Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 92790 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Conduit


  • This topic is locked This topic is locked
6 replies to this topic

#1 Metachisme

Metachisme

    New Member

  • New Member
  • Pip
  • 3 posts

Posted 03 October 2014 - 05:57 PM

I have a very recidivive conduit

 

i HAVE tried almost everything

 

http://forums.mozill...01877#p13801877

 

What can i do now ?

 

Best Regards

 


    Advertisements

Register to Remove


#2 ken545

ken545

    Forum God

  • Retired Classroom Teacher
  • 23,219 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 03 October 2014 - 06:05 PM

:welcome:

 

I moved your post to  the malware removal forum, lets do this so we can see whats going on

 

 

1QYkxTZ.jpg Please download aswMBR to your desktop.
 
  • Double click the aswMBR icon to run it.
  • Click the Scan button to start scan.
  • If you are asked to update the Avast Virus database please allow it to do so.
  • When it finishes, press the save log button, save the logfile to your desktop and post its contents in your next reply.
  •  
    I just want to see the report....Please Do Not Fix Anything
     
    ============================================================================
     
     
     

    Please download Farbar Recovery Scan Tool and save it to your desktop.
     
    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
     
    How to determine whether a computer is running a 32-bit version or 64-bit version of the Windows operating system
    A simple way to check your system: Start --> Computer (right click) --> Properties
     
     
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Please make sure All Users is checked
  • Do not check 
  • *List BCD
    *Drivers MD5
    *Shortcut txt
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.


     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #3 Metachisme

    Metachisme

      New Member

    • New Member
    • Pip
    • 3 posts

    Posted 03 October 2014 - 08:09 PM

    The first part : 

     

     

    aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
    Run date: 2014-10-04 02:13:25
    -----------------------------
    02:13:25.137    OS Version: Windows x64 6.1.7600 
    02:13:25.137    Number of processors: 2 586 0x170A
    02:13:25.141    ComputerName: ACER-A04555092B  UserName: JOSE
    02:13:33.683    Initialize success
    02:13:35.194    VM: initialized successfully
    02:13:35.871    VM: Intel CPU virtualization not supported 
    02:59:08.769    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
    02:59:08.777    Disk 0 Vendor: WDC_WD10JPVX-00JC3T0 01.01A01 Size: 953869MB BusType: 3
    02:59:10.326    Disk 0 MBR read successfully
    02:59:10.329    Disk 0 MBR scan
    02:59:10.333    Disk 0 unknown MBR code
    02:59:10.337    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS       126323 MB offset 63
    02:59:10.513    Disk 0 Boot: NTFS     code=1
    02:59:10.535    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS           30 MB offset 279179264
    02:59:10.541    Disk 0 Partition - 00     05     Extended            827543 MB offset 258710760
    02:59:10.581    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS         9993 MB offset 258710823
    02:59:10.589    Disk 0 Partition - 00     05     Extended            189995 MB offset 279241830
    02:59:10.724    Disk 0 scanning C:\Windows\system32\drivers
    02:59:24.587    Service scanning
    03:02:47.450    Modules scanning
    03:02:47.460    Disk 0 trace - called modules:
    03:02:47.491    ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS pciide.sys 
    03:02:47.499    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800495a060]
    03:02:47.508    3 CLASSPNP.SYS[fffff880019c143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80046b2680]
    03:02:47.516    Scan finished successfully
    03:03:04.838    Disk 0 MBR has been saved successfully to "C:\Users\JOSE\Desktop\MBR.dat"
    03:03:04.845    The log file has been saved successfully to "C:\Users\JOSE\Desktop\aswMBR.txt"  


    #4 Metachisme

    Metachisme

      New Member

    • New Member
    • Pip
    • 3 posts

    Posted 03 October 2014 - 08:31 PM

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2014
    Ran by JOSE at 2014-10-04 03:18:43
    Running from C:\Users\JOSE\Desktop\Accesos ACER W7\PROTECCION
    Boot Mode: Normal
    ==========================================================
     
     
    ==================== Security Center ========================
     
    (If an entry is included in the fixlist, it will be removed.)
     
    AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
    AV: AVG Anti-Virus Free Edition 2012 (Disabled - Up to date) {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
    AS: AVG Anti-Virus Free Edition 2012 (Disabled - Up to date) {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
    FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
     
    ==================== Installed Programs ======================
     
    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
     
    7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
    Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.0.6821 - CyberLink Corp.)
    Acer Arcade Deluxe (x32 Version: 3.0.6821 - CyberLink Corp.) Hidden
    Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.22 - NewTech Infosystems)
    Acer Crystal Eye webcam Ver:1.1.74.216 (HKLM-x32\...\{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}) (Version: 1.1.74.216 - Chicony Electronics Co.,Ltd.)
    Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.05.3002 - Acer Incorporated)
    Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3003 - Acer Incorporated)
    Acer GameZone Console (HKLM-x32\...\{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1) (Version: 5.1.0.2 - Oberon Media, Inc.)
    Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.01.0730 - Acer Inc.)
    Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3004 - Acer Incorporated)
    Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0903 - Acer Incorporated)
    Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
    Acronis True Image Home 2011 (HKLM-x32\...\{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}) (Version: 14.0.6597 - Acronis)
    Ad-Aware Antivirus (HKLM\...\{E39A80AE-0CC0-43EE-AB6B-BE11DC4F969F}_AdAwareUpdater) (Version: 11.3.6321.0 - Lavasoft)
    AdAwareInstaller (Version: 11.3.6321.0 - Lavasoft) Hidden
    AdAwareUpdater (Version: 11.3.6321.0 - Lavasoft) Hidden
    Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.0.0 - Adobe Systems)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
    Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
    Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.22.87 - Adobe Systems Incorporated)
    Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.06) - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
    Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.)
    Advanced PDF Password Recovery (HKCU\...\Advanced PDF Password Recovery) (Version: 5.0 - ElcomSoft Co. Ltd.)
    ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.105.2015.1103 - Alps Electric)
    AnalogX TapTempo (HKLM-x32\...\AnalogX TapTempo) (Version:  - AnalogX)
    Anki (HKLM-x32\...\Anki) (Version:  - )
    AnswerWorks Runtime (HKLM-x32\...\AnswerWorks 3.0) (Version:  - )
    AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
    ARKITool 2012 (HKLM-x32\...\{62DB753B-5CC2-42EF-9FDD-8440D49767E4}) (Version: 2012 - Ideas y Programas, S.L.)
    ATI AVIVO64 Codecs (Version: 10.7.0.40702 - ATI Technologies Inc.) Hidden
    ATI Catalyst Install Manager (HKLM\...\{D10D9994-4337-8067-F5D7-9F8FEC1E4A00}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
    AutoCAD 2012 - Spanish (HKLM\...\AutoCAD 2012 - Spanish) (Version: 18.2.51.0 - Autodesk)
    AutoCAD 2012 - Spanish (Version: 18.2.205.0 - Autodesk) Hidden
    AutoCAD 2012 - Spanish SP2 (HKLM\...\AutoCAD 2012 - Spanish SP2) (Version: 1 - Autodesk)
    AutoCAD 2012 Language Pack - Spanish (Version: 18.2.51.0 - Autodesk) Hidden
    Autodesk Inventor Fusion 2012 (HKLM\...\Autodesk Inventor Fusion 2012) (Version: 1.0.0.79 - Autodesk, Inc.)
    Autodesk Inventor Fusion 2012 (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
    Autodesk Inventor Fusion plug-in for AutoCAD 2012 (HKLM\...\Módulo de extensión de Autodesk Inventor Fusion para AutoCAD 2012) (Version: 0.0.1.138 - Autodesk)
    Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
    Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
    AutoHotkey 1.1.14.03 (HKLM\...\AutoHotkey) (Version: 1.1.14.03 - Lexikos)
    Automation Anywhere Server 6.6 (HKLM-x32\...\{C11ABBC6-78C8-45D4-8B5E-D628CCFA2C75}) (Version:  - Automation Anywhere, Inc.)
    AVG 2012 (HKLM\...\AVG) (Version: 2012.1.2247 - AVG Technologies)
    AVG 2012 (Version: 12.0.4031 - AVG Technologies) Hidden
    AVG 2012 (Version: 12.1.2247 - AVG Technologies) Hidden
    Backup Manager Basic (x32 Version: 2.0.0.22 - NewTech Infosystems) Hidden
    BestPractice (remove only) (HKLM-x32\...\BestPractice) (Version:  - )
    BPM Counter 1.6.0.0 (HKLM-x32\...\BPM Counter_is1) (Version: 1.6.0.0 - AbyssMedia.com)
    Broadcom Gigabit NetLink Controller (HKLM\...\{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}) (Version: 12.26.02 - Broadcom Corporation)
    Casals 4.0.5 (HKLM-x32\...\Casals_is1) (Version:  - Ventilación Industrial Ind S.L.)
    Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
    Catalyst Control Center Core Implementation (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
    Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
    Catalyst Control Center Graphics Full New (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
    Catalyst Control Center Graphics Light (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
    Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
    Catalyst Control Center InstallProxy (x32 Version: 2009.0702.1239.20840 - ATI Technologies, Inc.) Hidden
    Catalyst Control Center Localization All (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
    CCC Help Chinese Standard (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
    CCC Help Chinese Traditional (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
    CCC Help Czech (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
    CCC Help Danish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
    CCC Help Dutch (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
    CCC Help English (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
    CCC Help Finnish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
    CCC Help French (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
    CCC Help German (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
    CCC Help Greek (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
    CCC Help Hungarian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
    CCC Help Italian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
    CCC Help Japanese (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
    CCC Help Korean (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
    CCC Help Norwegian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
    CCC Help Polish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
    CCC Help Portuguese (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
    CCC Help Russian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
    CCC Help Spanish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
    CCC Help Swedish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
    CCC Help Thai (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
    CCC Help Turkish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
    ccc-core-static (x32 Version: 2009.0702.1239.20840 - Nombre de su organización) Hidden
    ccc-utility64 (Version: 2009.0702.1239.20840 - ATI) Hidden
    CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
    Cobian Backup 11 Gravity (HKLM-x32\...\CobBackup11) (Version:  - )
    Configurador_FNMT (HKLM-x32\...\{438D4C4C-B703-4971-9C3D-33FF8A010ADB}) (Version: 3.2 - FNMT-RCM)
    CyberLink Audio Pack (5.1ch) for TriDefMediaPlayer 1.0 (HKLM-x32\...\CyberLink Audio Pack for TriDefMediaPlayer_is1) (Version: 1.0 - CyberLink Corp.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version:  - DVD Shrink)
    EaseUS Partition Master 10.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
    EasyBCD 1.7.2 (HKLM-x32\...\EasyBCD) (Version: 1.7.2 - NeoSmart Technologies)
    ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
    eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
    eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
    FactuSOL (HKLM-x32\...\{6E26F091-10F1-4399-B96E-F8E5A0EFCFC6}) (Version: 1.0.0 - Sofware del Sol, S.A.)
    FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
    Fences (HKLM-x32\...\Fences) (Version:  - Stardock Corporation)
    Fences (x32 Version: 0.95 - Stardock Corporation) Hidden
    FileBox eXtender (HKLM-x32\...\FileBox eXtender) (Version:  - Hyperionics Technology LLC)
    FileBox eXtender (x32 Version: 2.0.4 - Hyperionics Technology LLC) Hidden
    FileMenu Tools (HKLM\...\FileMenu Tools_is1) (Version: 6.6 - LopeSoft)
    Fine Metronome 3.5.0 (HKLM-x32\...\Fine Metronome_is1) (Version:  - Fine Software)
    Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Geekbench 3 (HKLM-x32\...\Geekbench 3) (Version:  - Primate Labs Inc.)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
    Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
    Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
    Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3001 - Acer Incorporated)
    Instalable módulo criptográfico DNIe (HKLM\...\{BE9DD44B-344E-46AA-A717-76D2C478ACC7}) (Version: 11.1.0 - Cuerpo Nacional de Policía)
    Instalable TC-FNMT (HKLM\...\{2F1D83C7-3F0F-4455-A711-DD163FA527E0}) (Version: 4.0.0 - FNMT-RCM)
    Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
    Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.670 - Oracle)
    Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
    Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.9.0.128 - PandoraTV)
    Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.03 - Acer Inc.)
    Launchy 2.1.2 (HKLM-x32\...\Launchy_21344213_is1) (Version:  - Code Jelly)
    LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.1.94 - LSI Corporation)
    Malwarebytes Anti-Malware versión 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
    McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.285.6 - McAfee, Inc.)
    Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
    Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
    Microsoft CAPICOM 2.1.0.2 SDK (HKLM-x32\...\{2FF43F5D-5729-4E02-A548-310E30A5F29B}) (Version: 2.1.0.2 - Microsoft Corporation)
    Microsoft Office XP Professional con FrontPage (HKLM-x32\...\{90280C0A-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Works (HKLM-x32\...\{38BB21D5-B0D1-41DA-A0B0-1EFB5EF4AAC2}) (Version: 9.7.0621 - Microsoft Corporation)
    MoboRobo 2.1.6.107 (HKLM-x32\...\{02B934E4-C574-4605-842B-01CD16295185}_is1) (Version: 2.1.6.107 - MoboRobo Inc.)
    Módulo de extensión de Autodesk Inventor Fusion para AutoCAD 2012 (Version: 0.0.1.138 - Autodesk) Hidden
    Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Mozilla Firefox 32.0.3 (x86 es-ES) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 es-ES)) (Version: 32.0.3 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
    MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
    MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
    MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
    MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.72.0 - Egis Technology Inc.)
    Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.0.36 - Symantec)
    NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.627 - NewTech Infosystems)
    NTI Backup Now Standard (x32 Version: 5.1.2.627 - NewTech Infosystems) Hidden
    NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6619 - NewTech Infosystems)
    NTI Media Maker 8 (x32 Version: 8.0.12.6619 - NewTech Infosystems) Hidden
    Oficalc 10.2 © Ofimega acadèmies (HKLM-x32\...\Oficalc_is1) (Version:  - Ofimega)
    Open Metronome (HKLM-x32\...\{4B200398-CA2D-4F67-8D00-C618F04020A7}) (Version: 1.0.0.0 - code::Biscuit)
    OpenOffice.org 2.4 (HKLM-x32\...\{3148D1E5-BC1B-4B98-80C8-77234722BF2D}) (Version: 2.4.9286 - OpenOffice.org)
    Opera Stable 24.0.1558.64 (HKLM-x32\...\Opera 24.0.1558.64) (Version: 24.0.1558.64 - Opera Software ASA)
    Oracle VM VirtualBox 4.3.10 (HKLM\...\{5632714F-6A48-4BF2-89E0-F8B6CE9FE6D1}) (Version: 4.3.10 - Oracle Corporation)
    Paquete de idioma de Autodesk Inventor Fusion 2012 (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
    Paquete de idioma de Autodesk Inventor Fusion para AutoCAD 2012 (Version: 0.0.1.138 - Autodesk) Hidden
    PDF Unlocker (HKLM-x32\...\PDF Unlocker - Demo Version 2.0_is1) (Version:  - )
    Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Plus Pack for Acronis True Image Home 2011 (HKLM-x32\...\{F1ED5BD7-4770-4037-9CBD-5DF9A5BEC408}) (Version: 14.0.6597 - Acronis)
    Poser 8 (8.0.0.10157) (HKLM-x32\...\Poser 8_is1) (Version: 8.0.0 - Smith Micro Software, Inc.)
    PPC Keyword Generator 1.0 (Beta) (HKLM-x32\...\PPC Keyword Generator (Beta)_is1) (Version:  - OverZone Software)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5911 - Realtek Semiconductor Corp.)
    Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30093 - Realtek Semiconductor Corp.)
    Salsa Rhythm Machine v3.2.0 (HKLM-x32\...\Salsa Rhythm Machine_is1) (Version:  - )
    Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.)
    Samsung Kies3 (x32 Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.) Hidden
    SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
    Servicio de contenidos de Autodesk (HKLM-x32\...\{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}) (Version: 2.0.90 - Autodesk)
    SkyPath (HKLM\...\{94B2B8CC-E8CD-4AAC-943A-1F96D19272CF}) (Version: 1.0.25 - Imageshack)
    Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
    Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
    Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
    SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
    Startup Delayer v2.3 (build 125) (HKLM-x32\...\Startup Delayer) (Version:  - )
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    SyncBackFree (HKLM-x32\...\SyncBackFree_is1) (Version: 6.5.30.0 - 2BrightSparks)
    TriDef 3D (OEM-A) 1.4.10 (HKLM-x32\...\experience-oem-a-bundle) (Version: 1.4.10gm - )
    TriDef 3D Ignition 2.3.3 (HKLM-x32\...\ignition-pkg) (Version: 2.3.3gm - )
    TriDef 3D Media Player 6.4.21 (HKLM-x32\...\media-player-pkg) (Version: 6.4.21gm - )
    Unchecky v0.2.16 (HKLM-x32\...\Unchecky) (Version: 0.2.16 - RaMMicHaeL)
    VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
    Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.)
    Visual Salsa (HKLM-x32\...\{D2CA51E5-35CB-4087-989A-C713600F1635}) (Version: 1.0 - Salsa Rhythm Software)
    Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
    Waterfox 31.0 (x64 en-US) (HKLM\...\Waterfox 31.0 (x64 en-US)) (Version: 31.0 - Mozilla)
    WeFi 4.0.1.0 (HKLM-x32\...\WeFi) (Version: 4.0.1.0 - WeFi Inc.)
    Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3005 - Acer Incorporated)
    Wifi Backup Manager (HKLM-x32\...\{7AD92088-C96D-4ECC-B6DC-FC85075B7879}) (Version: 1.0.0 - Shai Raiten)
    Windows Driver Package - Dirección General de la Policía (UMPass) SmartCard  (03/11/2013 1.0.2.1) (HKLM\...\B52C0A3A839B7EB8677E7EE3DAC12245F751A578) (Version: 03/11/2013 1.0.2.1 - Dirección General de la Policía)
    Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
    Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
    Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live Messenger (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live Sync (HKLM-x32\...\{28F46DFD-F535-4306-BDEB-C5E7FCA2026E}) (Version: 14.0.8064.206 - Microsoft Corporation)
    Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
     
    ==================== Custom CLSID (selected items): ==========================
     
    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
     
    CustomCLSID: HKU\S-1-5-21-4181878685-1256529413-3482687557-1000_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Spanish\acad.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-4181878685-1256529413-3482687557-1000_Classes\CLSID\{B77E471C-FBF3-4CB5-880F-D7528AD4B349}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Spanish\acad.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-4181878685-1256529413-3482687557-1000_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Spanish\acad.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-4181878685-1256529413-3482687557-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Spanish\acad.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-4181878685-1256529413-3482687557-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Spanish\acadficn.dll (Autodesk, Inc.)
     
    ==================== Restore Points  =========================
     
    29-09-2014 13:36:10 zoek.exe restore point
    03-10-2014 01:18:30 AA11
     
    ==================== Hosts content: ==========================
     
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
     
    2009-07-14 03:34 - 2014-10-03 22:21 - 00002025 ____A C:\Windows\system32\Drivers\etc\hosts
    0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
    0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
    0.0.0.0 media.opencandy.com
    0.0.0.0 cdn.opencandy.com
    0.0.0.0 tracking.opencandy.com
    0.0.0.0 api.opencandy.com
    0.0.0.0 installer.betterinstaller.com
    0.0.0.0 installer.filebulldog.com
    0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
    0.0.0.0 inno.bisrv.com
    0.0.0.0 nsis.bisrv.com
    0.0.0.0 cdn.file2desktop.com
    0.0.0.0 cdn.goateastcach.us
    0.0.0.0 cdn.guttastatdk.us
    0.0.0.0 cdn.inskinmedia.com
    0.0.0.0 cdn.insta.oibundles2.com
    0.0.0.0 cdn.insta.playbryte.com
    0.0.0.0 cdn.llogetfastcach.us
    0.0.0.0 cdn.montiera.com
    0.0.0.0 cdn.msdwnld.com
    0.0.0.0 cdn.mypcbackup.com
    0.0.0.0 cdn.ppdownload.com
    0.0.0.0 cdn.riceateastcach.us
    0.0.0.0 cdn.shyapotato.us
    0.0.0.0 cdn.solimba.com
    0.0.0.0 cdn.tuto4pc.com
    0.0.0.0 cdn.appround.biz
    0.0.0.0 cdn.bigspeedpro.com
     
    There are 5 more lines.
     
     
    ==================== Scheduled Tasks (whitelisted) =============
     
    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
     
    Task: {009CCFCC-4494-4E28-8484-C6FFBF716528} - System32\Tasks\2BrightSparks\SyncBackFree\ACER-A04555092B-JOSE\SyncBackFree Goldmine Copia Seguridad 14.00 => C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe [2014-02-24] (2BrightSparks Pte Ltd)
    Task: {2035D8B4-1023-49F2-BE63-C7B0D25C596C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-04-08] (Google Inc.)
    Task: {33D26AC0-CF94-4000-B59C-10896770AF59} - System32\Tasks\2BrightSparks\SyncBackFree\ACER-A04555092B-JOSE\SyncBackFree Goldmine PRG 02.00 => C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe [2014-02-24] (2BrightSparks Pte Ltd)
    Task: {47B6B8CF-2887-4EA2-89A8-F6309A8A9A10} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-21] (Adobe Systems Incorporated)
    Task: {5909A58E-82C2-4113-8354-1CD150E40940} - System32\Tasks\2BrightSparks\SyncBackFree\ACER-A04555092B-JOSE\SyncBackFree Goldmine Copia Seguridad 18.00 => C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe [2014-02-24] (2BrightSparks Pte Ltd)
    Task: {60C13EB6-6613-4E0F-A8C7-5D759874F4FA} - System32\Tasks\2BrightSparks\SyncBackFree\ACER-A04555092B-JOSE\SyncBackFree Goldmine PRG 21.00 => C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe [2014-02-24] (2BrightSparks Pte Ltd)
    Task: {67A527CA-D1D9-43A4-9DAB-23A8FA47BA26} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2009-07-09] (Acer)
    Task: {6DF60CE0-EF98-4901-B168-6E5D6A77EA78} - System32\Tasks\2BrightSparks\SyncBackFree\ACER-A04555092B-JOSE\SyncBackFree Goldmine 00.00 => C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe [2014-02-24] (2BrightSparks Pte Ltd)
    Task: {792B55CF-25A5-4129-8D1F-84A6FBE10152} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
    Task: {7D5EA2D6-74A2-45A7-ADE8-0BA35CD5049B} - System32\Tasks\Opera scheduled Autoupdate 1411327760 => C:\Program Files (x86)\Opera\launcher.exe [2014-09-25] (Opera Software)
    Task: {83D06586-70B9-475F-8932-A9C73B086216} - System32\Tasks\2BrightSparks\SyncBackFree\ACER-A04555092B-JOSE\SyncBackFree Goldmine 02.00 => C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe [2014-02-24] (2BrightSparks Pte Ltd)
    Task: {90230D48-86E4-437D-B579-73FB7F5122F0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
    Task: {98663158-C972-4B9A-A6A5-272D093EE89A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
    Task: {A05534A1-42D8-467C-950F-223B48B488D1} - System32\Tasks\2BrightSparks\SyncBackFree\ACER-A04555092B-JOSE\SyncBackFree Goldmine PRG 00.00 => C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe [2014-02-24] (2BrightSparks Pte Ltd)
    Task: {A119EA3A-C06B-4285-B3C3-EE62CC8259FD} - System32\Tasks\2BrightSparks\SyncBackFree\ACER-A04555092B-JOSE\SyncBackFree Goldmine 04.00 => C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe [2014-02-24] (2BrightSparks Pte Ltd)
    Task: {B03ABC44-0F22-4E3C-928C-5E116BD49B75} - System32\Tasks\2BrightSparks\SyncBackFree\ACER-A04555092B-JOSE\SyncBackFree Goldmine PRG 04.00 => C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe [2014-02-24] (2BrightSparks Pte Ltd)
    Task: {C0C0A1D3-FC9B-4E95-8EB8-1DC064C54343} - System32\Tasks\2BrightSparks\SyncBackFree\ACER-A04555092B-JOSE\SyncBackFree Goldmine Copia Seguridad 10.00 => C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe [2014-02-24] (2BrightSparks Pte Ltd)
    Task: {C46AB030-799E-424D-AA1C-F4F31C3C2EA1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
    Task: {D31AE306-669F-47C7-A6A0-9CF59117C134} - System32\Tasks\2BrightSparks\SyncBackFree\ACER-A04555092B-JOSE\SyncBackFree Goldmine 21.00 => C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe [2014-02-24] (2BrightSparks Pte Ltd)
    Task: {E50F888C-F358-4A53-A74F-2ED3ACB69B0B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-04-08] (Google Inc.)
    Task: {EC225A48-4C09-4D02-B556-D755DF7C3146} - System32\Tasks\WefiStartup => C:\Program Files (x86)\WeFi\WefiStartup.exe [2010-11-03] (WeFi)
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\WefiStartup.job => C:\Program Files (x86)\WeFi\WefiStartup.exe
     
    ==================== Loaded Modules (whitelisted) =============
     
    2011-02-02 14:08 - 2011-02-02 14:08 - 00018656 _____ () C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
    2014-08-27 12:53 - 2014-08-27 12:53 - 08886592 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe
    2014-08-27 12:53 - 2014-08-27 12:53 - 03396400 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\RCF.dll
    2014-08-27 12:53 - 2014-08-27 12:53 - 00123744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_filesystem-vc100-mt-1_55.dll
    2014-08-27 12:53 - 2014-08-27 12:53 - 00024408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_system-vc100-mt-1_55.dll
    2014-08-27 12:53 - 2014-08-27 12:53 - 00055648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_date_time-vc100-mt-1_55.dll
    2014-08-27 12:53 - 2014-08-27 12:53 - 00103768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_thread-vc100-mt-1_55.dll
    2014-08-27 12:53 - 2014-08-27 12:53 - 00033624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_chrono-vc100-mt-1_55.dll
    2014-08-27 12:53 - 2014-08-27 12:53 - 00500056 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_locale-vc100-mt-1_55.dll
    2014-08-27 12:53 - 2014-08-27 12:53 - 02101568 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\HtmlFramework.dll
    2014-08-27 12:53 - 2014-08-27 12:53 - 00066872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\DllStorage.dll
    2014-08-27 12:53 - 2014-08-27 12:53 - 00832848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTrayDefaultSkin.dll
    2014-08-27 12:53 - 2014-08-27 12:53 - 00811328 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\Localization.dll
    2010-04-09 12:46 - 2008-08-05 20:16 - 00286720 _____ () C:\Program Files (x86)\Launchy\Launchy.exe
    2009-07-29 13:10 - 2009-07-29 13:10 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
    2010-04-08 18:44 - 2010-04-08 18:44 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
    2014-06-16 18:28 - 2014-07-13 15:42 - 01880064 _____ () Y:\Dittoprg64\Ditto.exe
    2010-04-09 12:46 - 2008-05-24 13:31 - 07061504 _____ () C:\Program Files (x86)\Launchy\QtGui4.dll
    2010-04-09 12:46 - 2008-05-24 13:19 - 01961984 _____ () C:\Program Files (x86)\Launchy\QtCore4.dll
    2010-04-09 12:47 - 2008-05-24 13:20 - 00561152 _____ () C:\Program Files (x86)\Launchy\QtNetwork4.dll
    2010-04-09 12:46 - 2008-08-05 20:15 - 00053248 _____ () C:\Program Files (x86)\Launchy\platform_win.dll
    2010-04-09 12:46 - 2008-08-05 20:16 - 00061440 _____ () C:\Program Files (x86)\Launchy\plugins\calcy.dll
    2010-04-09 12:46 - 2008-08-05 20:15 - 00021504 _____ () C:\Program Files (x86)\Launchy\plugins\gcalc.dll
    2010-04-09 12:46 - 2008-08-05 20:16 - 00069632 _____ () C:\Program Files (x86)\Launchy\plugins\runner.dll
    2010-04-09 12:46 - 2008-08-05 20:16 - 00098304 _____ () C:\Program Files (x86)\Launchy\plugins\weby.dll
    2014-06-17 01:07 - 2014-03-26 18:50 - 00457512 _____ () Y:\PORTABLES\OFICINA\PhraseExpress v10.1.24ACER\pexlang.dll
    2014-10-03 01:51 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
    2014-10-03 01:51 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
    2014-10-03 01:51 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
    2010-12-06 07:36 - 2010-12-06 07:36 - 11170744 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\Common\ti_managers.dll
    2014-10-03 01:51 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
    2014-10-03 01:51 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
    2014-09-26 13:48 - 2014-09-23 05:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
    2014-09-26 13:48 - 2014-09-23 05:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll
    2014-09-26 13:48 - 2014-09-23 05:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
    2014-09-26 13:48 - 2014-09-23 05:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
    2014-09-26 13:48 - 2014-09-23 05:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll
     
    ==================== Alternate Data Streams (whitelisted) =========
     
    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
     
    AlternateDataStreams: C:\ProgramData\Temp:09748A8C
    AlternateDataStreams: C:\ProgramData\Temp:0B9176C0
    AlternateDataStreams: C:\ProgramData\Temp:1D32EC29
    AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
    AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
    AlternateDataStreams: C:\ProgramData\Temp:5C321E34
    AlternateDataStreams: C:\ProgramData\Temp:5D7E5A8F
    AlternateDataStreams: C:\ProgramData\Temp:93DE1838
    AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
    AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE
    AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D
    AlternateDataStreams: C:\ProgramData\Temp:E3C56885
    AlternateDataStreams: C:\Users\JOSE\Desktop\Agenda Cultural Octubre 2014.eml:OECustomProperty
    AlternateDataStreams: C:\Users\JOSE\Desktop\CIRCULAR 207.2014 - GUÍA DE APLICACIÓN DEL DB HR (NUEVA VERSIÓN).eml:OECustomProperty
    AlternateDataStreams: C:\Users\JOSE\Desktop\COMIDA ANTROPOLÓGICA EL MIÉRCOLES 8 DE OCTUBRE.eml:OECustomProperty
    AlternateDataStreams: C:\Users\JOSE\Desktop\Mira las nuevas tarifas. Las hemos ampliado! ;).eml:OECustomProperty
    AlternateDataStreams: C:\Users\JOSE\Desktop\Nueva fecha  Seminario on line  La medida de Turbidez.eml:OECustomProperty
    AlternateDataStreams: C:\Users\JOSE\Desktop\Vuelta al cole con Arduino.eml:OECustomProperty
     
    ==================== Safe Mode (whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
     
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
     
    ==================== EXE Association (whitelisted) =============
     
    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
     
     
    ==================== MSCONFIG/TASK MANAGER disabled items =========
     
    (Currently there is no automatic fix for this section.)
     
    MSCONFIG\Services: Adobe LM Service => 3
    MSCONFIG\Services: AdobeARMservice => 2
    MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
    MSCONFIG\Services: c2cautoupdatesvc => 2
    MSCONFIG\Services: c2cpnrsvc => 2
    MSCONFIG\Services: cbVSCService11 => 2
    MSCONFIG\Services: CobianBackup11 => 2
    MSCONFIG\Services: MoboroboDeviceService => 2
    MSCONFIG\Services: NTI IScheduleSvc => 2
    MSCONFIG\Services: NTIBackupSvc => 3
    MSCONFIG\Services: NTISchedulerSvc => 2
    MSCONFIG\Services: SkypeUpdate => 2
    MSCONFIG\Services: WinDefend => 3
    MSCONFIG\startupfolder: C:^Users^JOSE^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ChooseMyParent.exe.lnk => C:\Windows\pss\ChooseMyParent.exe.lnk.Startup
    MSCONFIG\startupfolder: C:^Users^JOSE^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ControlQ.ahk.lnk => C:\Windows\pss\ControlQ.ahk.lnk.Startup
    MSCONFIG\startupfolder: C:^Users^JOSE^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CreateShortcutsIn.exe.lnk => C:\Windows\pss\CreateShortcutsIn.exe.lnk.Startup
    MSCONFIG\startupfolder: C:^Users^JOSE^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DesktopShortcuts.ahk.lnk => C:\Windows\pss\DesktopShortcuts.ahk.lnk.Startup
    MSCONFIG\startupfolder: C:^Users^JOSE^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EmptyFolderListCreator.ahk.lnk => C:\Windows\pss\EmptyFolderListCreator.ahk.lnk.Startup
    MSCONFIG\startupfolder: C:^Users^JOSE^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Emptytxtfile.ahk.lnk => C:\Windows\pss\Emptytxtfile.ahk.lnk.Startup
    MSCONFIG\startupfolder: C:^Users^JOSE^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 2.4.lnk => C:\Windows\pss\OpenOffice.org 2.4.lnk.Startup
    MSCONFIG\startupfolder: C:^Users^JOSE^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^phraseexpress.exe.lnk => C:\Windows\pss\phraseexpress.exe.lnk.Startup
    MSCONFIG\startupfolder: C:^Users^JOSE^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^SyncBackFree.exe.lnk => C:\Windows\pss\SyncBackFree.exe.lnk.Startup
    MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.0\bin\EpmNews.exe
    MSCONFIG\startupreg: EaseUS EPM Tray Agent => "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.0\bin\TrayPopupE\TrayTipAgentE.exe"
    MSCONFIG\startupreg: mwlDaemon => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
    MSCONFIG\startupreg: PLFSetI => C:\Windows\PLFSetI.exe
    MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    MSCONFIG\startupreg: VirtualCloneDrive => "Y:\PORTABLES\Personaliza pc\Virtual Clone Drive\VCDDaemon.exe" /s
     
    ========================= Accounts: ==========================
     
    Administrador (S-1-5-21-4181878685-1256529413-3482687557-500 - Administrator - Disabled)
    Invitado (S-1-5-21-4181878685-1256529413-3482687557-501 - Limited - Disabled)
    JOSE (S-1-5-21-4181878685-1256529413-3482687557-1000 - Administrator - Enabled) => C:\Users\JOSE
     
    ==================== Faulty Device Manager Devices =============
     
     
    ==================== Event log errors: =========================
     
    Application errors:
    ==================
    Error: (10/04/2014 02:55:40 AM) (Source: ESENT) (EventID: 412) (User: )
    Description: wuaueng.dll (1440) SUS20ClientDataStore: No se puede leer el encabezado del archivo de registro C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
     
    Error: (10/04/2014 02:55:40 AM) (Source: ESENT) (EventID: 412) (User: )
    Description: wuaueng.dll (1440) SUS20ClientDataStore: No se puede leer el encabezado del archivo de registro C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
     
    Error: (10/04/2014 02:55:40 AM) (Source: ESENT) (EventID: 412) (User: )
    Description: wuaueng.dll (1440) SUS20ClientDataStore: No se puede leer el encabezado del archivo de registro C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
     
    Error: (10/04/2014 02:55:40 AM) (Source: ESENT) (EventID: 412) (User: )
    Description: wuaueng.dll (1440) SUS20ClientDataStore: No se puede leer el encabezado del archivo de registro C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
     
    Error: (10/04/2014 02:39:40 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
    Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download....authrootstl.cab> con el error: Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
    .
     
    Error: (10/04/2014 02:32:09 AM) (Source: ESENT) (EventID: 412) (User: )
    Description: wuaueng.dll (1440) SUS20ClientDataStore: No se puede leer el encabezado del archivo de registro C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
     
    Error: (10/04/2014 02:32:09 AM) (Source: ESENT) (EventID: 412) (User: )
    Description: wuaueng.dll (1440) SUS20ClientDataStore: No se puede leer el encabezado del archivo de registro C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
     
    Error: (10/04/2014 02:32:09 AM) (Source: ESENT) (EventID: 412) (User: )
    Description: wuaueng.dll (1440) SUS20ClientDataStore: No se puede leer el encabezado del archivo de registro C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
     
    Error: (10/04/2014 02:32:09 AM) (Source: ESENT) (EventID: 412) (User: )
    Description: wuaueng.dll (1440) SUS20ClientDataStore: No se puede leer el encabezado del archivo de registro C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
     
    Error: (10/04/2014 02:32:03 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
    Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download....authrootstl.cab> con el error: Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
    .
     
     
    System errors:
    =============
    Error: (10/04/2014 03:00:56 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: El servicio Ad-Aware Service 11 se terminó de manera inesperada. Esto ha sucedido 1 veces.
     
    Error: (10/03/2014 10:22:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: El servicio Unchecky se terminó de manera inesperada. Esto ha sucedido 1 veces.
     
    Error: (10/03/2014 10:21:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: El servicio Spybot-S&D 2 Scanner Service no pudo iniciarse debido al siguiente error: 
    %%1053
     
    Error: (10/03/2014 10:21:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Spybot-S&D 2 Scanner Service.
     
    Error: (10/03/2014 08:10:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: El servicio WeFi Engine Service no pudo iniciarse debido al siguiente error: 
    %%1053
     
    Error: (10/03/2014 08:10:10 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio WeFi Engine Service.
     
    Error: (10/03/2014 08:09:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: El servicio Unchecky se terminó de manera inesperada. Esto ha sucedido 1 veces.
     
    Error: (10/03/2014 08:08:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: El servicio Spybot-S&D 2 Security Center Service no pudo iniciarse debido al siguiente error: 
    %%1053
     
    Error: (10/03/2014 08:08:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Spybot-S&D 2 Security Center Service.
     
    Error: (10/03/2014 08:07:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: El servicio Spybot-S&D 2 Scanner Service no pudo iniciarse debido al siguiente error: 
    %%1053
     
     
    Microsoft Office Sessions:
    =========================
    Error: (10/04/2014 02:55:40 AM) (Source: ESENT) (EventID: 412) (User: )
    Description: wuaueng.dll1440SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
     
    Error: (10/04/2014 02:55:40 AM) (Source: ESENT) (EventID: 412) (User: )
    Description: wuaueng.dll1440SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
     
    Error: (10/04/2014 02:55:40 AM) (Source: ESENT) (EventID: 412) (User: )
    Description: wuaueng.dll1440SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
     
    Error: (10/04/2014 02:55:40 AM) (Source: ESENT) (EventID: 412) (User: )
    Description: wuaueng.dll1440SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
     
    Error: (10/04/2014 02:39:40 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
    Description: http://www.download....throotstl.cabUn certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
     
    Error: (10/04/2014 02:32:09 AM) (Source: ESENT) (EventID: 412) (User: )
    Description: wuaueng.dll1440SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
     
    Error: (10/04/2014 02:32:09 AM) (Source: ESENT) (EventID: 412) (User: )
    Description: wuaueng.dll1440SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
     
    Error: (10/04/2014 02:32:09 AM) (Source: ESENT) (EventID: 412) (User: )
    Description: wuaueng.dll1440SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
     
    Error: (10/04/2014 02:32:09 AM) (Source: ESENT) (EventID: 412) (User: )
    Description: wuaueng.dll1440SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
     
    Error: (10/04/2014 02:32:03 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
    Description: http://www.download....throotstl.cabUn certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
     
     
    CodeIntegrity Errors:
    ===================================
      Date: 2014-05-06 18:41:26.171
      Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\MoboRobo\MoboroboAssDriver.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
     
      Date: 2014-05-06 18:41:26.155
      Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\MoboRobo\MoboroboAssDriver.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
     
      Date: 2014-05-06 18:40:44.141
      Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\MoboRobo\MoboroboAssDriver.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
     
      Date: 2014-05-06 18:40:44.125
      Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\MoboRobo\MoboroboAssDriver.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
     
      Date: 2014-05-06 18:40:06.981
      Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\MoboRobo\MoboroboAssDriver.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
     
      Date: 2014-05-06 18:40:06.966
      Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\MoboRobo\MoboroboAssDriver.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
     
      Date: 2014-05-03 03:49:47.804
      Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\MoboRobo\MoboroboAssDriver.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
     
      Date: 2014-05-03 03:49:47.787
      Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\MoboRobo\MoboroboAssDriver.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
     
      Date: 2014-05-03 03:49:29.781
      Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\MoboRobo\MoboroboAssDriver.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
     
      Date: 2014-05-03 03:49:29.770
      Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\MoboRobo\MoboroboAssDriver.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
     
     
    ==================== Memory info =========================== 
     
    Processor: Pentium® Dual-Core CPU T4300 @ 2.10GHz
    Percentage of memory in use: 38%
    Total physical RAM: 4090.93 MB
    Available physical RAM: 2517 MB
    Total Pagefile: 8180 MB
    Available Pagefile: 5723.41 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.82 MB
     
    ==================== Drives ================================
     
    Drive c: (ACER) (Fixed) (Total:123.36 GB) (Free:72.5 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
    Drive m: (M) (Fixed) (Total:9.76 GB) (Free:4.57 GB) NTFS
    Drive o: (O:) (Fixed) (Total:185.54 GB) (Free:24.22 GB) NTFS
    Drive u: (ACRONIS) (Fixed) (Total:0.03 GB) (Free:0.01 GB) NTFS
    Drive y: (Y) (Fixed) (Total:540.89 GB) (Free:46.05 GB) NTFS
     
    ==================== MBR & Partition Table ==================
     
    ========================================================
    Disk: 0 (Size: 931.5 GB) (Disk ID: 63B611CB)
    Partition 1: (Active) - (Size=123.4 GB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=30 MB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=808.1 GB) - (Type=05)
     
    ==================== End Of Log ============================


    #5 Metachisme

    Metachisme

      New Member

    • New Member
    • Pip
    • 3 posts

    Posted 03 October 2014 - 08:40 PM

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2014
    Ran by JOSE (administrator) on ACER-A04555092B on 04-10-2014 03:16:50
    Running from C:\Users\JOSE\Desktop\Accesos ACER W7\PROTECCION
    Loaded Profile: JOSE (Available profiles: JOSE)
    Platform: Windows 7 Home Premium (X64) OS Language: Español (España, internacional)
    Internet Explorer Version 8
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (AMD) C:\Windows\System32\atiesrxx.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
    (Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
    (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
    (LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
    () C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
    (Automation Anywhere, Inc.) C:\Program Files (x86)\Automation Anywhere Server 6.6\Client\Automation Anywhere Service.exe
    (Automation Anywhere, Inc.) C:\Program Files (x86)\Automation Anywhere Server 6.6\Client\AAService.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
    (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
    (Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
    (Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
    (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
    () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe
    (Microsoft Corporation) C:\Windows\winsxs\amd64_microsoft-windows-sidebar_31bf3856ad364e35_6.1.7600.16385_none_2ad19d644059217d\sidebar.exe
    (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
    (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
    (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
    () C:\Program Files (x86)\Launchy\Launchy.exe
    (Bartels Media GmbH) Y:\PORTABLES\OFICINA\PhraseExpress v10.1.24ACER\phraseexpress.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
    (Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
    (Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
    (Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    () Y:\DittoPrg64\Ditto.exe
    (DonationCoder) Y:\PORTABLES\MULTIMEDIA\ScreenShotCaptor\ScreenshotCaptor.exe
    (Microsoft Corporation) C:\Windows\System32\taskmgr.exe
    (Jan Fiala) Y:\PORTABLES\DESARROLLO\PSPad\PSPad.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
     
     
    ==================== Registry (Whitelisted) ==================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-06] (Realtek Semiconductor)
    HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
    HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [295936 2009-05-22] (Alps Electric Co., Ltd.)
    HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [828960 2009-08-05] (Acer Incorporated)
    HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [390728 2010-12-06] (Acronis)
    HKLM\...\Run: [] => [X]
    HKLM\...\Run: [RegistrarCeresCertStoreDLL] => C:\Program Files (x86)\FNMT-RCM\uccs.exe [40960 2013-10-30] (C3PO, S.A.)
    HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe [8886592 2014-08-27] ()
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-02] (Advanced Micro Devices, Inc.)
    HKLM-x32\...\Run: [AVG_TRAY] => C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2598520 2012-11-19] (AVG Technologies CZ, s.r.o.)
    HKLM-x32\...\Run: [SAOB Monitor] => C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe [2536752 2010-11-16] (Acronis)
    HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5542488 2010-12-06] (Acronis)
    HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
    Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
    HKU\S-1-5-21-4181878685-1256529413-3482687557-1000\...\Run: [Screenshot Captor] => Y:\PORTABLES\Multimedia\ScreenShotCaptor\ScreenshotCaptor.exe [7963832 2014-07-01] (DonationCoder)
    HKU\S-1-5-21-4181878685-1256529413-3482687557-1000\...\Run: [Sidebar] => C:\Windows\winsxs\amd64_microsoft-windows-sidebar_31bf3856ad364e35_6.1.7600.16385_none_2ad19d644059217d\sidebar.exe [1475072 2009-07-14] (Microsoft Corporation)
    HKU\S-1-5-21-4181878685-1256529413-3482687557-1000\...\Run: [Ditto] => Y:\Dittoprg64\Ditto.exe [1880064 2014-07-13] ()
    HKU\S-1-5-21-4181878685-1256529413-3482687557-1000\...\Run: [GoogleChromeAutoLaunch_EE0E85543B1990E5E61A6663EAD29973] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808 2014-09-23] (Google Inc.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FileBox eXtender.lnk
    ShortcutTarget: FileBox eXtender.lnk -> C:\Program Files (x86)\FileBX\FileBX.exe (Hyperionics Technology LLC)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launchy.lnk
    ShortcutTarget: Launchy.lnk -> C:\Program Files (x86)\Launchy\Launchy.exe ()
    Startup: C:\Users\JOSE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MiddleButton.ahk.lnk
    ShortcutTarget: MiddleButton.ahk.lnk -> O:\Mis documentos en O\SCRIPTING\MiddleMouseClick\MiddleButton.ahk ()
    Startup: C:\Users\JOSE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PhraseExpress.lnk
    ShortcutTarget: PhraseExpress.lnk -> Y:\PORTABLES\OFICINA\PhraseExpress v10.1.24ACER\phraseexpress.exe (Bartels Media GmbH)
    ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll (Egis Technology Inc.)
    ShellIconOverlayIdentifiers: [Identificador de icono superpuesto para firmas digitales de AutoCAD] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)
    ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll (Egis Technology Inc.)
    BootExecute: autocheck autochk * C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restartsdnclean64.exe
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.es/
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
    SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...ng}&rlz=1I7ACAW
    SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.co...q={searchTerms}
    SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = https://www.google.c...q={searchTerms}
    BHO: AVG Do Not Track -> {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} -> C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
    BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll (Google Inc.)
    BHO-x32: AVG Do Not Track -> {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} -> C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
    BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO-x32: Aplicación auxiliar de inicio de sesión en la cuenta Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
    BHO-x32: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
    BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
    Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} -  No File
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
    Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
    Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
    Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
    Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
    Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
    Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
    Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
    Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
    Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.5.1
     
    FireFox:
    ========
    FF ProfilePath: Y:\FIREFOX PERFILES\PEPE
    FF NewTab: hxxp://duckduckgo.com
    FF SearchEngineOrder.1: Google
    FF Homepage: hxxp://www.google.com|https://es-la.facebo...ogspot.com.es/|
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
    FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
    FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\alexa.xml
    FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\alltheinternet.xml
    FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\ask.uk.xml
    FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\blekko-https.xml
    FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\blekko.xml
    FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\bmrk-file-host-search.xml
    FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\businesscom.xml
    FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\crawlersrch.xml
    FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\diccionario-de-espaol-rae.xml
    FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\diigo--google.xml
    FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\diigo-customize-search.xml
    FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\dogpile.xml
    FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\duckduckgo-http.xml
    FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\duckduckgo.xml
    FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\f-secure-search.xml
    FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\facebook-search.xml
    FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\facebook.xml
    FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\filezcom.xml
    FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\google-images.xml
    FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\google-language-de.xml
    FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\google-language-fr.xml
    FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\honsearch.xml
    FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\ixquick-https---espanol.xml
    FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\kartoocom.xml
    FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\mozilla-add-ons.xml
    FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\omgili.xml
    FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\qrobeit.xml
    FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\rapidlibrarycom.xml
    FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\rebuscalo.xml
    FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\rollyo-jamn.xml
    FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\rollyo-winxppro.xml
    FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\sweetim.xml
    FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\userlogos.xml
    FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\warech.xml
    FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\web-search-powered-by-google.xml
    FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\webster.xml
    FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\wordpot---the-keyword-finder.xml
    FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\yahoo_ff.xml
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\drae.xml
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-es.xml
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-es.xml
    FF Extension: Diccionario de Español/España - Y:\FIREFOX PERFILES\PEPE\Extensions\es-es@dictionaries.addons.mozilla.org [2014-07-14]
    FF Extension: Lazarus: Form Recovery - Y:\FIREFOX PERFILES\PEPE\Extensions\lazarus@interclue.com [2014-06-17]
    FF Extension: TabGroups Manager - Y:\FIREFOX PERFILES\PEPE\Extensions\{ca526f8b-9e0a-4756-9077-19d6f3e64ea8} [2014-07-29]
    FF Extension: fireform - Y:\FIREFOX PERFILES\PEPE\Extensions\fireform@mozilla.org.xpi [2014-07-29]
    FF Extension: DuckDuckGo Plus - Y:\FIREFOX PERFILES\PEPE\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2014-08-18]
    FF Extension: Español (España) Language Pack - Y:\FIREFOX PERFILES\PEPE\Extensions\langpack-es-ES@firefox.mozilla.org.xpi [2014-07-14]
    FF Extension: The Addon Bar (restored) - Y:\FIREFOX PERFILES\PEPE\Extensions\the-addon-bar@GeekInTraining-GiT.xpi [2014-10-04]
    FF Extension: Alexa Sparky - Y:\FIREFOX PERFILES\PEPE\Extensions\toolbar@alexa.com.xpi [2014-07-29]
    FF Extension: NoScript - Y:\FIREFOX PERFILES\PEPE\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-08-26]
    FF Extension: Adblock Plus - Y:\FIREFOX PERFILES\PEPE\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-29]
    FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-09-26]
    FF HKLM-x32\...\Firefox\Extensions: [{F53C93F1-07D5-430c-86D4-C9531B27DFAF}] - C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack
    FF Extension: AVG Do Not Track - C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack [2012-07-07]
    FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
    FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-03-29]
     
    Chrome: 
    =======
    CHR Profile: C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Awesome Screenshot: Capture & Annotate) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce [2014-09-26]
    CHR Extension: (Google Docs) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-30]
    CHR Extension: (Task Timer) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aomfjmibjhhfdenfkpaodhnlhkolngif [2014-10-03]
    CHR Extension: (Google Drive) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-30]
    CHR Extension: (YouTube) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-30]
    CHR Extension: (Last updated at $time$ on $date$) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-09-26]
    CHR Extension: (TimeDoser) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmkneeaihlcdllananjlkmppnkdahdcc [2014-10-03]
    CHR Extension: (Google Search) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-30]
    CHR Extension: (Light) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\dacdieigeclacgkdlmnojihknoblpafo [2014-10-03]
    CHR Extension: (Fluency Tutor™ for Google (Teacher App)) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejajakfhhhhkifioabcekjjlhpoiijfa [2014-09-26]
    CHR Extension: (GNotes Extension) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\idpclaojcopihmplcfnmgfkllldpajen [2014-09-26]
    CHR Extension: (DéjàClick for Chrome™) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\jndncliamncgdmjicflfcbklpedknkph [2014-09-26]
    CHR Extension: (Little Alchemy) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2014-10-03]
    CHR Extension: (Business Process Simulator) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\lagcfcefblfnmjkkkdekiidfefhgodmk [2014-10-03]
    CHR Extension: (Skype Click to Call) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-05-18]
    CHR Extension: (Wordtracker Scout) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkalodfoplipapmeogaehmiabdhhjapb [2014-09-26]
    CHR Extension: (Google Drawings) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkaakpdehdafacodkgkpghoibnmamcme [2014-10-03]
    CHR Extension: (Google Wallet) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-30]
    CHR Extension: (Scientific Calculator) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\npoipmeppdioagbkigdlnpmjphnolaog [2014-10-03]
    CHR Extension: (Any.do) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocgddccilgpeepgglnlpchkpgamkgmld [2014-10-03]
    CHR Extension: (NotScripts) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\odjhifogjcknibkahlpidmdajjpkkcfn [2014-09-29]
    CHR Extension: (ScriptSafe) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf [2014-09-29]
    CHR Extension: (Readability) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\oknpjjbmpnndlpmnhmekjpocelpnlfdi [2014-09-26]
    CHR Extension: (Accurate Ruler) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pemefhlbiinkcopbapnfghcnjhlgceof [2014-10-03]
    CHR Extension: (Gmail) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-30]
    CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
     
    ==================== Services (Whitelisted) =================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-09-21] (SUPERAntiSpyware.com)
    S4 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [69632 2010-04-08] (Adobe Systems) [File not signed]
    R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
    R2 Automation Anywhere Server Service 6.6; C:\Program Files (x86)\Automation Anywhere Server 6.6\Client\Automation Anywhere Service.exe [1142881 2010-12-14] (Automation Anywhere, Inc.) [File not signed]
    S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [5175856 2013-10-16] (AVG Technologies CZ, s.r.o.)
    R2 avgwd; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)
    S4 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
    S4 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
    S4 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2013-03-07] (CobianSoft, Luis Cobian) [File not signed]
    S4 CobianBackup11; C:\Program Files (x86)\Cobian Backup 11\cbService.exe [1131008 2013-03-07] (Luis Cobian, CobianSoft) [File not signed]
    S2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe [706864 2014-08-27] ()
    S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [234776 2012-09-05] (McAfee, Inc.)
    S4 MoboroboDeviceService; C:\Program Files (x86)\MoboRobo\MoboroboDeviceService.exe [70952 2014-03-28] ()
    R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-07] (Egis Technology Inc.)
    R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
    R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
    R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
    S3 TriDefService; C:\Program Files (x86)\TriDef 3D\TriDef\Common\TriDefService.exe [1327104 2009-09-15] () [File not signed]
    S2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [111208 2014-09-28] (RaMMicHaeL)
    S3 WefiEngSvc; C:\Program Files (x86)\WeFi\WefiEngSvc.exe [120152 2010-11-03] (WeFi)
     
    ==================== Drivers (Whitelisted) ====================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    R3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [127328 2012-12-10] (AVG Technologies CZ, s.r.o. )
    R3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfiltera.sys [29776 2011-12-23] (AVG Technologies CZ, s.r.o. )
    R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [28480 2012-04-19] (AVG Technologies CZ, s.r.o. )
    R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [307040 2012-11-08] (AVG Technologies CZ, s.r.o.)
    R1 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [47696 2011-12-23] (AVG Technologies CZ, s.r.o.)
    R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [36944 2012-01-31] (AVG Technologies CZ, s.r.o.)
    R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [384800 2013-04-11] (AVG Technologies CZ, s.r.o.)
    S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] () [File not signed]
    S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] () [File not signed]
    S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] () [File not signed]
    S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
    S3 EZUSB; C:\Windows\System32\DRIVERS\ezusb64.sys [33280 2007-02-06] (Castles Technology Co.,Ltd)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-07-10] (BitDefender S.R.L.)
    S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115488 2014-03-26] (Oracle Corporation)
    S3 cpuz135; \??\C:\Users\JOSE\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [X]
    S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
    S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
    U3 aswMBR; \??\C:\Users\JOSE\AppData\Local\Temp\aswMBR.sys [X]
    U3 aswVmm; \??\C:\Users\JOSE\AppData\Local\Temp\aswVmm.sys [X]
     
    ==================== NetSvcs (Whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
     
     
    ==================== One Month Created Files and Folders ========
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2014-10-04 03:03 - 2014-10-04 03:03 - 00001940 _____ () C:\Users\JOSE\Desktop\aswMBR.txt
    2014-10-04 03:03 - 2014-10-04 03:03 - 00000512 _____ () C:\Users\JOSE\Desktop\MBR.dat
    2014-10-04 02:55 - 2014-10-04 02:55 - 00000086 _____ () C:\Users\JOSE\Desktop\Conduit - Virus, Spyware & Malware Removal.url
    2014-10-04 02:09 - 2014-10-04 02:11 - 05185536 _____ (AVAST Software) C:\Users\JOSE\Desktop\aswMBR.exe
    2014-10-04 02:02 - 2014-10-04 02:02 - 00000000 ____D () C:\ProgramData\Licenses
    2014-10-04 02:01 - 2014-10-04 02:09 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
    2014-10-04 02:01 - 2014-10-04 02:01 - 00001087 _____ () C:\Users\Public\Desktop\SpywareBlaster.lnk
    2014-10-04 02:01 - 2014-10-04 02:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
    2014-10-04 01:58 - 2014-10-04 01:58 - 00000096 _____ () C:\Users\JOSE\Desktop\Post Here for Malware Removal ....url
    2014-10-04 01:08 - 2014-10-04 01:08 - 00000000 ____D () C:\Program Files (x86)\ESET
    2014-10-04 00:53 - 2014-10-04 00:53 - 00001145 _____ () C:\Users\JOSE\Desktop\Automatic Web Launcher.lnk
    2014-10-04 00:41 - 2014-10-04 00:41 - 00001117 _____ () C:\Users\JOSE\Desktop\Gimnasia constante.lnk
    2014-10-04 00:12 - 2014-10-04 00:12 - 00001106 _____ () C:\Users\JOSE\Desktop\Energy University.lnk
    2014-10-03 23:22 - 2014-10-03 23:22 - 00001050 _____ () C:\Users\JOSE\Desktop\LopezRuiz.lnk
    2014-10-03 23:21 - 2014-10-03 23:21 - 00001034 _____ () C:\Users\JOSE\Desktop\Conduit.lnk
    2014-10-03 22:35 - 2010-04-08 20:13 - 00005680 ___SH () C:\Users\JOSE\Desktop\desktop (2).ini
    2014-10-03 22:35 - 2010-04-08 20:13 - 00005680 ___SH () C:\Users\JOSE\Desktop\desktop (2) - copia.ini
    2014-10-03 20:01 - 2014-10-03 20:01 - 00001204 _____ () C:\Users\JOSE\Desktop\Entrenamiento Mental-Simplifica.lnk
    2014-10-03 20:00 - 2014-10-03 20:00 - 00001061 _____ () C:\Users\JOSE\Desktop\Chino-Ruso.lnk
    2014-10-03 19:55 - 2014-10-03 19:55 - 00000532 _____ () C:\Windows\PFRO.log
    2014-10-03 18:23 - 2014-09-29 15:38 - 00037987 _____ () C:\zoek-results2014-09-29-143831.log
    2014-10-03 15:21 - 2014-10-03 15:23 - 00000000 ____D () C:\Users\JOSE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome
    2014-10-03 15:21 - 2014-10-03 15:21 - 00000000 ____D () C:\Users\JOSE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
    2014-10-03 02:46 - 2014-10-03 02:46 - 00000000 ____D () C:\Users\JOSE\AppData\Roaming\Lavasoft
    2014-10-03 02:45 - 2014-10-03 02:45 - 00000000 ____D () C:\Users\JOSE\AppData\Roaming\LavasoftStatistics
    2014-10-03 02:45 - 2014-10-03 02:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
    2014-10-03 02:31 - 2014-10-03 02:31 - 00000000 ____D () C:\Program Files\Lavasoft
    2014-10-03 02:24 - 2014-10-03 02:24 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
    2014-10-03 02:17 - 2014-10-03 02:17 - 00000000 ____D () C:\ProgramData\Lavasoft
    2014-10-03 01:52 - 2014-10-03 01:52 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
    2014-10-03 01:51 - 2014-10-03 02:39 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
    2014-10-03 01:51 - 2014-10-03 02:06 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
    2014-10-03 01:51 - 2014-10-03 01:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
    2014-10-03 01:51 - 2014-10-03 01:51 - 00001399 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
    2014-10-03 01:51 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
    2014-10-03 01:43 - 2014-10-04 03:17 - 00000000 ____D () C:\FRST
    2014-10-03 00:19 - 2014-10-03 00:19 - 00001145 _____ () C:\Users\JOSE\Desktop\Entrenamiento auditivo.lnk
    2014-10-02 23:36 - 2014-10-02 23:36 - 00000088 _____ () C:\Users\JOSE\Desktop\Mozilla Hispano • Ver Tema - Información posicionamiento addons.url
    2014-10-02 22:45 - 2014-10-02 22:45 - 00047630 _____ () C:\Users\JOSE\Desktop\Vuelta al cole con Arduino.eml
    2014-10-02 22:44 - 2014-10-02 22:44 - 00015141 _____ () C:\Users\JOSE\Desktop\Mira las nuevas tarifas. Las hemos ampliado! ;).eml
    2014-10-02 22:20 - 2014-10-02 22:20 - 00013524 _____ () C:\Users\JOSE\Desktop\Nueva fecha  Seminario on line  La medida de Turbidez.eml
    2014-10-02 22:17 - 2014-10-02 22:17 - 00064033 _____ () C:\Users\JOSE\Desktop\Agenda Cultural Octubre 2014.eml
    2014-10-02 22:16 - 2014-10-02 22:17 - 00099332 _____ () C:\Users\JOSE\Desktop\CIRCULAR 207.2014 - GUÍA DE APLICACIÓN DEL DB HR (NUEVA VERSIÓN).eml
    2014-10-02 22:16 - 2014-10-02 22:17 - 00010663 _____ () C:\Users\JOSE\Desktop\COMIDA ANTROPOLÓGICA EL MIÉRCOLES 8 DE OCTUBRE.eml
    2014-10-02 21:56 - 2014-10-02 22:13 - 00000000 ____D () C:\Users\JOSE\AppData\Local\Popcorn-Time
    2014-10-02 21:13 - 2014-10-02 21:13 - 00000000 ____D () C:\Users\JOSE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time
    2014-10-02 21:13 - 2014-10-02 21:13 - 00000000 ____D () C:\Users\JOSE\AppData\Local\Popcorn Time
    2014-10-01 23:43 - 2014-10-01 23:43 - 00000184 _____ () C:\Users\JOSE\Desktop\Control interruptor casero de pared - Arduino Forum.URL
    2014-10-01 22:28 - 2014-10-02 01:56 - 00000000 ____D () C:\Users\JOSE\AppData\Roaming\SkyPath
    2014-10-01 17:00 - 2014-10-03 22:20 - 00000786 _____ () C:\Windows\setupact.log
    2014-10-01 17:00 - 2014-10-01 17:00 - 00000000 _____ () C:\Windows\setuperr.log
    2014-10-01 15:10 - 2014-10-01 15:10 - 00108320 _____ () C:\Users\JOSE\Documents\cc_20141001_151039.reg
    2014-10-01 12:47 - 2014-10-01 12:47 - 00001102 _____ () C:\Users\JOSE\Desktop\Mozart.UNIDAD E.lnk
    2014-10-01 11:43 - 2014-10-01 11:43 - 00000912 _____ () C:\Users\JOSE\Desktop\CRONO.10.2014.lnk
    2014-10-01 00:18 - 2014-10-01 00:18 - 00000000 ____D () C:\Users\JOSE\AppData\Roaming\Easy Image Modifier
    2014-09-30 20:51 - 2014-09-30 21:04 - 00000000 ____D () C:\Users\JOSE\Documents\Anki
    2014-09-30 20:44 - 2014-09-30 20:44 - 00000758 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anki.lnk
    2014-09-30 20:44 - 2014-09-30 20:44 - 00000000 ____D () C:\Program Files (x86)\Anki
    2014-09-30 12:35 - 2014-09-30 12:35 - 00000000 _____ () C:\Users\JOSE\Desktop\borrador autorizacion ana.txt
    2014-09-29 14:36 - 2014-10-03 18:33 - 00059967 _____ () C:\zoek-results.log
    2014-09-29 00:31 - 2014-09-29 15:13 - 00000000 ____D () C:\zoek_backup
    2014-09-29 00:07 - 2014-09-29 00:07 - 00000000 ____D () C:\Windows\ERUNT
    2014-09-28 23:50 - 2014-09-28 23:50 - 00000000 ____D () C:\ProgramData\Unchecky
    2014-09-28 23:50 - 2014-09-28 23:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky
    2014-09-28 23:50 - 2014-09-28 23:50 - 00000000 ____D () C:\Program Files (x86)\Unchecky
    2014-09-28 16:46 - 2014-09-28 16:47 - 00000116 _____ () C:\Users\JOSE\Desktop\Borrador el ayuntamiento contra el pueblo.txt
    2014-09-28 03:08 - 2014-09-28 03:15 - 00000207 _____ () C:\Users\JOSE\.languagetool.cfg
    2014-09-28 01:59 - 2014-09-28 02:08 - 00000706 _____ () C:\Users\JOSE\Desktop\Borrador razonamiento endesa.txt
    2014-09-28 00:00 - 2014-09-28 00:00 - 00007611 _____ () C:\Users\JOSE\AppData\Local\Resmon.ResmonCfg
    2014-09-26 13:54 - 2014-09-26 13:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2014-09-24 22:42 - 2014-09-24 22:42 - 00000000 ____D () C:\Users\JOSE\AppData\Local\ABBYY
    2014-09-24 01:57 - 2014-09-24 01:57 - 00001308 _____ () C:\Users\JOSE\Desktop\251.14.proyecto.doc.lnk
    2014-09-24 01:13 - 2014-09-24 01:13 - 00001245 _____ () C:\Users\JOSE\Desktop\ReOpen.exe.lnk
    2014-09-23 13:32 - 2014-09-23 13:32 - 00001982 _____ () C:\Users\JOSE\Desktop\Explorer addons Escenario Addons.bat.lnk
    2014-09-22 23:06 - 2014-09-22 23:06 - 00000000 _RSHD () C:\bootwiz
    2014-09-22 21:04 - 2014-09-22 21:07 - 00001024 _____ () C:\Windows\system32\AutoPartNt.let
    2014-09-22 21:04 - 2014-09-22 21:04 - 03106144 _____ (Acronis) C:\Windows\system32\AutoPartNt.exe
    2014-09-22 19:26 - 2014-09-22 19:26 - 00001915 _____ () C:\Users\JOSE\Desktop\002.Desactivar Internet.bat.lnk
    2014-09-22 19:26 - 2014-09-22 19:26 - 00001898 _____ () C:\Users\JOSE\Desktop\002.Activar Internet.bat.lnk
    2014-09-22 18:56 - 2014-09-22 19:15 - 00004145 _____ () C:\Users\JOSE\Desktop\DesactivarInternet.notrota..bat
    2014-09-22 15:15 - 2014-09-22 15:15 - 00000980 _____ () C:\Users\JOSE\Desktop\Teatro cine danza etc.lnk
    2014-09-22 13:41 - 2014-09-22 19:23 - 00000000 ____D () C:\Users\JOSE\Desktop\Correos TB en proceso
    2014-09-22 02:47 - 2014-09-22 02:47 - 00000000 ____D () C:\Users\JOSE\AppData\Roaming\Spacejock Software
    2014-09-22 01:59 - 2014-09-22 01:59 - 00000926 _____ () C:\Users\JOSE\Desktop\Consultas.lnk
    2014-09-22 00:57 - 2014-09-22 00:57 - 00000000 ____D () C:\Program Files (x86)\Shai Raiten
    2014-09-22 00:44 - 2014-09-22 00:44 - 00002013 _____ () C:\Users\JOSE\Desktop\Reabrir residentes no imprescindibles.bat.lnk
    2014-09-22 00:44 - 2014-09-22 00:44 - 00002010 _____ () C:\Users\JOSE\Desktop\reabrir servicios no imprescindibles.bat.lnk
    2014-09-22 00:43 - 2014-09-22 00:43 - 00001999 _____ () C:\Users\JOSE\Desktop\matar residentes no imprescindibles.bat.lnk
    2014-09-22 00:13 - 2014-09-22 00:13 - 00001915 _____ () C:\Users\JOSE\Desktop\unnecessary services w7.bat.lnk
    2014-09-22 00:12 - 2014-09-22 00:12 - 00001943 _____ () C:\Users\JOSE\Desktop\desactivar-servicios-seguro.bat.txt.lnk
    2014-09-22 00:12 - 2014-09-22 00:12 - 00001926 _____ () C:\Users\JOSE\Desktop\desactivar-servicios-mio.bat.lnk
    2014-09-22 00:11 - 2014-09-22 00:11 - 00001454 _____ () C:\Users\JOSE\Desktop\batch.lnk
    2014-09-21 20:54 - 2014-09-21 20:54 - 00001018 _____ () C:\Users\JOSE\Downloads\respaldo-configuracion-servicios.zip
    2014-09-21 20:52 - 2014-09-26 00:54 - 00000000 ____D () C:\KMPlayer
    2014-09-21 20:52 - 2014-09-21 20:52 - 00000000 ____D () C:\Users\JOSE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
    2014-09-21 20:29 - 2014-09-26 13:32 - 00003860 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1411327760
    2014-09-21 20:29 - 2014-09-26 13:32 - 00000000 ____D () C:\Program Files (x86)\Opera
    2014-09-21 20:29 - 2014-09-21 20:29 - 00001143 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
    2014-09-21 20:29 - 2014-09-21 20:29 - 00000000 ____D () C:\Users\JOSE\AppData\Roaming\Opera Software
    2014-09-21 20:29 - 2014-09-21 20:29 - 00000000 ____D () C:\Users\JOSE\AppData\Local\Opera Software
    2014-09-21 19:57 - 2014-06-16 07:01 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
    2014-09-21 19:57 - 2014-06-16 07:01 - 00110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
    2014-09-21 19:52 - 2014-09-21 19:52 - 00000898 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waterfox.lnk
    2014-09-21 19:52 - 2014-09-21 19:52 - 00000000 ____D () C:\Program Files\Waterfox
    2014-09-21 19:47 - 2014-09-21 19:47 - 00000000 ____D () C:\Users\JOSE\AppData\Roaming\Oracle
    2014-09-21 19:45 - 2014-09-21 19:45 - 00000000 ____D () C:\Users\JOSE\AppData\Roaming\TuneUp Software
    2014-09-21 19:44 - 2014-09-21 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2014-09-21 19:44 - 2014-07-25 12:55 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2014-09-21 19:44 - 2014-07-25 12:49 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
    2014-09-21 19:44 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
    2014-09-21 19:44 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
    2014-09-21 19:43 - 2014-09-21 19:44 - 00004487 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
    2014-09-21 19:32 - 2014-09-21 19:32 - 00076758 _____ () C:\Users\JOSE\Documents\cc_20140921_193207.reg
    2014-09-21 19:29 - 2014-09-21 19:29 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
    2014-09-21 19:29 - 2014-09-21 19:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    2014-09-21 19:29 - 2014-09-21 19:29 - 00000000 ____D () C:\Program Files\CCleaner
    2014-09-21 19:07 - 2014-10-01 23:01 - 00000000 ___SD () C:\Users\JOSE\Desktop\SkyPathUploads
    2014-09-21 19:04 - 2014-10-01 22:27 - 00000000 ____D () C:\Users\JOSE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyPath
    2014-09-21 19:04 - 2014-09-21 19:04 - 00000000 ____D () C:\Program Files\Imageshack
    2014-09-21 17:28 - 2014-10-03 22:27 - 00000000 ____D () C:\ProgramData\WeFi
    2014-09-21 15:49 - 2014-09-21 15:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PPC Keyword Generator
    2014-09-21 15:49 - 2014-09-21 15:49 - 00000000 ____D () C:\Program Files (x86)\PPC Keyword Generator
    2014-09-21 15:46 - 2014-09-21 15:46 - 00001101 _____ () C:\Users\JOSE\AppData\Roaming\Microsoft\Windows\Start Menu\Dictionary.lnk
    2014-09-21 15:46 - 2014-09-21 15:46 - 00000000 ____D () C:\Program Files (x86)\Dictionary
    2014-09-21 15:36 - 2014-09-21 15:36 - 00000000 ____D () C:\Users\JOSE\Documents\Launch-n-Go
    2014-09-21 15:31 - 2014-09-21 17:28 - 00000000 ____D () C:\Users\JOSE\Documents\Automation Anywhere Server
    2014-09-21 15:31 - 2014-09-21 15:31 - 00000000 ____D () C:\Users\Public\Documents\MS Engine
    2014-09-21 15:28 - 2014-09-21 15:28 - 00000000 ____D () C:\Users\JOSE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Automation Anywhere Server 6.6
    2014-09-21 15:27 - 2014-09-21 15:28 - 00000000 ____D () C:\Program Files (x86)\Automation Anywhere Server 6.6
    2014-09-21 15:21 - 2014-09-21 15:21 - 00000000 ____D () C:\Users\JOSE\AppData\Local\Auspex
    2014-09-21 15:14 - 2014-09-21 15:14 - 00000000 ____D () C:\Users\JOSE\AppData\Roaming\www.kiwix.org
    2014-09-21 15:14 - 2014-09-21 15:14 - 00000000 ____D () C:\Users\JOSE\AppData\Local\www.kiwix.org
    2014-09-21 14:36 - 2014-10-03 22:23 - 00000330 _____ () C:\Windows\Tasks\WefiStartup.job
    2014-09-21 14:36 - 2014-09-21 20:08 - 00002550 _____ () C:\Windows\System32\Tasks\WefiStartup
    2014-09-21 14:36 - 2014-09-21 14:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WeFi
    2014-09-21 14:35 - 2014-09-21 14:36 - 00000000 ____D () C:\Program Files (x86)\WeFi
    2014-09-21 13:12 - 2014-09-21 13:12 - 00000000 __HDC () C:\ProgramData\{A87EB928-0C6C-4071-AEF1-59E32BAEDF1B}
    2014-09-21 13:12 - 2014-09-21 13:12 - 00000000 ____D () C:\Users\JOSE\AppData\Roaming\Stardock
    2014-09-21 13:11 - 2014-09-21 13:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fences
    2014-09-21 13:11 - 2014-09-21 13:11 - 00000000 ____D () C:\Program Files (x86)\Stardock
    2014-09-21 05:22 - 2014-09-20 17:53 - 00001038 _____ () C:\Users\JOSE\Desktop\SOFTWARE NUEVO por probar.lnk
    2014-09-21 05:22 - 2014-09-20 17:53 - 00001029 _____ () C:\Users\JOSE\Desktop\RecH.vbox.lnk
    2014-09-21 05:22 - 2014-09-20 17:53 - 00000796 _____ () C:\Users\JOSE\Desktop\Utilidades Varias - Acceso directo.lnk
    2014-09-21 05:21 - 2014-09-20 17:53 - 00001502 _____ () C:\Users\JOSE\Desktop\mv expedientes.lnk
    2014-09-21 05:21 - 2014-09-20 17:53 - 00001462 _____ () C:\Users\JOSE\Desktop\mv comunicaciones.lnk
    2014-09-21 05:21 - 2014-09-20 17:53 - 00001458 _____ () C:\Users\JOSE\Desktop\mv fusión total.lnk
    2014-09-21 05:21 - 2014-09-20 17:53 - 00001438 _____ () C:\Users\JOSE\Desktop\mv luis yanes bello.lnk
    2014-09-21 05:21 - 2014-09-20 17:53 - 00001378 _____ () C:\Users\JOSE\Desktop\FRASEO 2014.lnk
    2014-09-21 05:21 - 2014-09-20 17:53 - 00001021 _____ () C:\Users\JOSE\Desktop\PRUEBAS SEO 2014.lnk
    2014-09-21 05:21 - 2014-09-20 17:53 - 00000989 _____ () C:\Users\JOSE\Desktop\PROTECCION - Acceso directo.lnk
    2014-09-21 05:21 - 2014-09-20 17:53 - 00000951 _____ () C:\Users\JOSE\Desktop\FRASEO.lnk
    2014-09-21 05:21 - 2014-07-05 13:27 - 00000000 _____ () C:\Users\JOSE\Desktop\Instrucciones.txt
    2014-09-21 05:20 - 2014-09-20 17:53 - 00001129 _____ () C:\Users\JOSE\Desktop\Beyondo.SEO.FRASEO.vbox.lnk
    2014-09-21 05:20 - 2014-09-20 17:53 - 00000954 _____ () C:\Users\JOSE\Desktop\Descargas MER.lnk
    2014-09-21 05:19 - 2014-09-20 17:53 - 00000923 _____ () C:\Users\JOSE\Desktop\251.14.javier.lnk
    2014-09-21 05:19 - 2014-09-20 17:53 - 00000923 _____ () C:\Users\JOSE\Desktop\247.14.Segundo Generador.lnk
     
    ==================== One Month Modified Files and Folders =======
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2014-10-04 03:18 - 2014-04-05 11:58 - 00000838 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-10-04 03:01 - 2014-04-03 02:00 - 00000000 ____D () C:\Users\JOSE\AppData\Roaming\Thunderbird
    2014-10-04 02:55 - 2010-04-08 18:34 - 01719262 _____ () C:\Windows\WindowsUpdate.log
    2014-10-04 02:44 - 2010-04-08 21:12 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-10-04 02:12 - 2010-04-08 18:50 - 00000000 ____D () C:\ProgramData\Temp
    2014-10-03 22:29 - 2009-07-14 05:45 - 00017376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-10-03 22:29 - 2009-07-14 05:45 - 00017376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-10-03 22:20 - 2010-04-08 21:12 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-10-03 22:20 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-10-03 20:05 - 2014-03-27 14:34 - 00000000 ____D () C:\Users\JOSE\Documents\PhraseExpress
    2014-10-03 19:53 - 2014-05-06 20:41 - 00000000 ____D () C:\AdwCleaner
    2014-10-03 17:42 - 2014-04-10 22:09 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
    2014-10-03 17:02 - 2010-04-08 21:33 - 00000000 ____D () C:\Windows\system32\Drivers\Avg
    2014-10-03 15:39 - 2014-04-18 02:31 - 00000000 ___RD () C:\Users\JOSE\Desktop\Accesos ACER W7
    2014-10-02 22:55 - 2014-04-10 21:41 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-10-02 21:09 - 2014-04-05 10:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2014-10-02 21:09 - 2014-04-05 10:33 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
    2014-10-02 21:09 - 2014-04-05 10:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
    2014-10-02 01:33 - 2014-04-08 03:03 - 00115584 _____ () C:\Users\JOSE\AppData\Roaming\GDIPFONTCACHEV1.DAT
    2014-10-01 01:20 - 2010-04-09 04:26 - 00744986 _____ () C:\Windows\system32\perfh00A.dat
    2014-10-01 01:20 - 2010-04-09 04:26 - 00157454 _____ () C:\Windows\system32\perfc00A.dat
    2014-10-01 01:20 - 2009-07-14 06:13 - 01669262 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-09-28 03:08 - 2010-04-08 18:39 - 00000000 ____D () C:\Users\JOSE
    2014-09-26 22:11 - 2014-04-10 04:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
    2014-09-23 03:08 - 2005-07-04 01:11 - 00057344 _____ (Optimum X) C:\Users\JOSE\Desktop\Shortcut.exe
    2014-09-23 01:14 - 2014-04-12 20:48 - 00000000 ____D () C:\Users\JOSE\AppData\Roaming\Acronis
    2014-09-22 16:19 - 2010-03-14 19:12 - 00001461 _____ () C:\Users\JOSE\Desktop\MakeExeFromBat.bat
    2014-09-22 00:23 - 2014-04-08 14:37 - 00000000 ____D () C:\Factusol 2000
    2014-09-21 21:53 - 2014-04-05 11:58 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2014-09-21 21:53 - 2014-04-05 11:58 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2014-09-21 21:53 - 2014-04-05 11:58 - 00003776 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2014-09-21 19:57 - 2014-04-30 06:39 - 00000000 ____D () C:\Program Files (x86)\Samsung
    2014-09-21 19:44 - 2014-04-08 00:27 - 00000000 ____D () C:\Program Files (x86)\Java
    2014-09-21 19:33 - 2009-07-27 21:41 - 00000000 ____D () C:\Windows\Panther
    2014-09-21 17:58 - 2014-04-10 21:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-09-21 17:58 - 2014-04-10 21:41 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-09-21 17:38 - 2010-04-08 21:12 - 00004096 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2014-09-21 17:38 - 2010-04-08 21:12 - 00003844 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2014-09-21 15:36 - 2014-04-26 00:18 - 00000000 ____D () C:\Users\JOSE\Documents\Automation Anywhere
    2014-09-21 05:18 - 2010-04-08 20:14 - 00000000 ___RD () C:\Users\JOSE\Desktop\Utilidades Varias
    2014-09-21 05:01 - 2014-04-22 05:07 - 00000000 ____D () C:\Users\JOSE\AppData\Roaming\OpenOffice.org2
    2014-09-21 05:01 - 2014-03-28 04:41 - 00000000 ____D () C:\Windows\pss
    2014-09-21 03:22 - 2014-05-15 23:03 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
     
    Some content of TEMP:
    ====================
    C:\Users\JOSE\AppData\Local\Temp\Quarantine.exe
     
     
    ==================== Bamital & volsnap Check =================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
     
     
    LastRegBack: 2014-09-22 23:33
     
    ==================== End Of Log ============================


    #6 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 04 October 2014 - 01:55 PM

    You have posted at other sites for help, just so you know we are all volunteers that do this in our spare time helping people remove malware from there computers and we are spread pretty thin. We cannot have more than one forum and one helper helping you for the same problem, its very unfair to other people who are waiting for help.

     

    If you want to continue here then you need to let the other people know in the other forums you have seeked help at and let them close your topic. 

     

    If you want to continue here, close all those other topics, send me a pm letting me know that you did this and I will reopen this one, until then, this topic will be closed

     

     

    Thanks for wasting my time



     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #7 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 05 October 2014 - 05:06 PM

    Your post has been Moved, Closed or Edited for one of the following reasons:

    1.) You posted multiple topics at other forums

    2.) You are spamming links to other places without approval

    3.) Abusive language or other problems in your text

    4.) Your topic is too old (20 days or more) and no replies from you after a volunteer tried to help you

    This is a family oriented forum to help those that need help.

    ==============================



     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    Related Topics



    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users