And the Computer have been infected with spam ads which i blocked, but there are other problems like strange yen signs instead of / in program pc routes and being unable to install programs. Every time I start the pc the alarm is shown.
Please give me a hand to stop this infection.
This is all the info that is received after using OTL.
1. OTL.txt
OTL logfile created on: 23-03-2013 17:20:16 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Alvaro\Desktop
Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000340a | Country: Chile | Language: ESL | Date Format: dd-MM-yyyy
2,00 Gb Total Physical Memory | 0,88 Gb Available Physical Memory | 44,10% Memory free
4,00 Gb Paging File | 2,15 Gb Available in Paging File | 53,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 450,42 Gb Total Space | 231,24 Gb Free Space | 51,34% Space Free | Partition Type: NTFS
Drive D: | 15,34 Gb Total Space | 7,60 Gb Free Space | 49,51% Space Free | Partition Type: NTFS
Computer Name: ALVARO-PC | User Name: Alvaro | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013-03-23 17:11:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Álvaro\Desktop\OTL.exe
PRC - [2013-03-06 08:36:54 | 002,731,296 | ---- | M] (Conduit) -- C:\Users\Álvaro\AppData\Roaming\SearchProtect\bin\cltmng.exe
PRC - [2013-03-01 23:11:12 | 000,200,952 | ---- | M] (http://www.express-files.com/) -- C:\Program Files\ExpressFiles\EFUpdater.exe
PRC - [2013-02-27 15:38:44 | 001,259,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2013-02-23 19:16:58 | 001,297,728 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2013-02-23 16:54:28 | 000,805,752 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe
PRC - [2013-02-20 08:38:08 | 000,093,984 | ---- | M] (Conduit) -- C:\Program Files\SearchProtect\bin\CltMngSvc.exe
PRC - [2013-02-18 22:54:47 | 001,151,152 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2013-02-18 22:54:47 | 000,968,880 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
PRC - [2013-01-29 17:45:20 | 000,064,576 | ---- | M] (Raptr, Inc) -- C:\Program Files\Raptr\raptr.exe
PRC - [2013-01-29 17:45:20 | 000,046,144 | ---- | M] (Raptr, Inc) -- C:\Program Files\Raptr\raptr_im.exe
PRC - [2012-12-10 16:29:46 | 002,254,768 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2012-12-10 16:29:44 | 001,435,568 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2012-11-19 16:25:32 | 002,598,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2012-11-08 02:51:06 | 000,768,632 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2012-11-02 02:51:18 | 005,174,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgidsagent.exe
PRC - [2012-10-31 02:36:08 | 000,522,752 | ---- | M] (LOL Replay) -- C:\Program Files\LOLReplay\LOLRecorder.exe
PRC - [2012-09-08 21:29:11 | 000,143,360 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\UAService7.exe
PRC - [2012-03-19 07:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012-03-19 05:18:12 | 000,979,840 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2012-02-21 14:05:22 | 000,632,664 | ---- | M] (IObit) -- C:\Program Files\IObit\Game Booster 3\gbtray.exe
PRC - [2012-02-14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2012-02-14 04:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011-10-27 05:27:06 | 000,192,816 | ---- | M] (Blabbers Communications LTD) -- C:\Program Files\BrowserCompanion\BCHelper.exe
PRC - [2011-10-01 07:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011-10-01 07:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011-02-25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010-11-22 16:35:48 | 000,645,952 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
PRC - [2010-11-22 16:33:54 | 001,483,072 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
PRC - [2010-11-20 08:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009-04-23 09:51:38 | 000,691,656 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\daemon.exe
========== Modules (No Company Name) ==========
MOD - [2013-02-18 22:54:47 | 001,151,152 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2013-02-18 22:54:47 | 000,156,848 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\SiteSafety.dll
MOD - [2012-10-31 02:35:36 | 000,311,808 | ---- | M] () -- C:\Program Files\LOLReplay\LOLUtils.dll
MOD - [2012-10-27 03:53:18 | 002,717,595 | ---- | M] () -- C:\Program Files\Raptr\heliotrope._purple.pyd
MOD - [2012-09-01 07:40:36 | 000,411,648 | ---- | M] () -- C:\Program Files\LOLReplay\Compression.dll
MOD - [2012-07-06 20:54:16 | 001,707,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\ed560b26f2f86b3f07b7f6d384f92275\System.ServiceModel.Web.ni.dll
MOD - [2012-07-06 20:53:15 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll
MOD - [2012-07-06 20:53:11 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll
MOD - [2012-07-06 20:52:50 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\72a24b45e11d64eb2bc840aae9419ba5\System.Runtime.Serialization.ni.dll
MOD - [2012-07-06 20:52:48 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\9e7bf69d97febe4ed1a288c787e5d9ca\SMDiagnostics.ni.dll
MOD - [2012-07-06 20:52:47 | 017,478,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\107779ca2708d2b31b2e1560e47f6d15\System.ServiceModel.ni.dll
MOD - [2012-07-06 18:51:21 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll
MOD - [2012-07-06 18:50:00 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll
MOD - [2012-07-06 18:49:37 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012-07-06 18:49:26 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012-07-06 18:49:22 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll
MOD - [2012-07-06 18:49:02 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012-07-06 18:48:51 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012-07-06 18:48:43 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012-07-06 18:48:41 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012-07-06 18:48:27 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012-06-22 17:59:52 | 000,313,856 | ---- | M] () -- C:\Program Files\Raptr\PyQt4.QtWebKit.pyd
MOD - [2012-06-22 17:55:58 | 000,494,592 | ---- | M] () -- C:\Program Files\Raptr\PyQt4.QtNetwork.pyd
MOD - [2012-06-22 17:53:22 | 005,812,736 | ---- | M] () -- C:\Program Files\Raptr\PyQt4.QtGui.pyd
MOD - [2012-06-22 17:39:06 | 001,662,464 | ---- | M] () -- C:\Program Files\Raptr\PyQt4.QtCore.pyd
MOD - [2012-06-22 17:24:28 | 000,067,584 | ---- | M] () -- C:\Program Files\Raptr\sip.pyd
MOD - [2012-02-06 16:28:48 | 000,011,264 | ---- | M] () -- C:\Program Files\Raptr\Crypto.Util._counter.pyd
MOD - [2012-02-06 16:28:42 | 000,031,744 | ---- | M] () -- C:\Program Files\Raptr\Crypto.Cipher.AES.pyd
MOD - [2012-02-06 16:28:34 | 000,010,752 | ---- | M] () -- C:\Program Files\Raptr\Crypto.Random.OSRNG.winrandom.pyd
MOD - [2011-12-15 15:16:32 | 000,516,440 | ---- | M] () -- C:\Program Files\IObit\Game Booster 3\sqlite3.dll
MOD - [2011-09-08 19:47:40 | 001,183,699 | ---- | M] () -- C:\Program Files\Raptr\liboscar.dll
MOD - [2011-09-08 19:47:36 | 001,640,221 | ---- | M] () -- C:\Program Files\Raptr\libjabber.dll
MOD - [2011-09-08 19:47:32 | 001,052,194 | ---- | M] () -- C:\Program Files\Raptr\libymsg.dll
MOD - [2011-09-08 19:47:22 | 000,495,680 | ---- | M] () -- C:\Program Files\Raptr\plugins\libaim.dll
MOD - [2011-09-08 19:47:22 | 000,483,306 | ---- | M] () -- C:\Program Files\Raptr\plugins\libicq.dll
MOD - [2011-09-08 19:47:16 | 000,655,356 | ---- | M] () -- C:\Program Files\Raptr\plugins\libirc.dll
MOD - [2011-09-08 19:47:16 | 000,603,326 | ---- | M] () -- C:\Program Files\Raptr\plugins\ssl-nss.dll
MOD - [2011-09-08 19:47:14 | 000,497,782 | ---- | M] () -- C:\Program Files\Raptr\plugins\libyahoojp.dll
MOD - [2011-09-08 19:47:14 | 000,474,199 | ---- | M] () -- C:\Program Files\Raptr\plugins\ssl.dll
MOD - [2011-09-08 19:47:10 | 001,306,387 | ---- | M] () -- C:\Program Files\Raptr\plugins\libmsn.dll
MOD - [2011-09-08 19:47:04 | 000,565,461 | ---- | M] () -- C:\Program Files\Raptr\plugins\libxmpp.dll
MOD - [2011-09-08 19:46:56 | 000,506,276 | ---- | M] () -- C:\Program Files\Raptr\plugins\libyahoo.dll
MOD - [2011-08-07 07:54:44 | 000,362,029 | ---- | M] () -- C:\Program Files\BrowserCompanion\sqlite3.dll
MOD - [2011-05-10 15:01:42 | 000,030,208 | ---- | M] () -- C:\Program Files\Raptr\simplejson._speedups.pyd
MOD - [2011-02-15 14:17:28 | 001,213,633 | ---- | M] () -- C:\Program Files\Raptr\libxml2-2.dll
MOD - [2011-02-15 14:17:28 | 000,417,501 | ---- | M] () -- C:\Program Files\Raptr\sqlite3.dll
MOD - [2010-11-22 19:06:22 | 000,055,808 | ---- | M] () -- C:\Program Files\Raptr\zlib1.dll
MOD - [2010-11-22 18:57:34 | 000,167,936 | ---- | M] () -- C:\Program Files\Raptr\win32gui.pyd
MOD - [2010-11-22 18:57:34 | 000,111,104 | ---- | M] () -- C:\Program Files\Raptr\win32file.pyd
MOD - [2010-11-22 18:57:34 | 000,096,256 | ---- | M] () -- C:\Program Files\Raptr\win32api.pyd
MOD - [2010-11-22 18:57:34 | 000,036,352 | ---- | M] () -- C:\Program Files\Raptr\win32process.pyd
MOD - [2010-11-22 18:57:18 | 000,141,312 | ---- | M] () -- C:\Program Files\Raptr\gobject._gobject.pyd
MOD - [2010-11-22 18:56:56 | 000,110,592 | ---- | M] () -- C:\Program Files\Raptr\pywintypes26.dll
MOD - [2010-11-22 18:56:26 | 000,324,608 | ---- | M] () -- C:\Program Files\Raptr\PIL._imaging.pyd
MOD - [2010-11-22 18:56:02 | 000,805,376 | ---- | M] () -- C:\Program Files\Raptr\_ssl.pyd
MOD - [2010-11-22 18:56:02 | 000,583,680 | ---- | M] () -- C:\Program Files\Raptr\unicodedata.pyd
MOD - [2010-11-22 18:56:02 | 000,356,864 | ---- | M] () -- C:\Program Files\Raptr\_hashlib.pyd
MOD - [2010-11-22 18:56:02 | 000,127,488 | ---- | M] () -- C:\Program Files\Raptr\pyexpat.pyd
MOD - [2010-11-22 18:56:02 | 000,124,928 | ---- | M] () -- C:\Program Files\Raptr\_elementtree.pyd
MOD - [2010-11-22 18:56:02 | 000,087,040 | ---- | M] () -- C:\Program Files\Raptr\_ctypes.pyd
MOD - [2010-11-22 18:56:02 | 000,044,544 | ---- | M] () -- C:\Program Files\Raptr\_sqlite3.pyd
MOD - [2010-11-22 18:56:02 | 000,043,008 | ---- | M] () -- C:\Program Files\Raptr\_socket.pyd
MOD - [2010-11-22 18:56:02 | 000,009,216 | ---- | M] () -- C:\Program Files\Raptr\winsound.pyd
MOD - [2010-11-12 19:35:21 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_es_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010-11-04 21:59:43 | 000,208,896 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_es_b77a5c561934e089\System.resources.dll
MOD - [2009-07-14 04:48:06 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_es_b77a5c561934e089\System.Runtime.Serialization.resources.dll
========== Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe -- (Browser Manager)
SRV - [2013-03-12 23:28:04 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-02-23 16:54:28 | 000,805,752 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2013-02-20 08:38:08 | 000,093,984 | ---- | M] (Conduit) [Auto | Running] -- C:\Program Files\SearchProtect\bin\CltMngSvc.exe -- (CltMngSvc)
SRV - [2013-02-18 22:54:47 | 000,968,880 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe -- (vToolbarUpdater14.2.0)
SRV - [2013-01-08 11:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-12-10 16:29:44 | 001,435,568 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012-11-02 02:51:18 | 005,174,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012-10-02 20:19:04 | 000,743,320 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2012-09-08 21:29:11 | 000,143,360 | ---- | M] (Sony DADC Austria AG.) [Auto | Running] -- C:\Windows\System32\UAService7.exe -- (UserAccess7)
SRV - [2012-03-19 07:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012-02-14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011-11-28 17:52:00 | 004,579,400 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2011-10-01 07:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011-10-01 07:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010-11-22 16:33:54 | 001,483,072 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010-11-22 16:31:52 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2009-07-13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (aktzdv8d)
DRV - [2013-02-18 22:54:47 | 000,033,112 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2012-12-10 02:28:36 | 000,142,176 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2012-11-08 02:49:26 | 000,250,080 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012-08-24 15:43:18 | 000,301,920 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012-06-15 15:38:31 | 000,007,936 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\EliteKingdoms\Cabal\Cabal Reloaded\Byakko.K32 -- (ByakkoDriver)
DRV - [2012-04-19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012-01-31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2012-01-13 14:39:09 | 000,010,872 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\apf001.sys -- (apf001)
DRV - [2011-12-23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011-12-23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011-12-23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011-11-23 18:01:14 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2011-10-01 07:30:42 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV - [2011-10-01 07:30:40 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV - [2011-10-01 07:30:38 | 000,194,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV - [2011-10-01 07:30:36 | 000,579,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV - [2010-11-20 06:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010-11-20 06:24:40 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010-11-20 05:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010-10-07 11:34:32 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2010-01-26 22:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (npf)
DRV - [2009-12-10 09:36:54 | 000,214,696 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1k6232.sys -- (e1kexpress)
DRV - [2009-09-16 07:02:40 | 000,027,136 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901t.sys -- (tap0901t)
DRV - [2009-03-18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009-02-24 17:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\URLSearchHook: {88ac3cb6-596b-4217-964c-b6757ef9602d} - C:\Program Files\express-files\prxtbexpr.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://www.bing.com/...q={searchTerms}
IE - HKLM\..\SearchScopes\{58725EE5-A6B6-40E1-8676-2FC700A46761}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...39-5423CF03080B
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://cl.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es-CL
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DF D9 A0 7A 1D E7 CD 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.bing.com/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/...q={searchTerms}
IE - HKCU\..\URLSearchHook: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\7.0\iobitToolbarIE.dll (Spigot, Inc.)
IE - HKCU\..\URLSearchHook: {88ac3cb6-596b-4217-964c-b6757ef9602d} - C:\Program Files\express-files\prxtbexpr.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKCU\..\SearchScopes,DefaultScope = {4327FABE-3C22-4689-8DBF-D226CF777FE9}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://www.bing.com/...q={searchTerms}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...000d0278814c719
IE - HKCU\..\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}: "URL" = http://plusnetwork.c...q={searchTerms}
IE - HKCU\..\SearchScopes\{6BC1F8AF-B67A-4553-A51E-98668DB494CB}: "URL" = http://cl.search.yah...p={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...fr&d=2012-06-19 17:35:34&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@raidcall.en/RCplugin: C:\Users\Alvaro\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\vitzo.com/VDownloader: C:\Program Files\VDownloader\Addons\npVDownloader.dll (Vitzo)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\VDownloader\Addons\FireFox [2012-03-13 23:10:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2013-03-06 08:58:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\14.2.0.1 [2013-02-18 22:55:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension
[2012-11-10 17:03:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-09-03 15:36:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012-10-23 00:40:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2012-01-18 18:01:46 | 001,826,704 | ---- | M] (Caminova, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdjvu.dll
[2012-11-08 19:28:12 | 000,003,575 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012-09-21 18:39:35 | 000,002,362 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
========== Chrome ==========
CHR - default_search_provider: Conduit (Enabled)
CHR - default_search_provider: search_url = http://search.condui...&ctid=CT3176921
CHR - default_search_provider: suggest_url =
CHR - homepage: http://search.condui...SearchSource=48
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\pdf.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\\u00C1lvaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java Platform SE 7 U9 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Panda ActiveScan 2.0 (Enabled) = C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: VDownloader (Enabled) = C:\Program Files\VDownloader\Addons\npVDownloader.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Zylom Plugin (Enabled) = C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
CHR - plugin: QUAKE LIVE (Enabled) = C:\ProgramData\id Software\QuakeLive\npquakezero.dll
CHR - plugin: Raidcall plugin (Enabled) = C:\Users\Alvaro\AppData\Roaming\raidcall\plugins\nprcplugin.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Google Drive = C:\Users\Álvaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Álvaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: B\u00FAsqueda de Google = C:\Users\Álvaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: GoPhoto.it = C:\Users\Álvaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk\1.5_0\
CHR - Extension: Gmail = C:\Users\Álvaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009-06-10 17:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Browser Companion Helper) - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files\BrowserCompanion\jsloader.dll ( )
O2 - BHO: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\7.0\iobitToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (TBSB01620 Class) - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files\IMinent Toolbar\tbcore3.dll ()
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (express-files Toolbar) - {88ac3cb6-596b-4217-964c-b6757ef9602d} - C:\Program Files\express-files\prxtbexpr.dll (Conduit Ltd.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Browser Companion Helper Verifier) - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files\BrowserCompanion\updatebhoWin32.dll ( )
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SimpleAdblock Class) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Common Files\Simple Adblock\SimpleAdblock.dll (Simple Adblock)
O3 - HKLM\..\Toolbar: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\7.0\iobitToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (express-files Toolbar) - {88ac3cb6-596b-4217-964c-b6757ef9602d} - C:\Program Files\express-files\prxtbexpr.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files\IMinent Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Browser companion helper] C:\Program Files\BrowserCompanion\BCHelper.exe (Blabbers Communications LTD)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SearchProtectAll] C:\Program Files\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Raptr] C:\Program Files\Raptr\raptrstub.exe (Raptr, Inc)
O4 - HKCU..\Run: [SearchProtect] C:\Users\Álvaro\AppData\Roaming\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKLM..\RunOnce: [Launcher] C:\Program Files\SMINST\Launcher.exe (SofThinks SAS)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8 - Extra context menu item: &Enviar a OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xportar a Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: quakelive.com ([www] http in Sitios de confianza)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.13.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BA30CA42-84D0-448E-ADCF-62744F2C00FC}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C3C851B3-317A-4555-8DE4-ACE375FA0A64}: DhcpNameServer = 7.254.254.254
O18 - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll ()
O20 - AppInit_DLLs: (c:\progra~2\browse~1\23796~1.11\{16cdf~1\browse~1.dll) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2004-05-01 10:01:00 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{151f4091-f959-11e1-a5d9-d0278814c719}\Shell - "" = AutoRun
O33 - MountPoints2\{151f4091-f959-11e1-a5d9-d0278814c719}\Shell\AutoRun\command - "" = J:\Autorun_By_VictorVal.exe
O33 - MountPoints2\{aac6152e-149b-11e1-b67d-d0278814c719}\Shell - "" = AutoRun
O33 - MountPoints2\{aac6152e-149b-11e1-b67d-d0278814c719}\Shell\AutoRun\command - "" = H:\setup.exe
O33 - MountPoints2\{c3931935-161f-11e1-bb39-d0278814c719}\Shell - "" = AutoRun
O33 - MountPoints2\{c3931935-161f-11e1-bb39-d0278814c719}\Shell\AutoRun\command - "" = I:\FF7_v1.0.5.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013-03-23 17:11:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Álvaro\Desktop\OTL.exe
[2013-03-23 16:59:38 | 005,574,792 | ---- | C] (Lavasoft Limited) -- C:\Users\Álvaro\Desktop\Adaware_Installer.exe
[2013-03-10 09:12:49 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2013-03-10 09:12:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Spigot
[2013-03-10 09:12:46 | 000,000,000 | ---D | C] -- C:\Program Files\IObit Toolbar
[2013-03-06 09:32:22 | 000,000,000 | ---D | C] -- C:\Users\Álvaro\AppData\Roaming\WinRAR
[2013-03-06 09:32:22 | 000,000,000 | ---D | C] -- C:\Users\Álvaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013-03-06 09:32:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013-03-06 08:58:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013-03-05 22:53:12 | 000,000,000 | ---D | C] -- C:\Users\Álvaro\Desktop\Musica mp3
[2013-03-04 17:48:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2013-03-04 17:48:56 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2013-03-02 00:05:29 | 000,000,000 | ---D | C] -- C:\Users\Álvaro\Desktop\rise up
[2013-03-01 23:12:30 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2013-03-01 23:12:28 | 000,000,000 | ---D | C] -- C:\Users\Álvaro\AppData\Local\Conduit
[2013-03-01 23:12:27 | 000,000,000 | ---D | C] -- C:\Program Files\express-files
[2013-03-01 23:12:09 | 000,000,000 | ---D | C] -- C:\Program Files\SearchProtect
[2013-03-01 23:11:54 | 000,000,000 | ---D | C] -- C:\Users\Álvaro\AppData\Roaming\SearchProtect
[2013-03-01 23:11:51 | 000,000,000 | ---D | C] -- C:\Users\Álvaro\AppData\Local\CRE
[2013-03-01 23:11:12 | 000,000,000 | ---D | C] -- C:\Program Files\ExpressFiles
[2013-03-01 00:06:53 | 000,000,000 | ---D | C] -- C:\Users\Álvaro\Desktop\FFVIII
[2013-02-28 23:47:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013-02-28 23:44:37 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2013-02-28 23:44:20 | 000,000,000 | ---D | C] -- C:\Windows\SHELLNEW
[2013-02-28 23:43:15 | 000,000,000 | ---D | C] -- C:\Users\Álvaro\AppData\Local\Microsoft Help
[2013-02-28 23:42:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013-02-26 14:20:17 | 000,780,288 | ---- | C] (Chapley) -- C:\Users\Álvaro\Desktop\TerrariForm.exe
[2012-10-04 21:26:01 | 001,654,869 | ---- | C] (Dynu Systems Inc.) -- C:\ProgramData\DynuEncrypt.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013-03-23 17:24:01 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013-03-23 17:18:01 | 000,001,024 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-03-23 17:11:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Álvaro\Desktop\OTL.exe
[2013-03-23 16:59:51 | 005,574,792 | ---- | M] (Lavasoft Limited) -- C:\Users\Álvaro\Desktop\Adaware_Installer.exe
[2013-03-23 11:56:51 | 000,010,000 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-03-23 11:56:51 | 000,010,000 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-03-23 11:54:14 | 002,880,712 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
[2013-03-23 11:54:14 | 002,803,266 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013-03-23 11:54:14 | 002,225,182 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
[2013-03-23 11:54:14 | 002,194,508 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013-03-23 11:51:13 | 000,001,020 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-03-23 11:49:39 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2013-03-23 11:49:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-03-23 11:49:29 | 1610,612,736 | -HS- | M] () -- C:\hiberfil.sys
[2013-03-23 11:11:40 | 114,253,813 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2013-03-16 22:05:27 | 000,000,000 | -H-- | M] () -- C:\Users\Álvaro\Documents\Default.rdp
[2013-03-14 20:06:28 | 000,032,054 | ---- | M] () -- C:\Users\Álvaro\Desktop\Fire fist support.gif
[2013-03-14 20:02:11 | 000,245,465 | ---- | M] () -- C:\Users\Álvaro\Desktop\deck six sams.gif
[2013-03-14 18:14:39 | 000,264,858 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2013-03-06 21:44:03 | 000,298,884 | ---- | M] () -- C:\Users\Álvaro\Desktop\preview.mp3
[2013-03-04 17:48:59 | 000,001,091 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2013-03-01 23:27:52 | 000,000,009 | ---- | M] () -- C:\END
[2013-03-01 10:15:45 | 000,414,040 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013-02-28 23:34:14 | 000,031,744 | ---- | M] () -- C:\Users\Álvaro\Documents\Rescue3.asd
[2013-02-28 23:33:31 | 000,031,744 | ---- | M] () -- C:\Users\Álvaro\Documents\Rescue2.asd
[2013-02-28 23:32:10 | 000,031,744 | ---- | M] () -- C:\Users\Álvaro\Documents\Rescue1.asd
[2013-02-28 23:32:04 | 000,031,744 | ---- | M] () -- C:\Users\Álvaro\Documents\Rescue.asd
[2013-02-28 23:24:50 | 089,770,216 | ---- | M] () -- C:\Users\Álvaro\Desktop\wor2007.rar
[2013-02-26 14:20:18 | 000,780,288 | ---- | M] (Chapley) -- C:\Users\Álvaro\Desktop\TerrariForm.exe
[2013-02-26 10:00:14 | 000,001,951 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013-03-16 22:05:27 | 000,000,000 | -H-- | C] () -- C:\Users\Álvaro\Documents\Default.rdp
[2013-03-14 20:06:27 | 000,032,054 | ---- | C] () -- C:\Users\Álvaro\Desktop\Fire fist support.gif
[2013-03-14 20:02:08 | 000,245,465 | ---- | C] () -- C:\Users\Álvaro\Desktop\deck six sams.gif
[2013-03-06 21:44:02 | 000,298,884 | ---- | C] () -- C:\Users\Álvaro\Desktop\preview.mp3
[2013-03-04 17:48:59 | 000,001,091 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2013-03-01 23:10:59 | 000,000,009 | ---- | C] () -- C:\END
[2013-02-28 23:34:14 | 000,031,744 | ---- | C] () -- C:\Users\Álvaro\Documents\Rescue3.asd
[2013-02-28 23:33:31 | 000,031,744 | ---- | C] () -- C:\Users\Álvaro\Documents\Rescue2.asd
[2013-02-28 23:32:04 | 000,031,744 | ---- | C] () -- C:\Users\Álvaro\Documents\Rescue1.asd
[2013-02-28 23:32:04 | 000,031,744 | ---- | C] () -- C:\Users\Álvaro\Documents\Rescue.asd
[2013-02-28 23:17:35 | 089,770,216 | ---- | C] () -- C:\Users\Álvaro\Desktop\wor2007.rar
[2013-02-26 10:00:14 | 000,001,951 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012-11-10 13:18:22 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat
[2012-05-27 17:13:24 | 000,000,019 | ---- | C] () -- C:\Windows\popcinfo.dat
[2012-04-22 00:27:28 | 000,000,008 | ---- | C] () -- C:\Users\Álvaro\AppData\Roaming\DofusAppId0_1
[2012-04-21 20:09:03 | 000,000,173 | ---- | C] () -- C:\Users\Álvaro\AppData\Roaming\D2Info0
[2012-04-21 20:09:03 | 000,000,008 | ---- | C] () -- C:\Users\Álvaro\AppData\Roaming\DofusAppId0_2
[2012-03-13 23:10:11 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe
[2012-01-13 14:39:10 | 000,012,920 | ---- | C] () -- C:\Windows\System32\apl001.sys
[2012-01-13 14:39:09 | 000,010,872 | ---- | C] () -- C:\Windows\System32\apf001.sys
[2011-12-03 23:58:46 | 005,631,404 | ---- | C] () -- C:\Users\Álvaro\ts3_recording_11_12_04_0_58_42.wav
[2011-11-27 15:02:57 | 000,088,280 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2011-06-14 10:54:06 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2011-06-13 16:08:42 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011-06-13 11:27:16 | 000,724,992 | ---- | C] () -- C:\Windows\System32\HotlineClient.exe
========== ZeroAccess Check ==========
[2009-07-14 00:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 00:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-13 21:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013-01-15 22:09:24 | 000,000,000 | ---D | M] -- C:\Users\Álvaro\AppData\Roaming\.minecraft
[2012-07-19 15:36:35 | 000,000,000 | ---D | M] -- C:\Users\Álvaro\AppData\Roaming\Ad-Aware Antivirus
[2013-03-20 16:29:01 | 000,000,000 | ---D | M] -- C:\Users\Álvaro\AppData\Roaming\AIMP3
[2012-04-21 20:09:06 | 000,000,000 | ---D | M] -- C:\Users\Álvaro\AppData\Roaming\app
[2012-07-19 16:30:39 | 000,000,000 | ---D | M] -- C:\Users\Álvaro\AppData\Roaming\AVG
[2012-06-19 17:36:22 | 000,000,000 | ---D | M] -- C:\Users\Álvaro\AppData\Roaming\AVG2012
[2012-09-21 18:39:22 | 000,000,000 | ---D | M] -- C:\Users\Álvaro\AppData\Roaming\Babylon
[2012-09-21 18:39:48 | 000,000,000 | ---D | M] -- C:\Users\Álvaro\AppData\Roaming\BabylonToolbar
[2011-11-23 18:11:59 | 000,000,000 | ---D | M] -- C:\Users\Álvaro\AppData\Roaming\DAEMON Tools Lite
[2012-04-21 20:09:03 | 000,000,000 | ---D | M] -- C:\Users\Álvaro\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2012-04-22 00:27:28 | 000,000,000 | ---D | M] -- C:\Users\Álvaro\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2012-04-23 23:38:00 | 000,000,000 | ---D | M] -- C:\Users\Álvaro\AppData\Roaming\Dofus2
[2012-11-27 13:49:38 | 000,000,000 | ---D | M] -- C:\Users\Álvaro\AppData\Roaming\ExpressFiles
[2011-11-26 15:34:37 | 000,000,000 | ---D | M] -- C:\Users\Álvaro\AppData\Roaming\fltk.org
[2012-04-04 17:44:47 | 000,000,000 | ---D | M] -- C:\Users\Álvaro\AppData\Roaming\Iminent
[2011-11-26 16:56:31 | 000,000,000 | ---D | M] -- C:\Users\Álvaro\AppData\Roaming\LolClient
[2012-05-23 19:27:46 | 000,000,000 | ---D | M] -- C:\Users\Álvaro\AppData\Roaming\LolClient2
[2012-02-26 12:29:43 | 000,000,000 | ---D | M] -- C:\Users\Álvaro\AppData\Roaming\OpenCandy
[2012-11-10 21:16:09 | 000,000,000 | ---D | M] -- C:\Users\Álvaro\AppData\Roaming\Opera
[2012-04-21 20:09:06 | 000,000,000 | ---D | M] -- C:\Users\Álvaro\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2011-12-18 21:06:35 | 000,000,000 | ---D | M] -- C:\Users\Álvaro\AppData\Roaming\RGE
[2012-07-19 15:54:10 | 000,000,000 | ---D | M] -- C:\Users\Álvaro\AppData\Roaming\SampleView
[2013-03-01 23:33:28 | 000,000,000 | ---D | M] -- C:\Users\Álvaro\AppData\Roaming\SearchProtect
[2011-11-26 23:51:44 | 000,000,000 | ---D | M] -- C:\Users\Álvaro\AppData\Roaming\ShanghaiAlice
[2012-05-22 22:33:52 | 000,000,000 | ---D | M] -- C:\Users\Álvaro\AppData\Roaming\TeamViewer
[2013-02-28 23:31:12 | 000,000,000 | ---D | M] -- C:\Users\Álvaro\AppData\Roaming\Thinstall
[2013-02-28 23:36:51 | 000,000,000 | ---D | M] -- C:\Users\Álvaro\AppData\Roaming\TP
[2013-03-13 00:03:31 | 000,000,000 | ---D | M] -- C:\Users\Álvaro\AppData\Roaming\TS3Client
[2011-11-21 20:38:33 | 000,000,000 | ---D | M] -- C:\Users\Álvaro\AppData\Roaming\TuneUp Software
[2013-03-14 23:06:20 | 000,000,000 | ---D | M] -- C:\Users\Álvaro\AppData\Roaming\uTorrent
[2012-03-14 19:56:07 | 000,000,000 | ---D | M] -- C:\Users\Álvaro\AppData\Roaming\VDownloader
========== Purity Check ==========
========== Files - Unicode (All) ==========
[2012-01-08 23:33:46 | 000,000,000 | ---D | M](C:\Program Files\???c?×?\?≫?O?A?A?£) -- C:\Program Files\‚ ‚©‚ׂ¥‚»‚ӂƂ‚£
[2012-01-08 23:33:46 | 000,000,000 | ---D | M](C:\Program Files\???c?×?\?≫?O?A?A?£) -- C:\Program Files\‚ ‚©‚ׂ¥‚»‚ӂƂ‚£
(C:\ProgramData\Microsoft\Windows\Start Menu\Programs\???c?×?\?≫?O?A?A?£) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\‚ ‚©‚ׂ¥‚»‚ӂƂ‚£
(C:\Program Files\???c?×?\?≫?O?A?A?£) -- C:\Program Files\‚ ‚©‚ׂ¥‚»‚ӂƂ‚£
========== Alternate Data Streams ==========
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:05EE1EEF
< End of report >
2. OTL Extras
OTL Extras logfile created on: 23-03-2013 17:20:16 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Alvaro\Desktop
Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000340a | Country: Chile | Language: ESL | Date Format: dd-MM-yyyy
2,00 Gb Total Physical Memory | 0,88 Gb Available Physical Memory | 44,10% Memory free
4,00 Gb Paging File | 2,15 Gb Available in Paging File | 53,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 450,42 Gb Total Space | 231,24 Gb Free Space | 51,34% Space Free | Partition Type: NTFS
Drive D: | 15,34 Gb Total Space | 7,60 Gb Free Space | 49,51% Space Free | Partition Type: NTFS
Computer Name: ALVARO-PC | User Name: Alvaro | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{EC691BEF-9978-4F11-A13E-4FB609BF02D1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{F9823B14-BC59-4414-BC95-73E21EB2E096}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{FC5B6746-A5D7-40F7-8995-A67419A31471}" = lport=2869 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{069E270C-C906-4E23-9E2B-54F4C49BDFCE}" = protocol=6 | dir=in | app=f:\touhous xd\nueva carpeta (3)\launcher.exe |
"{06D54277-807F-44CB-AD24-9A998888F7AD}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{082887D6-D27F-4DE5-A648-969F03155016}" = protocol=17 | dir=in | app=c:\program files\sierra\fear\fearmp.exe |
"{08B78447-584F-4999-8546-47F39261F666}" = protocol=17 | dir=in | app=c:\program files\expressfiles\expressdl.exe |
"{09CFC09D-760D-453D-80B7-FE271FF62865}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{11A30E88-79CD-46D0-8959-9438F1477F57}" = protocol=6 | dir=in | app=c:\program files\raptr\raptr_im.exe |
"{17A5A8E6-0F9F-4CEB-8C4D-EC74A2B6794F}" = protocol=6 | dir=in | app=c:\program files\tunngle\tnglctrl.exe |
"{182A21DA-AB24-46B1-8603-C502F4F1EC86}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{1991B934-5E1A-47F3-9FA0-77D2937B467D}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{1C730EC4-1A91-42A0-8D2F-02A589EB3297}" = protocol=6 | dir=in | app=c:\program files\tunngle\tunngle.exe |
"{1EF6EDCF-2AA9-4D71-8DFA-A911B5A4A117}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{20B253CF-343F-4555-926A-A3342AAD4E6D}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{222E32D8-BAD9-41CA-983C-EC4EFBA8A982}" = protocol=17 | dir=in | app=c:\program files\sierra\fear\fear.exe |
"{2325F77B-70D0-47DD-B6C9-305FBA44605D}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{33D1F4C2-915D-4780-B6BF-2CA78E2DC81B}" = protocol=6 | dir=in | app=f:\-.-\world of warcraft\launcher.patch.exe |
"{4086FF3E-3784-4AD9-8B6E-BB501E1D7710}" = protocol=6 | dir=in | app=c:\program files\expressfiles\expressfiles.exe |
"{459FA5A6-B907-4CB0-9209-D0F33A93E8EA}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{47C71FBA-21C1-499C-A782-5A209F7F80CD}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{4A74B073-AEEE-42F3-A75C-DEFC02380E5D}" = protocol=17 | dir=in | app=f:\-.-\world of warcraft\launcher.patch.exe |
"{4BF8DE6D-7E98-46A6-98A3-F0599112EEAB}" = protocol=6 | dir=in | app=f:\touhous xd\nueva carpeta (3)\_launcher.exe |
"{4CC845CC-45FA-460C-934E-0C795061DA66}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{4D2F7F04-72D3-4FDF-8C52-E06EC243C4EA}" = protocol=17 | dir=in | app=f:\warcraft iii\war3.exe |
"{5FB5C38B-03C5-4433-99A6-1AF99E4BEE77}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{60826D17-1628-429B-8FE5-4C6A23BFA7CC}" = protocol=6 | dir=in | app=f:\-.-\world of warcraft\launcher.exe |
"{6293E8CF-C24A-4B9A-A22D-B3AA7DF0ADB0}" = protocol=17 | dir=in | app=c:\users\alvaro\desktop\asdf\left4dead\hl2.exe |
"{6B710F79-720E-4C25-8E78-E8416F848152}" = protocol=17 | dir=in | app=c:\program files\raptr\raptr.exe |
"{6F46FB30-4462-4F35-97E6-8B26EA2C38CB}" = protocol=17 | dir=in | app=c:\program files\raptr\raptr_im.exe |
"{77DABB89-9F33-4672-AF95-86240A12EF33}" = protocol=17 | dir=in | app=j:\-.-\world of warcraft\launcher.exe |
"{78883544-C449-4CF1-BFD3-B9132A887AFD}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{819FA98B-DA28-4F45-8A98-3775314ACF69}" = protocol=17 | dir=in | app=c:\program files\tunngle\tunngle.exe |
"{88192BFC-2B30-4F8C-841E-F72AF013146F}" = protocol=17 | dir=in | app=c:\program files\expressfiles\expressfiles.exe |
"{89ADEF46-7BB1-431E-AE81-016905DA4597}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{89EAD545-7471-4778-9594-55210195755D}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{90324C7F-18F9-4D44-8CC6-BD0225863D3C}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{9127CF81-CC8A-4055-A598-F1E1F82B4210}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{957852B0-E270-48F2-B8EA-6A776EF29FF8}" = protocol=6 | dir=in | app=j:\-.-\world of warcraft\launcher.exe |
"{98AC998E-4CD2-44F7-BBAA-99A91AED1583}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{9B42D70B-F1B5-4B88-B8C1-4416E63701D7}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{9FD4EDC7-3A69-480C-850C-78073461B49C}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{A0E95DE8-7F9F-41AC-B172-447DAACFCF09}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{A648CEBC-1978-4A03-B13E-EE0EBB40142E}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{AB89D393-ADC4-4E8C-8554-25DFD1EEB763}" = protocol=6 | dir=in | app=f:\warcraft iii\war3.exe |
"{AB991153-EA52-415D-B513-681A61E74D23}" = protocol=6 | dir=in | app=c:\program files\sierra\fear\fear.exe |
"{AF05F389-D5A2-4E4F-86AC-D5EDCFA608E6}" = protocol=58 | dir=in | app=system |
"{AF402254-9D5E-45DD-9FF5-5357E87BEB4F}" = protocol=17 | dir=in | app=f:\-.-\world of warcraft\launcher.exe |
"{B8178C59-81B3-406F-8281-6BE9788B298D}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{C3473AC7-4529-463F-8796-A61CD89F6F94}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C82A192E-7279-4AE2-9AD7-5CF04ABAFA71}" = protocol=58 | dir=out | [email protected],-503 |
"{CE2A787E-15CA-4146-8B10-CF1EA698BDB3}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{D313D913-8304-4D91-B5CD-72C2FF54FC70}" = protocol=6 | dir=in | app=c:\program files\sierra\fear\fearmp.exe |
"{D766BF3B-47A3-4ECD-B484-B59D47820AD2}" = protocol=6 | dir=in | app=c:\program files\raptr\raptr.exe |
"{E840A4A7-DD1E-4B69-A50C-8F11D8DE95F9}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{E87BDE8F-6D12-4D2E-B611-72A03E442EF6}" = protocol=17 | dir=in | app=f:\touhous xd\nueva carpeta (3)\launcher.exe |
"{EBE69E8E-1970-4127-B9A8-2059E16006EB}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{EC969E2E-0A4B-4285-8AFB-40ADF2182D02}" = protocol=6 | dir=in | app=c:\users\alvaro\desktop\asdf\left4dead\hl2.exe |
"{ED495DEA-1F8E-4F59-8ECE-5E74FA56F035}" = protocol=6 | dir=in | app=c:\program files\expressfiles\expressdl.exe |
"{F121695E-6A08-4728-84DA-0F92DE492118}" = protocol=17 | dir=in | app=f:\touhous xd\nueva carpeta (3)\_launcher.exe |
"{F80A6E7F-26F2-4422-AC90-CAFC0A6C1441}" = protocol=17 | dir=in | app=c:\program files\tunngle\tnglctrl.exe |
"TCP Query User{053E096F-7575-4C8E-AA40-9804AE037FD2}F:\touhous xd\th123\th123.exe" = protocol=6 | dir=in | app=f:\touhous xd\th123\th123.exe |
"TCP Query User{0BCBF524-91C8-4FCF-835F-DD8DE24D0C1F}C:\program files\1clickdownload\1clickdownloader.exe" = protocol=6 | dir=in | app=c:\program files\1clickdownload\1clickdownloader.exe |
"TCP Query User{11FA8410-B35B-4444-A743-C4F0611BF81B}C:\users\alvaro\desktop\asdf\left4dead\hl2.exe" = protocol=6 | dir=in | app=c:\users\alvaro\desktop\asdf\left4dead\hl2.exe |
"TCP Query User{31CB1E36-8C97-4D62-BD1C-A65764970ACF}J:\-.-\world of warcraft\launcher.patch.exe" = protocol=6 | dir=in | app=j:\-.-\world of warcraft\launcher.patch.exe |
"TCP Query User{50F91929-0CF1-478C-9529-81BEE40690C4}C:\quake iii arena\quake3\quake3.exe" = protocol=6 | dir=in | app=c:\quake iii arena\quake3\quake3.exe |
"TCP Query User{56A4DB29-98A6-4F4B-AD48-91BAD9B40B2C}C:\program files\stepmania cvs\program\stepmania.exe" = protocol=6 | dir=in | app=c:\program files\stepmania cvs\program\stepmania.exe |
"TCP Query User{5942FF2D-A435-4528-B72D-39607A8BD6F0}F:\starcroft\sc1.16.1_by_@carloxss\starcraft.exe" = protocol=6 | dir=in | app=f:\starcroft\sc1.16.1_by_@carloxss\starcraft.exe |
"TCP Query User{5D37FE7D-B2AA-42A9-AD86-2A615A1B3CA8}C:\program files\torchlight ii\torchlight2.exe" = protocol=6 | dir=in | app=c:\program files\torchlight ii\torchlight2.exe |
"TCP Query User{9BCC6C26-8CDC-41D6-889B-8DF91D535E64}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"TCP Query User{AED989C4-B075-4CB8-91F9-26E5F70332B4}F:\warcraft iii\war3.exe" = protocol=6 | dir=in | app=f:\warcraft iii\war3.exe |
"TCP Query User{D1D7730A-D30C-4583-B384-6D73F55CB77C}C:\soldat\soldat.exe" = protocol=6 | dir=in | app=c:\soldat\soldat.exe |
"TCP Query User{D6739A09-432B-4276-B93E-5BAEE004A78C}C:\program files\lolreplay\lolreplay.exe" = protocol=6 | dir=in | app=c:\program files\lolreplay\lolreplay.exe |
"TCP Query User{E81EB623-4886-409F-A5C7-64FBC5171797}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"TCP Query User{EB75EE1D-57BA-47D9-BAFA-E127FBAE0A75}J:\-.-\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=j:\-.-\world of warcraft\backgrounddownloader.exe |
"TCP Query User{FD6E16F3-6C7B-4C81-AF37-65175C76A36A}F:\half life 2 por vegeta501\hl2.exe" = protocol=6 | dir=in | app=f:\half life 2 por vegeta501\hl2.exe |
"UDP Query User{1B062E24-1A74-43FA-9597-CFB471C23BBE}F:\touhous xd\th123\th123.exe" = protocol=17 | dir=in | app=f:\touhous xd\th123\th123.exe |
"UDP Query User{1F13AD45-9ECE-4F60-8B18-FDFFB2CE282A}C:\soldat\soldat.exe" = protocol=17 | dir=in | app=c:\soldat\soldat.exe |
"UDP Query User{313E0CB1-7A60-4BEC-88BE-AEB19CEB1559}C:\program files\1clickdownload\1clickdownloader.exe" = protocol=17 | dir=in | app=c:\program files\1clickdownload\1clickdownloader.exe |
"UDP Query User{77F9042F-9A15-4641-AD6D-8406A90423B1}F:\starcroft\sc1.16.1_by_@carloxss\starcraft.exe" = protocol=17 | dir=in | app=f:\starcroft\sc1.16.1_by_@carloxss\starcraft.exe |
"UDP Query User{78CC4697-D9E5-48CD-81B0-8F118A0696A5}F:\half life 2 por vegeta501\hl2.exe" = protocol=17 | dir=in | app=f:\half life 2 por vegeta501\hl2.exe |
"UDP Query User{7EC77714-0B3D-4C00-86F5-B0DF16EABB52}C:\program files\torchlight ii\torchlight2.exe" = protocol=17 | dir=in | app=c:\program files\torchlight ii\torchlight2.exe |
"UDP Query User{92A42AC0-E580-4596-BCA2-53AE61073FE3}C:\program files\lolreplay\lolreplay.exe" = protocol=17 | dir=in | app=c:\program files\lolreplay\lolreplay.exe |
"UDP Query User{93369B9A-F1E3-47E5-AFEA-D89CF5189E6B}F:\warcraft iii\war3.exe" = protocol=17 | dir=in | app=f:\warcraft iii\war3.exe |
"UDP Query User{A0ECB7D0-96E1-45DD-947D-3C87140FC5B3}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{B18D56B0-2773-46B1-9618-D78E72020D8D}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{B1D7C91A-E45A-4619-BF4E-7A8FCFA75703}C:\users\alvaro\desktop\asdf\left4dead\hl2.exe" = protocol=17 | dir=in | app=c:\users\alvaro\desktop\asdf\left4dead\hl2.exe |
"UDP Query User{B2214AC0-40FD-40A0-A2BF-E74878B5FCBE}C:\program files\stepmania cvs\program\stepmania.exe" = protocol=17 | dir=in | app=c:\program files\stepmania cvs\program\stepmania.exe |
"UDP Query User{B3FC29B2-B4A7-4B16-981B-DDDFCC37F895}J:\-.-\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=j:\-.-\world of warcraft\backgrounddownloader.exe |
"UDP Query User{CE3CBE2B-1CC7-4AEB-A10A-BAF2AFE45631}C:\quake iii arena\quake3\quake3.exe" = protocol=17 | dir=in | app=c:\quake iii arena\quake3\quake3.exe |
"UDP Query User{DA2145F0-DE8A-4EC9-8710-46773150CC08}J:\-.-\world of warcraft\launcher.patch.exe" = protocol=17 | dir=in | app=j:\-.-\world of warcraft\launcher.patch.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0F9B474C-B65A-427E-A3A6-9B7460ED14D9}" = Lanix Recovery Center
"{106B4413-ACBB-4CDE-8707-587DB9BD77EC}" = LogMeIn Hamachi
"{141B8BA9-BFFD-4635-AF64-078E31010EC3}_is1" = FINAL FANTASY VII
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = Browser Manager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Herramienta de carga de Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema 1.6.0.4014
"{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java 6 Update 35
"{26A24AE4-039D-4CA4-87B4-2F83217013FF}" = Java 7 Update 13
"{286C5BE9-7E61-4AC1-B674-BED333C35F73}" = AVG 2012
"{2B653229-9854-4989-B780-D978F5F13EAB}" = FEAR
"{2B83A043-BA8C-4164-98AA-29529D0BE756}" = Windows Live Essentials
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2F3A3B57-8AB4-4136-8FD2-96A77D5183C1}" = AVG 2012
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3800E4B7-3457-42D9-B22D-2CBAAAEDF0A1}" = IObit Toolbar v7.0
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FE93ACC-83FB-4FE5-9147-8BAD2D33E2EF}" = AVG 2012
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E0C89A4-4040-47C7-AD0C-0E8226B6AFE2}" = AVG 2012
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup
"{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1" = Amnesia - The Dark Descent
"{59308225-510C-4492-A7E4-71625FAD545E}" = Simple Adblock
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{726D1868-50CF-4DF5-B4EB-F67150DD82DB}" = Windows Live Movie Maker
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7593234B-2AEB-4FC9-B02D-C9B30D86084C}" = Windows Live Asistente para el inicio de sesión
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77A776C4-D10F-416D-88F0-53F2D9DCD9B3}" = Microsoft Security Client
"{781806FD-EA18-4D44-92D5-4FFC53251DDB}" = Document Express DjVu Plug-in
"{84E6A538-D3AE-4510-B32F-2415361D2770}" = Windows Live Protección Infantil
"{859B9BCA-5376-4566-9F88-C6C9DAA7A925}" = Microsoft Security Client ES-ES Language Pack
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{8924FD04-AFF1-4387-B08B-6A979485F2BD}" = Windows Live Call
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90140000-0015-0C0A-0000-0000000FF1CE}" = Microsoft Office Access MUI (Spanish) 2010
"{90140000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2010
"{90140000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2010
"{90140000-0019-0C0A-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Spanish) 2010
"{90140000-001A-0C0A-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Spanish) 2010
"{90140000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2010
"{90140000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2010
"{90140000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2010
"{90140000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006D-0C0A-0000-0000000FF1CE}" = Hacer clic y ejecutar de Microsoft Office 2010
"{90140000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2010
"{90140000-00A1-0C0A-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Spanish) 2010
"{914DD274-9C5D-44CA-9AC7-12B8D2D4DA08}" = Windows Live Sync
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-00AF-0C0A-0000-0000000FF1CE}" = Visor de Microsoft PowerPoint
"{95B012AD-3A4A-31D7-9167-5D07D2A71F47}" = Microsoft .NET Framework 4 Client Profile ESN Language Pack
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9ECF7817-DB11-4FBA-9DF1-296A578D513A}" = Adobe Shockwave Player 11.5
"{A392A7FE-2216-4F7B-AF2F-24F1533DB860}" = Quake Live Internet Explorer Plugin
"{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}" = IMinent Toolbar
"{A7BBE3D6-F19A-40E6-96EC-84E1DC88F262}" = Galería fotográfica de Windows Live
"{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1" = VDownloader 3.9.990
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1034-7B44-A95000000001}" = Adobe Reader 9.5.4 - Español
"{B143D835-EBAF-4A39-8B31-1868FF4166C1}" = AVG 2012
"{B69C390B-826F-473C-86EB-7AD4950818C3}" = AVG 2012
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B8583CB3-8ABE-407E-8BC6-F9A83EAC9133}" = Windows Live Writer
"{BBFDD98A-16DB-4A78-82A3-12ECCA29F1B0}" = AVG 2012
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BEC001F9-0451-4396-92D7-E1A4E7854BF3}" = Windows Live Mail
"{C4156B59-DD7E-40DF-AF08-E568A27A6409}" = Windows Live Messenger
"{C6A09671-93A6-4548-9FAE-3BF21EB9C921}" = AVG 2012
"{CB29344C-6667-455D-BD08-7AAA3E58206F}" = GAMEVIL
"{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}" = BabylonObjectInstaller
"{E7C0E7E9-B404-4A98-A8D1-FEFB9482866E}" = TuneUp Utilities Language Pack (es-ES)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FA66CFD7-0977-4C45-AACD-A8BB994B1A05}" = Quake Live Mozilla Plugin
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"‚Ü‚µ‚ë‚Ú‚½‚ñ_is1" = ‚Ü‚µ‚ë‚Ú‚½‚ñ
"1ClickDownload" = 1ClickDownloader
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AIMP3" = AIMP3
"Arasan_is1" = Arasan 14.2a
"AVG" = AVG 2012
"AVG Secure Search" = AVG Security Toolbar
"Borderlands GOTY Repack" = Borderlands GOTY Repack
"BrowserCompanion" = BrowserCompanion
"CabalLS_is1" = CabalLS
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.01
"express-files Toolbar" = express-files Toolbar
"Fraps" = Fraps (remove only)
"Game Booster_is1" = Game Booster 3
"Google Chrome" = Google Chrome
"HDMI" = Intel® Graphics Media Accelerator Driver
"Katawa Shoujo" = Katawa Shoujo
"LogMeIn Hamachi" = LogMeIn Hamachi
"LOLReplay" = LOLReplay
"Lunia" = Lunia
"Magic ISO Maker v5.5 (build 0281)" = Magic ISO Maker v5.5 (build 0281)
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile ESN Language Pack" = Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN
"Microsoft Security Client" = Microsoft Security Essentials
"Minecraft 1.4.5" = Minecraft 1.4.5
"Mobile Media Converter_is1" = MIKSOFT Mobile Media Converter
"Nero - Burning Rom" = Nero - Burning Rom
"Office14.Click2Run" = Hacer clic y ejecutar de Microsoft Office 2010
"Office14.SingleImage" = Microsoft Office Professional 2010
"Opera 12.14.1738" = Opera 12.14
"PROSet" = Intel® Network Connections Drivers
"Quake III Arena Point Release 1.32" = Quake III Arena Point Release 1.32
"RaidCall" = RaidCall
"Raptr" = Raptr
"Scratch" = Scratch
"SearchProtect" = Search Protect by conduit
"StepMania CVS" = StepMania CVS 4.0 (remove only)
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 7" = TeamViewer 7
"Torchlight II © Runic Games_is1" = Torchlight II © Runic Games version 1
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"Tunngle beta_is1" = Tunngle beta
"TVWiz" = Intel® TV Wizard
"uTorrent" = µTorrent
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"ŽÔ—Ö‚Ì‘AŒü“úˆ¨‚Ì—_is1" = ŽÔ—Ö‚Ì‘AŒü“úˆ¨‚Ì— 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"ExpressFiles" = ExpressFiles
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 17-02-2013 11:36:57 | Computer Name = Alvaro-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Error al descargar las cadenas del contador de rendimiento para el
servicio WmiApRpl (WmiApRpl). El primer valor DWORD de la seccion de datos contiene
el codigo de error.
Error - 17-02-2013 15:11:05 | Computer Name = Alvaro-PC | Source = SideBySide | ID = 16842785
Description = Error al generar el contexto de activacion para "C:\Program Files\Common
Files\Spigot\Search Settings\SearchSettings64.exe". No se encontro el ensamblado
dependiente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Use
sxstrace.exe para obtener un diagnostico detallado.
Error - 18-02-2013 11:52:49 | Computer Name = Alvaro-PC | Source = BugSplat | ID = 1
Description =
Error - 18-02-2013 19:12:55 | Computer Name = Alvaro-PC | Source = Application Error | ID = 1000
Description = Nombre de la aplicacion con errores: opera.exe, version: 12.14.1738.0,
marca de tiempo: 0x5110cff1 Nombre del modulo con errores: npquakezero.dll_unloaded,
version: 0.0.0.0, marca de tiempo: 0x4f3ae830 Codigo de excepcion: 0xc0000005 Desplazamiento
de errores: 0x6c334208 Id. del proceso con errores: 0x14ec Hora de inicio de la aplicacion
con errores: 0x01ce0e173a91bcd7 Ruta de acceso de la aplicacion con errores: C:\Program
Files\Opera\opera.exe Ruta de acceso del modulo con errores: npquakezero.dll Id.
del informe: b9b91e54-7a20-11e2-b7f1-d0278814c719
Error - 18-02-2013 21:32:25 | Computer Name = Alvaro-PC | Source = Application Error | ID = 1000
Description = Nombre de la aplicacion con errores: opera.exe, version: 12.14.1738.0,
marca de tiempo: 0x5110cff1 Nombre del modulo con errores: quakelive.dll, version:
0.1.0.600, marca de tiempo: 0x50fef006 Codigo de excepcion: 0xc0000005 Desplazamiento
de errores: 0x001daef4 Id. del proceso con errores: 0xa94 Hora de inicio de la aplicacion
con errores: 0x01ce0e2d88b1827b Ruta de acceso de la aplicacion con errores: C:\Program
Files\Opera\opera.exe Ruta de acceso del modulo con errores: C:\Users\テ〕varo\AppData\LocalLow\id
Software\quakelive\home\baseq3\quakelive.dll Id. del informe: 3667b977-7a34-11e2-b7f1-d0278814c719
Error - 19-02-2013 14:24:08 | Computer Name = Alvaro-PC | Source = Application Error | ID = 1000
Description = Nombre de la aplicacion con errores: TuneUpUtilitiesApp32.exe, version:
10.0.2011.86, marca de tiempo: 0x4cea9b6e Nombre del modulo con errores: TuneUpUtilitiesApp32.exe,
version: 10.0.2011.86, marca de tiempo: 0x4cea9b6e Codigo de excepcion: 0xc0000005
Desplazamiento
de errores: 0x000262ba Id. del proceso con errores: 0xfe4 Hora de inicio de la aplicacion
con errores: 0x01ce0eb6757ce850 Ruta de acceso de la aplicacion con errores: C:\Program
Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe Ruta de acceso del modulo con
errores: C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe Id. del
informe: 8c1acdc0-7ac1-11e2-95e5-d0278814c719
Error - 20-02-2013 0:00:51 | Computer Name = Alvaro-PC | Source = Application Error | ID = 1000
Description = Nombre de la aplicacion con errores: opera.exe, version: 12.14.1738.0,
marca de tiempo: 0x5110cff1 Nombre del modulo con errores: npquakezero.dll_unloaded,
version: 0.0.0.0, marca de tiempo: 0x4f3ae830 Codigo de excepcion: 0xc0000005 Desplazamiento
de errores: 0x6e944208 Id. del proceso con errores: 0xdd4 Hora de inicio de la aplicacion
con errores: 0x01ce0f15eece54fe Ruta de acceso de la aplicacion con errores: C:\Program
Files\Opera\opera.exe Ruta de acceso del modulo con errores: npquakezero.dll Id.
del informe: 1d88c0d9-7b12-11e2-95e5-d0278814c719
Error - 20-02-2013 0:01:01 | Computer Name = Alvaro-PC | Source = Application Error | ID = 1000
Description = Nombre de la aplicacion con errores: opera.exe, version: 12.14.1738.0,
marca de tiempo: 0x5110cff1 Nombre del modulo con errores: npquakezero.dll_unloaded,
version: 0.0.0.0, marca de tiempo: 0x4f3ae830 Codigo de excepcion: 0xc0000005 Desplazamiento
de errores: 0x6e8822e8 Id. del proceso con errores: 0xdd4 Hora de inicio de la aplicacion
con errores: 0x01ce0f15eece54fe Ruta de acceso de la aplicacion con errores: C:\Program
Files\Opera\opera.exe Ruta de acceso del modulo con errores: npquakezero.dll Id.
del informe: 2313bfaf-7b12-11e2-95e5-d0278814c719
Error - 20-02-2013 10:26:15 | Computer Name = Alvaro-PC | Source = BugSplat | ID = 1
Description =
Error - 20-02-2013 12:15:55 | Computer Name = Alvaro-PC | Source = BugSplat | ID = 1
Description =
Error - 20-02-2013 15:07:22 | Computer Name = Alvaro-PC | Source = BugSplat | ID = 1
Description =
Error - 22-02-2013 17:03:13 | Computer Name = Alvaro-PC | Source = Application Error | ID = 1000
Description = Nombre de la aplicacion con errores: Opera.exe, version: 12.14.1738.0,
marca de tiempo: 0x5110cff1 Nombre del modulo con errores: npquakezero.dll_unloaded,
version: 0.0.0.0, marca de tiempo: 0x4f3ae830 Codigo de excepcion: 0xc0000005 Desplazamiento
de errores: 0x6b394208 Id. del proceso con errores: 0x1258 Hora de inicio de la aplicacion
con errores: 0x01ce113867c45497 Ruta de acceso de la aplicacion con errores: C:\Program
Files\Opera\Opera.exe Ruta de acceso del modulo con errores: npquakezero.dll Id.
del informe: 447bea6f-7d33-11e2-b0b4-d0278814c719
Error - 22-02-2013 17:03:29 | Computer Name = Alvaro-PC | Source = Application Error | ID = 1000
Description = Nombre de la aplicacion con errores: Opera.exe, version: 12.14.1738.0,
marca de tiempo: 0x5110cff1 Nombre del modulo con errores: npquakezero.dll_unloaded,
version: 0.0.0.0, marca de tiempo: 0x4f3ae830 Codigo de excepcion: 0xc0000005 Desplazamiento
de errores: 0x6b2d22e8 Id. del proceso con errores: 0x1258 Hora de inicio de la aplicacion
con errores: 0x01ce113867c45497 Ruta de acceso de la aplicacion con errores: C:\Program
Files\Opera\Opera.exe Ruta de acceso del modulo con errores: npquakezero.dll Id.
del informe: 4e7825e3-7d33-11e2-b0b4-d0278814c719
Error - 23-02-2013 15:18:17 | Computer Name = Alvaro-PC | Source = Application Hang | ID = 1002
Description = El programa League of Legends.exe, version 3.2.0.38, dejo de interactuar
con Windows y se cerro. Para ver si hay mas informacion disponible acerca del problema,
compruebe el historial de problemas en el panel de control Centro de actividades.
Identificador
de proceso: 730 Hora de inicio: 01ce11fa777f4025 Hora de finalizacion: 0 Ruta de acceso
de la aplicacion: C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.0.212\deploy\League
of Legends.exe Identificador de informe: bd69a7b4-7ded-11e2-af86-d0278814c719
[ System Events ]
Error - 21-03-2013 21:01:58 | Computer Name = Alvaro-PC | Source = bowser | ID = 8003
Description =
Error - 21-03-2013 21:02:31 | Computer Name = Alvaro-PC | Source = Service Control Manager | ID = 7032
Description = El Administrador de control de servicios intento realizar una accion
correctora (Reiniciar el servicio) despues de la terminacion inesperada del servicio
Instrumental de administracion de Windows, pero ocurrio el siguiente error: %%1056
Error - 21-03-2013 21:02:40 | Computer Name = Alvaro-PC | Source = Service Control Manager | ID = 7023
Description = El servicio Centro de seguridad se cerro con el siguiente error: %%1747
Error - 21-03-2013 21:03:38 | Computer Name = Alvaro-PC | Source = Service Control Manager | ID = 7000
Description = El servicio Browser Manager no pudo iniciarse debido al siguiente
error: %%2
Error - 22-03-2013 13:08:09 | Computer Name = Alvaro-PC | Source = Service Control Manager | ID = 7000
Description = El servicio Browser Manager no pudo iniciarse debido al siguiente
error: %%2
Error - 22-03-2013 15:15:08 | Computer Name = Alvaro-PC | Source = bowser | ID = 8003
Description =
Error - 22-03-2013 20:31:52 | Computer Name = Alvaro-PC | Source = Service Control Manager | ID = 7000
Description = El servicio Browser Manager no pudo iniciarse debido al siguiente
error: %%2
Error - 23-03-2013 11:05:45 | Computer Name = Alvaro-PC | Source = EventLog | ID = 6008
Description = El cierre anterior del sistema a las 4:05:53 del ?23-?03-?2013 resulto
inesperado.
Error - 23-03-2013 11:05:48 | Computer Name = Alvaro-PC | Source = Service Control Manager | ID = 7000
Description = El servicio Browser Manager no pudo iniciarse debido al siguiente
error: %%2
Error - 23-03-2013 11:49:38 | Computer Name = Alvaro-PC | Source = Service Control Manager | ID = 7000
Description = El servicio Browser Manager no pudo iniciarse debido al siguiente
error: %%2
< End of report >
Thanks and please help, Ill be here waiting for the answer.
Edited by alvarito, 23 March 2013 - 02:54 PM.