registro en C:\ComboFix.txt.
      • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
      • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.

      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.
      • Reinicia y pega el reporte de C:\ComboFix.txt en este mismo mensaje.

      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #9
      Usuario Avatar de manu25
      Registrado
      feb 2013
      Ubicación
      Argentina
      Mensajes
      7

      Re: No logro desinstalar FBDownloader

      Sigo teniendo FBDownloader como pagina de inicio en Mozilla. Navegacion lenta, mucho pop up...
      En Internet Explorer no volvio a instalarse como homepage. Andaría bien.

      Reporte:



      ComboFix 13-02-13.02 - Manu y Sil 23/02/2013 10:53:45.1.2 - x64
      Microsoft Windows 7 Home Basic 6.1.7601.1.1252.54.3082.18.3701.2498 [GMT -3:00]
      Running from: c:\users\Manu y Sil\Desktop\ComboFix.exe
      AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
      SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
      SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      * Created a new restore point
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      c:\program files (x86)\DealPly
      c:\program files (x86)\DealPly\DealPly.crx
      c:\program files (x86)\DealPly\DealPly.xpi
      c:\program files (x86)\DealPly\DealPlyIE.dll
      c:\program files (x86)\DealPly\DealPlyUpdate.exe
      c:\program files (x86)\DealPly\DealPlyUpdate.log
      c:\program files (x86)\DealPly\DealPlyUpdateRun.exe
      c:\program files (x86)\DealPly\icon.ico
      c:\program files (x86)\DealPly\uninst.exe
      .
      .
      ((((((((((((((((((((((((( Files Created from 2013-01-23 to 2013-02-23 )))))))))))))))))))))))))))))))
      .
      .
      2013-02-23 14:56 . 2013-02-23 14:56 -------- d-----w- c:\users\Default\AppData\Local\temp
      2013-02-23 13:58 . 2013-02-23 13:58 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{745E3796-BDAE-4530-B976-029C1EF15145}\offreg.dll
      2013-02-22 20:38 . 2013-02-08 00:28 9162192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{745E3796-BDAE-4530-B976-029C1EF15145}\mpengine.dll
      2013-02-21 22:45 . 2013-02-21 23:32 -------- d-----w- C:\_AT-Destroyer
      2013-02-20 16:29 . 2013-02-20 16:29 -------- d-----w- C:\_OTL
      2013-02-19 21:47 . 2013-02-19 21:47 -------- d-----w- c:\users\Manu y Sil\AppData\Local\Programs
      2013-02-17 23:32 . 2013-02-20 01:51 -------- d-----w- c:\program files (x86)\Yontoo
      2013-02-17 23:32 . 2013-02-17 23:32 -------- d-----w- c:\programdata\Tarma Installer
      2013-02-17 23:31 . 2013-02-17 23:31 -------- d-----w- c:\users\Manu y Sil\AppData\Roaming\DealPly
      2013-02-17 23:29 . 2013-02-17 23:29 -------- d-----w- c:\users\Manu y Sil\AppData\Roaming\SSync
      2013-02-17 23:29 . 2013-02-17 23:29 -------- d-----w- c:\users\Manu y Sil\AppData\Roaming\SCheck
      2013-02-17 23:29 . 2013-02-17 23:29 -------- d-----w- c:\users\Manu y Sil\AppData\Roaming\Common
      2013-02-17 23:28 . 2013-02-17 23:29 -------- d-----w- c:\users\Manu y Sil\AppData\Local\VisualBeeClient
      2013-02-17 23:27 . 2013-02-17 23:28 -------- d-----w- c:\users\Manu y Sil\AppData\Local\VisualBeeExe
      2013-02-17 23:24 . 2013-02-17 23:27 -------- d-----w- c:\programdata\VisualBee
      2013-02-14 23:23 . 2013-02-14 23:23 -------- d-----w- c:\users\Manu y Sil\AppData\Roaming\dvdcss
      2013-02-14 02:25 . 2013-01-09 01:10 996352 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
      2013-02-14 02:25 . 2013-01-08 22:01 768000 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
      2013-02-14 02:22 . 2013-01-09 01:22 10925568 ----a-w- c:\windows\system32\ieframe.dll
      2013-02-13 21:50 . 2013-01-05 05:53 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
      2013-02-13 21:50 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
      2013-02-13 21:50 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
      2013-02-13 21:50 . 2013-01-04 03:26 3153408 ----a-w- c:\windows\system32\win32k.sys
      2013-02-13 21:50 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll
      2013-02-13 21:50 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll
      2013-02-13 21:50 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe
      2013-02-13 21:50 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe
      2013-02-13 21:50 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
      2013-02-13 21:50 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe
      2013-02-13 21:50 . 2013-01-03 06:00 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
      2013-02-13 21:50 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
      2013-02-08 23:56 . 2013-02-22 02:07 -------- d-----w- c:\users\Manu y Sil\AppData\Roaming\vlc
      2013-02-08 23:55 . 2013-02-08 23:55 -------- d-----w- c:\program files (x86)\VideoLAN
      2013-02-08 01:20 . 2013-02-08 01:20 -------- d-----w- c:\users\Manu y Sil\AppData\Roaming\BSplayer Pro
      2013-02-08 01:20 . 2013-02-08 01:26 -------- d-----w- c:\program files (x86)\Webteh
      2013-02-08 01:16 . 2013-02-08 01:16 -------- d-----w- c:\program files (x86)\PriceGong
      2013-02-07 22:44 . 2013-02-07 23:15 -------- d-----w- c:\users\Manu y Sil\AppData\Roaming\Nico Mak Computing
      2013-02-07 22:44 . 2011-11-10 13:33 18760 ----a-w- c:\windows\system32\roboot64.exe
      2013-02-07 22:42 . 2013-02-23 04:08 -------- d-----w- c:\users\Manu y Sil\AppData\Roaming\uTorrent
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2013-02-14 02:29 . 2012-12-01 12:03 70004024 ----a-w- c:\windows\system32\MRT.exe
      2013-02-08 01:52 . 2012-05-19 16:28 697712 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
      2013-02-08 01:52 . 2011-10-06 04:34 74096 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
      2013-01-17 04:28 . 2010-11-21 03:27 273840 ------w- c:\windows\system32\MpSigStub.exe
      2013-01-04 04:43 . 2013-02-13 21:50 44032 ----a-w- c:\windows\apppatch\acwow64.dll
      2012-12-16 17:11 . 2012-12-21 02:08 46080 ----a-w- c:\windows\system32\atmlib.dll
      2012-12-16 14:45 . 2012-12-21 02:08 367616 ----a-w- c:\windows\system32\atmfd.dll
      2012-12-16 14:13 . 2012-12-21 02:08 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
      2012-12-16 14:13 . 2012-12-21 02:08 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
      2012-12-14 19:49 . 2012-07-01 14:34 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
      2012-12-07 13:20 . 2013-01-09 00:22 441856 ----a-w- c:\windows\system32\Wpc.dll
      2012-12-07 13:15 . 2013-01-09 00:22 2746368 ----a-w- c:\windows\system32\gameux.dll
      2012-12-07 12:26 . 2013-01-09 00:22 308736 ----a-w- c:\windows\SysWow64\Wpc.dll
      2012-12-07 12:20 . 2013-01-09 00:22 2576384 ----a-w- c:\windows\SysWow64\gameux.dll
      2012-12-07 11:20 . 2013-01-09 00:22 30720 ----a-w- c:\windows\system32\usk.rs
      2012-12-07 11:20 . 2013-01-09 00:22 43520 ----a-w- c:\windows\system32\csrr.rs
      2012-12-07 11:20 . 2013-01-09 00:22 23552 ----a-w- c:\windows\system32\oflc.rs
      2012-12-07 11:20 . 2013-01-09 00:22 45568 ----a-w- c:\windows\system32\oflc-nz.rs
      2012-12-07 11:20 . 2013-01-09 00:22 44544 ----a-w- c:\windows\system32\pegibbfc.rs
      2012-12-07 11:20 . 2013-01-09 00:22 20480 ----a-w- c:\windows\system32\pegi-fi.rs
      2012-12-07 11:20 . 2013-01-09 00:22 20480 ----a-w- c:\windows\system32\pegi-pt.rs
      2012-12-07 11:19 . 2013-01-09 00:22 20480 ----a-w- c:\windows\system32\pegi.rs
      2012-12-07 11:19 . 2013-01-09 00:22 46592 ----a-w- c:\windows\system32\fpb.rs
      2012-12-07 11:19 . 2013-01-09 00:22 40960 ----a-w- c:\windows\system32\cob-au.rs
      2012-12-07 11:19 . 2013-01-09 00:22 15360 ----a-w- c:\windows\system32\djctq.rs
      2012-12-07 11:19 . 2013-01-09 00:22 21504 ----a-w- c:\windows\system32\grb.rs
      2012-12-07 11:19 . 2013-01-09 00:22 55296 ----a-w- c:\windows\system32\cero.rs
      2012-12-07 11:19 . 2013-01-09 00:22 51712 ----a-w- c:\windows\system32\esrb.rs
      2012-12-07 10:46 . 2013-01-09 00:22 43520 ----a-w- c:\windows\SysWow64\csrr.rs
      2012-12-07 10:46 . 2013-01-09 00:22 30720 ----a-w- c:\windows\SysWow64\usk.rs
      2012-12-07 10:46 . 2013-01-09 00:22 45568 ----a-w- c:\windows\SysWow64\oflc-nz.rs
      2012-12-07 10:46 . 2013-01-09 00:22 44544 ----a-w- c:\windows\SysWow64\pegibbfc.rs
      2012-12-07 10:46 . 2013-01-09 00:22 20480 ----a-w- c:\windows\SysWow64\pegi-pt.rs
      2012-12-07 10:46 . 2013-01-09 00:22 23552 ----a-w- c:\windows\SysWow64\oflc.rs
      2012-12-07 10:46 . 2013-01-09 00:22 20480 ----a-w- c:\windows\SysWow64\pegi-fi.rs
      2012-12-07 10:46 . 2013-01-09 00:22 46592 ----a-w- c:\windows\SysWow64\fpb.rs
      2012-12-07 10:46 . 2013-01-09 00:22 20480 ----a-w- c:\windows\SysWow64\pegi.rs
      2012-12-07 10:46 . 2013-01-09 00:22 21504 ----a-w- c:\windows\SysWow64\grb.rs
      2012-12-07 10:46 . 2013-01-09 00:22 40960 ----a-w- c:\windows\SysWow64\cob-au.rs
      2012-12-07 10:46 . 2013-01-09 00:22 15360 ----a-w- c:\windows\SysWow64\djctq.rs
      2012-12-07 10:46 . 2013-01-09 00:22 55296 ----a-w- c:\windows\SysWow64\cero.rs
      2012-12-07 10:46 . 2013-01-09 00:22 51712 ----a-w- c:\windows\SysWow64\esrb.rs
      2012-11-30 05:45 . 2013-01-09 00:21 362496 ----a-w- c:\windows\system32\wow64win.dll
      2012-11-30 05:45 . 2013-01-09 00:21 243200 ----a-w- c:\windows\system32\wow64.dll
      2012-11-30 05:45 . 2013-01-09 00:21 13312 ----a-w- c:\windows\system32\wow64cpu.dll
      2012-11-30 05:43 . 2013-01-09 00:21 16384 ----a-w- c:\windows\system32\ntvdm64.dll
      2012-11-30 05:41 . 2013-01-09 00:21 424448 ----a-w- c:\windows\system32\KernelBase.dll
      2012-11-30 05:41 . 2013-01-09 00:21 1161216 ----a-w- c:\windows\system32\kernel32.dll
      2012-11-30 05:38 . 2013-01-09 00:21 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
      2012-11-30 05:38 . 2013-01-09 00:21 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
      2012-11-30 05:38 . 2013-01-09 00:21 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
      2012-11-30 05:38 . 2013-01-09 00:21 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
      2012-11-30 05:38 . 2013-01-09 00:21 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
      2012-11-30 05:38 . 2013-01-09 00:21 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
      2012-11-30 05:38 . 2013-01-09 00:21 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
      2012-11-30 05:38 . 2013-01-09 00:21 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
      2012-11-30 05:38 . 2013-01-09 00:21 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
      2012-11-30 05:38 . 2013-01-09 00:21 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
      2012-11-30 05:38 . 2013-01-09 00:21 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
      2012-11-30 05:38 . 2013-01-09 00:21 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
      2012-11-30 05:38 . 2013-01-09 00:21 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
      2012-11-30 05:38 . 2013-01-09 00:21 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
      2012-11-30 05:38 . 2013-01-09 00:21 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
      2012-11-30 05:38 . 2013-01-09 00:21 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
      2012-11-30 05:38 . 2013-01-09 00:21 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
      2012-11-30 05:38 . 2013-01-09 00:21 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
      2012-11-30 05:38 . 2013-01-09 00:21 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
      2012-11-30 05:38 . 2013-01-09 00:21 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
      2012-11-30 05:38 . 2013-01-09 00:21 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
      2012-11-30 05:38 . 2013-01-09 00:21 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
      2012-11-30 05:38 . 2013-01-09 00:21 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
      2012-11-30 05:38 . 2013-01-09 00:21 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
      2012-11-30 05:38 . 2013-01-09 00:21 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
      2012-11-30 05:38 . 2013-01-09 00:21 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
      2012-11-30 05:38 . 2013-01-09 00:21 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
      2012-11-30 05:38 . 2013-01-09 00:21 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
      2012-11-30 04:53 . 2013-01-09 00:21 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
      2012-11-30 04:45 . 2013-01-09 00:21 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
      2012-11-30 04:45 . 2013-01-09 00:21 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
      2012-11-30 04:45 . 2013-01-09 00:21 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
      2012-11-30 04:45 . 2013-01-09 00:21 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
      2012-11-30 04:45 . 2013-01-09 00:21 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
      2012-11-30 04:45 . 2013-01-09 00:21 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
      2012-11-30 04:45 . 2013-01-09 00:21 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
      2012-11-30 04:45 . 2013-01-09 00:21 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
      2012-11-30 04:45 . 2013-01-09 00:21 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
      2012-11-30 04:45 . 2013-01-09 00:21 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
      2012-11-30 04:45 . 2013-01-09 00:21 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
      2012-11-30 04:45 . 2013-01-09 00:21 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
      2012-11-30 04:45 . 2013-01-09 00:21 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
      2012-11-30 04:45 . 2013-01-09 00:21 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
      2012-11-30 04:45 . 2013-01-09 00:21 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
      2012-11-30 04:45 . 2013-01-09 00:21 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
      2012-11-30 04:45 . 2013-01-09 00:21 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
      2012-11-30 04:45 . 2013-01-09 00:21 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
      2012-11-30 04:45 . 2013-01-09 00:21 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
      2012-11-30 04:45 . 2013-01-09 00:21 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
      2012-11-30 04:45 . 2013-01-09 00:21 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
      2012-11-30 04:45 . 2013-01-09 00:21 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
      2012-11-30 04:45 . 2013-01-09 00:21 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Octoshape Streaming Services"="c:\users\Manu y Sil\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" [2011-03-24 107800]
      "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-11-11 5629312]
      "SCheck"="c:\users\Manu y Sil\AppData\Roaming\SCheck\SCheck.exe" [2012-12-19 41984]
      "SSync"="c:\users\Manu y Sil\AppData\Roaming\SSync\SSync.exe" [2012-12-19 41984]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
      "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-04 336384]
      "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
      "Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
      "Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2011-05-17 61112]
      "DT HPO"="c:\program files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe" [2011-05-26 121456]
      "PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2011-05-05 658424]
      "GameMonitor"="c:\program files (x86)\FlingPCGames\GameMonitor\GameMonitor.exe" [2011-03-29 2141344]
      "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
      .
      c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
      McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 5 (0x5)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)
      "HideFastUserSwitching"= 0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
      "EnableShellExecuteHooks"= 1 (0x1)
      .
      [hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
      "aux"=wdmaud.drv
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
      @=""
      .
      R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
      R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560]
      R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
      R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
      R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
      R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
      S0 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys [2011-03-04 78976]
      S0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys [2011-03-04 38528]
      S1 aswSnx;aswSnx; [x]
      S1 aswSP;aswSP; [x]
      S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
      S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
      S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-09-07 140672]
      S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.EXE [2009-11-18 98208]
      S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-07-03 204288]
      S2 aswFsBlk;aswFsBlk; [x]
      S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
      S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
      S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe [x]
      S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
      S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
      S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-08 2375168]
      S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
      S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
      S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
      S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2011-05-05 1128952]
      S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-03-09 109168]
      S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
      S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2011-03-23 31088]
      S3 FlingJoyBus;Fling Joystick Bus Enumerator;c:\windows\system32\DRIVERS\FlingJoyBus64.sys [2010-10-15 19456]
      S3 FlingJoystickPort;Fling Joystick Device Driver;c:\windows\system32\DRIVERS\FlingJoyPort64.sys [2010-10-15 38912]
      S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
      S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2011-04-22 1360960]
      S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2011-05-05 338536]
      S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-04-22 471144]
      S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
      S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
      S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
      S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
      S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
      S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2010-12-16 47232]
      .
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2013-02-23 c:\windows\Tasks\Adobe Flash Player Updater.job
      - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-19 01:52]
      .
      2013-02-18 c:\windows\Tasks\HPCeeScheduleForManu y Sil.job
      - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
      .
      .
      --------- X64 Entries -----------
      .
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
      @="{472083B0-C522-11CF-8763-00608CC02F24}"
      [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
      2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-06-08 7220328]
      "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
      .
      ------- Supplementary Scan -------
      .
      uStart Page = InfoSpyware
      uLocal Page = c:\windows\system32\blank.htm
      mStart Page = hxxp://www.infospyware.com
      mLocal Page = c:\windows\SYSTEM32\blank.htm
      TCP: DhcpNameServer = 10.0.0.2
      FF - ProfilePath - c:\users\Manu y Sil\AppData\Roaming\Mozilla\Firefox\Profiles\qyj5ht74.default-1361367349980\
      FF - prefs.js: browser.search.defaulturl - hxxp://search.fbdownloader.com/search.php?channel=sfron205&q=
      FF - prefs.js: browser.startup.homepage - hxxp://search.fbdownloader.com/?channel=sfron205
      FF - prefs.js: keyword.URL - hxxp://search.fbdownloader.com/search.php?channel=sfron205&q=
      .
      - - - - ORPHANS REMOVED - - - -
      .
      BHO-{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - c:\program files (x86)\DealPly\DealPlyIE.dll
      Wow6432Node-HKCU-Run-DataMgr - c:\users\Manu y Sil\AppData\Roaming\DataMgr\DataMgr.exe
      AddRemove-DealPly - c:\program files (x86)\DealPly\uninst.exe
      AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
      AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
      AddRemove-DealPly - c:\users\Manu y Sil\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe
      .
      .
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
      "ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Shockwave Flash Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
      @="0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
      @="ShockwaveFlash.ShockwaveFlash.11"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="ShockwaveFlash.ShockwaveFlash"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Macromedia Flash Factory Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
      @="FlashFactory.FlashFactory.1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="FlashFactory.FlashFactory"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
      @="?????????????????? v1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
      @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
      @="?????????????????? v2"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
      @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      Completion time: 2013-02-23 12:00:22
      ComboFix-quarantined-files.txt 2013-02-23 15:00
      .
      Pre-Run: 421.008.719.872 bytes libres
      Post-Run: 423.157.612.544 bytes libres
      .
      - - End Of File - - 015655233A18EB70864283B80D4B30D1

    10. #10
      Moderador Gral.
      Avatar de Damianl_77
      Registrado
      ene 2008
      Ubicación
      Argentina
      Mensajes
      23.291

      Re: No logro desinstalar FBDownloader

      Realiza estos pasos

      • Clic en INICIO > EJECUTAR >
      • Y ahí pones notepad.exe y ACEPTAR
      • Ahora copia y pega estos archivos dentro del Notepad (menos la palabra código)





      Código:
      KillAll::
      
      
      Folder::
      c:\program files (x86)\Yontoo
      c:\programdata\Tarma Installer
      c:\users\Manu y Sil\AppData\Roaming\DealPly
      c:\users\Manu y Sil\AppData\Roaming\SSync
      c:\users\Manu y Sil\AppData\Roaming\SCheck
      c:\users\Manu y Sil\AppData\Roaming\Common
      c:\users\Manu y Sil\AppData\Local\VisualBeeClient
      c:\users\Manu y Sil\AppData\Local\VisualBeeExe
      c:\programdata\VisualBee
      c:\users\Manu y Sil\AppData\Roaming\dvdcss
      
      ClearJavaCache::
      
      Firefox::
      FF - ProfilePath - c:\users\Manu y Sil\AppData\Roaming\Mozilla\Firefox\Profiles\qyj5ht74.default-1361367349980\
      FF - prefs.js: browser.search.defaulturl - hxxp://search.fbdownloader.com/search.php?channel=sfron205&q=
      FF - prefs.js: browser.startup.homepage - hxxp://search.fbdownloader.com/?channel=sfron205
      FF - prefs.js: keyword.URL - hxxp://search.fbdownloader.com/search.php?channel=sfron205&q=


      • Graba este archivo con el nombre CFScript.txt y déjalo en tu escritorio.
      • Antes de usar el CFScript....
      • Desactiva temporalmente el Antivirus y/o Antispyware..
      • Cierra todas las ventanas abiertas. Arrastras el block de notas al icono de ComboFix que tenes en el escritorio, como muestra la imagen de abajo.



      • ComboFix comenzará otra vez a ejecutarse, Cuando termine este generara un reporte que tendrías que pegar en este mismo mensaje.

      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    Página 1 de 2 12 ÚltimoÚltimo