• Registrarse
  • Iniciar sesión


  • Resultados 1 al 7 de 7

    Problema banners

    Resumen del tema: Problema banners - Hola a todos, resulta que tengo un hermano muy inteligente que no se qué ha podido descargar que se ha metido un tipo de virus o de gusano que me pone banners de publicidad y ...

    1. #1
      Usuario Avatar de Timbrok
      Registrado
      sep 2013
      Ubicación
      España
      Mensajes
      12

      Problema banners

      Hola a todos, resulta que tengo un hermano muy inteligente que no se qué ha podido descargar que se ha metido un tipo de virus o de gusano que me pone banners de publicidad y tal... tambien cuando estoy en cualquier pagina resalta algunas palabras y pone para buscarlo en alguna otra pagina. Espero que puedan ayudarme ya que es algo muy molesto y hay paginas q no puedo verlas bien. Dejo el log del hijackthis. gracias


      Logfile of Trend Micro HijackThis v2.0.4
      Scan saved at 17:14:52, on 30/09/2013
      Platform: Windows 7 SP1 (WinNT 6.00.3505)
      MSIE: Internet Explorer v10.0 (10.00.9200.16686)
      Boot mode: Normal

      Running processes:
      C:\Program Files (x86)\Steam\Steam.exe
      C:\Program Files (x86)\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe
      C:\Users\Edu\AppData\Roaming\Dropbox\bin\Dropbox.exe
      C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
      C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
      C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
      C:\Program Files (x86)\iTunes\iTunesHelper.exe
      C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
      C:\Program Files (x86)\AVG\AVG2013\avgui.exe
      C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
      C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
      C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      C:\Program Files (x86)\Grinding Gear Games\Path of Exile\PathOfExile.exe
      C:\Users\Edu\AppData\Local\Google\Chrome\Application\chrome.exe
      C:\Users\Edu\AppData\Local\Google\Chrome\Application\chrome.exe
      C:\Users\Edu\AppData\Local\Google\Chrome\Application\chrome.exe
      C:\Users\Edu\AppData\Local\Google\Chrome\Application\chrome.exe
      C:\Users\Edu\AppData\Local\Google\Chrome\Application\chrome.exe
      C:\Users\Edu\AppData\Local\Google\Chrome\Application\chrome.exe
      C:\Users\Edu\AppData\Local\Google\Chrome\Application\chrome.exe
      C:\Users\Edu\AppData\Local\Google\Chrome\Application\chrome.exe
      C:\Users\Edu\AppData\Local\Google\Chrome\Application\chrome.exe
      C:\Users\Edu\Downloads\HijackThis (1).exe

      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
      F2 - REG:system.ini: UserInit=userinit.exe,
      O1 - Hosts: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
      O1 - Hosts: <html lang='en'>
      O1 - Hosts: <head>
      O1 - Hosts: <meta name="description" content="Yahoo! GeoCities offers you a free web site and all the tools you need to build a dynamic site. Features include easy-to-use site building tools, online help, web site statistics, secure and reliable hosting, and an intuitive control panel.">
      O1 - Hosts: <title>Yahoo! GeoCities: Get a web site with easy-to-use site building tools.</title>
      O1 - Hosts: <link rel="stylesheet" type="text/css" media="all" href="http://l.yimg.com/a/combo?yui/2.5.2/build/reset-fonts-grids/reset-fonts-grids.css&smbiz/css/headfoot_6.css&smbiz/css/ysbs_glossary_1.css">
      O1 - Hosts: <link rel="stylesheet" type="text/css" media="all" href="http://l.yimg.com/a/lib/smbiz/css/geocities_84954.css">
      O1 - Hosts: <style>
      O1 - Hosts: h1 { line-height:30px;height:30px; padding-left:15px; font-weight:bold;font-size:1.6em;color:#1f296a;}
      O1 - Hosts: .services li { margin-left:1.0em; padding-left:0.5em; background:url("http://l.yimg.com/a/lib/smbiz/i/geo_bullet_3x3_1.gif") no-repeat 0 0.5em; margin-bottom:0.5em;margin-left:1.5em;margin-right:0.5em;width:6em}
      O1 - Hosts: .services li {float:left; width:17em; font-size:116%;margin-top:0.8em}
      O1 - Hosts: .services { font-size:116%; padding-bottom:20px }
      O1 - Hosts: .learnmore a {color:#2882DE;font-size:16px}
      O1 - Hosts: .image_web {float:right; margin:15px 0 0 15px}
      O1 - Hosts: p {margin:20px;font-size:1em;}
      O1 - Hosts: h2 {margin:20px 0 0 20px;color:#1F296;font-weight:bold;font-size:1.25em;color:#1f296a;}
      O1 - Hosts: h3 {margin:20px;color:#1F296;font-weight:bold;font-size:1.15em;color:#1f296a;}
      O1 - Hosts: li.rule {border-top:solid 1px #DBE1E6;}
      O1 - Hosts: </style>
      O1 - Hosts: </head>
      O1 - Hosts: <body>
      O1 - Hosts: <!-- following code added by server. PLEASE REMOVE -->
      O1 - Hosts: <!-- preceding code added by server. PLEASE REMOVE -->
      O1 - Hosts: <div class="ez-mw" style ="height:900px;width:905px">
      O1 - Hosts: <div class="ez-wri ez-oh" style="width:900px">
      O1 - Hosts: <div class="ez-box">
      O1 - Hosts: <link type="text/css" rel="stylesheet" href="http://l.yimg.com/a/lib/uh/15/css/uh-1.0.28.css">
      O1 - Hosts: <style type="text/css">
      O1 - Hosts: div#headerblock div{font-family:arial;}
      O1 - Hosts: </style>
      O1 - Hosts: <div id="ygma"><div id="ygmaheader"><div class="bd sp"><div id="ymenu" class="ygmaclr"><div id="mepanel"><ul id="mepanel-nav"><li class="me1"><em>New User? <a class="ygmasignup" title="Sign Up" href="http://us.ard.yahoo.com/SIG=15u88cce2/M=650008.13654023.13693397.13153904/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252098940/L=HzY9i9j8aIuVH8pzSp2qoCoWz37hF0qhZ1wABADc/B=RCQ9Atj8a20-/J=1252091740846210/K=88LB2KvJxEkW95HaZ4xf4Q/A=5836007/R=2/SIG=13j8rdsqp/*https://edit.yahoo.com/config/eval_register?.done=http://smallbusiness.yahoo.com%2findex.html&.src=smbiz&.intl=us">Sign Up</a></em></li><li class="me2"><a title="Sign In" href="http://us.ard.yahoo.com/SIG=15u88cce2/M=650008.13654023.13693397.13153904/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252098940/L=HzY9i9j8aIuVH8pzSp2qoCoWz37hF0qhZ1wABADc/B=RCQ9Atj8a20-/J=1252091740846210/K=88LB2KvJxEkW95HaZ4xf4Q/A=5836007/R=3/SIG=13cm6p12o/*https://login.yahoo.com/config/login?.done=http://geocities.yahoo.com&.src=smbiz&.intl=us">Sign In</a></li>
      O1 - Hosts: <li class="me3"><a href="http://us.ard.yahoo.com/SIG=15uqalioe/M=650008.13654021.13693393.13153902/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252098025/L=j.Ah_9j8aIuVH8pzSp2qoCg9z37hF0qhY8gACN48/B=zgw4Atj8a20-/J=1252090825225621/K=pmFpaSqI9UgVSmAu3nNNgw/A=5836006/R=7/SIG=11hjute28/*http://help.yahoo.com/l/us/yahoo/geocities/" target="_top" title="Yahoo! Help Central">Help</a></li>
      O1 - Hosts: </ul></div><div id="ygmapromo"><a style="font-weight:bold;" id="ygmaie8" href="http://us.ard.yahoo.com/SIG=15vud5jbf/M=650008.13445975.13532322.12832737/D=smallbiz/S=2023010636:HPRM2/Y=YAHOO/EXP=1252098025/L=j.Ah_9j8aIuVH8pzSp2qoCg9z37hF0qhY8gACN48/B=0Qw4Atj8a20-/J=1252090825225621/K=pmFpaSqI9UgVSmAu3nNNgw/A=5706923/R=0/SIG=117bakia1/*http://toolbar.yahoo.com/?.cpdl=ushdl" target="_top">Get Yahoo! Toolbar<abbr title="Yahoo! Toolbar"></abbr></a>
      O1 - Hosts: <script language=javascript>
      O1 - Hosts: if(window.yzq_d==null)window.yzq_d=new Object();
      O1 - Hosts: window.yzq_d['0Qw4Atj8a20-']='&U=13hn349r9%2fN%3d0Qw4Atj8a20-%2fC%3d650008.13445975.13532322.12832737%2fD%3dHPRM2%2fB%3d5706923%2fV%3d1';
      O1 - Hosts: </script>
      O1 - Hosts: <noscript><img width=1 height=1 alt="" src="http://us.bc.yahoo.com/b?P=j.Ah_9j8aIuVH8pzSp2qoCg9z37hF0qhY8gACN48&T=144j596l3%2fX%3d1252090825%2fE%3d2023010636%2fR%3dsmallbiz%2fK%3d5%2fV%3d2.1%2fW%3dH%2fY%3dYAHOO%2fF%3d1861688409%2fQ%3d-1%2fS%3d1%2fJ%3d8B68FCD8&U=13hn349r9%2fN%3d0Qw4Atj8a20-%2fC%3d650008.13445975.13532322.12832737%2fD%3dHPRM2%2fB%3d5706923%2fV%3d1"></noscript></div>
      O1 - Hosts: <div id="pa"><div id="pa-wrapper"><ul id="pa2-nav" class="sp"><li class="pa1 sp"><a class="sp" href="http://us.ard.yahoo.com/SIG=15uqalioe/M=650008.13654021.13693393.13153902/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252098025/L=j.Ah_9j8aIuVH8pzSp2qoCg9z37hF0qhY8gACN48/B=zgw4Atj8a20-/J=1252090825225621/K=pmFpaSqI9UgVSmAu3nNNgw/A=5836006/R=8/SIG=10jmd0d5u/*http://yahoo.com/" title="Yahoo!" target="_top">Yahoo!</a></li><li class="pa2 sp"><a class="sp" href="http://us.ard.yahoo.com/SIG=15uqalioe/M=650008.13654021.13693393.13153902/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252098025/L=j.Ah_9j8aIuVH8pzSp2qoCg9z37hF0qhY8gACN48/B=zgw4Atj8a20-/J=1252090825225621/K=pmFpaSqI9UgVSmAu3nNNgw/A=5836006/R=9/SIG=10n3m6b64/*http://mail.yahoo.com" title="Yahoo! Mail" target="_top">Mail</a></li></ul><div id="pa-left" class="sp"></div><ul id="pa-nav" class="sp"><li class="pa3 sp"><a class="sp" href="http://us.ard.yahoo.com/SIG=15uqalioe/M=650008.13654021.13693393.13153902/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252
      O1 - Hosts: <script language=javascript>
      O1 - Hosts: if(window.yzq_d==null)window.yzq_d=new Object();
      O1 - Hosts: window.yzq_d['zgw4Atj8a20-']='&U=13gmetml2%2fN%3dzgw4Atj8a20-%2fC%3d650008.13654021.13693393.13153902%2fD%3dHEAD%2fB%3d5836006%2fV%3d1';
      O1 - Hosts: </script>
      O1 - Hosts: </div>
      O1 - Hosts: </div>
      O1 - Hosts: <div class="ez-wr" style="width:898px;margin-top:1.5em">
      O1 - Hosts: <Div class="ez-l2a" id="wrapper">
      O1 - Hosts: <div class="ez-l2a-1 " style="width:898px">
      O1 - Hosts: <div class="ez-box">
      O1 - Hosts: <div class="ez-wr" >
      O1 - Hosts: <div class="ez-box" style="width:898px">
      O1 - Hosts: <h1>Sorry, the GeoCities web site you were trying to reach is no longer available.</h1>
      O1 - Hosts: </div>
      O1 - Hosts: </div>
      O1 - Hosts: <div class="ez-wr">
      O1 - Hosts: <div class="ez-box" id="boxyahoourls">
      O1 - Hosts: <p> GeoCities has closed, but there's a lot more to explore on Yahoo!</p>
      O1 - Hosts: <h2>Visit one of these popular Yahoo! sites:</h2>
      O1 - Hosts: <ul class= "services">
      O1 - Hosts: <li><a href="http://mail.yahoo.com">Yahoo! Mail</a></li>
      O1 - Hosts: <li><a href="http://smallbusiness.yahoo.com/webhosting">Web Hosting</a></li>
      O1 - Hosts: <li><a href="http://news.yahoo.com">News</a></li>
      O1 - Hosts: <li><a href="http://games.yahoo.com">Games</a></li>
      O1 - Hosts: <li><a href="http://sports.yahoo.com/">Sports</a> </li>
      O1 - Hosts: <li><a href="http://movies.yahoo.com">Movies</a></li>
      O1 - Hosts: <li><a href="http://finance.yahoo.com">Finance</a></li>
      O1 - Hosts: <li><a href="http://maps.yahoo.com">Maps</a></li>
      O1 - Hosts: </ul>
      O1 - Hosts: </div>
      O1 - Hosts: <li class="rule"><!----></li>
      O1 - Hosts: <p>The GeoCities site you were looking for may have been preserved in the Internet Archive's Wayback Machine. To find out, <a href="http://www.archive.org/web/web.php" target="_blank">visit Archive.org</a> and enter the site's web address in the field provided.</p>
      O1 - Hosts: <li class="rule"><!----></li>
      O1 - Hosts: </div>
      O1 - Hosts: </div>
      O1 - Hosts: </div>
      O1 - Hosts: </div>
      O1 - Hosts: <div class="ez-wr">
      O1 - Hosts: <div class="ez-box" style="text-align:center; margin-top:25px;">
      O1 - Hosts: <font size="-2" face="verdana">Copyright &copy; 2009 <a href="http://yahoo.com/">Yahoo!</a> Inc. All rights reserved.
      O1 - Hosts: <ul>
      O1 - Hosts: <li style="display:inline;"><a target="_top" href="http://privacy.yahoo.com/privacy/us/geo/">Privacy Policy</a></li> -
      O1 - Hosts: <li style="display:inline;"><a target="_top" href="http://docs.yahoo.com/info/copyright/copyright.html">Copyright Policy</a></li> -
      O1 - Hosts: <li style="display:inline;"><a target="_top" href="http://docs.yahoo.com/info/guidelines/community.html">Guidelines</a
      O1 - Hosts: ></li> -
      O1 - Hosts: <li style="display:inline;"><a target="_top" href="http://smallbusiness.yahoo.com/tos/tos.php">Terms of Service
      O1 - Hosts: </a></li> -
      O1 - Hosts: <li style="display:inline;"><a target="_top" href="http://help.yahoo.com/help/us/geo/">Help</a></li>
      O1 - Hosts: </ul>
      O1 - Hosts: </font>
      O1 - Hosts: </div>
      O1 - Hosts: </div>
      O1 - Hosts: </div>
      O1 - Hosts: </body>
      O1 - Hosts: </html>
      O1 - Hosts: <!-- text below generated by server. PLEASE REMOVE --></object></layer></div></span></style></noscript></table></script></applet>
      O1 - Hosts: <IMG SRC="http://geo.yahoo.com/serv?s=19190039&t=1328730553&f=us-w2" ALT=1 WIDTH=1 HEIGHT=1>
      O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
      O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
      O2 - BHO: Aplicación auxiliar de inicio de sesión en la cuenta Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
      O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
      O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
      O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
      O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
      O4 - HKLM\..\Run: [Aimersoft Helper Compact.exe] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
      O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
      O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
      O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
      O4 - HKCU\..\Run: [Google Update] "C:\Users\Edu\AppData\Local\Google\Update\GoogleUpdate.exe" /c
      O4 - HKCU\..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe
      O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
      O4 - HKCU\..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
      O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICIO LOCAL')
      O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICIO LOCAL')
      O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Servicio de red')
      O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Servicio de red')
      O4 - Startup: Dropbox.lnk = Edu\AppData\Roaming\Dropbox\bin\Dropbox.exe
      O4 - Startup: Recorte de pantalla e Inicio rápido de OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
      O4 - Global Startup: HD Writer.lnk = ?
      O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
      O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
      O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
      O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
      O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
      O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Edu\Desktop\PartyPoker.lnk (file missing)
      O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Edu\Desktop\PartyPoker.lnk (file missing)
      O9 - Extra button: PokerStars.es - {CC0FC7CF-E588-4b33-B148-C657708AB9C4} - C:\Program Files (x86)\PokerStars.ES\PokerStarsUpdate.exe (file missing)
      O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
      O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
      O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
      O15 - Trusted Zone: *.clonewarsadventures.com
      O15 - Trusted Zone: *.freerealms.com
      O15 - Trusted Zone: *.soe.com
      O15 - Trusted Zone: *.sony.com
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
      O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
      O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
      O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
      O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
      O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
      O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
      O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
      O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
      O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
      O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
      O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
      O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
      O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
      O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
      O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
      O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
      O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
      O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
      O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
      O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
      O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
      O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
      O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      O23 - Service: Apple OS Switch Manager (AppleOSSMgr) - Unknown owner - C:\Windows\system32\AppleOSSMgr.exe (file missing)
      O23 - Service: Servicio de horario Apple (AppleTimeSrv) - Unknown owner - C:\Windows\system32\AppleTimeSrv.exe (file missing)
      O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
      O23 - Service: WatchDog de AVG (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
      O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
      O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
      O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
      O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
      O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
      O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
      O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Overwolf Updater Service (OverwolfUpdaterService) - Overwolf Ltd - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
      O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
      O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
      O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
      O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
      O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
      O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
      O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
      O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
      O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
      O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
      O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
      O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
      O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

      --
      End of file - 37228 bytes

    2. #2
      Moderador Gral.
      Avatar de Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      53.093

      Re: Problema banners

      Hola


      Descargá a Tu escritorio la Herramienta Adwcleaner

      • Cerrá Todos los programas que tengas abiertos.
      • Clic derecho sobre su ícono y elegis Ejecutar Como Administrador.
      • Pulsas el Boton Escanear y luego que termine, pulsas el Boton Limpiar.
      • Seguí las Instrucciones. La Herramienta va a pedir Reiniciar el sistema, lo cual debes aceptar.
      • Guardas el reporte generado en el Escritorio, para pegarlo en Tu próxima respuesta.







      Descargá OTL By OldTimer





      >>> Ejecutá OTL
      • Cerrá todos programas que tengas abiertos y Hacé doble click en el ícono de OTL para ejecutarlo.
      • Dejalo correr sin interrumpirlo asta que termine el Análisis.
      • Cuando la interfaz aparesca, solo debes cambiar Abajo de: "Tipo de Análisis" poniendo Resultado Minimo.
      • Marcá las opciones: Buscar LOP y Buscar Purity.
      • Marcá las Opciones Omitir Archivos De Microsoft y Usar Listado de Compañias Reconocidas.
      • Pegá el siguiente script bajo la casilla Análisis Personalizados/Codigo de Reparación:

        NOTA: No copiar la palabra Cita.
        msconfig
        netsvcs
        %SYSTEMDRIVE%\*.*
        CREATERESTOREPOINT
      • Por favor No cambies el resto de la configuración a menos que te lo solicitemos.


      • Presioná el boton .
      • Una vez que termine, se abrirán dos (2) archivos, OTL.Txt y Extras.Txt. Éstos aparecerán grabados en el mismo lugar OTL.exe fue descargado.
      • Copiá y pegá el contenido del archivo OTL.txt en tu próxima respuesta.




      Saludos

      `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.· No Desesperes.....Seguí Luchando `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.·

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de Timbrok
      Registrado
      sep 2013
      Ubicación
      España
      Mensajes
      12

      Re: Problema banners

      Hola Leosolari, en primer lugar gracias por tu respuesta, hice todo tal y como me explicaste y aqui tienes los logs.

      # AdwCleaner v3.005 - Reporte Creado 29/09/2013 en 16:50:57
      # Actualizado 22/09/2013 por Xplode
      # Sistema Operativo : Windows 7 Professional Service Pack 1 (64 bits)
      # Nombre de usuario : Edu - EDU-PC
      # Ejecutado desde : C:\Users\Edu\Downloads\adwcleaner (1).exe
      # Opción : Escanear

      ***** [ Servicios ] *****

      Servicio Encontrado : WajamUpdater
      Servicio Encontrado : WsysSvc

      ***** [ Archivos / Carpetas ] *****

      Archivo Encontrado : C:\Program Files (x86)\Mozilla Firefox\searchplugins\qvo6.xml
      Archivo Encontrado : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\lollipop.lnk
      Archivo Encontrado : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\lollipop.lnk
      Archivo Encontrado : C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage
      Archivo Encontrado : C:\Users\Edu\AppData\Roaming\Mozilla\Firefox\Profiles\n2pbdf7e.default\searchplugins\Web Search.xml
      Archivo Encontrado : C:\Users\Edu\AppData\Roaming\Mozilla\Firefox\Profiles\n2pbdf7e.default\user.js
      Archivo Encontrado : C:\Windows\System32\roboot64.exe
      Carpeta Encontrado : C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
      Carpeta Encontrado : C:\Users\Edu\AppData\Roaming\Mozilla\Firefox\Profiles\n2pbdf7e.default\Extensions\[email protected]
      Carpeta Encontrado C:\Program Files (x86)\AVG Secure Search
      Carpeta Encontrado C:\Program Files (x86)\Common Files\AVG Secure Search
      Carpeta Encontrado C:\Program Files (x86)\Ilivid
      Carpeta Encontrado C:\Program Files (x86)\Iminent
      Carpeta Encontrado C:\Program Files (x86)\Nosibay
      Carpeta Encontrado C:\Program Files (x86)\Wajam
      Carpeta Encontrado C:\ProgramData\AVG Secure Search
      Carpeta Encontrado C:\ProgramData\Babylon
      Carpeta Encontrado C:\ProgramData\BasicScan
      Carpeta Encontrado C:\ProgramData\boost_interprocess
      Carpeta Encontrado C:\ProgramData\DSearchLink
      Carpeta Encontrado C:\ProgramData\eSafe
      Carpeta Encontrado C:\ProgramData\Iminent
      Carpeta Encontrado C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
      Carpeta Encontrado C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
      Carpeta Encontrado C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
      Carpeta Encontrado C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
      Carpeta Encontrado C:\Users\Edu\AppData\Local\AVG Secure Search
      Carpeta Encontrado C:\Users\Edu\AppData\Local\Ilivid
      Carpeta Encontrado C:\Users\Edu\AppData\Local\Ilivid Player
      Carpeta Encontrado C:\Users\Edu\AppData\Local\lollipop
      Carpeta Encontrado C:\Users\Edu\AppData\Local\Temp\eIntaller
      Carpeta Encontrado C:\Users\Edu\AppData\Local\Wajam
      Carpeta Encontrado C:\Users\Edu\AppData\LocalLow\AVG Secure Search
      Carpeta Encontrado C:\Users\Edu\AppData\LocalLow\searchquband
      Carpeta Encontrado C:\Users\Edu\AppData\Roaming\Babylon
      Carpeta Encontrado C:\Users\Edu\AppData\Roaming\eUpdate
      Carpeta Encontrado C:\Users\Edu\AppData\Roaming\Iminent
      Carpeta Encontrado C:\Users\Edu\AppData\Roaming\Media Finder
      Carpeta Encontrado C:\Users\Edu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
      Carpeta Encontrado C:\Users\Edu\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected]
      Carpeta Encontrado C:\Users\Edu\AppData\Roaming\Nosibay
      Carpeta Encontrado C:\Users\Edu\AppData\Roaming\OpenCandy
      Carpeta Encontrado C:\Users\Edu\AppData\Roaming\Systweak

      ***** [ Accesos directos ] *****

      Acceso directo Encontrado : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=oneinstaller&utm_campaign=eXQ&utm_content=sc&from=oneinstaller&uid=ST3500418AS_9VMN9Z23XXXX9VMN9Z23&ts=1380394922 )
      Acceso directo Encontrado : C:\Users\Edu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=oneinstaller&utm_campaign=eXQ&utm_content=sc&from=oneinstaller&uid=ST3500418AS_9VMN9Z23XXXX9VMN9Z23&ts=1380394922 )
      Acceso directo Encontrado : C:\Users\Edu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=oneinstaller&utm_campaign=eXQ&utm_content=sc&from=oneinstaller&uid=ST3500418AS_9VMN9Z23XXXX9VMN9Z23&ts=1380394922 )
      Acceso directo Encontrado : C:\Users\Edu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=oneinstaller&utm_campaign=eXQ&utm_content=sc&from=oneinstaller&uid=ST3500418AS_9VMN9Z23XXXX9VMN9Z23&ts=1380394922 )

      ***** [ Registro ] *****

      Clave Encontrado : HKCU\Software\AppDataLow\Software\Crossrider
      Clave Encontrado : HKCU\Software\AppDataLow\Software\I Want This
      Clave Encontrado : HKCU\Software\AppDataLow\Software\searchqutoolbar
      Clave Encontrado : HKCU\Software\AVG Secure Search
      Clave Encontrado : HKCU\Software\BabSolution
      Clave Encontrado : HKCU\Software\DataMngr
      Clave Encontrado : HKCU\Software\DataMngr_Toolbar
      Clave Encontrado : HKCU\Software\Delta
      Clave Encontrado : HKCU\Software\Grand Virtual
      Clave Encontrado : HKCU\Software\ilivid
      Clave Encontrado : HKCU\Software\Iminent
      Clave Encontrado : HKCU\Software\InstallCore
      Clave Encontrado : HKCU\Software\InstalledBrowserExtensions
      Clave Encontrado : HKCU\Software\lollipop
      Clave Encontrado : HKCU\Software\MediaFinder
      Clave Encontrado : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
      Clave Encontrado : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
      Clave Encontrado : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
      Clave Encontrado : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
      Clave Encontrado : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
      Clave Encontrado : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
      Clave Encontrado : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
      Clave Encontrado : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
      Clave Encontrado : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
      Clave Encontrado : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
      Clave Encontrado : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
      Clave Encontrado : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
      Clave Encontrado : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
      Clave Encontrado : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
      Clave Encontrado : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
      Clave Encontrado : HKCU\Software\Nosibay
      Clave Encontrado : HKCU\Software\SmartBar
      Clave Encontrado : HKCU\Software\Softonic
      Clave Encontrado : HKCU\Software\vShare.tv
      Clave Encontrado : HKCU\Software\Wajam
      Clave Encontrado : [x64] HKCU\Software\AVG Secure Search
      Clave Encontrado : [x64] HKCU\Software\BabSolution
      Clave Encontrado : [x64] HKCU\Software\DataMngr
      Clave Encontrado : [x64] HKCU\Software\DataMngr_Toolbar
      Clave Encontrado : [x64] HKCU\Software\Delta
      Clave Encontrado : [x64] HKCU\Software\Grand Virtual
      Clave Encontrado : [x64] HKCU\Software\ilivid
      Clave Encontrado : [x64] HKCU\Software\Iminent
      Clave Encontrado : [x64] HKCU\Software\InstallCore
      Clave Encontrado : [x64] HKCU\Software\InstalledBrowserExtensions
      Clave Encontrado : [x64] HKCU\Software\lollipop
      Clave Encontrado : [x64] HKCU\Software\MediaFinder
      Clave Encontrado : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
      Clave Encontrado : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
      Clave Encontrado : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
      Clave Encontrado : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
      Clave Encontrado : [x64] HKCU\Software\Nosibay
      Clave Encontrado : [x64] HKCU\Software\SmartBar
      Clave Encontrado : [x64] HKCU\Software\Softonic
      Clave Encontrado : [x64] HKCU\Software\vShare.tv
      Clave Encontrado : [x64] HKCU\Software\Wajam
      Clave Encontrado : HKLM\Software\AVG Secure Search
      Clave Encontrado : HKLM\Software\AVG Security Toolbar
      Clave Encontrado : HKLM\Software\BasicScan
      Clave Encontrado : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
      Clave Encontrado : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
      Clave Encontrado : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
      Clave Encontrado : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
      Clave Encontrado : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
      Clave Encontrado : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
      Clave Encontrado : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
      Clave Encontrado : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
      Clave Encontrado : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
      Clave Encontrado : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
      Clave Encontrado : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
      Clave Encontrado : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
      Clave Encontrado : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
      Clave Encontrado : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411181172}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{26C9BBE4-6D45-4AB6-A5B4-E068C9F5EF6D}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{D8F01233-2DE6-4EE7-8988-37263F00651B}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
      Clave Encontrado : HKLM\SOFTWARE\Classes\CrossriderApp0041872.BHO
      Clave Encontrado : HKLM\SOFTWARE\Classes\CrossriderApp0041872.BHO.1
      Clave Encontrado : HKLM\SOFTWARE\Classes\CrossriderApp0041872.Sandbox
      Clave Encontrado : HKLM\SOFTWARE\Classes\CrossriderApp0041872.Sandbox.1
      Clave Encontrado : HKLM\SOFTWARE\Classes\ilivid
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.DownloadArgs
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.LinkToPromoteArgs
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.RawDataArgs
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.TinyUrlArgs
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.ViralLinkArgs
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ClientCallback
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ContractBase
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GameOverCallback
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetCreditCommand
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableCommand
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableResult
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.InstallationContextResult
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommand
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginCommand
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LogoutCommand
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MyAccountCommand
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PlayContentCommand
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PostContentCallback
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.SetVariableCommand
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.TestContentCommand
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WarmUpCommand
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WelcomeCommand
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerCommand
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerResult
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightContent
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightUri
      Clave Encontrado : HKLM\SOFTWARE\Classes\Iminent.Mediator.MediatorServiceProxy
      Clave Encontrado : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandle.1
      Clave Encontrado : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandler
      Clave Encontrado : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
      Clave Encontrado : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
      Clave Encontrado : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
      Clave Encontrado : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
      Clave Encontrado : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler
      Clave Encontrado : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler.1
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
      Clave Encontrado : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
      Clave Encontrado : HKLM\SOFTWARE\Classes\MF
      Clave Encontrado : HKLM\SOFTWARE\Classes\Prod.cap
      Clave Encontrado : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
      Clave Encontrado : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
      Clave Encontrado : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
      Clave Encontrado : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
      Clave Encontrado : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
      Clave Encontrado : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
      Clave Encontrado : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
      Clave Encontrado : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
      Clave Encontrado : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
      Clave Encontrado : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
      Clave Encontrado : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
      Clave Encontrado : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
      Clave Encontrado : HKLM\SOFTWARE\Classes\wajam.WajamBHO
      Clave Encontrado : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
      Clave Encontrado : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
      Clave Encontrado : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
      Clave Encontrado : HKLM\Software\DataMngr
      Clave Encontrado : HKLM\Software\Delta
      Clave Encontrado : HKLM\Software\delta-homesSoftware
      Clave Encontrado : HKLM\SOFTWARE\e6d88cb13eec42
      Clave Encontrado : HKLM\Software\eSafeSecControl
      Clave Encontrado : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
      Clave Encontrado : HKLM\SOFTWARE\Google\Chrome\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
      Clave Encontrado : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
      Clave Encontrado : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
      Clave Encontrado : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
      Clave Encontrado : HKLM\Software\ilivid
      Clave Encontrado : HKLM\Software\Iminent
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASAPI32
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASMANCS
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_abbyy-finereader_RASAPI32
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_abbyy-finereader_RASMANCS
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_anapod-explorer_RASAPI32
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_anapod-explorer_RASMANCS
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_ares_RASAPI32
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_ares_RASMANCS
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_groovedown_RASAPI32
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_groovedown_RASMANCS
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_hamster-free-video-converter_RASAPI32
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_hamster-free-video-converter_RASMANCS
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_malwarebytes-anti-malware_RASAPI32
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_malwarebytes-anti-malware_RASMANCS
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_mp3directcut (1)_RASAPI32
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_mp3directcut (1)_RASMANCS
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_mp3directcut_RASAPI32
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_mp3directcut_RASMANCS
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_partition-wizard_RASAPI32
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_partition-wizard_RASMANCS
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_raidcall_RASAPI32
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_raidcall_RASMANCS
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_treesize_RASAPI32
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_treesize_RASMANCS
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_vlc-media-player_RASAPI32
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_vlc-media-player_RASMANCS
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_winrar_RASAPI32
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_winrar_RASMANCS
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411181172}
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110411181172}
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
      Clave Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
      Clave Encontrado : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
      Clave Encontrado : HKLM\Software\qvo6Software
      Clave Encontrado : HKLM\Software\systweak
      Clave Encontrado : HKLM\Software\Wajam
      Clave Encontrado : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
      Clave Encontrado : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
      Clave Encontrado : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411181172}
      Clave Encontrado : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
      Clave Encontrado : [x64] HKLM\SOFTWARE\DataMngr
      Clave Encontrado : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
      Clave Encontrado : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
      Clave Encontrado : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
      Clave Encontrado : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411181172}
      Datos Encontrado : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command [(Default)] - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=oneinstaller&utm_campaign=eXQ&utm_content=sc&from=oneinstaller&uid=ST3500418AS_9VMN9Z23XXXX9VMN9Z23&ts=1380394922
      Datos Encontrado : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command [(Default)] - "C:\Users\Edu\AppData\Local\Google\Chrome\Application\chrome.exe" hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&utm_campaign=eXQ&utm_content=sc&from=newgdp&uid=ST3500418AS_9VMN9Z23XXXX9VMN9Z23&ts=1380395128
      Datos Encontrado : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=oneinstaller&utm_campaign=eXQ&utm_content=sc&from=oneinstaller&uid=ST3500418AS_9VMN9Z23XXXX9VMN9Z23&ts=1380394922
      Datos Encontrado : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\SAFARI.EXE\shell\open\command [(Default)] - "C:\Program Files (x86)\Safari\Safari.exe" hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&utm_campaign=eXQ&utm_content=sc&from=newgdp&uid=ST3500418AS_9VMN9Z23XXXX9VMN9Z23&ts=1380395128
      Valor Encontrado : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
      Valor Encontrado : HKCU\Software\Mozilla\Firefox\Extensions [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}]
      Valor Encontrado : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
      Valor Encontrado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
      Valor Encontrado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]
      Valor Encontrado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
      Valor Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Iminent]
      Valor Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [IminentMessenger]
      Valor Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
      Valor Encontrado : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

      ***** [ Navegadores ] *****

      -\\ Internet Explorer v10.0.9200.16686

      Ajustes Encontrado : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=ES&userid=350ba59d-1b90-4fb2-b090-01a3e41a4d01&searchtype=ds&q={searchTerms}&installDate=17/05/2013
      Ajustes Encontrado : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.qvo6.com/?utm_source=b&utm_medium=oneinstaller&utm_campaign=eXQ&utm_content=hp&from=oneinstaller&uid=ST3500418AS_9VMN9Z23XXXX9VMN9Z23&ts=1380394922
      Ajustes Encontrado : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=ES&userid=350ba59d-1b90-4fb2-b090-01a3e41a4d01&searchtype=ds&q={searchTerms}&installDate=17/05/2013
      Ajustes Encontrado : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.qvo6.com/?utm_source=b&utm_medium=oneinstaller&utm_campaign=eXQ&utm_content=hp&from=oneinstaller&uid=ST3500418AS_9VMN9Z23XXXX9VMN9Z23&ts=1380394922
      Ajustes Encontrado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.qvo6.com/?utm_source=b&utm_medium=oneinstaller&utm_campaign=eXQ&utm_content=hp&from=oneinstaller&uid=ST3500418AS_9VMN9Z23XXXX9VMN9Z23&ts=1380394922
      Ajustes Encontrado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.qvo6.com/?utm_source=b&utm_medium=oneinstaller&utm_campaign=eXQ&utm_content=hp&from=oneinstaller&uid=ST3500418AS_9VMN9Z23XXXX9VMN9Z23&ts=1380394922
      Ajustes Encontrado : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=ES&userid=350ba59d-1b90-4fb2-b090-01a3e41a4d01&searchtype=ds&q={searchTerms}&installDate=17/05/2013
      Ajustes Encontrado : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=ES&userid=350ba59d-1b90-4fb2-b090-01a3e41a4d01&searchtype=ds&q={searchTerms}&installDate=17/05/2013
      Ajustes Encontrado : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=ES&userid=350ba59d-1b90-4fb2-b090-01a3e41a4d01&searchtype=ds&q={searchTerms}&installDate=17/05/2013
      Ajustes Encontrado : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=ES&userid=350ba59d-1b90-4fb2-b090-01a3e41a4d01&searchtype=ds&q={searchTerms}&installDate=17/05/2013
      Ajustes Encontrado : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.qvo6.com/?utm_source=b&utm_medium=oneinstaller&utm_campaign=eXQ&utm_content=hp&from=oneinstaller&uid=ST3500418AS_9VMN9Z23XXXX9VMN9Z23&ts=1380394922
      Ajustes Encontrado : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.qvo6.com/?utm_source=b&utm_medium=oneinstaller&utm_campaign=eXQ&utm_content=hp&from=oneinstaller&uid=ST3500418AS_9VMN9Z23XXXX9VMN9Z23&ts=1380394922

      -\\ Mozilla Firefox v19.0.2 (es-ES)

      [ Archivo : C:\Users\Edu\AppData\Roaming\Mozilla\Firefox\Profiles\n2pbdf7e.default\prefs.js ]

      Linea encontrada : user_pref("extensions.helperbar.Country", "Spain");
      Linea encontrada : user_pref("extensions.helperbar.DockingPositionDown", false);
      Linea encontrada : user_pref("extensions.helperbar.SmartbarDisabled", false);
      Linea encontrada : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
      Linea encontrada : user_pref("extensions.helperbar.UserID", "350ba59d-1b90-4fb2-b090-01a3e41a4d01");
      Linea encontrada : user_pref("extensions.helperbar.Visibility", true);

      -\\ Google Chrome v

      [ Archivo : C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\preferences ]


      *************************

      AdwCleaner[R0].txt - [40013 octets] - [29/09/2013 16:50:57]

      ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [40074 octets] #########

    4. #4
      Usuario Avatar de Timbrok
      Registrado
      sep 2013
      Ubicación
      España
      Mensajes
      12

      Re: Problema banners

      y aparte te dejo aqui el registro del OTL (lo he puesto en 2 post porque en uno no cabia todo)


      REGISTRO DEL OTL
      OTL logfile created on: 02/10/2013 11:24:42 - Run 1
      OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Edu\Downloads
      64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
      Internet Explorer (Version = 9.10.9200.16686)
      Locale: 00000c0a | Country: España | Language: ESN | Date Format: dd/MM/yyyy

      3,93 Gb Total Physical Memory | 2,53 Gb Available Physical Memory | 64,53% Memory free
      7,85 Gb Paging File | 6,34 Gb Available in Paging File | 80,79% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 131,10 Gb Total Space | 7,84 Gb Free Space | 5,98% Space Free | Partition Type: NTFS

      Computer Name: EDU-PC | User Name: Edu | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

      ========== Processes (SafeList) ==========

      PRC - C:\Users\Edu\Downloads\OTL.exe (OldTimer Tools)
      PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
      PRC - C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
      PRC - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
      PRC - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
      PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
      PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
      PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      PRC - C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe (Citrix Systems, Inc.)
      PRC - C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe (Citrix Systems, Inc.)


      ========== Modules (No Company Name) ==========


      ========== Services (SafeList) ==========

      SRV:64bit: - (AppleOSSMgr) -- C:\Windows\SysNative\AppleOSSMgr.exe ()
      SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
      SRV:64bit: - (AppleTimeSrv) -- C:\Windows\SysNative\AppleTimeSrv.exe (Apple Inc.)
      SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
      SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
      SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
      SRV - (OverwolfUpdaterService) -- C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe (Overwolf Ltd)
      SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
      SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
      SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
      SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
      SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
      SRV - (HiPatchService) -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (Hi-Rez Studios)
      SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
      SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
      SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
      SRV - (wlidsvc) -- C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
      SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
      SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
      SRV - (osppsvc) -- C:\Archivos de programa\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
      SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


      ========== Driver Services (SafeList) ==========

      DRV:64bit: - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys File not found
      DRV:64bit: - (avgtp) -- C:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies)
      DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
      DRV:64bit: - (Avgloga) -- C:\Windows\SysNative\drivers\avgloga.sys (AVG Technologies CZ, s.r.o.)
      DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys (AVG Technologies CZ, s.r.o.)
      DRV:64bit: - (AVGIDSHA) -- C:\Windows\SysNative\drivers\avgidsha.sys (AVG Technologies CZ, s.r.o.)
      DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
      DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
      DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
      DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
      DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
      DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
      DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
      DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation)
      DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
      DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
      DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
      DRV:64bit: - (pwdrvio) -- C:\Windows\SysNative\pwdrvio.sys ()
      DRV:64bit: - (pwdspio) -- C:\Windows\SysNative\pwdspio.sys ()
      DRV:64bit: - (WsAudio_DeviceS(5) -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(5).sys (Wondershare)
      DRV:64bit: - (WsAudio_DeviceS(4) -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(4).sys (Wondershare)
      DRV:64bit: - (WsAudio_DeviceS(3) -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(3).sys (Wondershare)
      DRV:64bit: - (WsAudio_DeviceS(2) -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(2).sys (Wondershare)
      DRV:64bit: - (WsAudio_DeviceS(1) -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(1).sys (Wondershare)
      DRV:64bit: - (KeyAgent) -- C:\Windows\SysNative\drivers\KeyAgent.sys (Apple Inc.)
      DRV:64bit: - (ctxusbm) -- C:\Windows\SysNative\drivers\ctxusbm.sys (Citrix Systems, Inc.)
      DRV:64bit: - (Netaapl) -- C:\Windows\SysNative\drivers\netaapl64.sys (Apple Inc.)
      DRV:64bit: - (KeyMagic) -- C:\Windows\SysNative\drivers\KeyMagic.sys (Apple Inc.)
      DRV:64bit: - (applebmt) -- C:\Windows\SysNative\drivers\applebmt.sys (Apple Inc.)
      DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
      DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
      DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
      DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
      DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
      DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
      DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
      DRV:64bit: - (CirrusFilter) -- C:\Windows\SysNative\drivers\CS420x64.sys (Cirrus Logic)
      DRV:64bit: - (MacHALDriver) -- C:\Windows\SysNative\drivers\MacHALDriver.sys (Apple Inc.)
      DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
      DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
      DRV:64bit: - (IRRemoteFlt) -- C:\Windows\SysNative\drivers\IRFilter.sys (Apple Inc.)
      DRV:64bit: - (AppleBtBc) -- C:\Windows\SysNative\drivers\AppleBtBc.sys (Apple Inc.)
      DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
      DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
      DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
      DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
      DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
      DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
      DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
      DRV:64bit: - (USB28xxOEM) -- C:\Windows\SysNative\drivers\emOEM64.sys (eMPIA Technology, Inc.)
      DRV:64bit: - (USB28xxBGA) -- C:\Windows\SysNative\drivers\emBDA64.sys (eMPIA Technology, Inc.)
      DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


      ========== Standard Registry (SafeList) ==========


      ========== Internet Explorer ==========

      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
      IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
      IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
      IE - HKLM\..\SearchScopes,DefaultScope =
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE - HKLM\..\SearchScopes\{40F18006-EF25-4F04-884C-EA2043D5DF92}: "URL" = http://startsear.ch/?aff=3&q={searchTerms}

      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://es.msn.com/?ocid=iehp
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6B C4 0C 2C F8 AD CC 01 [binary data]
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
      IE - HKCU\..\SearchScopes,DefaultScope =
      IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
      IE - HKCU\..\SearchScopes\{24EE64C7-B9CC-4A98-929D-D057E8F02796}: "URL" = http://www.bing.com/search?q={searchTerms}&r=727
      IE - HKCU\..\SearchScopes\{40F18006-EF25-4F04-884C-EA2043D5DF92}: "URL" = http://startsear.ch/?aff=3&q={searchTerms}
      IE - HKCU\..\SearchScopes\{987E5293-4FD7-4C91-9530-914D17D2639B}: "URL" = http://start.funmoods.com/results.php?f=4&a=aln1&q={searchTerms}
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

      ========== FireFox ==========

      FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
      FF - user.js - File not found

      FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: File not found
      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
      FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
      FF - HKLM\Software\MozillaPlugins\@raidcall.en/RCplugin: C:\Users\Edu\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
      FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: File not found
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Edu\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Edu\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
      FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/08 11:48:05 | 000,000,000 | ---D | M]

      [2012/06/04 20:11:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Edu\AppData\Roaming\mozilla\Extensions
      [2013/09/29 16:52:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Edu\AppData\Roaming\mozilla\Firefox\Profiles\n2pbdf7e.default\extensions
      [2013/09/28 21:00:23 | 000,000,000 | ---D | M] ("TubeSing-3") -- C:\Users\Edu\AppData\Roaming\mozilla\Firefox\Profiles\n2pbdf7e.default\extensions\[email protected]76da189c.com
      [2013/09/28 21:00:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Edu\AppData\Roaming\mozilla\Firefox\Profiles\n2pbdf7e.default\extensions\[email protected]76da189c.com\extensionData
      [2013/09/28 21:00:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Edu\AppData\Roaming\mozilla\Firefox\Profiles\n2pbdf7e.default\extensions\[email protected]76da189c.com\extensionData\plugins
      [2013/09/28 21:00:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Edu\AppData\Roaming\mozilla\Firefox\Profiles\n2pbdf7e.default\extensions\[email protected]76da189c.com\extensionData\userCode
      [2013/03/08 11:48:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
      [2013/03/07 16:30:04 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
      [2013/03/07 19:45:11 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
      [2013/03/07 19:45:11 | 000,004,095 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\drae.xml
      [2013/03/07 19:45:11 | 000,001,356 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-es.xml
      [2013/03/07 19:45:11 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
      [2013/03/07 19:45:11 | 000,001,391 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-es.xml
      [2013/03/07 19:45:11 | 000,001,315 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-es.xml

      ========== Chrome ==========


      O1 HOSTS File: ([2013/06/20 16:12:49 | 000,012,513 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
      O1 - Hosts: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
      O1 - Hosts: <html lang='en'>
      O1 - Hosts: <head>
      O1 - Hosts: <meta name="description" content="Yahoo! GeoCities offers you a free web site and all the tools you need to build a dynamic site. Features include easy-to-use site building tools, online help, web site statistics, secure and reliable hosting, and an intuitive control panel.">
      O1 - Hosts: <title>Yahoo! GeoCities: Get a web site with easy-to-use site building tools.</title>
      O1 - Hosts: <link rel="stylesheet" type="text/css" media="all" href="http://l.yimg.com/a/combo?yui/2.5.2/build/reset-fonts-grids/reset-fonts-grids.css&smbiz/css/headfoot_6.css&smbiz/css/ysbs_glossary_1.css">
      O1 - Hosts: <link rel="stylesheet" type="text/css" media="all" href="http://l.yimg.com/a/lib/smbiz/css/geocities_84954.css">
      O1 - Hosts: <style>
      O1 - Hosts: h1 { line-height:30px;height:30px; padding-left:15px; font-weight:bold;font-size:1.6em;color:#1f296a;}
      O1 - Hosts: .services li { margin-left:1.0em; padding-left:0.5em; background:url("http://l.yimg.com/a/lib/smbiz/i/geo_bullet_3x3_1.gif") no-repeat 0 0.5em; margin-bottom:0.5em;margin-left:1.5em;margin-right:0.5em;width:6em}
      O1 - Hosts: .services li {float:left; width:17em; font-size:116%;margin-top:0.8em}
      O1 - Hosts: .services { font-size:116%; padding-bottom:20px }
      O1 - Hosts: .learnmore a {color:#2882DE;font-size:16px}
      O1 - Hosts: .image_web {float:right; margin:15px 0 0 15px}
      O1 - Hosts: p {margin:20px;font-size:1em;}
      O1 - Hosts: h2 {margin:20px 0 0 20px;color:#1F296;font-weight:bold;font-size:1.25em;color:#1f296a;}
      O1 - Hosts: h3 {margin:20px;color:#1F296;font-weight:bold;font-size:1.15em;color:#1f296a;}
      O1 - Hosts: li.rule {border-top:solid 1px #DBE1E6;}
      O1 - Hosts: </style>
      O1 - Hosts: </head>
      O1 - Hosts: <body>
      O1 - Hosts: <!-- following code added by server. PLEASE REMOVE -->
      O1 - Hosts: <!-- preceding code added by server. PLEASE REMOVE -->
      O1 - Hosts: <div class="ez-mw" style ="height:900px;width:905px">
      O1 - Hosts: <div class="ez-wri ez-oh" style="width:900px">
      O1 - Hosts: 91 more lines...
      O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
      O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
      O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
      O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
      O4:64bit: - HKLM..\Run: [Apple_KbdMgr] C:\Archivos de programa\Boot Camp\Bootcamp.exe (Apple Inc.)
      O4 - HKLM..\Run: [Aimersoft Helper Compact.exe] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe (AimerSoft)
      O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
      O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
      O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
      O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
      O4 - HKCU..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.)
      O4 - HKCU..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe (Overwolf)
      O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
      O4 - Startup: C:\Users\Edu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Edu\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
      O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
      O8:64bit: - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found
      O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found
      O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
      O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL (Microsoft Corporation)
      O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Edu\Desktop\PartyPoker.lnk File not found
      O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Edu\Desktop\PartyPoker.lnk File not found
      O9 - Extra Button: PokerStars.es - {CC0FC7CF-E588-4b33-B148-C657708AB9C4} - C:\Program Files (x86)\PokerStars.ES\PokerStarsUpdate.exe File not found
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Archivos de programa\Bonjour\mdnsNSP.dll (Apple Inc.)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
      O1364bit: - gopher Prefix: missing
      O13 - gopher Prefix: missing
      O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
      O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
      O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
      O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
      O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.25.2)
      O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
      O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.25.2)
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.81.16.148 62.81.16.213
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0216BF3B-DDEA-4D21-AB0C-F4C692EC446A}: DhcpNameServer = 80.58.61.250 80.58.61.254
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{24A99D0F-4408-4201-BE64-193688848714}: DhcpNameServer = 192.168.42.129
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{385EE612-6A32-4079-B091-E3342794B676}: DhcpNameServer = 62.81.16.148 62.81.16.213
      O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
      O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
      O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
      O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
      O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
      O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Filter\application/x-ica - No CLSID value found
      O18:64bit: - Protocol\Filter\application/x-ica; charset=euc-jp - No CLSID value found
      O18:64bit: - Protocol\Filter\application/x-ica; charset=ISO-8859-1 - No CLSID value found
      O18:64bit: - Protocol\Filter\application/x-ica; charset=MS936 - No CLSID value found
      O18:64bit: - Protocol\Filter\application/x-ica; charset=MS949 - No CLSID value found
      O18:64bit: - Protocol\Filter\application/x-ica; charset=MS950 - No CLSID value found
      O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF8 - No CLSID value found
      O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF-8 - No CLSID value found
      O18:64bit: - Protocol\Filter\application/x-ica;charset=euc-jp - No CLSID value found
      O18:64bit: - Protocol\Filter\application/x-ica;charset=ISO-8859-1 - No CLSID value found
      O18:64bit: - Protocol\Filter\application/x-ica;charset=MS936 - No CLSID value found
      O18:64bit: - Protocol\Filter\application/x-ica;charset=MS949 - No CLSID value found
      O18:64bit: - Protocol\Filter\application/x-ica;charset=MS950 - No CLSID value found
      O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF8 - No CLSID value found
      O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF-8 - No CLSID value found
      O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
      O18:64bit: - Protocol\Filter\ica - No CLSID value found
      O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
      O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
      O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
      O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
      O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
      O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
      O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
      O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
      O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
      O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
      O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
      O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
      O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
      O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
      O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
      O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
      O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
      O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
      O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
      O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
      O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (Explorer.exe) - Explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (userinit.exe) - userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
      O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
      O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2013/09/30 02:21:13 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
      O33 - MountPoints2\{9251b670-5e2d-11e2-a001-78ca39c41a39}\Shell - "" = AutoRun
      O33 - MountPoints2\{9251b670-5e2d-11e2-a001-78ca39c41a39}\Shell\AutoRun\command - "" = E:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A11B02 PID_0083
      O33 - MountPoints2\{afc7a4ee-19d3-11e1-a4ea-806e6f6e6963}\Shell - "" = AutoRun
      O33 - MountPoints2\{afc7a4ee-19d3-11e1-a4ea-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Autorun.exe
      O34 - HKLM BootExecute: (autocheck autochk *)
      O34 - HKLM BootExecute: (MACHINE BootExecut)
      O35:64bit: - HKLM\..comfile [open] -- "%1" %*
      O35:64bit: - HKLM\..exefile [open] -- "%1" %*
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
      O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
      O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

      MsConfig:64bit - StartUpReg: Skype - hkey= - key= - C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
      MsConfig:64bit - State: "startup" - Reg Error: Key error.

      NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

      CREATERESTOREPOINT
      Restore point Set: OTL Restore Point

      ========== Files/Folders - Created Within 30 Days ==========

      [2013/09/30 17:38:26 | 000,918,617 | ---- | C] (x264 project) -- C:\Windows\SysWow64\libx264-128.dll
      [2013/09/30 16:59:22 | 000,000,000 | ---D | C] -- C:\Users\Edu\Desktop\rkill
      [2013/09/30 16:15:49 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\logs
      [2013/09/30 14:32:49 | 000,000,000 | -HSD | C] -- C:\Config.Msi
      [2013/09/30 02:20:38 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
      [2013/09/30 02:19:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
      [2013/09/29 16:50:52 | 000,000,000 | ---D | C] -- C:\AdwCleaner
      [2013/09/28 21:33:20 | 000,000,000 | ---D | C] -- C:\Users\Edu\AppData\Roaming\AVG2013
      [2013/09/28 21:31:57 | 000,000,000 | ---D | C] -- C:\Users\Edu\AppData\Roaming\TuneUp Software
      [2013/09/28 21:31:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
      [2013/09/28 21:31:40 | 000,046,368 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
      [2013/09/28 21:30:19 | 000,000,000 | -H-D | C] -- C:\$AVG
      [2013/09/28 21:30:19 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
      [2013/09/28 21:29:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
      [2013/09/28 21:24:36 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
      [2013/09/28 21:24:36 | 000,000,000 | ---D | C] -- C:\Users\Edu\AppData\Local\MFAData
      [2013/09/28 21:24:36 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
      [2013/09/28 21:24:36 | 000,000,000 | ---D | C] -- C:\Users\Edu\AppData\Local\Avg2013
      [2013/09/28 21:24:30 | 004,445,640 | ---- | C] (AVG Technologies) -- C:\Users\Edu\Desktop\avg_avct_stb_all_2013_3272_freets11.exe
      [2013/09/28 21:07:15 | 000,000,000 | ---D | C] -- C:\Users\Edu\AppData\Local\avgchrome
      [2013/09/28 20:59:53 | 000,000,000 | ---D | C] -- C:\Users\Edu\AppData\Local\pgcchelper
      [2013/09/13 17:50:23 | 000,000,000 | ---D | C] -- C:\Users\Edu\Desktop\HERMANOS DE SANGRE
      [2013/09/12 21:31:25 | 000,000,000 | ---D | C] -- C:\Users\Edu\AppData\Roaming\backbeat
      [2013/09/12 21:31:23 | 000,000,000 | ---D | C] -- C:\Users\Edu\AppData\Roaming\SolForge
      [2013/09/12 21:29:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
      [2013/09/12 11:13:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NCsoft
      [2013/09/11 10:26:05 | 000,000,000 | ---D | C] -- C:\Users\Edu\Desktop\capturas test final est
      [2013/09/10 13:32:34 | 000,000,000 | ---D | C] -- C:\Users\Edu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
      [2013/09/10 13:32:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Overwolf
      [2013/09/10 13:32:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Overwolf
      [2013/09/10 13:31:11 | 000,000,000 | ---D | C] -- C:\Users\Edu\AppData\Local\Overwolf
      [2013/09/08 21:37:29 | 000,769,687 | ---- | C] (Mental Works Computing Software) -- C:\Users\Edu\Desktop\TotalPlus.exe
      [2013/09/05 01:43:42 | 000,045,880 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgrkx64.sys
      [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

      ========== Files - Modified Within 30 Days ==========

      [2013/10/02 11:27:35 | 000,017,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      [2013/10/02 11:27:35 | 000,017,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      [2013/10/02 11:25:00 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2013/10/02 11:18:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2013/10/02 11:18:51 | 3163,013,120 | -HS- | M] () -- C:\hiberfil.sys
      [2013/10/02 04:36:00 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4220771249-1718455733-667717463-1001UA.job
      [2013/10/02 04:36:00 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4220771249-1718455733-667717463-1001Core.job
      [2013/09/30 17:38:58 | 000,001,156 | ---- | M] () -- C:\Windows\SysWow64\HashCache.dat
      [2013/09/30 17:38:33 | 000,298,784 | ---- | M] () -- C:\Windows\SysWow64\CrashUpload.exe
      [2013/09/30 17:38:32 | 000,918,617 | ---- | M] (x264 project) -- C:\Windows\SysWow64\libx264-128.dll
      [2013/09/30 17:29:19 | 001,237,504 | ---- | M] () -- C:\Windows\SysWow64\vorbis.dll
      [2013/09/30 17:23:07 | 000,246,332 | ---- | M] () -- C:\Windows\SysWow64\avutil-ttv-51.dll
      [2013/09/30 17:20:01 | 000,001,117 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2013/09/30 17:19:46 | 000,085,792 | ---- | M] () -- C:\Windows\SysWow64\PackCheck.exe
      [2013/09/30 17:14:52 | 000,037,230 | ---- | M] () -- C:\Users\Edu\Desktop\log_30del9
      [2013/09/30 17:09:04 | 000,316,704 | ---- | M] () -- C:\Windows\SysWow64\Client.exe
      [2013/09/30 17:07:41 | 000,089,600 | ---- | M] () -- C:\Windows\SysWow64\vorbisfile.dll
      [2013/09/30 17:07:29 | 000,993,280 | ---- | M] () -- C:\Windows\SysWow64\twitchsdk_32_release.dll
      [2013/09/30 16:52:24 | 000,050,688 | ---- | M] () -- C:\Windows\SysWow64\ogg.dll
      [2013/09/30 16:52:07 | 000,000,830 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
      [2013/09/30 16:51:07 | 000,113,171 | ---- | M] () -- C:\Windows\SysWow64\swresample-ttv-0.dll
      [2013/09/30 16:49:39 | 000,445,016 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
      [2013/09/30 16:35:22 | 000,394,810 | ---- | M] () -- C:\Windows\SysWow64\libmp3lame-ttv.dll
      [2013/09/30 16:15:49 | 4165,255,670 | ---- | M] () -- C:\Windows\SysWow64\Content.ggpk
      [2013/09/30 02:21:13 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
      [2013/09/29 16:47:48 | 000,002,360 | ---- | M] () -- C:\Users\Edu\Desktop\Google Chrome.lnk
      [2013/09/28 21:31:57 | 000,000,989 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
      [2013/09/28 21:31:13 | 000,046,368 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
      [2013/09/28 21:24:33 | 004,445,640 | ---- | M] (AVG Technologies) -- C:\Users\Edu\Desktop\avg_avct_stb_all_2013_3272_freets11.exe
      [2013/09/28 21:00:28 | 000,001,310 | ---- | M] () -- C:\Users\Edu\.swfinfo
      [2013/09/28 20:53:47 | 001,682,072 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
      [2013/09/28 20:53:47 | 000,749,552 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
      [2013/09/28 20:53:47 | 000,655,560 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
      [2013/09/28 20:53:47 | 000,159,364 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
      [2013/09/28 20:53:47 | 000,122,174 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
      [2013/09/20 03:06:32 | 001,659,110 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
      [2013/09/13 14:39:54 | 000,001,498 | ---- | M] () -- C:\Users\Edu\Desktop\Diablo III.lnk
      [2013/09/12 11:12:45 | 005,041,656 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
      [2013/09/11 12:05:39 | 000,454,278 | ---- | M] () -- C:\Users\Edu\Desktop\billetes2.pdf
      [2013/09/11 12:05:16 | 000,454,157 | ---- | M] () -- C:\Users\Edu\Desktop\billetes.pdf
      [2013/09/11 11:56:52 | 000,454,157 | ---- | M] () -- C:\Users\Edu\Desktop\7BJB9W-cvA0M5eY.pdf
      [2013/09/10 13:32:34 | 000,001,979 | ---- | M] () -- C:\Users\Public\Desktop\Overwolf.lnk
      [2013/09/08 09:45:03 | 000,769,687 | ---- | M] (Mental Works Computing Software) -- C:\Users\Edu\Desktop\TotalPlus.exe
      [2013/09/07 19:46:35 | 000,069,973 | ---- | M] () -- C:\Users\Edu\Desktop\11 (1).jpg
      [2013/09/05 01:43:42 | 000,045,880 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgrkx64.sys
      [2013/09/04 14:15:42 | 000,214,927 | ---- | M] () -- C:\Users\Edu\Desktop\Recursividad.pdf
      [2013/09/04 14:15:37 | 000,292,429 | ---- | M] () -- C:\Users\Edu\Desktop\Tema2_Verificación.pdf
      [2013/09/04 14:15:29 | 000,223,073 | ---- | M] () -- C:\Users\Edu\Desktop\DiseñoModular.pdf
      [2013/09/04 14:15:25 | 000,496,827 | ---- | M] () -- C:\Users\Edu\Desktop\T2_AnalisisAlgoritmos-2012-2013.pdf
      [2013/09/04 14:15:23 | 000,076,552 | ---- | M] () -- C:\Users\Edu\Desktop\Tema4PruebaSW.pdf
      [2013/09/03 20:08:09 | 000,064,951 | ---- | M] () -- C:\Users\Edu\Desktop\curriculum ernesto.pdf
      [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

      ========== Files Created - No Company Name ==========

      [2013/09/30 17:38:58 | 000,001,156 | ---- | C] () -- C:\Windows\SysWow64\HashCache.dat
      [2013/09/30 17:38:32 | 000,298,784 | ---- | C] () -- C:\Windows\SysWow64\CrashUpload.exe
      [2013/09/30 17:29:12 | 001,237,504 | ---- | C] () -- C:\Windows\SysWow64\vorbis.dll
      [2013/09/30 17:23:06 | 000,246,332 | ---- | C] () -- C:\Windows\SysWow64\avutil-ttv-51.dll
      [2013/09/30 17:19:45 | 000,085,792 | ---- | C] () -- C:\Windows\SysWow64\PackCheck.exe
      [2013/09/30 17:14:52 | 000,037,230 | ---- | C] () -- C:\Users\Edu\Desktop\log_30del9
      [2013/09/30 17:09:03 | 000,316,704 | ---- | C] () -- C:\Windows\SysWow64\Client.exe
      [2013/09/30 17:07:41 | 000,089,600 | ---- | C] () -- C:\Windows\SysWow64\vorbisfile.dll
      [2013/09/30 17:07:26 | 000,993,280 | ---- | C] () -- C:\Windows\SysWow64\twitchsdk_32_release.dll
      [2013/09/30 16:52:14 | 000,050,688 | ---- | C] () -- C:\Windows\SysWow64\ogg.dll
      [2013/09/30 16:51:04 | 000,113,171 | ---- | C] () -- C:\Windows\SysWow64\swresample-ttv-0.dll
      [2013/09/30 16:35:20 | 000,394,810 | ---- | C] () -- C:\Windows\SysWow64\libmp3lame-ttv.dll
      [2013/09/30 16:15:49 | 4165,255,670 | ---- | C] () -- C:\Windows\SysWow64\Content.ggpk
      [2013/09/30 02:21:13 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
      [2013/09/28 21:31:57 | 000,000,989 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2013.lnk
      [2013/09/13 14:39:54 | 000,001,498 | ---- | C] () -- C:\Users\Edu\Desktop\Diablo III.lnk
      [2013/09/11 12:05:39 | 000,454,278 | ---- | C] () -- C:\Users\Edu\Desktop\billetes2.pdf
      [2013/09/11 12:05:16 | 000,454,157 | ---- | C] () -- C:\Users\Edu\Desktop\billetes.pdf
      [2013/09/11 11:56:50 | 000,454,157 | ---- | C] () -- C:\Users\Edu\Desktop\7BJB9W-cvA0M5eY.pdf
      [2013/09/10 13:32:34 | 000,001,979 | ---- | C] () -- C:\Users\Public\Desktop\Overwolf.lnk
      [2013/09/08 21:38:10 | 000,001,310 | ---- | C] () -- C:\Users\Edu\.swfinfo
      [2013/09/07 19:46:35 | 000,069,973 | ---- | C] () -- C:\Users\Edu\Desktop\11 (1).jpg
      [2013/09/04 14:15:42 | 000,214,927 | ---- | C] () -- C:\Users\Edu\Desktop\Recursividad.pdf
      [2013/09/04 14:15:37 | 000,292,429 | ---- | C] () -- C:\Users\Edu\Desktop\Tema2_Verificación.pdf
      [2013/09/04 14:15:29 | 000,223,073 | ---- | C] () -- C:\Users\Edu\Desktop\DiseñoModular.pdf
      [2013/09/04 14:15:25 | 000,496,827 | ---- | C] () -- C:\Users\Edu\Desktop\T2_AnalisisAlgoritmos-2012-2013.pdf
      [2013/09/04 14:15:19 | 000,076,552 | ---- | C] () -- C:\Users\Edu\Desktop\Tema4PruebaSW.pdf
      [2013/09/03 20:08:09 | 000,064,951 | ---- | C] () -- C:\Users\Edu\Desktop\curriculum ernesto.pdf
      [2013/08/31 21:16:00 | 000,291,096 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
      [2013/08/31 21:14:47 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
      [2013/06/20 15:56:58 | 000,012,393 | ---- | C] () -- C:\Users\Edu\AppData\Local\Bron.tok.A12.em.bin
      [2013/06/04 18:58:57 | 000,002,975 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
      [2013/05/24 01:56:45 | 000,007,596 | ---- | C] () -- C:\Users\Edu\AppData\Local\Resmon.ResmonCfg
      [2012/11/19 09:33:32 | 000,065,656 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
      [2012/11/19 09:33:30 | 000,022,640 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
      [2012/09/05 01:00:17 | 000,140,968 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
      [2012/08/28 17:28:43 | 000,000,461 | ---- | C] () -- C:\Users\Edu\AppData\Local\HamsterVideoConverterSettings.cfg
      [2012/08/06 21:57:54 | 000,450,560 | ---- | C] () -- C:\Windows\emunist.exe
      [2012/08/06 21:57:54 | 000,001,907 | ---- | C] () -- C:\Windows\TVEpaDrv.ini
      [2012/06/06 22:28:58 | 077,918,208 | ---- | C] () -- C:\Users\Edu\00057.MTS
      [2012/06/04 14:58:20 | 000,000,282 | ---- | C] () -- C:\Users\Edu\AppData\Roaming\groovedown.settings
      [2012/06/04 14:58:20 | 000,000,000 | ---- | C] () -- C:\Users\Edu\AppData\Roaming\gd.db
      [2012/02/24 03:44:15 | 000,000,000 | ---- | C] () -- C:\ProgramData\dd416317998f8848998002e69dddc9ea_c
      [2012/02/02 18:45:32 | 000,000,018 | ---- | C] () -- C:\Users\Edu\AppData\Local\devcpp.cfg
      [2012/02/02 18:44:47 | 000,000,106 | ---- | C] () -- C:\Users\Edu\AppData\Local\defaultcode.cfg
      [2012/02/02 18:43:48 | 000,005,260 | ---- | C] () -- C:\Users\Edu\AppData\Local\devcpp.ini
      [2012/01/11 23:45:01 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat
      [2012/01/11 23:22:46 | 001,659,110 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
      [2011/12/20 17:52:33 | 000,001,043 | ---- | C] () -- C:\Users\Edu\Dropbox.lnk
      [2011/11/28 17:16:39 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

      ========== ZeroAccess Check ==========

      [2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
      "" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 04:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free

      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

      ========== Custom Scans ==========

      < %SYSTEMDRIVE%\*.* >
      [2012/05/03 14:01:52 | 000,006,148 | -H-- | M] () -- C:\.DS_Store
      [2013/09/30 02:21:13 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
      [2010/11/20 14:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr
      [2011/11/28 17:13:46 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
      [2013/10/02 11:18:51 | 3163,013,120 | -HS- | M] () -- C:\hiberfil.sys
      [2013/10/02 11:18:51 | 4217,352,192 | -HS- | M] () -- C:\pagefile.sys
      [2012/06/04 14:58:14 | 000,000,355 | ---- | M] () -- C:\prefs.js
      [2011/11/28 20:12:03 | 000,002,056 | ---- | M] () -- C:\RHDSetup.log
      [2012/02/24 03:44:02 | 000,000,050 | ---- | M] () -- C:\user.js

      ========== Alternate Data Streams ==========

      @Alternate Data Stream - 64 bytes -> C:\.Trashes:AFP_AfpInfo
      @Alternate Data Stream - 431 bytes -> C:\ProgramData\TEMP:49E9A6FB
      @Alternate Data Stream - 20 bytes -> C:\.Trashes:Mac_Metadata
      @Alternate Data Stream - 20 bytes -> C:\.DS_Store:Mac_Metadata

      < End of report >


      Gracias por todo! un saludo!

    5. #5
      Moderador Gral.
      Avatar de Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      53.093

      Re: Problema banners

      Hola de Nuevo




      Ejecutá OTL.exe


      Copiá y Pegá el código que está dentro del recuadro de abajo en la sección Análisis Personalizado / Código de Reparación



      :OTL
      DRV:64bit: - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys File not found
      IE - HKLM\..\SearchScopes\{40F18006-EF25-4F04-884C-EA2043D5DF92}: "URL" = http://startsear.ch/?aff=3&q={searchTerms}
      IE - HKCU\..\SearchScopes\{40F18006-EF25-4F04-884C-EA2043D5DF92}: "URL" = http://startsear.ch/?aff=3&q={searchTerms}
      [2012/06/04 20:11:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Edu\AppData\Roaming\mozilla\Extensions
      [2013/09/29 16:52:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Edu\AppData\Roaming\mozilla\Firefox\Profiles\n2pbdf7e.default\extensions
      [2013/09/28 21:00:23 | 000,000,000 | ---D | M] ("TubeSing-3") -- C:\Users\Edu\AppData\Roaming\mozilla\Firefox\Profiles\n2pbdf7e.default\extensions\[email protected]76da189c.com
      [2013/09/28 21:00:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Edu\AppData\Roaming\mozilla\Firefox\Profiles\n2pbdf7e.default\extensions\[email protected]76da189c.com\extensionData
      [2013/09/28 21:00:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Edu\AppData\Roaming\mozilla\Firefox\Profiles\n2pbdf7e.default\extensions\[email protected]76da189c.com\extensionData\plugins
      [2013/09/28 21:00:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Edu\AppData\Roaming\mozilla\Firefox\Profiles\n2pbdf7e.default\extensions\[email protected]76da189c.com\extensionData\userCode
      [2013/03/08 11:48:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
      O1 - Hosts: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
      O1 - Hosts: <html lang='en'>
      O1 - Hosts: <head>
      O1 - Hosts: <meta name="description" content="Yahoo! GeoCities offers you a free web site and all the tools you need to build a dynamic site. Features include easy-to-use site building tools, online help, web site statistics, secure and reliable hosting, and an intuitive control panel.">
      O1 - Hosts: <title>Yahoo! GeoCities: Get a web site with easy-to-use site building tools.</title>
      O1 - Hosts: <link rel="stylesheet" type="text/css" media="all" href="http://l.yimg.com/a/combo?yui/2.5.2/build/reset-fonts-grids/reset-fonts-grids.css&smbiz/css/headfoot_6.css&smbiz/css/ysbs_glossary_1.css">
      O1 - Hosts: <link rel="stylesheet" type="text/css" media="all" href="http://l.yimg.com/a/lib/smbiz/css/geocities_84954.css">
      O1 - Hosts: <style>
      O1 - Hosts: h1 { line-height:30px;height:30px; padding-left:15px; font-weight:bold;font-size:1.6em;color:#1f296a;}
      O1 - Hosts: .services li { margin-left:1.0em; padding-left:0.5em; background:url("http://l.yimg.com/a/lib/smbiz/i/geo_bullet_3x3_1.gif") no-repeat 0 0.5em; margin-bottom:0.5em;margin-left:1.5em;margin-right:0.5em;width:6em}
      O1 - Hosts: .services li {float:left; width:17em; font-size:116%;margin-top:0.8em}
      O1 - Hosts: .services { font-size:116%; padding-bottom:20px }
      O1 - Hosts: .learnmore a {color:#2882DE;font-size:16px}
      O1 - Hosts: .image_web {float:right; margin:15px 0 0 15px}
      O1 - Hosts: p {margin:20px;font-size:1em;}
      O1 - Hosts: h2 {margin:20px 0 0 20px;color:#1F296;font-weight:bold;font-size:1.25em;color:#1f296a;}
      O1 - Hosts: h3 {margin:20px;color:#1F296;font-weight:bold;font-size:1.15em;color:#1f296a;}
      O1 - Hosts: li.rule {border-top:solid 1px #DBE1E6;}
      O1 - Hosts: </style>
      O1 - Hosts: </head>
      O1 - Hosts: <body>
      O1 - Hosts: <!-- following code added by server. PLEASE REMOVE -->
      O1 - Hosts: <!-- preceding code added by server. PLEASE REMOVE -->
      O1 - Hosts: <div class="ez-mw" style ="height:900px;width:905px">
      O1 - Hosts: <div class="ez-wri ez-oh" style="width:900px">
      O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
      O4 - HKCU..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.)
      O4 - HKCU..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe (Overwolf)
      O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
      O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
      O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
      O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0216BF3B-DDEA-4D21-AB0C-F4C692EC446A}: DhcpNameServer = 80.58.61.250 80.58.61.254
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{24A99D0F-4408-4201-BE64-193688848714}: DhcpNameServer = 192.168.42.129
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{385EE612-6A32-4079-B091-E3342794B676}: DhcpNameServer = 62.81.16.148 62.81.16.213
      O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
      O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
      O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
      O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
      O18:64bit: - Protocol\Filter\application/x-ica - No CLSID value found
      O18:64bit: - Protocol\Filter\application/x-ica; charset=euc-jp - No CLSID value found
      O18:64bit: - Protocol\Filter\application/x-ica; charset=ISO-8859-1 - No CLSID value found
      O18:64bit: - Protocol\Filter\application/x-ica; charset=MS936 - No CLSID value found
      O18:64bit: - Protocol\Filter\application/x-ica; charset=MS949 - No CLSID value found
      O18:64bit: - Protocol\Filter\application/x-ica; charset=MS950 - No CLSID value found
      O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF8 - No CLSID value found
      O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF-8 - No CLSID value found
      O18:64bit: - Protocol\Filter\application/x-ica;charset=euc-jp - No CLSID value found
      O18:64bit: - Protocol\Filter\application/x-ica;charset=ISO-8859-1 - No CLSID value found
      O18:64bit: - Protocol\Filter\application/x-ica;charset=MS936 - No CLSID value found
      O18:64bit: - Protocol\Filter\application/x-ica;charset=MS949 - No CLSID value found
      O18:64bit: - Protocol\Filter\application/x-ica;charset=MS950 - No CLSID value found
      O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF8 - No CLSID value found
      O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF-8 - No CLSID value found
      O33 - MountPoints2\{9251b670-5e2d-11e2-a001-78ca39c41a39}\Shell - "" = AutoRun
      O33 - MountPoints2\{9251b670-5e2d-11e2-a001-78ca39c41a39}\Shell\AutoRun\command - "" = E:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A11B02 PID_0083
      O33 - MountPoints2\{afc7a4ee-19d3-11e1-a4ea-806e6f6e6963}\Shell - "" = AutoRun
      O33 - MountPoints2\{afc7a4ee-19d3-11e1-a4ea-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Autorun.exe
      @Alternate Data Stream - 64 bytes -> C:\.Trashes:AFP_AfpInfo
      @Alternate Data Stream - 431 bytes -> C:\ProgramData\TEMP:49E9A6FB
      @Alternate Data Stream - 20 bytes -> C:\.Trashes:Mac_Metadata
      @Alternate Data Stream - 20 bytes -> C:\.DS_Store:Mac_Metadata
      :Files
      ipconfig /flushdns /c
      ipconfig /renew /c
      :Commands
      [PURITY]
      [EMPTYTEMP]
      [EMPTYFLASH]
      [RESETHOSTS]

      Presioná el Boton Reparar para lanzar la eliminación. Presionas OK.

      OTL va a Reiniciar el ordenador para completar la eliminación.


      Guardas el nuevo reporte generado. Lo copias y pegas en Tu próxima respuesta y nos comentas como sigue el ordenador ahora.





      Saludos

      `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.· No Desesperes.....Seguí Luchando `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.·

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    6. #6
      Usuario Avatar de Timbrok
      Registrado
      sep 2013
      Ubicación
      España
      Mensajes
      12

      Re: Problema banners

      Bueno aqui tienes el log del OTL. En cuanto al rendimiento del ordenador, en cuanto al navegador de google chrome se ha solucionado el problema de los banners y tal por esa parte estoy muy contento pero en cuanto al rendimiento del ordenador en si, lo noto como mas lento de lo normal.. Es un problema q lleva pasando desde hace tiempo desdeluego.. si me pudieses dar algun consejo o si es normal que pase este problema de rendimiento por el tiempo que tiene.. Nose, espero tu respuesta. Muchas gracias y un saludo!




      All processes killed
      ========== OTL ==========
      Service esgiguard stopped successfully!
      Service esgiguard deleted successfully!
      File C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys File not found not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{40F18006-EF25-4F04-884C-EA2043D5DF92}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40F18006-EF25-4F04-884C-EA2043D5DF92}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{40F18006-EF25-4F04-884C-EA2043D5DF92}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40F18006-EF25-4F04-884C-EA2043D5DF92}\ not found.
      C:\Users\Edu\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} folder moved successfully.
      C:\Users\Edu\AppData\Roaming\mozilla\Extensions folder moved successfully.
      C:\Users\Edu\AppData\Roaming\mozilla\Firefox\Profiles\n2pbdf7e.default\extensions\[email protected]76da189c.com\skin folder moved successfully.
      C:\Users\Edu\AppData\Roaming\mozilla\Firefox\Profiles\n2pbdf7e.default\extensions\[email protected]76da189c.com\locale\en-US folder moved successfully.
      C:\Users\Edu\AppData\Roaming\mozilla\Firefox\Profiles\n2pbdf7e.default\extensions\[email protected]76da189c.com\locale folder moved successfully.
      C:\Users\Edu\AppData\Roaming\mozilla\Firefox\Profiles\n2pbdf7e.default\extensions\[email protected]76da189c.com\extensionData\userCode folder moved successfully.
      C:\Users\Edu\AppData\Roaming\mozilla\Firefox\Profiles\n2pbdf7e.default\extensions\[email protected]76da189c.com\extensionData\plugins folder moved successfully.
      C:\Users\Edu\AppData\Roaming\mozilla\Firefox\Profiles\n2pbdf7e.default\extensions\[email protected]76da189c.com\extensionData folder moved successfully.
      C:\Users\Edu\AppData\Roaming\mozilla\Firefox\Profiles\n2pbdf7e.default\extensions\[email protected]76da189c.com\defaults\preferences folder moved successfully.
      C:\Users\Edu\AppData\Roaming\mozilla\Firefox\Profiles\n2pbdf7e.default\extensions\[email protected]76da189c.com\defaults folder moved successfully.
      C:\Users\Edu\AppData\Roaming\mozilla\Firefox\Profiles\n2pbdf7e.default\extensions\[email protected]76da189c.com\chrome\content\core folder moved successfully.
      C:\Users\Edu\AppData\Roaming\mozilla\Firefox\Profiles\n2pbdf7e.default\extensions\[email protected]76da189c.com\chrome\content\api folder moved successfully.
      C:\Users\Edu\AppData\Roaming\mozilla\Firefox\Profiles\n2pbdf7e.default\extensions\[email protected]76da189c.com\chrome\content folder moved successfully.
      C:\Users\Edu\AppData\Roaming\mozilla\Firefox\Profiles\n2pbdf7e.default\extensions\[email protected]76da189c.com\chrome folder moved successfully.
      C:\Users\Edu\AppData\Roaming\mozilla\Firefox\Profiles\n2pbdf7e.default\extensions\[email protected]76da189c.com folder moved successfully.
      C:\Users\Edu\AppData\Roaming\mozilla\Firefox\Profiles\n2pbdf7e.default\extensions folder moved successfully.
      Folder C:\Users\Edu\AppData\Roaming\mozilla\Firefox\Profiles\n2pbdf7e.default\extensions\[email protected]76da189c.com\ not found.
      Folder C:\Users\Edu\AppData\Roaming\mozilla\Firefox\Profiles\n2pbdf7e.default\extensions\[email protected]76da189c.com\extensionData\ not found.
      Folder C:\Users\Edu\AppData\Roaming\mozilla\Firefox\Profiles\n2pbdf7e.default\extensions\[email protected]76da189c.com\extensionData\plugins\ not found.
      Folder C:\Users\Edu\AppData\Roaming\mozilla\Firefox\Profiles\n2pbdf7e.default\extensions\[email protected]76da189c.com\extensionData\userCode\ not found.
      C:\Program Files (x86)\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
      C:\Program Files (x86)\mozilla firefox\extensions folder moved successfully.
      <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> removed from HOSTS file successfully
      <html lang='en'> removed from HOSTS file successfully
      <head> removed from HOSTS file successfully
      <meta name="description" content="Yahoo! GeoCities offers you a free web site and all the tools you need to build a dynamic site. Features include easy-to-use site building tools, online help, web site statistics, secure and reliable hosting, and an intuitive control panel."> removed from HOSTS file successfully
      <title>Yahoo! GeoCities: Get a web site with easy-to-use site building tools.</title> removed from HOSTS file successfully
      <link rel="stylesheet" type="text/css" media="all" href="http://l.yimg.com/a/combo?yui/2.5.2/build/reset-fonts-grids/reset-fonts-grids.css&smbiz/css/headfoot_6.css&smbiz/css/ysbs_glossary_1.css"> removed from HOSTS file successfully
      <link rel="stylesheet" type="text/css" media="all" href="http://l.yimg.com/a/lib/smbiz/css/geocities_84954.css"> removed from HOSTS file successfully
      <style> removed from HOSTS file successfully
      h1 { line-height:30px;height:30px; padding-left:15px; font-weight:bold;font-size:1.6em;color:#1f296a;} removed from HOSTS file successfully
      .services li { margin-left:1.0em; padding-left:0.5em; background:url("http://l.yimg.com/a/lib/smbiz/i/geo_bullet_3x3_1.gif") no-repeat 0 0.5em; margin-bottom:0.5em;margin-left:1.5em;margin-right:0.5em;width:6em} removed from HOSTS file successfully
      .services li {float:left; width:17em; font-size:116%;margin-top:0.8em} removed from HOSTS file successfully
      .learnmore a {color:#2882DE;font-size:16px} removed from HOSTS file successfully
      .image_web {float:right; margin:15px 0 0 15px} removed from HOSTS file successfully
      p {margin:20px;font-size:1em;} removed from HOSTS file successfully
      h2 {margin:20px 0 0 20px;color:#1F296;font-weight:bold;font-size:1.25em;color:#1f296a;} removed from HOSTS file successfully
      h3 {margin:20px;color:#1F296;font-weight:bold;font-size:1.15em;color:#1f296a;} removed from HOSTS file successfully
      li.rule {border-top:solid 1px #DBE1E6;} removed from HOSTS file successfully
      </style> removed from HOSTS file successfully
      </head> removed from HOSTS file successfully
      <body> removed from HOSTS file successfully
      <!-- following code added by server. PLEASE REMOVE --> removed from HOSTS file successfully
      <!-- preceding code added by server. PLEASE REMOVE --> removed from HOSTS file successfully
      <div class="ez-mw" style ="height:900px;width:905px"> removed from HOSTS file successfully
      <div class="ez-wri ez-oh" style="width:900px"> removed from HOSTS file successfully
      64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
      Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\KPeerNexonEU deleted successfully.
      C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe moved successfully.
      Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Overwolf deleted successfully.
      C:\Program Files (x86)\Overwolf\Overwolf.exe moved successfully.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ deleted successfully.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ deleted successfully.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ deleted successfully.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ deleted successfully.
      HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{0216BF3B-DDEA-4D21-AB0C-F4C692EC446A}\\DhcpNameServer| /E : value set successfully!
      HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{24A99D0F-4408-4201-BE64-193688848714}\\DhcpNameServer| /E : value set successfully!
      HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{385EE612-6A32-4079-B091-E3342794B676}\\DhcpNameServer| /E : value set successfully!
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
      File Protocol\Handler\grooveLocalGWS - No CLSID value found not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
      File Protocol\Handler\ms-help - No CLSID value found not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
      File Protocol\Handler\skype4com - No CLSID value found not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
      File Protocol\Handler\wlpg - No CLSID value found not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ deleted successfully.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ not found.
      64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9251b670-5e2d-11e2-a001-78ca39c41a39}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9251b670-5e2d-11e2-a001-78ca39c41a39}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9251b670-5e2d-11e2-a001-78ca39c41a39}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9251b670-5e2d-11e2-a001-78ca39c41a39}\ not found.
      File E:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A11B02 PID_0083 not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{afc7a4ee-19d3-11e1-a4ea-806e6f6e6963}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afc7a4ee-19d3-11e1-a4ea-806e6f6e6963}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{afc7a4ee-19d3-11e1-a4ea-806e6f6e6963}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afc7a4ee-19d3-11e1-a4ea-806e6f6e6963}\ not found.
      File D:\Autorun.exe not found.
      ADS C:\.Trashes:AFP_AfpInfo deleted successfully.
      ADS C:\ProgramData\TEMP:49E9A6FB deleted successfully.
      ADS C:\.Trashes:Mac_Metadata deleted successfully.
      ADS C:\.DS_Store:Mac_Metadata deleted successfully.
      ========== FILES ==========
      < ipconfig /flushdns /c >
      Configuraci¢n IP de Windows
      Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
      C:\Users\Edu\Downloads\cmd.bat deleted successfully.
      C:\Users\Edu\Downloads\cmd.txt deleted successfully.
      < ipconfig /renew /c >
      Configuraci¢n IP de Windows
      No se puede realizar ninguna operaci¢n en Conexi¢n de red inal*mbrica 2 mientras los medios
      est‚n desconectados.
      No se puede realizar ninguna operaci¢n en Conexi¢n de red Bluetooth mientras los medios
      est‚n desconectados.
      No se puede realizar ninguna operaci¢n en Conexi¢n de *rea local mientras los medios
      est‚n desconectados.
      Adaptador de LAN inal*mbrica Conexi¢n de red inal*mbrica 2:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de Ethernet Conexi¢n de red Bluetooth:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de LAN inal*mbrica Conexi¢n de red inal*mbrica:
      Sufijo DNS espec¡fico para la conexi¢n. . : lan_dn
      V¡nculo: direcci¢n IPv6 local. . . : fe80::3ddd:6b99:d702:8d0d%11
      Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.38
      M*scara de subred . . . . . . . . . . . . : 255.255.255.0
      Puerta de enlace predeterminada . . . . . : 192.168.1.1
      Adaptador de Ethernet Conexi¢n de *rea local:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de t£nel isatap.{385EE612-6A32-4079-B091-E3342794B676}:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de t£nel Conexi¢n de *rea local* 12:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Adaptador de t£nel Conexi¢n de *rea local* 15:
      Sufijo DNS espec¡fico para la conexi¢n. . :
      Direcci¢n IPv6 . . . . . . . . . . : 2001:0:5ef5:79fd:307e:24f7:3f57:fed9
      V¡nculo: direcci¢n IPv6 local. . . : fe80::307e:24f7:3f57:fed9%24
      Puerta de enlace predeterminada . . . . . : ::
      Adaptador de t£nel isatap.lan_dn:
      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . : lan_dn
      C:\Users\Edu\Downloads\cmd.bat deleted successfully.
      C:\Users\Edu\Downloads\cmd.txt deleted successfully.
      ========== COMMANDS ==========

      [EMPTYTEMP]

      User: All Users

      User: Default
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 33170 bytes
      ->Flash cache emptied: 58264 bytes

      User: Default User
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes
      ->Flash cache emptied: 0 bytes

      User: Edu
      ->Temp folder emptied: 51552331 bytes
      ->Temporary Internet Files folder emptied: 133 bytes
      ->Java cache emptied: 3062058 bytes
      ->FireFox cache emptied: 4601709 bytes
      ->Apple Safari cache emptied: 0 bytes
      ->Flash cache emptied: 58931 bytes

      User: Public

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 1525333 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 1338218 bytes
      %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 112970 bytes
      RecycleBin emptied: 0 bytes

      Total Files Cleaned = 59,00 mb


      [EMPTYFLASH]

      User: All Users

      User: Default
      ->Flash cache emptied: 0 bytes

      User: Default User
      ->Flash cache emptied: 0 bytes

      User: Edu
      ->Flash cache emptied: 0 bytes

      User: Public

      Total Flash Files Cleaned = 0,00 mb

      C:\Windows\System32\drivers\etc\Hosts moved successfully.
      HOSTS file reset successfully

      OTL by OldTimer - Version 3.2.69.0 log created on 10022013_132436

      Files\Folders moved on Reboot...
      C:\Users\Edu\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
      C:\Users\Edu\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

      PendingFileRenameOperations files...

      Registry entries deleted on Reboot...

    7. #7
      Moderador Gral.
      Avatar de Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      53.093

      Re: Problema banners

      Hola de Nuevo


      Ejecutá nuevamente OTL.exe y presionas el Boton Limpiar.


      Esto Eliminará de Tu sistema a OTL.exe y sus archivos creados y eliminados.


      Te pedirá reiniciar el ordenador. Presionas SI, y después de reiniciar, comprobas en Funcionamiento y nos comentas como sigue.




      Saludos

      `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.· No Desesperes.....Seguí Luchando `·.¸¸.·´´¯`··._.· ·.¸¸.·´´¯`··._.·

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.