• Registrarse
  • Iniciar sesión


  • Página 3 de 7 PrimeroPrimero 1234567 ÚltimoÚltimo
    Resultados 21 al 30 de 68

    Entradas Pup

    Envio enlace de imagen http://i.imgur.com/kGxSUJL.jpg[/IMG]...

    1. #21
      Usuario Avatar de eenrike
      Registrado
      mar 2013
      Ubicación
      Mexico
      Mensajes
      81

      Re: Entradas Pup

      Envio enlace de imagen

      http://i.imgur.com/kGxSUJL.jpg[/IMG]

    2. #22
      Ex-Colaborador Avatar de Superlucas
      Registrado
      sep 2011
      Ubicación
      Argentina
      Mensajes
      15.747

      Re: Entradas Pup

      Hola,

      En los reportes de Todas las herramientas que usamos, estaban limpias salvo las de AdwCleaner que elimino lo que quedaba de Conduit Dudo que sea una infección enserio y que no sea un falso positivo

      Proba hacer lo siguiente para descargar que sea un falso positivo :

      1.- Descarga aquí > CCleaner

      2.- Abre CCleaner, dirígete a la pestaña Herramientas > Inicio > haz clic en el botón [Guardar a un archivo de texto...].

      Lo guardas en el escritorio, copia y pega el contenido del archivo de texto "startup" en tu próximo mensaje.

      PD: Te recomiendo actualizar SpyBot a su versión mas nueva (Rc2.0)

      Salu2
      Vas a correr o vas a pelear?- Muahy Thai

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #23
      Usuario Avatar de eenrike
      Registrado
      mar 2013
      Ubicación
      Mexico
      Mensajes
      81

      Re: Entradas Pup

      Si HKCU:Run lollipop "c:\users\enrique\appdata\local\lollipop\lollipop.exe" lollipop
      Si HKCU:Run Sidebar Microsoft Corporation C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
      Si HKCU:Run Skype Skype Technologies S.A. "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
      Si HKCU:Run swg Google Inc. "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
      Si HKCU:RunOnce Uninstall C:\Users\Enrique\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64 Microsoft Corporation C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Enrique\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
      Si HKLM:Run HPOSD Hewlett-Packard Development Company, L.P. C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
      Si HKLM:Run HPQuickWebProxy Hewlett-Packard Company "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
      Si HKLM:Run RemoteControl10 CyberLink Corp. "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
      Si HKLM:Run SetDefault Hewlett-Packard Development Company, L.P. C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
      Si HKLM:Run SynTPEnh Synaptics Incorporated %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
      Si HKLM:Run tutoriales100_mx_11 Tuto4PC.com "C:\Program Files (x86)\tutoriales100_mx_11\tutoriales100_mx_11.exe"
      Si HKLM:RunOnce upt100_mx_11.exe Tuto4PC.com C:\Users\Enrique\AppData\Local\tutoriales100_mx_11\upt100_mx_11.exe -runonce
      Si Startup User lollipop.lnk C:\Users\Enrique\AppData\Local\Lollipop\Lollipop.exe

    4. #24
      Ex-Colaborador Avatar de Superlucas
      Registrado
      sep 2011
      Ubicación
      Argentina
      Mensajes
      15.747

      Re: Entradas Pup

      Hola,

      Abri CCleaner->Herramientas->Inicio y borras las siguientes entradas:

      Si HKCU:Run lollipop "c:\users\enrique\appdata\local\lollipop\lollipop.exe" lollipop
      Si HKLM:Run tutoriales100_mx_11 Tuto4PC.com "C:\Program Files (x86)\tutoriales100_mx_11\tutoriales100_mx_11.exe"
      Si HKLM:RunOnce upt100_mx_11.exe Tuto4PC.com C:\Users\Enrique\AppData\Local\tutoriales100_mx_11\upt100_mx_11.exe -runonce
      Si Startup User lollipop.lnk C:\Users\Enrique\AppData\Local\Lollipop\Lollipop.exe
      Descarga OTM by Oltimer y lo copias al escritorio
      Dale doble clic en el icono de OTM para poder abrirlo
      Copiar el texto que se encuentra dentro del recuadrado de abajo, y pegar el texto en el marco izquierdo de OTMoveIt llamado "Paste instruccions for items to be moved ".

      Código:
      :files
      c:\users\enrique\appdata\local\lollipop\
      C:\Program Files (x86)\tutoriales100_mx_11\
      C:\Users\Enrique\AppData\Local\Lollipop\Lollipop.exe
      :commands
      [resethosts]
      [emptytemp]
      [createrestorepoint]
      Presiona sobre el boton Moveit! para empezar el proceso de eliminación, posiblemente se le pida reiniciar la pc tenemos que ponerle a Si! ya que es fundamental para eliminar los archivos .

      Los resultados aparecen despues del reinicio en C: \ _ OTM\MovedFiles\***_***.log (Donde sale "***_***" es la fecha y hora). Tenes que pegarme el informe de OTM en tu próxima respuesta.

      Nota: Es posible que note archivos u carpetas visibles en el escritorio y/o en otro apartado del sistema, esto es normal, al finalizar los procedimientos, todo volverá a la normalidad.
      Vas a correr o vas a pelear?- Muahy Thai

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #25
      Usuario Avatar de eenrike
      Registrado
      mar 2013
      Ubicación
      Mexico
      Mensajes
      81

      Re: Entradas Pup

      All processes killed
      ========== FILES ==========
      c:\users\enrique\appdata\local\Lollipop folder moved successfully.
      C:\Program Files (x86)\tutoriales100_mx_11 folder moved successfully.
      File/Folder C:\Users\Enrique\AppData\Local\Lollipop\Lollipop.exe not found.
      ========== COMMANDS ==========
      C:\Windows\System32\drivers\etc\Hosts moved successfully.
      HOSTS file reset successfully

      [EMPTYTEMP]

      User: All Users

      User: Default
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Default User
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Enrique
      ->Temp folder emptied: 345636031 bytes
      ->Temporary Internet Files folder emptied: 44575543 bytes
      ->Google Chrome cache emptied: 0 bytes
      ->Flash cache emptied: 1707 bytes

      User: Public

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 1716016 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 506558572 bytes
      %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 8395916 bytes
      %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 967587 bytes
      RecycleBin emptied: 19782749 bytes

      Total Files Cleaned = 885,00 mb

      Restore point Set: OTM Restore Point

      OTM by OldTimer - Version 3.1.21.0 log created on 04032013_123225

      Files moved on Reboot...
      C:\Users\Enrique\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
      File C:\Users\Enrique\AppData\Local\Temp\~DF4FB65940BEBB2550.TMP not found!
      File C:\Users\Enrique\AppData\Local\Temp\~DF7AEC7B7F98BB81BC.TMP not found!
      File C:\Users\Enrique\AppData\Local\Temp\~DF91D3A374722B5F28.TMP not found!
      File C:\Users\Enrique\AppData\Local\Temp\~DFAD109821A6AD953C.TMP not found!
      File C:\Users\Enrique\AppData\Local\Temp\~DFB7B9F4DD20DF5F7F.TMP not found!
      File C:\Users\Enrique\AppData\Local\Temp\~DFCEEC8781AEA6BAD1.TMP not found!
      C:\Users\Enrique\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\Enrique\AppData\Local\Trusteer\Rapport\user\logs\gp_IEXPLORE.6108.log moved successfully.
      C:\Users\Enrique\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\Enrique\AppData\Local\Trusteer\Rapport\user\logs\koan.6108.log moved successfully.
      C:\Users\Enrique\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\Enrique\AppData\Local\Trusteer\Rapport\user\logs\koanlight.6108.log moved successfully.
      C:\Users\Enrique\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\VTBZ0602\ads[4].htm moved successfully.
      C:\Users\Enrique\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\VMUWB0RD\si[1].htm moved successfully.
      C:\Users\Enrique\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\VMUWB0RD\st[3] moved successfully.
      C:\Users\Enrique\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\UHXEQ2ZQ\ads[5].htm moved successfully.
      C:\Users\Enrique\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\UHXEQ2ZQ\xd_arbiter[1].htm moved successfully.
      C:\Users\Enrique\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\25Y6F1SR\t456636-3[2].htm moved successfully.
      C:\Users\Enrique\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\25Y6F1SR\xd_arbiter[1].htm moved successfully.
      C:\Users\Enrique\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
      C:\Users\Enrique\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\SuggestedSites.dat moved successfully.
      File move failed. C:\Users\Enrique\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
      File move failed. C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

      Registry entries deleted on Reboot...

    6. #26
      Ex-Colaborador Avatar de Superlucas
      Registrado
      sep 2011
      Ubicación
      Argentina
      Mensajes
      15.747

      Re: Entradas Pup

      Hola,

      Abri OTM y dale a Cleanup!

      Como va todo ahora?

      Salu2
      Vas a correr o vas a pelear?- Muahy Thai

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #27
      Usuario Avatar de eenrike
      Registrado
      mar 2013
      Ubicación
      Mexico
      Mensajes
      81

      Re: Entradas Pup

      se siguen abriendo demasiadas ventanas emergentes

    8. #28
      Ex-Colaborador Avatar de Superlucas
      Registrado
      sep 2011
      Ubicación
      Argentina
      Mensajes
      15.747

      Re: Entradas Pup

      Hola,

      • Realiza lo siguiente:
      • Descarga AT-Destroyer (Adwares/Toolbars-Destroyer) By Infospyware.
      • Desactiva temporalmente el Antivirus y/o Antispyware.
      • Ejecuta la herramienta como administrador.
      • Aparecerá el Disclaimer de la herramienta.Presiona .
      • Presiona sobre la opción 1 (Buscar y Destruir)
      • La herramienta desconectará el escritorio moméntaneamente.
      • En caso de estar infectado,la herramienta lo indicará con lineas rojas donde se haya encontrado la infección,sino,serán lineas verdes.
      • Una vez terminado el escaneo,podrás volver a ver el escritorio y se te abrirá un reporte,que deberás copiar en tu próxima respuesta comentando cómo funciona el sistema.


      • Descarga AdwCleaner en el equipo infectado
      • Copia en el escritorio el programa AdwCleaner y lo ejecutas
      • Una Vez abierto le das a Supresión/Delete y esperas que termine su trabajo.
      • Se va a abrir un reporte donde muestra lo que detecto, lo copias y lo pegas acá.
      • En caso de que no se abra el reporte lo buscas en C:\AdwCleaner[R1].txt
      Vas a correr o vas a pelear?- Muahy Thai

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #29
      Usuario Avatar de eenrike
      Registrado
      mar 2013
      Ubicación
      Mexico
      Mensajes
      81

      Re: Entradas Pup

      gracias amigo, lo hare y te informo

    10. #30
      Usuario Avatar de eenrike
      Registrado
      mar 2013
      Ubicación
      Mexico
      Mensajes
      81

      Re: Entradas Pup

      ######################## AT-Destroyer [2.1] By Infospyware.
      Hora/Día/Mes/Año: 16:08:15 \\\ 03/04/2013
      AT-Destroyer 2.1 By Infospyware ---> InfoSpyware
      Última actualización: 30/11/2012
      Opción escogida: 2 :Buscar y Destruir
      Versión Internet Explorer:9.10.9200.16521
      Google Chrome:26.0.1410.43
      Privilegios: Enrique - Administrador
      Modo Actual: Modo Normal.
      Nombre del pc: ENRIQUE-HP
      Información del sistema operativo:X64-WIN_7-Service Pack 1
      nombre del usuario:Enrique
      Lenguaje del sistema: Español



      >>>>>>> Servicios <<<<<<<



      >>>>>> Carpetas <<<<<<

      C:\Users\Enrique\AppData\Local\EoRezo\eorezo (W32/Adware.Tuto4pc)
      C:\Users\Enrique\AppData\Local\EoRezo\eorezo\1.10 (W32/Adware.Tuto4pc)
      C:\Users\Enrique\AppData\Local\EoRezo\eorezo\1.10\eorezo.cyl (W32/Adware.Tuto4pc)
      C:\Users\Enrique\AppData\Local\EoRezo (W32/Adware.Tuto4pc)
      C:\Users\Enrique\AppData\Roaming\Babylon\log_file.txt (W32/PND.Babylon Toolbar)
      C:\Users\Enrique\AppData\Roaming\Babylon (W32/PND.Babylon Toolbar)
      C:\ProgramData\Babylon (W32/PND.Babylon Toolbar)
      C:\Users\Enrique\AppData\Local\tutoriales100_mx_11\tutoriales100_mx_11 (W32/Adware.Tuto4pc)
      C:\Users\Enrique\AppData\Local\tutoriales100_mx_11\tutoriales100_mx_11\1.10 (W32/Adware.Tuto4pc)
      C:\Users\Enrique\AppData\Local\tutoriales100_mx_11\tutoriales100_mx_11\1.10\eorezo.cyl (W32/Adware.Tuto4pc)
      C:\Users\Enrique\AppData\Local\tutoriales100_mx_11\upt100_mx_11.cyp (W32/Adware.Tuto4pc)
      C:\Users\Enrique\AppData\Local\tutoriales100_mx_11\upt100_mx_11.exe (W32/Adware.Tuto4pc)
      C:\Users\Enrique\AppData\Local\tutoriales100_mx_11\user_profil.cyp (W32/Adware.Tuto4pc)
      C:\Users\Enrique\AppData\Local\tutoriales100_mx_11 (W32/Adware.Tuto4pc)
      C:\Users\Enrique\AppData\Local\tutoriales100_mx_11 (W32/Adware.Tuto4pc)


      >>>>>> Archivos <<<<<<



      >>>>>> Registro <<<<<<

      HKEY_CURRENT_USER\Software\DataMngr
      HKEY_LOCAL_MACHINE\SOFTWARE\DataMngr
      HKEY_CLASSES_ROOT\AppID\escort.DLL
      HKEY_LOCAL_MACHINE\SOFTWARE\Tutoriales100


      >>>>>> Heurística <<<<<<



      >>>>>> Internet Explorer <<<<<<

      Start Page==www.google.com
      Local Page==C:\Windows\SysWOW64\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_Page_URL==http://go.microsoft.com/fwlink/p/?LinkId=255141


      ''HKCU\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==http://www.google.com
      Default_search_url==http://www.google.com/ie
      Default_Page_URL==http://es.msn.com/?ocid=OIE9HP


      HKEY_USERS\S-1-5-21-2740241004-677332191-125143886-1001\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==http://www.google.com
      Default_search_url==http://www.google.com/ie
      Default_Page_URL==http://es.msn.com/?ocid=OIE9HP


      >>>>>> Extensiones Firefox <<<<<<



      >>>>>> Plugins Firefox <<<<<<

      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513

      >>>>>> Google Chrome <<<<<<

      "homepage": "http://www.google.com/",
      "homepage_changed": true,
      "homepage_is_newtabpage": false,


      >>>>>> Extensiones Google Chrome <<<<<<

      C:\Users\Enrique\AppData\Local\Google\Chrome\User Data\Default\Extensions\14
      C:\Users\Enrique\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaammnnnfankbcgnomchiciekdegjfn
      C:\Users\Enrique\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
      C:\Users\Enrique\AppData\Local\Google\Chrome\User Data\Default\Extensions\cngompmodgafkkffefbfbghhciijojjh
      C:\Users\Enrique\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
      C:\Users\Enrique\AppData\Local\Google\Chrome\User Data\Default\Extensions\eneejdflhhhheffkbjbagjgkbhhkbadi
      C:\Users\Enrique\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnbcopcndefcccgdofjadnafjljgofam
      C:\Users\Enrique\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmhhdaimhfblnamlcdijbaakkifakade
      C:\Users\Enrique\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
      C:\Users\Enrique\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmiopbgcekanlhpjkonogoljpfmhpkhf
      C:\Users\Enrique\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
      C:\Users\Enrique\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph
      C:\Users\Enrique\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
      C:\Users\Enrique\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkcdkfohdadbjmlfejhncigcbfkiaamf
      C:\Users\Enrique\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp

      ======== Listado ===========

      [27/03/2013 10:14 a.m.] [27/03/2013 10:12 a.m.] [DI] C:\Users\Enrique\AppData\Roaming\Apple Computer
      [08/02/2012 01:16 a.m.] [08/02/2012 01:16 a.m.] [DI] C:\Users\Enrique\AppData\Roaming\Atheros
      [08/02/2012 01:17 a.m.] [08/02/2012 01:17 a.m.] [DI] C:\Users\Enrique\AppData\Roaming\ATI
      [03/04/2013 08:50 a.m.] [03/04/2013 08:50 a.m.] [DI] C:\Users\Enrique\AppData\Roaming\AVG2013
      [01/04/2013 06:37 p.m.] [01/04/2013 06:37 p.m.] [DI] C:\Users\Enrique\AppData\Roaming\BabSolution
      [09/02/2012 12:12 p.m.] [08/02/2012 02:00 a.m.] [DI] C:\Users\Enrique\AppData\Roaming\CyberLink
      [01/04/2013 06:36 p.m.] [01/04/2013 06:36 p.m.] [DI] C:\Users\Enrique\AppData\Roaming\Delta
      [10/02/2012 10:54 a.m.] [09/02/2012 07:28 p.m.] [DI] C:\Users\Enrique\AppData\Roaming\Downloaded Installations
      [22/08/2012 09:18 p.m.] [22/08/2012 07:56 p.m.] [DI] C:\Users\Enrique\AppData\Roaming\Google
      [08/02/2012 07:57 p.m.] [08/02/2012 01:07 a.m.] [DI] C:\Users\Enrique\AppData\Roaming\Hewlett-Packard
      [09/02/2012 06:41 p.m.] [09/02/2012 06:41 p.m.] [DI] C:\Users\Enrique\AppData\Roaming\HP
      [29/03/2013 08:27 p.m.] [08/02/2012 01:16 a.m.] [DI] C:\Users\Enrique\AppData\Roaming\hpqlog
      [01/04/2013 10:05 a.m.] [16/02/2012 06:49 p.m.] [DI] C:\Users\Enrique\AppData\Roaming\HpUpdate
      [08/02/2012 01:16 a.m.] [08/02/2012 01:16 a.m.] [DI] C:\Users\Enrique\AppData\Roaming\Identities
      [08/02/2012 09:01 p.m.] [08/02/2012 09:01 p.m.] [DI] C:\Users\Enrique\AppData\Roaming\IDT
      [08/02/2012 05:55 p.m.] [08/02/2012 05:52 p.m.] [DI] C:\Users\Enrique\AppData\Roaming\Kingsoft
      [08/02/2012 07:18 p.m.] [08/02/2012 07:18 p.m.] [DI] C:\Users\Enrique\AppData\Roaming\Macromedia
      [01/04/2013 02:00 p.m.] [01/04/2013 02:00 p.m.] [DI] C:\Users\Enrique\AppData\Roaming\Malwarebytes
      [01/04/2013 10:39 a.m.] [23/05/2012 11:14 a.m.] [DI] C:\Users\Enrique\AppData\Roaming\Media Player Classic
      [15/03/2013 04:54 p.m.] [08/02/2012 01:06 a.m.] [SDI] C:\Users\Enrique\AppData\Roaming\Microsoft
      [11/02/2013 12:58 p.m.] [11/02/2013 12:55 p.m.] [D] C:\Users\Enrique\AppData\Roaming\Nico Mak Computing
      [10/02/2012 10:56 a.m.] [09/02/2012 08:10 p.m.] [DI] C:\Users\Enrique\AppData\Roaming\Nitro PDF
      [26/02/2012 07:45 p.m.] [26/02/2012 07:45 p.m.] [DI] C:\Users\Enrique\AppData\Roaming\PC Cleaners
      [27/02/2012 10:00 a.m.] [26/02/2012 07:45 p.m.] [DI] C:\Users\Enrique\AppData\Roaming\PCPro
      [13/03/2013 09:18 a.m.] [13/03/2013 09:18 a.m.] [DI] C:\Users\Enrique\AppData\Roaming\ScreeNet iSaver
      [03/04/2013 03:59 p.m.] [08/02/2012 02:35 p.m.] [DI] C:\Users\Enrique\AppData\Roaming\Skype
      [01/04/2013 12:48 p.m.] [01/04/2013 12:48 p.m.] [DI] C:\Users\Enrique\AppData\Roaming\SUPERAntiSpyware.com
      [08/02/2012 01:16 a.m.] [08/02/2012 01:16 a.m.] [DI] C:\Users\Enrique\AppData\Roaming\Synaptics
      [20/11/2012 01:24 p.m.] [20/11/2012 12:34 p.m.] [D] C:\Users\Enrique\AppData\Roaming\Systweak
      [15/03/2013 01:05 p.m.] [25/02/2012 01:05 p.m.] [DI] C:\Users\Enrique\AppData\Roaming\TuneUp Software
      [01/04/2013 08:23 a.m.] [18/01/2013 07:51 p.m.] [DI] C:\Users\Enrique\AppData\Roaming\vlc
      [08/02/2012 05:49 p.m.] [08/02/2012 05:49 p.m.] [DI] C:\Users\Enrique\AppData\Roaming\Windows Live Writer
      [15/02/2012 01:49 p.m.] [15/02/2012 01:49 p.m.] [DI] C:\Users\Enrique\AppData\Roaming\WinRAR
      [15/02/2012 01:51 p.m.] [15/02/2012 01:51 p.m.] [DI] C:\Users\Enrique\AppData\Roaming\Zbshareware Lab
      [24/11/2011 05:51 p.m.] [24/11/2011 05:50 p.m.] [D] C:\Program Files (x86)\AMD
      [24/11/2011 05:50 p.m.] [24/11/2011 05:50 p.m.] [D] C:\Program Files (x86)\AMD APP
      [27/03/2013 10:09 a.m.] [27/03/2013 10:09 a.m.] [D] C:\Program Files (x86)\Apple Software Update
      [24/11/2011 05:54 p.m.] [24/11/2011 05:53 p.m.] [D] C:\Program Files (x86)\Atheros
      [24/11/2011 05:50 p.m.] [24/11/2011 05:48 p.m.] [D] C:\Program Files (x86)\ATI Technologies
      [21/03/2013 03:50 p.m.] [14/03/2013 01:19 p.m.] [D] C:\Program Files (x86)\AutoLyrics
      [24/11/2011 05:55 p.m.] [24/11/2011 05:54 p.m.] [D] C:\Program Files (x86)\Bluetooth Suite
      [27/02/2012 03:30 p.m.] [27/02/2012 03:30 p.m.] [D] C:\Program Files (x86)\Business Objects
      [24/11/2011 05:53 p.m.] [24/11/2011 05:53 p.m.] [D] C:\Program Files (x86)\Cisco
      [21/03/2013 03:50 p.m.] [15/02/2012 01:48 p.m.] [D] C:\Program Files (x86)\Combined Community Codec Pack
      [01/04/2013 06:45 p.m.] [13/07/2009 10:20 p.m.] [D] C:\Program Files (x86)\Common Files
      [20/01/2013 06:02 p.m.] [24/11/2011 06:01 p.m.] [D] C:\Program Files (x86)\CyberLink
      [01/04/2013 06:36 p.m.] [01/04/2013 06:36 p.m.] [D] C:\Program Files (x86)\Delta
      C:\Program Files (x86)\desktop.ini [HSA] 174 bytes( 0)
      [27/12/2012 11:39 a.m.] [27/12/2012 11:39 a.m.] [D] C:\Program Files (x86)\DsNET Corp
      [24/07/2011 02:20 a.m.] [24/07/2011 02:19 a.m.] [D] C:\Program Files (x86)\Evernote
      [03/04/2013 08:08 a.m.] [03/04/2013 08:08 a.m.] [D] C:\Program Files (x86)\FindLyrics
      [11/01/2013 07:18 p.m.] [22/08/2012 07:42 p.m.] [D] C:\Program Files (x86)\Google
      [25/03/2013 06:16 p.m.] [25/03/2013 06:16 p.m.] [D] C:\Program Files (x86)\Gophoto.it
      [16/11/2012 09:06 p.m.] [24/07/2011 02:11 a.m.] [D] C:\Program Files (x86)\Hewlett-Packard
      [16/02/2012 06:49 p.m.] [09/02/2012 06:34 p.m.] [D] C:\Program Files (x86)\HP
      [24/07/2011 02:26 a.m.] [24/07/2011 02:22 a.m.] [D] C:\Program Files (x86)\HP Games
      [02/04/2013 08:35 a.m.] [01/04/2013 06:41 p.m.] [D] C:\Program Files (x86)\Iminent
      [14/03/2013 02:40 p.m.] [24/07/2011 02:44 a.m.] [HD] C:\Program Files (x86)\InstallShield Installation Information
      [14/03/2013 02:38 p.m.] [13/07/2009 10:20 p.m.] [D] C:\Program Files (x86)\Internet Explorer
      [27/03/2013 10:12 a.m.] [27/03/2013 10:11 a.m.] [D] C:\Program Files (x86)\iTunes
      [01/04/2013 06:42 p.m.] [15/03/2013 04:31 p.m.] [D] C:\Program Files (x86)\LyricsFinder
      [14/03/2013 10:23 p.m.] [20/12/2012 01:58 p.m.] [D] C:\Program Files (x86)\Markets.com MetaTrader
      [21/04/2012 07:18 p.m.] [24/11/2011 06:09 p.m.] [D] C:\Program Files (x86)\Microsoft
      [15/02/2012 01:40 p.m.] [15/02/2012 01:40 p.m.] [D] C:\Program Files (x86)\Microsoft Analysis Services
      [15/03/2013 10:02 a.m.] [15/02/2012 01:39 p.m.] [D] C:\Program Files (x86)\Microsoft Office
      [13/03/2013 08:54 a.m.] [16/05/2012 02:14 p.m.] [D] C:\Program Files (x86)\Microsoft Silverlight
      [19/01/2013 04:44 p.m.] [19/01/2013 04:44 p.m.] [D] C:\Program Files (x86)\Microsoft SkyDrive
      [15/02/2012 01:42 p.m.] [24/07/2011 02:35 a.m.] [D] C:\Program Files (x86)\Microsoft SQL Server Compact Edition
      [15/02/2012 01:42 p.m.] [15/02/2012 01:42 p.m.] [D] C:\Program Files (x86)\Microsoft Sync Framework
      [15/02/2012 01:42 p.m.] [15/02/2012 01:42 p.m.] [D] C:\Program Files (x86)\Microsoft Synchronization Services
      [15/02/2012 01:40 p.m.] [15/02/2012 01:40 p.m.] [D] C:\Program Files (x86)\Microsoft Visual Studio 8
      [15/02/2012 01:42 p.m.] [24/11/2011 05:44 p.m.] [D] C:\Program Files (x86)\Microsoft.NET
      [01/04/2013 06:36 p.m.] [01/04/2013 06:36 p.m.] [D] C:\Program Files (x86)\Mozilla Firefox
      [15/02/2012 01:43 p.m.] [14/07/2009 12:32 a.m.] [D] C:\Program Files (x86)\MSBuild
      [03/04/2012 06:08 p.m.] [03/04/2012 06:08 p.m.] [D] C:\Program Files (x86)\MSECache
      [15/02/2012 01:10 p.m.] [15/02/2012 01:10 p.m.] [D] C:\Program Files (x86)\MSXML 4.0
      [08/02/2012 01:07 a.m.] [24/07/2011 02:20 a.m.] [RD] C:\Program Files (x86)\Online Services
      [18/01/2013 06:30 p.m.] [18/01/2013 06:30 p.m.] [D] C:\Program Files (x86)\Readon Technology
      [24/11/2011 05:52 p.m.] [24/11/2011 05:51 p.m.] [D] C:\Program Files (x86)\Realtek
      [14/07/2009 12:32 a.m.] [14/07/2009 12:32 a.m.] [D] C:\Program Files (x86)\Reference Assemblies
      [21/03/2013 06:30 p.m.] [08/02/2012 02:35 p.m.] [RD] C:\Program Files (x86)\Skype
      [24/11/2011 06:10 p.m.] [24/11/2011 06:10 p.m.] [D] C:\Program Files (x86)\SymSilent
      [20/11/2012 08:00 p.m.] [20/11/2012 12:20 p.m.] [D] C:\Program Files (x86)\TrayDictionary
      [16/01/2013 02:04 p.m.] [16/01/2013 02:04 p.m.] [D] C:\Program Files (x86)\Trusteer
      [13/07/2009 11:57 p.m.] [13/07/2009 11:57 p.m.] [HD] C:\Program Files (x86)\Uninstall Information
      [21/03/2013 03:52 p.m.] [15/02/2012 01:51 p.m.] [D] C:\Program Files (x86)\USB Disk Security
      [24/07/2011 02:21 a.m.] [24/07/2011 02:21 a.m.] [D] C:\Program Files (x86)\WildTangent Games
      [24/07/2011 11:23 a.m.] [14/07/2009 12:32 a.m.] [D] C:\Program Files (x86)\Windows Defender
      [22/02/2013 03:35 p.m.] [24/07/2011 02:33 a.m.] [D] C:\Program Files (x86)\Windows Live
      [24/07/2011 11:23 a.m.] [13/07/2009 10:20 p.m.] [D] C:\Program Files (x86)\Windows Mail
      [24/07/2011 02:19 a.m.] [14/07/2009 12:32 a.m.] [D] C:\Program Files (x86)\Windows Media Player
      [14/07/2009 12:32 a.m.] [13/07/2009 10:20 p.m.] [D] C:\Program Files (x86)\Windows NT
      [24/07/2011 11:23 a.m.] [14/07/2009 12:32 a.m.] [D] C:\Program Files (x86)\Windows Photo Viewer
      [20/11/2010 09:31 p.m.] [14/07/2009 12:32 a.m.] [D] C:\Program Files (x86)\Windows Portable Devices
      [08/02/2012 01:07 a.m.] [14/07/2009 12:32 a.m.] [D] C:\Program Files (x86)\Windows Sidebar
      [21/03/2013 03:50 p.m.] [15/02/2012 01:48 p.m.] [D] C:\Program Files (x86)\WinRAR
      [25/03/2013 06:41 p.m.] [25/03/2013 06:41 p.m.] [D] C:\Program Files (x86)\XingHaoLyrics
      [23/01/2013 08:46 a.m.] [23/01/2013 08:45 a.m.] [D] C:\Program Files (x86)\XULRunner
      [29/03/2013 04:26 p.m.] [24/07/2011 02:38 a.m.] [DI] C:\ProgramData\Adobe
      [24/11/2011 05:49 p.m.] [24/11/2011 05:49 p.m.] [DI] C:\ProgramData\AMD
      [27/03/2013 10:09 a.m.] [27/03/2013 10:07 a.m.] [DI] C:\ProgramData\Apple
      [27/03/2013 10:11 a.m.] [27/03/2013 10:11 a.m.] [DI] C:\ProgramData\Apple Computer
      [14/07/2009 12:08 a.m.] [14/07/2009 12:08 a.m.] [HSDLI] C:\ProgramData\Application Data
      [08/02/2012 01:17 a.m.] [24/11/2011 05:53 p.m.] [DI] C:\ProgramData\Atheros
      [24/11/2011 06:18 p.m.] [24/11/2011 06:18 p.m.] [DI] C:\ProgramData\ATI
      [03/04/2013 11:19 a.m.] [03/04/2013 08:44 a.m.] [DI] C:\ProgramData\AVG2013
      [01/04/2013 06:38 p.m.] [01/04/2013 06:38 p.m.] [DI] C:\ProgramData\BrowserProtect
      [14/03/2013 06:27 p.m.] [14/03/2013 06:27 p.m.] [HD] C:\ProgramData\Common Files
      [20/01/2013 06:01 p.m.] [24/11/2011 06:09 p.m.] [DI] C:\ProgramData\CyberLink
      [15/03/2013 05:59 p.m.] [18/06/2012 11:38 a.m.] [DI] C:\ProgramData\DatacardService
      [08/02/2012 01:06 a.m.] [08/02/2012 01:06 a.m.] [HSDLI] C:\ProgramData\Datos de programa
      [14/07/2009 12:08 a.m.] [14/07/2009 12:08 a.m.] [HSDLI] C:\ProgramData\Desktop
      [08/02/2012 01:06 a.m.] [08/02/2012 01:06 a.m.] [HSDLI] C:\ProgramData\Documentos
      [14/07/2009 12:08 a.m.] [14/07/2009 12:08 a.m.] [HSDLI] C:\ProgramData\Documents
      [08/02/2012 01:06 a.m.] [08/02/2012 01:06 a.m.] [HSDLI] C:\ProgramData\Escritorio
      [14/07/2009 12:08 a.m.] [14/07/2009 12:08 a.m.] [HSDLI] C:\ProgramData\Favorites
      [08/02/2012 01:06 a.m.] [08/02/2012 01:06 a.m.] [HSDLI] C:\ProgramData\Favoritos
      [15/02/2012 02:40 p.m.] [15/02/2012 02:40 p.m.] [DI] C:\ProgramData\FLEXnet
      [22/08/2012 07:43 p.m.] [22/08/2012 07:42 p.m.] [DI] C:\ProgramData\Google
      [08/02/2012 04:02 p.m.] [24/07/2011 02:28 a.m.] [DI] C:\ProgramData\Hewlett-Packard
      [10/02/2012 01:19 p.m.] [09/02/2012 06:32 p.m.] [DI] C:\ProgramData\HP
      [10/02/2012 01:19 p.m.] [10/02/2012 01:19 p.m.] [DI] C:\ProgramData\HP Product Assistant
      [09/02/2012 06:54 p.m.] [09/02/2012 06:54 p.m.] [DI] C:\ProgramData\HPSSUPPLY
      C:\ProgramData\hpzinstall.log [AI] 11.3 KB 0
      [18/06/2012 11:41 a.m.] [18/06/2012 11:41 a.m.] [DI] C:\ProgramData\Internet Movil Unefon
      [21/03/2013 07:47 p.m.] [21/03/2013 07:47 p.m.] [DI] C:\ProgramData\Logs
      [01/04/2013 02:00 p.m.] [01/04/2013 02:00 p.m.] [DI] C:\ProgramData\Malwarebytes
      [22/03/2012 02:24 p.m.] [23/02/2012 12:14 p.m.] [DI] C:\ProgramData\Maximizer
      [08/02/2012 01:06 a.m.] [08/02/2012 01:06 a.m.] [HSDLI] C:\ProgramData\Menú Inicio
      [20/12/2012 01:51 p.m.] [20/12/2012 01:51 p.m.] [DI] C:\ProgramData\MetaQuotes
      [03/04/2013 11:39 a.m.] [03/04/2013 08:30 a.m.] [DI] C:\ProgramData\MFAData
      [31/03/2013 05:31 p.m.] [13/07/2009 10:20 p.m.] [SDI] C:\ProgramData\Microsoft
      [21/03/2013 06:05 p.m.] [15/02/2012 01:39 p.m.] [DI] C:\ProgramData\Microsoft Help
      [19/01/2013 04:43 p.m.] [19/01/2013 04:43 p.m.] [DI] C:\ProgramData\Microsoft SkyDrive
      [26/03/2013 12:03 p.m.] [26/03/2013 12:03 p.m.] [DI] C:\ProgramData\Mozilla
      [10/02/2012 10:56 a.m.] [09/02/2012 08:09 p.m.] [DI] C:\ProgramData\Nitro PDF
      [09/02/2012 05:01 p.m.] [24/11/2011 06:03 p.m.] [DI] C:\ProgramData\Norton
      [24/11/2011 06:03 p.m.] [24/11/2011 06:03 p.m.] [DI] C:\ProgramData\NortonInstaller
      C:\ProgramData\ntuser.dat [AI] 256 KB 0
      C:\ProgramData\ntuser.dat.LOG1 [HSAI] 5.00 KB 0
      C:\ProgramData\ntuser.dat.LOG2 [HSAI] 0 bytes 0
      C:\ProgramData\ntuser.dat{03e20177-9ad9-11e2-b89c-74de2bafc85a}.TM.blf [HSAI] 64.0 KB 0
      C:\ProgramData\ntuser.dat{03e20177-9ad9-11e2-b89c-74de2bafc85a}.TMContainer00000000000000000001.regtrans-ms [HSAI] 512 KB 0
      C:\ProgramData\ntuser.dat{03e20177-9ad9-11e2-b89c-74de2bafc85a}.TMContainer00000000000000000002.regtrans-ms [HSAI] 512 KB 0
      C:\ProgramData\ntuser.dat{03e20182-9ad9-11e2-b89c-74de2bafc85a}.TM.blf [HSAI] 64.0 KB 0
      C:\ProgramData\ntuser.dat{03e20182-9ad9-11e2-b89c-74de2bafc85a}.TMContainer00000000000000000001.regtrans-ms [HSAI] 512 KB 0
      C:\ProgramData\ntuser.dat{03e20182-9ad9-11e2-b89c-74de2bafc85a}.TMContainer00000000000000000002.regtrans-ms [HSAI] 512 KB 0
      [26/02/2012 07:43 p.m.] [26/02/2012 07:43 p.m.] [DI] C:\ProgramData\PC1Data
      [08/02/2012 01:06 a.m.] [08/02/2012 01:06 a.m.] [HSDLI] C:\ProgramData\Plantillas
      [18/01/2013 06:52 p.m.] [18/01/2013 06:52 p.m.] [DI] C:\ProgramData\Readon
      [31/03/2013 01:14 p.m.] [08/02/2012 02:35 p.m.] [DI] C:\ProgramData\Skype
      [31/03/2013 05:30 p.m.] [28/03/2013 08:24 a.m.] [DI] C:\ProgramData\Spybot - Search & Destroy
      [14/07/2009 12:08 a.m.] [14/07/2009 12:08 a.m.] [HSDLI] C:\ProgramData\Start Menu
      [21/03/2013 07:47 p.m.] [24/11/2011 06:00 p.m.] [DI] C:\ProgramData\Temp
      [14/07/2009 12:08 a.m.] [14/07/2009 12:08 a.m.] [HSDLI] C:\ProgramData\Templates
      [16/01/2013 01:58 p.m.] [16/01/2013 01:58 p.m.] [DI] C:\ProgramData\Trusteer
      [14/03/2013 06:29 p.m.] [25/02/2012 01:05 p.m.] [DI] C:\ProgramData\TuneUp Software
      [09/02/2012 06:41 p.m.] [09/02/2012 06:41 p.m.] [DI] C:\ProgramData\WEBREG
      [06/06/2012 05:08 p.m.] [24/07/2011 02:21 a.m.] [DI] C:\ProgramData\WildTangent
      [15/02/2012 01:52 p.m.] [15/02/2012 01:51 p.m.] [DI] C:\ProgramData\Zbshareware Lab
      [15/03/2013 03:19 p.m.] [27/02/2012 12:35 p.m.] [HSD] C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
      [14/03/2013 06:43 p.m.] [25/02/2012 01:04 p.m.] [HSD] C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
      [14/03/2013 06:43 p.m.] [16/11/2012 09:04 p.m.] [DI] C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
      [15/03/2013 05:56 p.m.] [14/03/2013 06:27 p.m.] [HSD] C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}

      ==================== EOF ==================