• Registrarse
  • Iniciar sesión


  • Resultados 1 al 6 de 6

    Eliminar qvo6 (Solucionado)

    Resumen del tema: Eliminar qvo6 (Solucionado) - SE ME HA INSTALADO ESTE HIJACKER Y EH SEGUIDO ALGUNAS DE LAS INSTRUCCIONES QUE ENCONTRE AQUI EN EL FOR QUE FUE DESCARGAR EL AT-DESTROYER Y DESPUES EL ADW CLEANER, AL PARECER YA SE SOLUCIONO EL ...

      
    1. #1
      Usuario Avatar de lau394
      Registrado
      jul 2013
      Ubicación
      mexico
      Mensajes
      4

      Eliminar qvo6 (Solucionado)

      SE ME HA INSTALADO ESTE HIJACKER Y EH SEGUIDO ALGUNAS DE LAS INSTRUCCIONES QUE ENCONTRE AQUI EN EL FOR QUE FUE DESCARGAR EL AT-DESTROYER Y DESPUES EL ADW CLEANER, AL PARECER YA SE SOLUCIONO EL PROBLEMA PERO NO ESTOY DEL TODO SEGURA, SI ALGUIEN PUDIERA REVISAR LOS INFORMES QUE ME ARROJARON ESTAS HERRAMIENTAS PARA SABER SI SE A ELIMINADO POR COMPLETO LO AGRADECERIA. SALUDOS!

      - INFROME DE AT-DESTROYER.

      ######################## AT-Destroyer [2.1] By Infospyware.
      Hora/Día/Mes/Año: 14:51:45 \\\ 18/07/2013
      AT-Destroyer 2.1 By Infospyware ---> www.infospyware.com
      Última actualización: 30/11/2012
      Opción escogida: 2 :Buscar y Destruir
      Versión Internet Explorer:9.0.8112.16421
      Google Chrome:28.0.1500.72
      Privilegios: Gaby - Administrador
      Modo Actual: Modo Normal.
      Nombre del pc: GABY-PC
      Información del sistema operativo:X86-WIN_7-Service Pack 1
      nombre del usuario:Gaby
      Lenguaje del sistema: Español



      >>>>>>> Servicios <<<<<<<



      >>>>>> Carpetas <<<<<<

      C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504} 97
      C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Cache 97
      C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.dat 97
      C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe 97
      C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico 97
      C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll 97
      C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll 97
      C:\ProgramData\Tarma Installer 97


      >>>>>> Archivos <<<<<<



      >>>>>> Registro <<<<<<

      HKLM\SOFTWARE\Tarma Installer


      >>>>>> Heurística <<<<<<



      >>>>>> Internet Explorer <<<<<<

      Start Page==www.google.com
      Local Page==
      Search Page==http://go.microsoft.com/fwlink/?linkid=42826
      Default_search_url==http://go.microsoft.com/fwlink/?linkid=42826
      Default_Page_URL==http://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=TOSHIBAXMK2035GSS_Z7IUTFF7TXXZ7IUTFF7T&ts=1374175148


      ''HKCU\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==
      Default_Page_URL==http://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=TOSHIBAXMK2035GSS_Z7IUTFF7TXXZ7IUTFF7T&ts=1374175148


      HKEY_USERS\S-1-5-21-595007499-1025124026-2475062455-1000\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==
      Default_Page_URL==http://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=TOSHIBAXMK2035GSS_Z7IUTFF7TXXZ7IUTFF7T&ts=1374175148


      >>>>>> Firefox <<<<<<

      user_pref("browser.startup.homepage", "http://google.com");


      >>>>>> Plugins Firefox <<<<<<

      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.21.2
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/McAfeeMssPlugin
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.4
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader

      >>>>>> Google Chrome <<<<<<

      "homepage": "http://www.google.com/",
      "homepage_changed": true,
      "homepage_is_newtabpage": false,


      >>>>>> Extensiones Google Chrome <<<<<<

      C:\Users\Gaby\AppData\Local\Google\Chrome\User Data\Default\Extensions\6
      C:\Users\Gaby\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
      C:\Users\Gaby\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
      C:\Users\Gaby\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
      C:\Users\Gaby\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
      C:\Users\Gaby\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
      C:\Users\Gaby\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

      ======== Listado ===========

      [5/14/2010 2:31 AM] [5/14/2010 2:31 AM] [DI] C:\Users\Gaby\AppData\Roaming\Ahead
      [8/9/2012 1:23 PM] [8/9/2012 1:23 PM] [DI] C:\Users\Gaby\AppData\Roaming\AhnLab
      [11/5/2012 5:23 PM] [11/18/2011 9:46 AM] [DI] C:\Users\Gaby\AppData\Roaming\Ansys
      [11/16/2011 1:12 PM] [11/16/2011 1:12 PM] [DI] C:\Users\Gaby\AppData\Roaming\Auslogics
      [10/22/2010 5:01 PM] [9/23/2010 9:07 AM] [DI] C:\Users\Gaby\AppData\Roaming\Autodesk
      [6/4/2010 8:22 PM] [6/4/2010 8:22 PM] [DI] C:\Users\Gaby\AppData\Roaming\DassaultSystemes
      [6/4/2013 9:42 PM] [6/4/2013 9:42 PM] [DI] C:\Users\Gaby\AppData\Roaming\DSite
      [11/8/2010 8:06 PM] [11/8/2010 8:06 PM] [DI] C:\Users\Gaby\AppData\Roaming\DWGeditor
      [7/18/2013 2:18 PM] [7/18/2013 2:18 PM] [DI] C:\Users\Gaby\AppData\Roaming\eIntaller
      [11/25/2011 8:27 PM] [11/25/2011 8:27 PM] [DI] C:\Users\Gaby\AppData\Roaming\FL_SIM_P4_DEMO_D
      [5/28/2010 10:43 PM] [5/28/2010 10:43 PM] [DI] C:\Users\Gaby\AppData\Roaming\Google
      [5/14/2010 1:37 AM] [5/14/2010 1:37 AM] [DI] C:\Users\Gaby\AppData\Roaming\Identities
      [5/14/2010 3:21 AM] [5/14/2010 3:21 AM] [DI] C:\Users\Gaby\AppData\Roaming\InstallShield
      [11/18/2011 5:09 PM] [11/18/2011 5:08 PM] [DI] C:\Users\Gaby\AppData\Roaming\Launcher
      [5/14/2010 3:14 AM] [5/14/2010 2:32 AM] [DI] C:\Users\Gaby\AppData\Roaming\Macromedia
      [9/10/2010 11:20 AM] [9/10/2010 11:18 AM] [DI] C:\Users\Gaby\AppData\Roaming\Mathematica
      [5/14/2010 2:43 AM] [5/14/2010 2:43 AM] [DI] C:\Users\Gaby\AppData\Roaming\Media Player Classic
      [5/2/2013 7:35 PM] [5/14/2010 1:36 AM] [SDI] C:\Users\Gaby\AppData\Roaming\Microsoft
      [6/25/2011 8:40 PM] [8/17/2010 8:33 PM] [DI] C:\Users\Gaby\AppData\Roaming\Mozilla
      [6/25/2011 8:39 PM] [6/25/2011 8:39 PM] [DI] C:\Users\Gaby\AppData\Roaming\Octoshape
      [5/14/2010 8:52 PM] [5/14/2010 8:51 AM] [DI] C:\Users\Gaby\AppData\Roaming\Screenshot Sender
      [7/17/2013 4:59 PM] [12/4/2012 7:43 PM] [DI] C:\Users\Gaby\AppData\Roaming\Skype
      [5/9/2013 6:48 PM] [5/14/2010 10:55 AM] [DI] C:\Users\Gaby\AppData\Roaming\SolidWorks
      [11/23/2012 2:26 PM] [11/23/2012 2:26 PM] [DI] C:\Users\Gaby\AppData\Roaming\SolidWorks 2012
      [9/29/2012 10:23 PM] [5/14/2010 3:24 AM] [DI] C:\Users\Gaby\AppData\Roaming\Uniblue
      [11/28/2011 10:05 PM] [11/28/2011 10:03 PM] [DI] C:\Users\Gaby\AppData\Roaming\vlc
      [5/14/2010 3:21 AM] [5/14/2010 3:21 AM] [DI] C:\Users\Gaby\AppData\Roaming\WinBatch
      [8/6/2012 1:03 PM] [8/6/2012 1:03 PM] [DI] C:\Users\Gaby\AppData\Roaming\Windows Live Writer
      [5/14/2010 2:31 AM] [5/14/2010 2:31 AM] [DI] C:\Users\Gaby\AppData\Roaming\WinRAR
      [8/7/2012 10:29 PM] [8/7/2012 10:29 PM] [D] C:\Program Files\AhnLab
      [5/14/2010 10:45 AM] [5/14/2010 10:45 AM] [D] C:\Program Files\Alcohol Soft
      [5/14/2010 3:06 AM] [5/14/2010 3:06 AM] [D] C:\Program Files\Alwil Software
      [11/18/2011 4:30 PM] [11/18/2011 9:11 AM] [D] C:\Program Files\ANSYS Inc
      [5/14/2010 1:36 AM] [5/14/2010 1:36 AM] [HSDLI] C:\Program Files\Archivos comunes
      [11/16/2011 10:51 AM] [11/16/2011 10:51 AM] [D] C:\Program Files\Auslogics
      [7/9/2012 9:59 PM] [9/23/2010 9:14 AM] [D] C:\Program Files\Autodesk
      [7/9/2010 1:54 PM] [7/9/2010 12:51 PM] [D] C:\Program Files\BearShare Applications
      [10/29/2012 9:09 PM] [10/29/2012 9:09 PM] [D] C:\Program Files\Bonjour
      [5/14/2010 3:22 AM] [5/14/2010 3:22 AM] [D] C:\Program Files\Camera Assistant Software for Toshiba
      [11/16/2011 10:50 AM] [11/16/2011 10:50 AM] [D] C:\Program Files\CCleaner
      [6/4/2013 10:44 PM] [7/13/2009 9:37 PM] [D] C:\Program Files\Common Files
      [7/18/2013 2:26 PM] [7/18/2013 2:21 PM] [D] C:\Program Files\Desk 365
      C:\Program Files\desktop.ini [HSA] 174 bytes( 0)
      [5/11/2013 10:50 PM] [5/11/2013 10:49 PM] [D] C:\Program Files\DIFX
      [5/14/2010 10:06 AM] [5/14/2010 10:06 AM] [D] C:\Program Files\Driver-Soft
      [11/15/2011 1:35 PM] [7/13/2009 11:52 PM] [D] C:\Program Files\DVD Maker
      [11/12/2010 1:10 PM] [11/12/2010 12:53 PM] [D] C:\Program Files\Edgecam
      [11/12/2010 1:18 PM] [11/12/2010 1:18 PM] [D] C:\Program Files\Edgecam Server 2010.20.0
      [3/8/2013 6:08 PM] [3/8/2013 6:08 PM] [D] C:\Program Files\EPSON Projector
      [6/5/2013 11:08 PM] [5/28/2010 10:11 PM] [D] C:\Program Files\Google
      [6/4/2013 10:44 PM] [6/4/2013 9:42 PM] [D] C:\Program Files\GPLGS
      [6/4/2013 10:44 PM] [6/4/2013 9:44 PM] [D] C:\Program Files\Iminent
      [11/27/2011 12:39 PM] [5/14/2010 3:22 AM] [HD] C:\Program Files\InstallShield Installation Information
      [11/16/2011 10:34 AM] [7/13/2009 9:37 PM] [D] C:\Program Files\Internet Explorer
      [6/13/2012 4:10 PM] [5/14/2010 2:27 AM] [D] C:\Program Files\Java
      [5/14/2010 2:31 AM] [5/14/2010 2:31 AM] [D] C:\Program Files\K-Lite Codec Pack
      [9/23/2010 1:03 PM] [9/23/2010 1:03 PM] [D] C:\Program Files\LizardTech
      [2/20/2013 6:08 PM] [5/9/2012 6:13 PM] [D] C:\Program Files\McAfee Security Scan
      [10/5/2010 10:15 AM] [5/14/2010 2:24 AM] [D] C:\Program Files\Messenger Plus! Live
      [7/27/2012 8:37 PM] [5/14/2010 8:24 AM] [D] C:\Program Files\Microsoft
      [11/16/2011 9:48 AM] [11/16/2011 9:48 AM] [D] C:\Program Files\Microsoft CAPICOM 2.1.0.2
      [10/13/2010 10:52 AM] [10/13/2010 10:52 AM] [D] C:\Program Files\Microsoft Chart Controls
      [7/13/2009 11:52 PM] [7/13/2009 11:52 PM] [D] C:\Program Files\Microsoft Games
      [9/9/2010 8:07 PM] [9/9/2010 8:07 PM] [D] C:\Program Files\Microsoft IntelliPoint
      [11/16/2011 3:57 PM] [5/14/2010 2:28 AM] [D] C:\Program Files\Microsoft Office
      [11/16/2011 4:08 PM] [11/16/2011 10:53 AM] [D] C:\Program Files\Microsoft Security Client
      [5/15/2013 10:42 AM] [5/14/2010 9:15 AM] [D] C:\Program Files\Microsoft Silverlight
      [11/16/2011 10:06 AM] [11/12/2010 12:59 PM] [D] C:\Program Files\Microsoft SQL Server
      [5/7/2011 2:12 PM] [5/7/2011 2:12 PM] [D] C:\Program Files\Microsoft Sync Framework
      [5/14/2010 9:42 AM] [5/14/2010 9:42 AM] [D] C:\Program Files\Microsoft Visual Studio
      [5/14/2010 11:16 AM] [5/14/2010 9:37 AM] [D] C:\Program Files\Microsoft Visual Studio 8
      [11/16/2011 9:35 AM] [5/14/2010 9:43 AM] [D] C:\Program Files\Microsoft Works
      [10/13/2010 10:52 AM] [10/13/2010 10:52 AM] [D] C:\Program Files\Microsoft WSE
      [7/9/2012 8:51 PM] [5/14/2010 2:28 AM] [D] C:\Program Files\Microsoft.NET
      [7/18/2011 4:41 PM] [9/18/2010 4:54 PM] [D] C:\Program Files\Mozilla Firefox
      [5/14/2010 9:43 AM] [7/13/2009 11:52 PM] [D] C:\Program Files\MSBuild
      [5/14/2010 11:15 AM] [5/14/2010 11:15 AM] [D] C:\Program Files\MSECache
      [5/14/2010 8:28 AM] [5/14/2010 2:24 AM] [D] C:\Program Files\MSN Messenger
      [11/16/2011 9:12 AM] [11/16/2011 9:12 AM] [D] C:\Program Files\MSXML 4.0
      [5/14/2010 2:31 AM] [5/14/2010 2:31 AM] [D] C:\Program Files\Nero
      [11/23/2012 1:18 PM] [11/23/2012 1:18 PM] [D] C:\Program Files\NVIDIA Corporation
      [6/13/2012 4:13 PM] [6/13/2012 4:13 PM] [D] C:\Program Files\Oracle
      [6/4/2013 10:44 PM] [6/4/2013 9:41 PM] [D] C:\Program Files\PDFCreator
      [7/13/2009 11:52 PM] [7/13/2009 11:52 PM] [D] C:\Program Files\Reference Assemblies
      [7/12/2013 9:17 PM] [12/4/2012 7:42 PM] [RD] C:\Program Files\Skype
      [11/23/2012 1:14 PM] [5/14/2010 10:57 AM] [D] C:\Program Files\SolidWorks Corp
      [5/14/2010 8:05 AM] [5/14/2010 8:05 AM] [D] C:\Program Files\Synaptics
      [11/18/2010 8:22 PM] [11/17/2010 10:17 AM] [D] C:\Program Files\tarea cnc 2
      [3/23/2012 9:45 AM] [3/23/2012 9:45 AM] [D] C:\Program Files\TheLearningPit
      [7/18/2013 2:19 PM] [7/18/2013 2:17 PM] [D] C:\Program Files\Torntv 2
      [7/18/2013 2:27 PM] [7/18/2013 2:16 PM] [D] C:\Program Files\TornTV.com
      [7/13/2009 11:53 PM] [7/13/2009 11:53 PM] [HD] C:\Program Files\Uninstall Information
      [11/15/2011 1:35 PM] [7/13/2009 11:52 PM] [D] C:\Program Files\Windows Defender
      [12/4/2012 7:45 PM] [5/14/2010 3:24 AM] [D] C:\Program Files\Windows Live
      [5/14/2010 3:09 AM] [5/14/2010 2:24 AM] [D] C:\Program Files\Windows Live Safety Center
      [11/15/2011 1:35 PM] [7/13/2009 9:37 PM] [D] C:\Program Files\Windows Mail
      [11/15/2011 1:35 PM] [7/13/2009 11:52 PM] [D] C:\Program Files\Windows Media Player
      [5/14/2010 1:36 AM] [7/13/2009 9:37 PM] [D] C:\Program Files\Windows NT
      [11/15/2011 1:35 PM] [7/13/2009 11:52 PM] [D] C:\Program Files\Windows Photo Viewer
      [11/15/2011 1:35 PM] [7/13/2009 11:52 PM] [D] C:\Program Files\Windows Portable Devices
      [11/15/2011 1:35 PM] [7/13/2009 11:52 PM] [D] C:\Program Files\Windows Sidebar
      [5/14/2010 2:32 AM] [5/14/2010 2:31 AM] [D] C:\Program Files\WinRAR
      [9/10/2010 11:18 AM] [9/10/2010 11:13 AM] [D] C:\Program Files\Wolfram Research
      [11/29/2011 4:25 PM] [11/29/2011 4:24 PM] [D] C:\Program Files\Zuma's Revenge!
      [5/21/2012 2:07 PM] [5/21/2012 2:02 PM] [D] C:\Program Files\Zune
      [11/18/2011 9:52 AM] [11/18/2011 9:52 AM] [DI] C:\ProgramData\ANSYSInstall
      [10/29/2012 9:09 PM] [10/29/2012 9:09 PM] [DI] C:\ProgramData\Apple
      [7/13/2009 11:53 PM] [7/13/2009 11:53 PM] [HSDLI] C:\ProgramData\Application Data
      [10/22/2010 5:01 PM] [9/23/2010 9:07 AM] [DI] C:\ProgramData\Autodesk
      [6/5/2010 3:23 PM] [6/5/2010 3:22 PM] [DI] C:\ProgramData\Barbie Fashion Show
      [6/4/2013 9:43 PM] [6/4/2013 9:43 PM] [D] C:\ProgramData\BrowserDefender
      [11/20/2012 10:15 PM] [10/13/2010 9:55 AM] [DI] C:\ProgramData\COSMOS Applications
      [10/21/2010 12:09 PM] [6/4/2010 8:22 PM] [DI] C:\ProgramData\DassaultSystemes
      [5/14/2010 1:36 AM] [5/14/2010 1:36 AM] [HSDLI] C:\ProgramData\Datos de programa
      [7/13/2009 11:53 PM] [7/13/2009 11:53 PM] [HSDLI] C:\ProgramData\Desktop
      [5/14/2010 1:36 AM] [5/14/2010 1:36 AM] [HSDLI] C:\ProgramData\Documentos
      [7/13/2009 11:53 PM] [7/13/2009 11:53 PM] [HSDLI] C:\ProgramData\Documents
      [7/18/2013 2:29 PM] [7/18/2013 2:22 PM] [DI] C:\ProgramData\eSafe
      [5/14/2010 1:36 AM] [5/14/2010 1:36 AM] [HSDLI] C:\ProgramData\Escritorio
      [7/13/2009 11:53 PM] [7/13/2009 11:53 PM] [HSDLI] C:\ProgramData\Favorites
      [5/14/2010 1:36 AM] [5/14/2010 1:36 AM] [HSDLI] C:\ProgramData\Favoritos
      [6/18/2011 8:55 PM] [5/14/2010 11:35 AM] [DI] C:\ProgramData\FLEXnet
      [11/15/2011 12:21 PM] [5/28/2010 10:11 PM] [DI] C:\ProgramData\Google
      [11/18/2011 5:08 PM] [11/18/2011 5:08 PM] [DI] C:\ProgramData\Macrovision
      [9/10/2010 11:20 AM] [9/10/2010 11:18 AM] [DI] C:\ProgramData\Mathematica
      [11/28/2010 5:23 PM] [11/28/2010 5:23 PM] [DI] C:\ProgramData\McAfee
      [6/4/2013 10:44 PM] [11/7/2012 10:32 AM] [DI] C:\ProgramData\McAfee Security Scan
      [5/14/2010 1:36 AM] [5/14/2010 1:36 AM] [HSDLI] C:\ProgramData\Menú Inicio
      [5/14/2010 8:48 AM] [5/14/2010 8:48 AM] [DI] C:\ProgramData\Messenger Plus!
      [7/27/2012 8:28 PM] [7/13/2009 9:37 PM] [SDI] C:\ProgramData\Microsoft
      [11/23/2012 1:55 PM] [5/14/2010 9:35 AM] [DI] C:\ProgramData\Microsoft Help
      [5/14/2010 10:03 AM] [5/14/2010 10:03 AM] [DI] C:\ProgramData\Office Genuine Advantage
      [11/12/2010 12:51 PM] [11/12/2010 12:51 PM] [DI] C:\ProgramData\Planit
      [5/14/2010 1:36 AM] [5/14/2010 1:36 AM] [HSDLI] C:\ProgramData\Plantillas
      [12/6/2011 12:12 AM] [12/5/2011 7:59 PM] [DI] C:\ProgramData\PopCap Games
      [11/12/2010 12:51 PM] [11/12/2010 12:51 PM] [DI] C:\ProgramData\SafeNet Sentinel
      [7/12/2013 9:17 PM] [12/4/2012 7:41 PM] [DI] C:\ProgramData\Skype
      [11/23/2012 1:18 PM] [5/14/2010 11:18 AM] [DI] C:\ProgramData\SolidWorks
      [11/29/2011 4:25 PM] [11/29/2011 4:25 PM] [DI] C:\ProgramData\SpinTop Games
      [7/13/2009 11:53 PM] [7/13/2009 11:53 PM] [HSDLI] C:\ProgramData\Start Menu
      [5/14/2010 8:06 AM] [5/14/2010 8:06 AM] [DI] C:\ProgramData\Sun
      [11/29/2011 4:25 PM] [11/29/2011 4:25 PM] [DI] C:\ProgramData\TEMP
      [7/13/2009 11:53 PM] [7/13/2009 11:53 PM] [HSDLI] C:\ProgramData\Templates
      [7/9/2010 2:04 PM] [7/9/2010 12:52 PM] [HDC] C:\ProgramData\{10E4B80E-CFAC-4925-A158-45F03837F2D1}

      ==================== EOF ==================


      -INFROME DE ADWCLEANER


      # AdwCleaner v2.305 - Fichero creado el 18/07/2013 a 15:06:48
      # Actualizado el 11/07/2013 por Xplode
      # Sistema operativo : Windows 7 Starter Service Pack 1 (32 bits)
      # Usuario : Gaby - GABY-PC
      # Modo de inicio : Normal
      # Ejecutado desde : C:\Users\Gaby\Desktop\adwcleaner.exe
      # Opción [Supresión]


      ***** [Servicios] *****


      ***** [Ficheros / Carpetas] *****

      Carpeta Suprimido : C:\Program Files\Iminent
      Carpeta Suprimido : C:\Program Files\TornTV.com
      Carpeta Suprimido : C:\ProgramData\BrowserDefender
      Carpeta Suprimido : C:\ProgramData\eSafe
      Carpeta Suprimido : C:\Users\Gaby\AppData\Local\PackageAware
      Carpeta Suprimido : C:\Users\Gaby\AppData\LocalLow\Conduit
      Carpeta Suprimido : C:\Users\Gaby\AppData\LocalLow\PriceGong
      Carpeta Suprimido : C:\Users\Gaby\AppData\LocalLow\searchquband
      Carpeta Suprimido : C:\Users\Gaby\AppData\Roaming\DSite
      Carpeta Suprimido : C:\Users\Gaby\AppData\Roaming\eIntaller
      Carpeta Suprimido : C:\Users\Gaby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
      Carpeta Suprimido : C:\Users\Gaby\AppData\Roaming\Mozilla\Firefox\Profiles\ccgqkz7n.default\extensions\[email protected]
      Carpeta Suprimido : C:\Users\Gaby\AppData\Roaming\Mozilla\Firefox\Profiles\ccgqkz7n.default\extensions\[email protected]
      Carpeta Suprimido : C:\Users\Gaby\AppData\Roaming\Mozilla\Firefox\Profiles\ccgqkz7n.default\extensions\[email protected]
      Fichero Désinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 12.0\Help\AUTODYN Help.lnk
      Fichero Désinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 12.0\Help\FLUENT Help.lnk
      Fichero Désinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 12.0\Help\Installation & System FAQs.lnk
      Fichero Désinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
      Fichero Désinfected : C:\Users\Gaby\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
      Fichero Désinfected : C:\Users\Gaby\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
      Fichero Désinfected : C:\Users\Gaby\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk
      Fichero Désinfected : C:\Users\Gaby\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
      Fichero Désinfected : C:\Users\Gaby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
      Fichero Désinfected : C:\Users\Gaby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
      Fichero Désinfected : C:\Users\Public\Desktop\Google Chrome.lnk
      Fichero Suprimido : C:\Users\Gaby\AppData\Roaming\Mozilla\Firefox\Profiles\ccgqkz7n.default\searchplugins\Askcom.xml
      Fichero Suprimido : C:\Users\Gaby\AppData\Roaming\Mozilla\Firefox\Profiles\ccgqkz7n.default\searchplugins\Babylon.xml
      Fichero Suprimido : C:\Users\Gaby\AppData\Roaming\Mozilla\Firefox\Profiles\ccgqkz7n.default\searchplugins\delta.xml
      Fichero Suprimido : C:\Users\Gaby\Desktop\TornTV.lnk
      Fichero Suprimido : C:\Windows\system32\conduitEngine.tmp

      ***** [Registro] *****

      Clave Supprimida : HKCU\Software\1ClickDownload
      Clave Supprimida : HKCU\Software\AppDataLow\Software\Crossrider
      Clave Supprimida : HKCU\Software\AppDataLow\Software\PriceGong
      Clave Supprimida : HKCU\Software\AppDataLow\Software\searchqutoolbar
      Clave Supprimida : HKCU\Software\ilivid
      Clave Supprimida : HKCU\Software\InstalledBrowserExtensions
      Clave Supprimida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
      Clave Supprimida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{18EAB056-9057-F224-FD4C-1F6569C4D8D2}
      Clave Supprimida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
      Clave Supprimida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311551178}
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0974BA1E-64EC-11DE-B2A5-E43756D89593}
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311551178}
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
      Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
      Clave Supprimida : HKCU\Software\Softonic
      Clave Supprimida : HKCU\Software\YahooPartnerToolbar
      Clave Supprimida : HKLM\Software\Babylon
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
      Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
      Clave Supprimida : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
      Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311551178}
      Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322552278}
      Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
      Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
      Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
      Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{E49F0B41-3322-11D4-AEFE-00C04F61025C}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Conduit.Engine
      Clave Supprimida : HKLM\SOFTWARE\Classes\CrossriderApp0035578.BHO
      Clave Supprimida : HKLM\SOFTWARE\Classes\CrossriderApp0035578.BHO.1
      Clave Supprimida : HKLM\SOFTWARE\Classes\CrossriderApp0035578.Sandbox
      Clave Supprimida : HKLM\SOFTWARE\Classes\CrossriderApp0035578.Sandbox.1
      Clave Supprimida : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery
      Clave Supprimida : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1
      Clave Supprimida : HKLM\SOFTWARE\Classes\imweb.imwebcontrol
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355555578}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366556678}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
      Clave Supprimida : HKLM\SOFTWARE\Classes\Prod.cap
      Clave Supprimida : HKLM\SOFTWARE\Classes\Toolbar.CT2535292
      Clave Supprimida : HKLM\SOFTWARE\Classes\TypeLib\{252C2315-CCE0-4446-8DA7-C00292A690BA}
      Clave Supprimida : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
      Clave Supprimida : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344554478}
      Clave Supprimida : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
      Clave Supprimida : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
      Clave Supprimida : HKLM\Software\Desksvc
      Clave Supprimida : HKLM\SOFTWARE\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311551178}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311551178}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
      Clave Supprimida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
      Clave Supprimida : HKLM\Software\qvo6Software
      Clave Supprimida : HKLM\Software\V9
      Dato Supprimida : HKLM\...\StartMenuInternet\Google Chrome [(Default)] = "C:\Program Files\Google\Chrome\Application\chrome.exe" hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=TOSHIBAXMK2035GSS_Z7IUTFF7TXXZ7IUTFF7T&ts=1374175148
      Dato Supprimida : HKLM\...\StartMenuInternet\IEXPLORE.EXE [(Default)] = C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=TOSHIBAXMK2035GSS_Z7IUTFF7TXXZ7IUTFF7T&ts=1374175148
      Dato Supprimida : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~1\BEARSH~1\MediaBar\DataMngr\datamngr.dll
      Valor Supprimida : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
      Valor Supprimida : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
      Valor Supprimida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{0974BA1E-64EC-11DE-B2A5-E43756D89593}]

      ***** [Navegadores] *****

      -\\ Internet Explorer v9.0.8112.16421

      Sustituido : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=TOSHIBAXMK2035GSS_Z7IUTFF7TXXZ7IUTFF7T&ts=1374175148 --> hxxp://www.google.com
      Sustituido : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=TOSHIBAXMK2035GSS_Z7IUTFF7TXXZ7IUTFF7T&ts=1374175148 --> hxxp://www.google.com

      -\\ Mozilla Firefox v [Imposible obtener la versión]

      Fichero : C:\Users\Gaby\AppData\Roaming\Mozilla\Firefox\Profiles\ccgqkz7n.default\prefs.js

      Supprimida : user_pref("extensions.asktb.cbid", "3P");
      Supprimida : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://es.ask.com/web?q={query}&o={o}&l={l}&[...]
      Supprimida : user_pref("extensions.asktb.dtid", "VIN007YYMX");
      Supprimida : user_pref("extensions.asktb.l", "dis");
      Supprimida : user_pref("extensions.asktb.last-config-req", "1291781820706");
      Supprimida : user_pref("extensions.asktb.locale", "es_ES");
      Supprimida : user_pref("extensions.asktb.o", "16797");
      Supprimida : user_pref("extensions.asktb.qsrc", "2871");
      Supprimida : user_pref("extensions.asktb.search-suggestions-enabled", true);
      Supprimida : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
      Supprimida : user_pref("extensions.asktb.to", "16797T");

      -\\ Google Chrome v28.0.1500.72

      Fichero : C:\Users\Gaby\AppData\Local\Google\Chrome\User Data\Default\Preferences

      [OK] El fichero no contiene ninguna entrada ilegítima.

      *************************

      AdwCleaner[S1].txt - [13469 octets] - [18/07/2013 15:06:48]

      ########## EOF - C:\AdwCleaner[S1].txt - [13530 octets] ##########

    2. #2
      Moderador Gral.
      Avatar de Javierhf
      Registrado
      jun 2006
      Ubicación
      España - Madrid
      Mensajes
      16.651

      Re: Eliminar qvo6

      Buenas lau394. al Foro.

      Temas que interesa revisar y leer :

      Consejos para antes de publicar un nuevo mensaje.

      Políticas del Foro de InfoSpyware.

      Políticas Foro Oficial de HijackThis en español.

      ¿Cómo subir imágenes al Foro? *TUTORIAL*
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

      Veo que ya hiciste casi todos los pasos, pero todavia queda alguno, sigue estos pasos, en el orden indicado y de uno a uno :

      Descarga y ejecuta >> Ccleaner.

      • Usando primero su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.
      • Después usa su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).


      Descarga, actualiza y ejecuta >> Malwarebytes’ Anti-Malware.

      • En la pestaña Actualizar pulsas sobre el botón "Buscar Actualizaciones"
      • En la pestaña Escáner marcas "Realizar un Examen Completo."
      • Con la opción de "Eliminar lo seleccionado" y Marcando TODO lo que encuentres lo mandas todo a la cuarentena y reinicias el sistema.
      • En la pestaña "Registros", encontrarás el informe del MBAM, lo copias y pegas en tu próxima respuesta, para analizarlo.


      Y finalmente descarga(en el escritorio) >> OTL By OldTimer

      *** Para Ejecutar OTL sigue estos pasos :

      • Cerrar todos programas que tengas abiertos y hacer doble click en el ícono de OTL para ejecutarlo.
      • Dejarlo correr y esperar a que aparezca el menú de OTL..
      • Cuando salga el menú de OTL, debes cambiar debajo de: "Tipo de Análisis" poniendo Resultado Mínimo.
      • Marcar la casilla Analizar Todos.
      • Marcar las opciones: Buscar LOP y Buscar Purity.
      • Marcar las Opciones: Omitir Archivos De Microsoft y Usar Listado de Compañías Reconocidas.
      • Copiar y Pegar las líneas del siguiente script bajo la casilla Análisis Personalizados/Código de Reparación:

        NOTA: No copiar la palabra Código:
        Código:
        netsvcs
        msconfig
        %SYSTEMDRIVE%\*.*
        CREATERESTOREPOINT


      • Por favor No cambies el resto de la configuración a menos que te lo solicitemos.


      • Presionar el botón .
      • Una vez que termine, se abrirán dos (2) archivos, OTL.Txt y Extras.Txt. Éstos archivos estarán grabados en el mismo lugar donde OTL.exe fue descargado.
      • Copiar y pegar el contenido del archivo OTL.txt en tu próxima respuesta.


      En tu próxima respuesta recuerda :

      - Ponernos los informes de Malwarebytes y OTL.txt, en este orden.

      - Y nos cuentas como funciona tu equipo, en relación al problema planteado.

      Saludos, Javier.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de lau394
      Registrado
      jul 2013
      Ubicación
      mexico
      Mensajes
      4

      Re: Eliminar qvo6

      -INFORME DE Malwarebytes

      Malwarebytes Anti-Malware (Versión de Prueba) 1.75.0.1300
      Malwarebytes : Free anti-malware download

      Versión de la Base de Datos: v2013.07.20.04

      Windows 7 Service Pack 1 x86 NTFS
      Internet Explorer 9.0.8112.16421
      Gaby :: GABY-PC [administrador]

      Protección: Habilitado

      7/20/2013 10:30:13 AM
      mbam-log-2013-07-20 (10-30-13).txt

      Tipos de Análisis: Análisis Completo (C:\|)
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 608362
      Tiempo transcurrido: 3 hora(s), 25 minuto(s),

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 6
      C:\Users\Gaby\Desktop\AUTODESK.AUTOCAD.INVENTOR.SUITE.V2011-ISO_DVD1\Crack\xf-a2011-64bits.rar (RiskWare.Tool.CK) -> En cuarentena y eliminado con éxito.
      C:\Users\Gaby\Desktop\SW12\solid\CRACKS.rar (Trojan.Agent) -> En cuarentena y eliminado con éxito.
      C:\Users\Gaby\Downloads\AVS Media Player.exe (PUP.AdBundler) -> En cuarentena y eliminado con éxito.
      C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_RU.dll (Malware.Packer.GenX) -> En cuarentena y eliminado con éxito.
      C:\mttt\EDGE\keygen.exe (Trojan.Agent) -> En cuarentena y eliminado con éxito.
      C:\system\unins000.exe (Trojan.SpyEyes.R) -> En cuarentena y eliminado con éxito.

      fin)

      - INFORME DE OTL.txt

      OTL logfile created on: 7/20/2013 9:15:48 PM - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gaby\Desktop
      Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00000409 | Country: Estados Unidos | Language: ENU | Date Format: M/d/yyyy

      894.05 Mb Total Physical Memory | 357.12 Mb Available Physical Memory | 39.94% Memory free
      1.87 Gb Paging File | 0.91 Gb Available in Paging File | 48.84% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
      Drive C: | 186.21 Gb Total Space | 80.20 Gb Free Space | 43.07% Space Free | Partition Type: NTFS
      Drive F: | 5.36 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

      Computer Name: GABY-PC | User Name: Gaby | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: All users
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\Gaby\Desktop\OTL.exe (OldTimer Tools)
      PRC - C:\Users\Gaby\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
      PRC - C:\Archivos de programa\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      PRC - C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      PRC - C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
      PRC - C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      PRC - C:\Archivos de programa\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
      PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
      PRC - C:\Archivos de programa\Common Files\SolidWorks Installation Manager\BackgroundDownloading\sldBgDwld.exe (Dassault Systèmes SolidWorks Corp.)
      PRC - C:\Archivos de programa\Zune\ZuneLauncher.exe (Microsoft Corporation)
      PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\Microsoft Security Client\msseces.exe (Microsoft Corporation)
      PRC - c:\Archivos de programa\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
      PRC - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
      PRC - C:\Windows\explorer.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\EPSON Projector\Epson USB Display V1.5\EMP_UDSA.exe (SEIKO EPSON CORPORATION)
      PRC - c:\Archivos de programa\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
      PRC - c:\Archivos de programa\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
      PRC - c:\Archivos de programa\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
      PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe ()
      PRC - C:\Archivos de programa\Common Files\SafeNet Sentinel\Sentinel RMS License Manager\WinNT\lservnt.exe (SafeNet, Inc.)
      PRC - C:\Archivos de programa\ANSYS Inc\Shared Files\Licensing\win32\ansysli_server.exe (ANSYS, Inc.)
      PRC - C:\Archivos de programa\ANSYS Inc\Shared Files\Licensing\win32\ansysli_monitor.exe ()
      PRC - C:\Archivos de programa\ANSYS Inc\Shared Files\Licensing\win32\ansyslmd.exe ()
      PRC - C:\Archivos de programa\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
      PRC - C:\Archivos de programa\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
      PRC - C:\Users\Gaby\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS)
      PRC - C:\Archivos de programa\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
      PRC - C:\Archivos de programa\Synaptics\SynTP\SynToshiba.exe (Synaptics, Inc.)
      PRC - C:\Archivos de programa\ANSYS Inc\Shared Files\Licensing\win32\lmgrd.exe (Macrovision Corporation)
      PRC - C:\Archivos de programa\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)


      ========== Modules (No Company Name) ==========


      ========== Services (SafeList) ==========

      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (Akamai) -- c:\program files\common files\akamai/netsession_win_8fa3539.dll ()
      SRV - (SkypeUpdate) -- C:\Archivos de programa\Skype\Updater\Updater.exe (Skype Technologies)
      SRV - (AdobeARMservice) -- C:\Archivos de programa\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      SRV - (MBAMService) -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
      SRV - (MBAMScheduler) -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
      SRV - (McComponentHostService) -- C:\Archivos de programa\McAfee Security Scan\3.0.318\McCHSvc.exe (McAfee, Inc.)
      SRV - (SolidWorks Licensing Service) -- C:\Archivos de programa\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe (SolidWorks)
      SRV - (FLEXnet Licensing Service) -- C:\Archivos de programa\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Flexera Software, Inc.)
      SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
      SRV - (fsssvc) -- C:\Archivos de programa\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
      SRV - (CoordinatorServiceHost) -- C:\Archivos de programa\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe (Dassault Systèmes SolidWorks Corp.)
      SRV - (ZuneWlanCfgSvc) -- C:\Archivos de programa\Zune\ZuneWlanCfgSvc.exe (Microsoft Corporation)
      SRV - (WMZuneComm) -- C:\Archivos de programa\Zune\WMZuneComm.exe (Microsoft Corporation)
      SRV - (ZuneNetworkSvc) -- C:\Archivos de programa\Zune\ZuneNss.exe (Microsoft Corporation)
      SRV - (odserv) -- C:\Archivos de programa\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
      SRV - (NisSrv) -- c:\Archivos de programa\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)
      SRV - (MsMpSvc) -- c:\Archivos de programa\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
      SRV - (wlidsvc) -- C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
      SRV - (EMP_UDSA) -- C:\Archivos de programa\EPSON Projector\Epson USB Display V1.5\EMP_UDSA.exe (SEIKO EPSON CORPORATION)
      SRV - (SQLWriter) -- c:\Archivos de programa\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
      SRV - (MSSQL$ECSQLEXPRESS) -- c:\Archivos de programa\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
      SRV - (SQLBrowser) -- c:\Archivos de programa\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
      SRV - (MSSQLServerADHelper) -- c:\Archivos de programa\Microsoft SQL Server\90\Shared\sqladhlp90.exe (Microsoft Corporation)
      SRV - (WMPNetworkSvc) -- C:\Archivos de programa\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
      SRV - (wlcrasvc) -- C:\Archivos de programa\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
      SRV - (mitsijm2011) -- C:\Archivos de programa\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe ()
      SRV - (Sentinel RMS License Manager) -- C:\Archivos de programa\Common Files\SafeNet Sentinel\Sentinel RMS License Manager\WinNT\lservnt.exe (SafeNet, Inc.)
      SRV - (WinDefend) -- C:\Archivos de programa\Windows Defender\MpSvc.dll (Microsoft Corporation)
      SRV - (ANSYS, Inc. License Manager) -- C:\Archivos de programa\ANSYS Inc\Shared Files\Licensing\win32\ansysli_server.exe (ANSYS, Inc.)
      SRV - (Microsoft Office Groove Audit Service) -- C:\Archivos de programa\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
      SRV - (StarWindServiceAE) -- C:\Archivos de programa\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
      SRV - (ose) -- C:\Archivos de programa\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
      SRV - (msvsmon80) -- C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe (Microsoft Corporation)


      ========== Driver Services (SafeList) ==========

      DRV - (Mkd2Bthf) -- system32\drivers\Mkd2Bthf.sys File not found
      DRV - (ao72oq4h) -- File not found
      DRV - (AhnRec2K) -- C:\Windows\system32\drivers\AhnRec2K.sys File not found
      DRV - (AhnFlt2K) -- C:\Windows\system32\drivers\AhnFlt2K.sys File not found
      DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
      DRV - (Mkd2kfNt) -- C:\Windows\System32\drivers\Mkd2kfNT.sys (AhnLab, Inc.)
      DRV - (Mkd2Nadr) -- C:\Windows\System32\drivers\Mkd2Nadr.sys (AhnLab, Inc.)
      DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
      DRV - (MpNWMon) -- C:\Windows\System32\drivers\MpNWMon.sys (Microsoft Corporation)
      DRV - (eppvad_simple) -- C:\Windows\System32\drivers\EMP_UDAU.sys (SEIKO EPSON CORPORATION)
      DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
      DRV - (Haspnt) -- C:\Windows\System32\drivers\Haspnt.sys (Aladdin Knowledge Systems)
      DRV - (dc3d) -- C:\Windows\System32\drivers\dc3d.sys (Microsoft Corporation)
      DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys ()
      DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
      DRV - (Sentinel) -- C:\Windows\System32\drivers\sentinel.sys (SafeNet, Inc.)
      DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
      DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (LSI Corp)
      DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
      DRV - (UVCFTR) -- C:\Windows\System32\drivers\UVCFTR_S.SYS (Chicony Electronics Co., Ltd.)
      DRV - (TVALZ) -- C:\Windows\System32\drivers\TVALZ_O.SYS (TOSHIBA Corporation)
      DRV - (tifm21) -- C:\Windows\System32\drivers\tifm21.sys (Texas Instruments)
      DRV - (Hardlock) -- C:\Windows\System32\drivers\hardlock.sys (Aladdin Knowledge Systems Ltd.)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Google
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKLM\..\SearchScopes,DefaultScope =
      IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = http://search.bearshare.com/web?src=ieb&q={searchTerms}


      IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
      IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
      IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

      IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
      IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
      IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

      IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

      IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

      IE - HKU\S-1-5-21-595007499-1025124026-2475062455-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Google
      IE - HKU\S-1-5-21-595007499-1025124026-2475062455-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
      IE - HKU\S-1-5-21-595007499-1025124026-2475062455-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = Noticias, Deportes, Entretenimiento, Videos, Música, Cine y Estilos de Vida en Prodigy MSN
      IE - HKU\S-1-5-21-595007499-1025124026-2475062455-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es-mx
      IE - HKU\S-1-5-21-595007499-1025124026-2475062455-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D9 03 10 AD CB 0C CB 01 [binary data]
      IE - HKU\S-1-5-21-595007499-1025124026-2475062455-1000\..\URLSearchHook: {07ff1832-0bc0-4f57-83cf-d4c552783f09} - No CLSID value found
      IE - HKU\S-1-5-21-595007499-1025124026-2475062455-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKU\S-1-5-21-595007499-1025124026-2475062455-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKU\S-1-5-21-595007499-1025124026-2475062455-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKU\S-1-5-21-595007499-1025124026-2475062455-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = http://search.bearshare.com/web?src=ieb&q={searchTerms}
      IE - HKU\S-1-5-21-595007499-1025124026-2475062455-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
      IE - HKU\S-1-5-21-595007499-1025124026-2475062455-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

      ========== FireFox ==========

      FF - prefs.js..browser.search.useDBForOrder: true
      FF - prefs.js..extensions.enabledItems: [email protected]:1.5
      FF - prefs.js..extensions.enabledItems: [email protected]:1.6.2
      FF - prefs.js..extensions.enabledItems: [email protected]:3.11.3.15590
      FF - prefs.js..extensions.enabledItems: {db0de900-5ee3-11da-8cd6-0800200c9a66}:0.6.2
      FF - prefs.js..browser.startup.homepage: "http://google.com"
      FF - prefs.js..keyword.URL: "https://www.google.com/search?q="
      FF - prefs.js..browser.search.order.1: "(Google)"
      FF - prefs.js..browser.search.defaultenginename: "(Google)"
      FF - prefs.js..browser.search.selectedEngine: "Google"
      FF - prefs.js..browser.search.defaulturl: "www.Google.com"
      FF - user.js - File not found

      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.4: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
      FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\Gaby\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)
      FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Gaby\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)


      [2013/07/18 15:07:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gaby\AppData\Roaming\mozilla\Firefox\Profiles\ccgqkz7n.default\extensions
      [2010/09/21 20:41:24 | 000,000,000 | ---D | M] (Simpler Pink) -- C:\Users\Gaby\AppData\Roaming\mozilla\Firefox\Profiles\ccgqkz7n.default\extensions\{db0de900-5ee3-11da-8cd6-0800200c9a66}
      [2011/05/06 16:51:03 | 000,000,000 | ---D | M] (Personas) -- C:\Users\Gaby\AppData\Roaming\mozilla\Firefox\Profiles\ccgqkz7n.default\extensions\[email protected]
      [2010/09/18 21:24:20 | 000,000,000 | ---D | M] (1-Click YouTube Video Downloader) -- C:\Users\Gaby\AppData\Roaming\mozilla\Firefox\Profiles\ccgqkz7n.default\extensions\[email protected]
      [2013/06/30 03:44:04 | 000,239,491 | ---- | M] () (No name found) -- C:\Users\Gaby\AppData\Roaming\mozilla\firefox\profiles\ccgqkz7n.default\extensions\[email protected]
      [2009/07/31 13:06:48 | 001,654,784 | ---- | M] (LizardTech) -- C:\Program Files\mozilla firefox\plugins\npdjvu.dll

      ========== Chrome ==========

      CHR - default_search_provider: qvo6 (Enabled)
      CHR - default_search_provider: search_url = http://search.qvo6.com/web/?utm_source=b&utm_medium=ild&from=ild&uid=TOSHIBAXMK2035GSS_Z7IUTFF7TXXZ7IUTFF7T&ts=1374175148&type=default&q={searchTerms}
      CHR - default_search_provider: suggest_url =
      CHR - homepage: Google
      CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll
      CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
      CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll
      CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.72\pdf.dll
      CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
      CHR - plugin: Octoshape Streaming Services (Enabled) = C:\Users\Gaby\AppData\Roaming\Mozilla\plugins\npoctoshape.dll
      CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
      CHR - plugin: Java(TM) Platform SE 7 U21 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
      CHR - plugin: McAfee Security Scanner + (Enabled) = C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll
      CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
      CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Gaby\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
      CHR - plugin: Octoshape Streaming Services (Enabled) = C:\Users\Gaby\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll
      CHR - plugin: Java Deployment Toolkit 7.0.210.11 (Enabled) = C:\Windows\system32\npDeployJava1.dll
      CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
      CHR - Extension: Skype Click to Call = C:\Users\Gaby\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\

      O1 HOSTS File: ([2009/06/10 16:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
      O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Archivos de programa\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
      O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Archivos de programa\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
      O2 - BHO: (no name) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - No CLSID value found.
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre7\bin\ssv.dll (Oracle Corporation)
      O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
      O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Archivos de programa\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
      O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Archivos de programa\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
      O3 - HKU\S-1-5-21-595007499-1025124026-2475062455-1000\..\Toolbar\WebBrowser: (no name) - {07FF1832-0BC0-4F57-83CF-D4C552783F09} - No CLSID value found.
      O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
      O4 - HKLM..\Run: [EPSON_UD_START] C:\Program Files\EPSON Projector\Epson USB Display V1.5\EMP_UD.exe (SEIKO EPSON CORPORATION)
      O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
      O4 - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
      O4 - HKU\S-1-5-21-595007499-1025124026-2475062455-1000..\Run: [Akamai NetSession Interface] C:\Users\Gaby\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
      O4 - HKU\S-1-5-21-595007499-1025124026-2475062455-1000..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe (Alcohol Soft Development Team)
      O4 - HKU\S-1-5-21-595007499-1025124026-2475062455-1000..\Run: [Facebook Update] C:\Users\Gaby\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
      O4 - HKU\S-1-5-21-595007499-1025124026-2475062455-1000..\Run: [Octoshape Streaming Services] C:\Users\Gaby\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS)
      O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
      O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
      O4 - Startup: C:\Users\Gaby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recorte de pantalla e Inicio rápido de OneNote 2007.lnk = C:\Archivos de programa\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O8 - Extra context menu item: E&xportar a Microsoft Excel - C:\Archivos de programa\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
      O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
      O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Archivos de programa\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
      O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Archivos de programa\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Archivos de programa\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
      O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Archivos de programa\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Archivos de programa\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Archivos de programa\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Archivos de programa\Bonjour\mdnsNSP.dll (Apple Inc.)
      O13 - gopher Prefix: missing
      O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} MSN Games - Free Online Games (UnoCtrl Class)
      O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Value error.)
      O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} MSN Games - Free Online Games (MessengerStatsClient Class)
      O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_01)
      O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_30)
      O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 10.21.2)
      O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
      O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx2.hotmail.com/mail/w4/pr01...PUpldes-mx.cab (Windows Live Hotmail Photo Upload Tool)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 0.0.0.0
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4A715393-05B8-432D-966F-C205878B1B94}: DhcpNameServer = 192.168.1.254 0.0.0.0
      O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Archivos de programa\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
      O18 - Protocol\Handler\livecall - No CLSID value found
      O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Archivos de programa\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
      O18 - Protocol\Handler\msnim - No CLSID value found
      O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Archivos de programa\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Archivos de programa\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Archivos de programa\Common Files\Skype\Skype4COM.dll (Skype Technologies)
      O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Archivos de programa\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
      O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Archivos de programa\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
      O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Archivos de programa\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
      O33 - MountPoints2\{0c0bad5a-ddf2-11df-87fe-001eec387fd8}\Shell - "" = AutoRun
      O33 - MountPoints2\{0c0bad5a-ddf2-11df-87fe-001eec387fd8}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
      O33 - MountPoints2\{4c4e4135-8809-11e2-bfa9-001eec387fd8}\Shell - "" = AutoRun
      O33 - MountPoints2\{4c4e4135-8809-11e2-bfa9-001eec387fd8}\Shell\AutoRun\command - "" = E:\EMP_UDSe.exe /autorun
      O33 - MountPoints2\{b0685d53-0fcc-11e1-a77a-001eec387fd8}\Shell - "" = AutoRun
      O33 - MountPoints2\{b0685d53-0fcc-11e1-a77a-001eec387fd8}\Shell\AutoRun\command - "" = E:\hbcd\wintools\autorun.exe
      O33 - MountPoints2\{b0685d53-0fcc-11e1-a77a-001eec387fd8}\Shell\Option1\Command - "" = E:\hbcd\wintools\autorun.exe
      O33 - MountPoints2\{cc1424bf-b17a-11e1-ac9f-001eec387fd8}\Shell - "" = AutoRun
      O33 - MountPoints2\{cc1424bf-b17a-11e1-ac9f-001eec387fd8}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
      O33 - MountPoints2\E\Shell - "" = AutoRun
      O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
      O34 - HKLM BootExecute: (autocheck autochk *)
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      NetSvcs: FastUserSwitchingCompatibility - File not found
      NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
      NetSvcs: Nla - File not found
      NetSvcs: Ntmssvc - File not found
      NetSvcs: NWCWorkstation - File not found
      NetSvcs: Nwsapagent - File not found
      NetSvcs: SRService - File not found
      NetSvcs: WmdmPmSp - File not found
      NetSvcs: LogonHours - File not found
      NetSvcs: PCAudit - File not found
      NetSvcs: helpsvc - File not found
      NetSvcs: uploadmgr - File not found

      MsConfig - State: "services" - 2

      CREATERESTOREPOINT
      Restore point Set: OTL Restore Point

      ========== Files/Folders - Created Within 30 Days ==========

      [2013/07/20 15:35:40 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Gaby\Desktop\OTL.exe
      [2013/07/19 21:54:28 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Roaming\Malwarebytes
      [2013/07/19 21:53:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
      [2013/07/19 21:53:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
      [2013/07/19 21:53:01 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
      [2013/07/19 21:53:00 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
      [2013/07/19 21:51:04 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Local\Programs
      [2013/07/19 21:46:31 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Gaby\Desktop\mbam-setup-1.75.0.1300.exe
      [2013/07/19 10:55:01 | 000,000,000 | ---D | C] -- C:\Users\Gaby\Documents\Vuze Downloads
      [2013/07/19 10:50:11 | 000,000,000 | ---D | C] -- C:\Users\Gaby\.swt
      [2013/07/19 10:49:10 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Roaming\Azureus
      [2013/07/19 10:49:07 | 000,000,000 | ---D | C] -- C:\Program Files\Vuze
      [2013/07/18 17:47:43 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Local\CRE
      [2013/07/18 17:45:22 | 000,000,000 | ---D | C] -- C:\Users\Gaby\AppData\Roaming\uTorrent
      [2013/07/18 14:17:44 | 000,000,000 | ---D | C] -- C:\Program Files\Torntv 2
      [1 C:\Users\Gaby\Desktop\*.tmp files -> C:\Users\Gaby\Desktop\*.tmp -> ]

      ========== Files - Modified Within 30 Days ==========

      [2013/07/20 21:01:00 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2013/07/20 20:27:04 | 000,001,020 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
      [2013/07/20 20:27:01 | 000,001,016 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
      [2013/07/20 20:19:02 | 000,001,162 | ---- | M] () -- C:\Windows\tasks\Torntv 2-updater.job
      [2013/07/20 20:18:01 | 000,001,156 | ---- | M] () -- C:\Windows\tasks\Torntv 2-codedownloader.job
      [2013/07/20 20:18:01 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\Torntv 2-enabler.job
      [2013/07/20 19:41:47 | 000,010,608 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2013/07/20 19:41:47 | 000,010,608 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2013/07/20 19:33:03 | 008,405,015 | ---- | M] () -- C:\Windows\TempFile
      [2013/07/20 19:32:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2013/07/20 19:32:27 | 703,107,072 | -HS- | M] () -- C:\hiberfil.sys
      [2013/07/20 15:35:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Gaby\Desktop\OTL.exe
      [2013/07/20 13:17:41 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-595007499-1025124026-2475062455-1000UA.job
      [2013/07/19 21:53:07 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2013/07/19 21:47:43 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Gaby\Desktop\mbam-setup-1.75.0.1300.exe
      [2013/07/19 21:41:53 | 000,119,058 | ---- | M] () -- C:\Users\Gaby\Desktop\cc_20130719_213807.reg
      [2013/07/19 16:17:06 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-595007499-1025124026-2475062455-1000Core.job
      [2013/07/19 10:49:35 | 000,001,794 | ---- | M] () -- C:\Users\Public\Desktop\Vuze.lnk
      [2013/07/19 10:48:54 | 000,000,000 | ---- | M] () -- C:\END
      [2013/07/18 17:47:12 | 000,000,849 | ---- | M] () -- C:\Users\Gaby\Desktop\µTorrent.lnk
      [2013/07/18 15:07:55 | 000,001,244 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
      [2013/07/18 15:05:10 | 000,662,345 | ---- | M] () -- C:\Users\Gaby\Desktop\adwcleaner.exe
      [2013/07/13 23:07:32 | 000,803,634 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
      [2013/07/13 23:07:32 | 000,709,224 | ---- | M] () -- C:\Windows\System32\perfh009.dat
      [2013/07/13 23:07:32 | 000,181,790 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
      [2013/07/13 23:07:32 | 000,143,368 | ---- | M] () -- C:\Windows\System32\perfc009.dat
      [2013/06/25 10:40:13 | 000,570,897 | ---- | M] () -- C:\Users\Gaby\Desktop\Curriculum Vitae.pdf
      [1 C:\Users\Gaby\Desktop\*.tmp files -> C:\Users\Gaby\Desktop\*.tmp -> ]

      ========== Files Created - No Company Name ==========

      [2013/07/19 21:53:07 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2013/07/19 21:39:48 | 000,119,058 | ---- | C] () -- C:\Users\Gaby\Desktop\cc_20130719_213807.reg
      [2013/07/19 10:49:36 | 000,001,794 | ---- | C] () -- C:\Users\Public\Desktop\Vuze.lnk
      [2013/07/19 10:49:33 | 000,001,794 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk
      [2013/07/19 10:48:54 | 000,000,000 | ---- | C] () -- C:\END
      [2013/07/18 17:47:12 | 000,000,849 | ---- | C] () -- C:\Users\Gaby\Desktop\µTorrent.lnk
      [2013/07/18 15:05:09 | 000,662,345 | ---- | C] () -- C:\Users\Gaby\Desktop\adwcleaner.exe
      [2013/07/18 14:18:55 | 000,001,162 | ---- | C] () -- C:\Windows\tasks\Torntv 2-updater.job
      [2013/07/18 14:18:48 | 000,001,066 | ---- | C] () -- C:\Windows\tasks\Torntv 2-enabler.job
      [2013/07/18 14:18:20 | 000,001,156 | ---- | C] () -- C:\Windows\tasks\Torntv 2-codedownloader.job
      [2013/06/25 10:40:10 | 000,570,897 | ---- | C] () -- C:\Users\Gaby\Desktop\Curriculum Vitae.pdf
      [2013/05/11 22:48:35 | 000,372,736 | ---- | C] () -- C:\Windows\System32\hpgt2300.dll
      [2013/04/03 10:48:16 | 000,003,584 | ---- | C] () -- C:\Users\Gaby\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2013/01/21 18:37:25 | 000,000,033 | ---- | C] () -- C:\Users\Gaby\scratch.gui
      [2012/11/30 19:21:55 | 000,000,238 | ---- | C] () -- C:\Users\Gaby\vm50.vrt
      [2012/11/30 19:21:54 | 000,065,536 | ---- | C] () -- C:\Users\Gaby\file.tri
      [2012/11/30 19:21:54 | 000,065,536 | ---- | C] () -- C:\Users\Gaby\file.redm
      [2012/11/30 19:21:54 | 000,065,536 | ---- | C] () -- C:\Users\Gaby\file.mode
      [2012/11/30 19:21:53 | 000,065,536 | ---- | C] () -- C:\Users\Gaby\file.emat
      [2012/11/23 15:00:55 | 000,000,000 | ---- | C] () -- C:\Windows\eDrawingOfficeAutomator.INI
      [2012/11/04 17:24:06 | 000,000,068 | ---- | C] () -- C:\Users\Gaby\jjjjjjjjjj.err
      [2012/10/29 19:35:43 | 000,065,536 | ---- | C] () -- C:\Users\Gaby\problema1.esav
      [2012/10/29 19:35:43 | 000,002,319 | ---- | C] () -- C:\Users\Gaby\problema1.BCS
      [2012/10/29 19:35:43 | 000,000,151 | ---- | C] () -- C:\Users\Gaby\problema1.stat
      [2012/10/29 19:35:39 | 000,327,680 | ---- | C] () -- C:\Users\Gaby\problema1.full
      [2012/10/29 19:35:39 | 000,000,640 | ---- | C] () -- C:\Users\Gaby\problema1.mntr
      [2012/10/29 19:20:12 | 000,000,000 | ---- | C] () -- C:\Users\Gaby\problema1.page
      [2012/10/29 18:46:05 | 000,005,540 | ---- | C] () -- C:\Users\Gaby\problema1.err
      [2012/10/20 16:07:49 | 000,990,104 | ---- | C] () -- C:\Users\Gaby\ansabort.dbb
      [2012/10/20 16:07:49 | 000,990,104 | ---- | C] () -- C:\Users\Gaby\ansabort.db
      [2012/10/19 15:30:58 | 002,097,152 | ---- | C] () -- C:\Users\Gaby\armaduratarea.dbb
      [2012/10/19 15:30:58 | 002,031,616 | ---- | C] () -- C:\Users\Gaby\armaduratarea.db
      [2012/10/19 14:33:23 | 000,065,536 | ---- | C] () -- C:\Users\Gaby\armaduratarea.esav
      [2012/10/19 14:33:15 | 000,131,072 | ---- | C] () -- C:\Users\Gaby\armaduratarea.rst
      [2012/10/19 14:33:15 | 000,065,536 | ---- | C] () -- C:\Users\Gaby\armaduratarea.full
      [2012/10/19 14:33:15 | 000,001,710 | ---- | C] () -- C:\Users\Gaby\armaduratarea.BCS
      [2012/10/19 14:33:15 | 000,000,732 | ---- | C] () -- C:\Users\Gaby\armaduratarea.mntr
      [2012/10/19 14:33:15 | 000,000,151 | ---- | C] () -- C:\Users\Gaby\armaduratarea.stat
      [2012/10/19 10:28:45 | 000,000,272 | ---- | C] () -- C:\Users\Gaby\armaduratarea.err
      [2012/10/18 23:18:08 | 001,966,080 | ---- | C] () -- C:\Users\Gaby\armadura.dbb
      [2012/10/18 23:18:08 | 001,966,080 | ---- | C] () -- C:\Users\Gaby\armadura.db
      [2012/10/18 23:17:40 | 000,001,448 | ---- | C] () -- C:\Users\Gaby\armadura.err
      [2012/10/18 23:16:36 | 002,097,152 | ---- | C] () -- C:\Users\Gaby\armadura tarea
      [2012/10/17 20:53:51 | 000,065,536 | ---- | C] () -- C:\Users\Gaby\file.esav
      [2012/10/17 20:53:04 | 000,002,127 | ---- | C] () -- C:\Users\Gaby\file.BCS
      [2012/10/17 20:53:04 | 000,000,151 | ---- | C] () -- C:\Users\Gaby\file.stat
      [2012/10/17 20:53:01 | 000,065,536 | ---- | C] () -- C:\Users\Gaby\file.rst
      [2012/10/17 20:53:01 | 000,065,536 | ---- | C] () -- C:\Users\Gaby\file.full
      [2012/10/17 20:53:01 | 000,000,732 | ---- | C] () -- C:\Users\Gaby\file.mntr
      [2012/10/08 18:38:25 | 002,752,512 | ---- | C] () -- C:\Users\Gaby\file.dbb
      [2012/10/08 18:38:25 | 002,097,152 | ---- | C] () -- C:\Users\Gaby\file.db
      [2012/10/08 18:15:11 | 000,058,500 | ---- | C] () -- C:\Users\Gaby\file.err
      [2011/11/28 23:44:53 | 000,000,043 | ---- | C] () -- C:\Windows\festo.ini
      [2011/11/18 18:51:36 | 000,000,391 | ---- | C] () -- C:\Users\Gaby\.flrecent
      [2011/11/15 16:13:46 | 000,012,393 | ---- | C] () -- C:\Users\Gaby\AppData\Local\Bron.tok.A12.em.bin
      [2011/10/09 21:29:40 | 000,000,000 | ---- | C] () -- C:\Users\Gaby\AppData\Local\{C364AB35-DA2A-497A-A3A3-37E83FF3E7DF}
      [2010/10/21 23:46:01 | 000,000,000 | ---- | C] () -- C:\Users\Gaby\AppData\Local\Temptable.xml
      [2010/06/09 15:16:46 | 000,027,059 | ---- | C] () -- C:\Users\Gaby\AppData\Local\Temp_table.xml
      [2010/05/14 08:02:43 | 000,000,092 | ---- | C] () -- C:\Users\Gaby\AppData\Local\fusioncache.dat

      ========== ZeroAccess Check ==========

      [2009/07/13 23:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2011/08/29 23:21:25 | 012,872,704 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 05:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
      "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 20:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      ========== LOP Check ==========

      [2012/08/09 13:23:31 | 000,000,000 | ---D | M] -- C:\Users\Gaby\AppData\Roaming\AhnLab
      [2012/11/05 18:23:12 | 000,000,000 | ---D | M] -- C:\Users\Gaby\AppData\Roaming\Ansys
      [2011/11/16 14:12:09 | 000,000,000 | ---D | M] -- C:\Users\Gaby\AppData\Roaming\Auslogics
      [2010/10/22 17:01:24 | 000,000,000 | ---D | M] -- C:\Users\Gaby\AppData\Roaming\Autodesk
      [2013/07/20 04:07:38 | 000,000,000 | ---D | M] -- C:\Users\Gaby\AppData\Roaming\Azureus
      [2010/06/04 20:22:26 | 000,000,000 | ---D | M] -- C:\Users\Gaby\AppData\Roaming\DassaultSystemes
      [2010/11/08 21:06:44 | 000,000,000 | ---D | M] -- C:\Users\Gaby\AppData\Roaming\DWGeditor
      [2011/11/25 21:27:30 | 000,000,000 | ---D | M] -- C:\Users\Gaby\AppData\Roaming\FL_SIM_P4_DEMO_D
      [2011/11/18 18:09:04 | 000,000,000 | ---D | M] -- C:\Users\Gaby\AppData\Roaming\Launcher
      [2011/06/25 20:39:51 | 000,000,000 | ---D | M] -- C:\Users\Gaby\AppData\Roaming\Octoshape
      [2010/05/14 20:52:18 | 000,000,000 | ---D | M] -- C:\Users\Gaby\AppData\Roaming\Screenshot Sender
      [2012/09/29 22:23:52 | 000,000,000 | ---D | M] -- C:\Users\Gaby\AppData\Roaming\Uniblue
      [2013/07/20 04:04:14 | 000,000,000 | ---D | M] -- C:\Users\Gaby\AppData\Roaming\uTorrent
      [2010/05/14 03:21:02 | 000,000,000 | ---D | M] -- C:\Users\Gaby\AppData\Roaming\WinBatch
      [2012/08/06 13:02:59 | 000,000,000 | ---D | M] -- C:\Users\Gaby\AppData\Roaming\Windows Live Writer

      ========== Purity Check ==========



      ========== Custom Scans ==========

      < %SYSTEMDRIVE%\*.* >
      [2013/07/18 15:08:47 | 000,013,600 | ---- | M] () -- C:\AdwCleaner[S1].txt
      [2013/07/18 14:53:23 | 000,016,552 | ---- | M] () -- C:\AT-Destroyer.txt
      [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
      [2009/06/10 16:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
      [2013/07/19 10:48:54 | 000,000,000 | ---- | M] () -- C:\END
      [2013/07/20 19:32:27 | 703,107,072 | -HS- | M] () -- C:\hiberfil.sys
      [2013/07/20 19:32:33 | 1073,741,824 | -HS- | M] () -- C:\pagefile.sys
      [2008/07/26 01:23:14 | 000,039,424 | ---- | M] () -- C:\UQS Información.doc

      < End of report >

      PUES EL PROBLEMA YA NO ESTA, APARENTEMENTE FUNCIONA BIEN!

      GRACIAS! :)

    4. #4
      Moderador Gral.
      Avatar de Javierhf
      Registrado
      jun 2006
      Ubicación
      España - Madrid
      Mensajes
      16.651

      Re: Eliminar qvo6

      Ahora sigue estos pasos :

      MUY Importante ~ Realiza una copia de seguridad del registro con >> Erunt.

      Y después ejecuta de nuevo OTL.exe

      Copia y Pega el código que está dentro del recuadro de abajo en la sección Análisis Personalizado / Código de Reparación.

      Código:
      :OTL
      PRC - C:\Archivos de programa\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
      SRV - (McComponentHostService) -- C:\Archivos de programa\McAfee Security Scan\3.0.318\McCHSvc.exe (McAfee, Inc.)
      DRV - (Mkd2Bthf) -- system32\drivers\Mkd2Bthf.sys File not found
      DRV - (ao72oq4h) -- File not found
      DRV - (AhnRec2K) -- C:\Windows\system32\drivers\AhnRec2K.sys File not found
      DRV - (AhnFlt2K) -- C:\Windows\system32\drivers\AhnFlt2K.sys File not found
      IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = http://search.bearshare.com/web?src=ieb&q={searchTerms}
      IE - HKU\S-1-5-21-595007499-1025124026-2475062455-1000\..\URLSearchHook: {07ff1832-0bc0-4f57-83cf-d4c552783f09} - No CLSID value found
      IE - HKU\S-1-5-21-595007499-1025124026-2475062455-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = http://search.bearshare.com/web?src=ieb&q={searchTerms}
      FF - prefs.js..extensions.enabledItems: [email protected]:3.11.3.15590
      FF - user.js - File not found
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
      CHR - default_search_provider: qvo6 (Enabled)
      CHR - default_search_provider: search_url = http://search.qvo6.com/web/?utm_source=b&utm_medium=ild&from=ild&uid=TOSHIBAXMK2035GSS_Z7IUTFF7TXXZ7IUTFF7T&ts=1374175148&type=default&q={searchTerms}
      CHR - plugin: Java(TM) Platform SE 7 U21 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
      CHR - plugin: McAfee Security Scanner + (Enabled) = C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll
      CHR - plugin: Java Deployment Toolkit 7.0.210.11 (Enabled) = C:\Windows\system32\npDeployJava1.dll
      O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Archivos de programa\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
      O2 - BHO: (no name) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - No CLSID value found.
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre7\bin\ssv.dll (Oracle Corporation)
      O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Archivos de programa\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
      O3 - HKU\S-1-5-21-595007499-1025124026-2475062455-1000\..\Toolbar\WebBrowser: (no name) - {07FF1832-0BC0-4F57-83CF-D4C552783F09} - No CLSID value found.
      O4 - HKU\S-1-5-21-595007499-1025124026-2475062455-1000..\Run: [Facebook Update] C:\Users\Gaby\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
      O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
      O13 - gopher Prefix: missing
      O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Value error.)
      O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_01)
      O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_30)
      O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 10.21.2)
      O18 - Protocol\Handler\livecall - No CLSID value found
      O18 - Protocol\Handler\msnim - No CLSID value found
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O33 - MountPoints2\{0c0bad5a-ddf2-11df-87fe-001eec387fd8}\Shell - "" = AutoRun
      O33 - MountPoints2\{0c0bad5a-ddf2-11df-87fe-001eec387fd8}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
      O33 - MountPoints2\{4c4e4135-8809-11e2-bfa9-001eec387fd8}\Shell - "" = AutoRun
      O33 - MountPoints2\{4c4e4135-8809-11e2-bfa9-001eec387fd8}\Shell\AutoRun\command - "" = E:\EMP_UDSe.exe /autorun
      O33 - MountPoints2\{b0685d53-0fcc-11e1-a77a-001eec387fd8}\Shell - "" = AutoRun
      O33 - MountPoints2\{b0685d53-0fcc-11e1-a77a-001eec387fd8}\Shell\AutoRun\command - "" = E:\hbcd\wintools\autorun.exe
      O33 - MountPoints2\{b0685d53-0fcc-11e1-a77a-001eec387fd8}\Shell\Option1\Command - "" = E:\hbcd\wintools\autorun.exe
      O33 - MountPoints2\{cc1424bf-b17a-11e1-ac9f-001eec387fd8}\Shell - "" = AutoRun
      O33 - MountPoints2\{cc1424bf-b17a-11e1-ac9f-001eec387fd8}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
      O33 - MountPoints2\E\Shell - "" = AutoRun
      O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
      [2013/07/20 13:17:41 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-595007499-1025124026-2475062455-1000UA.job
      [2013/07/19 16:17:06 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-595007499-1025124026-2475062455-1000Core.job
      [1 C:\Users\Gaby\Desktop\*.tmp files -> C:\Users\Gaby\Desktop\*.tmp -> ]
      :Files
      ipconfig /flushdns /c
      ipconfig /renew /c
      :Commands
      [PURITY]
      [EMPTYFLASH]
      [EMPTYTEMP]
      [RESETHOSTS]
      Presiona el Botón Reparar para lanzar la eliminación. Después presionas en OK.

      OTL va a Reiniciar el ordenador para completar la eliminación.

      Guardas el nuevo reporte generado, y lo copias y pegas en tu próxima respuesta.

      Antes de contestarnos, y después de pasar OTL, revisa/actualiza tu versión de Java(Muy Importante) >> Descarga gratuita del software de Java

      Y cuando nos contestes dinos que versión de Java se ha quedado instalada >> ¿Cómo puedo comprobar si Java funciona en mi equipo?

      Recuerda ponernos el log de OTL, y dinos también que versión de Java tienes ahora y como sigue el ordenador, en relación al problema planteado.

      Saludos.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de lau394
      Registrado
      jul 2013
      Ubicación
      mexico
      Mensajes
      4

      Re: Eliminar qvo6

      All processes killed
      ========== OTL ==========
      No active process named SSScheduler.exe was found!
      Service McComponentHostService stopped successfully!
      Service McComponentHostService deleted successfully!
      C:\Archivos de programa\McAfee Security Scan\3.0.318\McCHSvc.exe moved successfully.
      Service Mkd2Bthf stopped successfully!
      Service Mkd2Bthf deleted successfully!
      File system32\drivers\Mkd2Bthf.sys File not found not found.
      Error: No service named ao72oq4h was found to stop!
      Service\Driver key ao72oq4h not found.
      File File not found not found.
      Service AhnRec2K stopped successfully!
      Service AhnRec2K deleted successfully!
      File C:\Windows\system32\drivers\AhnRec2K.sys File not found not found.
      Service AhnFlt2K stopped successfully!
      Service AhnFlt2K deleted successfully!
      File C:\Windows\system32\drivers\AhnFlt2K.sys File not found not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}\ not found.
      Registry value HKEY_USERS\S-1-5-21-595007499-1025124026-2475062455-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{07ff1832-0bc0-4f57-83cf-d4c552783f09} deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07ff1832-0bc0-4f57-83cf-d4c552783f09}\ not found.
      Registry key HKEY_USERS\S-1-5-21-595007499-1025124026-2475062455-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}\ not found.
      Prefs.js: [email protected]:3.11.3.15590 removed from extensions.enabledItems
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2\ deleted successfully.
      C:\Windows\system32\npDeployJava1.dll moved successfully.
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2\ deleted successfully.
      C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll moved successfully.
      Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin\ deleted successfully.
      C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll moved successfully.
      Use Chrome's Settings page to remove the default_search_provider items.
      Use Chrome's Settings page to remove the default_search_provider items.
      File C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll not found.
      File C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll not found.
      File C:\Windows\system32\npDeployJava1.dll not found.
      Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}\ deleted successfully.
      C:\Archivos de programa\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll moved successfully.
      Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}\ not found.
      Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ deleted successfully.
      C:\Archivos de programa\Java\jre7\bin\ssv.dll moved successfully.
      Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
      C:\Archivos de programa\Java\jre7\bin\jp2ssv.dll moved successfully.
      Registry value HKEY_USERS\S-1-5-21-595007499-1025124026-2475062455-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{07FF1832-0BC0-4F57-83CF-D4C552783F09} deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07FF1832-0BC0-4F57-83CF-D4C552783F09}\ not found.
      Registry value HKEY_USERS\S-1-5-21-595007499-1025124026-2475062455-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update deleted successfully.
      C:\Users\Gaby\AppData\Local\Facebook\Update\FacebookUpdate.exe moved successfully.
      Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Google Sidewiki...\ deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
      Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
      Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
      Starting removal of ActiveX control {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ deleted successfully.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ deleted successfully.
      Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
      Starting removal of ActiveX control {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\ deleted successfully.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\ deleted successfully.
      Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\ not found.
      Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
      Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
      File Protocol\Handler\livecall - No CLSID value found not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
      File Protocol\Handler\msnim - No CLSID value found not found.
      Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0c0bad5a-ddf2-11df-87fe-001eec387fd8}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0c0bad5a-ddf2-11df-87fe-001eec387fd8}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0c0bad5a-ddf2-11df-87fe-001eec387fd8}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0c0bad5a-ddf2-11df-87fe-001eec387fd8}\ not found.
      File E:\LaunchU3.exe -a not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4c4e4135-8809-11e2-bfa9-001eec387fd8}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4c4e4135-8809-11e2-bfa9-001eec387fd8}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4c4e4135-8809-11e2-bfa9-001eec387fd8}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4c4e4135-8809-11e2-bfa9-001eec387fd8}\ not found.
      File E:\EMP_UDSe.exe /autorun not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b0685d53-0fcc-11e1-a77a-001eec387fd8}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b0685d53-0fcc-11e1-a77a-001eec387fd8}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b0685d53-0fcc-11e1-a77a-001eec387fd8}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b0685d53-0fcc-11e1-a77a-001eec387fd8}\ not found.
      File E:\hbcd\wintools\autorun.exe not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b0685d53-0fcc-11e1-a77a-001eec387fd8}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b0685d53-0fcc-11e1-a77a-001eec387fd8}\ not found.
      File E:\hbcd\wintools\autorun.exe not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cc1424bf-b17a-11e1-ac9f-001eec387fd8}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc1424bf-b17a-11e1-ac9f-001eec387fd8}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cc1424bf-b17a-11e1-ac9f-001eec387fd8}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc1424bf-b17a-11e1-ac9f-001eec387fd8}\ not found.
      File E:\LaunchU3.exe -a not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ deleted successfully.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ not found.
      File E:\LaunchU3.exe -a not found.
      C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-595007499-1025124026-2475062455-1000UA.job moved successfully.
      C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-595007499-1025124026-2475062455-1000Core.job moved successfully.
      C:\Users\Gaby\Desktop\~WRL0395.tmp deleted successfully.
      ========== FILES ==========
      < ipconfig /flushdns /c >
      Configuraci¢n IP de Windows
      Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
      C:\Users\Gaby\Desktop\cmd.bat deleted successfully.
      C:\Users\Gaby\Desktop\cmd.txt deleted successfully.
      < ipconfig /renew /c >
      Configuraci¢n IP de Windows
      No se puede realizar ninguna operaci¢n en Conexi¢n de red inal*mbrica 2 mientras los medios
      est‚n desconectados.
      No se puede realizar ninguna operaci¢n en Conexi¢n de *rea local mientras los medios
      est‚n desconectados.
      Adaptador de LAN inal*mbrica Conexi¢n de red inal*mbrica 2:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de LAN inal*mbrica Conexi¢n de red inal*mbrica:
      Sufijo DNS espec¡fico para la conexi¢n. . : gateway.huawei.net
      Direcci¢n IPv6 . . . . . . . . . . : fdf8:3dff:1861:c700:916a:1086:93ed:f734
      Direcci¢n IPv6 temporal. . . . . . : fdf8:3dff:1861:c700:9c0a:2d70:7cc6:3c9b
      V¡nculo: direcci¢n IPv6 local. . . : fe80::916a:1086:93ed:f734%11
      Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.65
      M*scara de subred . . . . . . . . . . . . : 255.255.255.0
      Puerta de enlace predeterminada . . . . . : 192.168.1.254
      Adaptador de Ethernet Conexi¢n de *rea local:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de t£nel Conexi¢n de *rea local* 16:
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Direcci¢n IPv6 . . . . . . . . . . : 2001:0:9d38:953c:245d:b77:3f57:febe
      V¡nculo: direcci¢n IPv6 local. . . : fe80::245d:b77:3f57:febe%24
      Puerta de enlace predeterminada . . . . . :
      Adaptador de t£nel isatap.gateway.huawei.net:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . : gateway.huawei.net
      C:\Users\Gaby\Desktop\cmd.bat deleted successfully.
      C:\Users\Gaby\Desktop\cmd.txt deleted successfully.
      ========== COMMANDS ==========

      [EMPTYFLASH]

      User: All Users

      User: Default

      User: Default User

      User: Gaby
      ->Flash cache emptied: 3119 bytes

      User: Public

      Total Flash Files Cleaned = 0.00 mb


      [EMPTYTEMP]

      User: All Users

      User: Default
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Default User
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Gaby
      ->Temp folder emptied: 22599255 bytes
      ->Temporary Internet Files folder emptied: 22354249 bytes
      ->Java cache emptied: 11001310 bytes
      ->FireFox cache emptied: 54450539 bytes
      ->Google Chrome cache emptied: 61118743 bytes
      ->Flash cache emptied: 0 bytes

      User: Public

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 0 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 11672822 bytes
      RecycleBin emptied: 1044049722 bytes

      Total Files Cleaned = 1,170.00 mb

      C:\Windows\System32\drivers\etc\Hosts moved successfully.
      HOSTS file reset successfully

      OTL by OldTimer - Version 3.2.69.0 log created on 07242013_122411

      Files\Folders moved on Reboot...

      PendingFileRenameOperations files...

      Registry entries deleted on Reboot...


      - Java recomendada (Version 7 Update 25).

      -Parece que todo funciona bien!

    6. #6
      Moderador Gral.
      Avatar de Javierhf
      Registrado
      jun 2006
      Ubicación
      España - Madrid
      Mensajes
      16.651

      Re: Eliminar qvo6

      Perfecto, nos alegra ver que esta el tema arreglado.

      Solo queda que hagas lo siguiente :

      Ejecuta de nuevo OTL.exe y presionas el Botón Limpiar.

      Esto Eliminará del sistema a OTL.exe y sus archivos creados y eliminados.

      Te pedirá reiniciar el ordenador, debes pulsar SI, con AdwCleaner, haces lo mismo pulsando en “Desinstalar”.

      Y ahora ya damos el tema por SOLUCIONADO.
      Si necesitas reabrir el tema, pulsa en el () que veras en la parte inferior de cualquier mensaje del tema y solicítalo, un Moderad@r atenderá tu consulta.
      Te recomendamos mantenerte informado en InfoSpyware Blog y seguirnos en nuestras vías de difusión E-Mail - Facebook - Twitter
      Saludos, Javier.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.