I have a very recidivive conduit
i HAVE tried almost everything
http://forums.mozill...01877#p13801877
What can i do now ?
Best Regards
WE'RE SURE THAT YOU'LL LOVE US!
Hey there! 
Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 93084 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.
Try What the Tech -- It's free!
Conduit
Started by
Metachisme
, Oct 03 2014 05:57 PM
-
This topic is locked
6 replies to this topic
Register to Remove
#2
ken545
-
- Retired Classroom Teacher
-
- 23,225 posts
Forum God
- Interests:Fighting Malware and cooking some great Italian and TexMex food
-
Posted 03 October 2014 - 06:05 PM
I moved your post to the malware removal forum, lets do this so we can see whats going on
Please download aswMBR to your desktop.- Double click the aswMBR icon to run it.
I just want to see the report....Please Do Not Fix Anything
============================================================================
Please download Farbar Recovery Scan Tool and save it to your desktop.
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
How to determine whether a computer is running a 32-bit version or 64-bit version of the Windows operating system
A simple way to check your system: Start --> Computer (right click) --> Properties
*List BCD
*Drivers MD5
*Shortcut txt
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
Find us on Facebook
Please LIKE and SHARE
Just a reminder that threads will be closed if no reply in 3 days.
#3
Metachisme
-
- New Member
-
- 3 posts
New Member
Posted 03 October 2014 - 08:09 PM
The first part :
aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-10-04 02:13:25
-----------------------------
02:13:25.137 OS Version: Windows x64 6.1.7600
02:13:25.137 Number of processors: 2 586 0x170A
02:13:25.141 ComputerName: ACER-A04555092B UserName: JOSE
02:13:33.683 Initialize success
02:13:35.194 VM: initialized successfully
02:13:35.871 VM: Intel CPU virtualization not supported
02:59:08.769 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
02:59:08.777 Disk 0 Vendor: WDC_WD10JPVX-00JC3T0 01.01A01 Size: 953869MB BusType: 3
02:59:10.326 Disk 0 MBR read successfully
02:59:10.329 Disk 0 MBR scan
02:59:10.333 Disk 0 unknown MBR code
02:59:10.337 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 126323 MB offset 63
02:59:10.513 Disk 0 Boot: NTFS code=1
02:59:10.535 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 30 MB offset 279179264
02:59:10.541 Disk 0 Partition - 00 05 Extended 827543 MB offset 258710760
02:59:10.581 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 9993 MB offset 258710823
02:59:10.589 Disk 0 Partition - 00 05 Extended 189995 MB offset 279241830
02:59:10.724 Disk 0 scanning C:\Windows\system32\drivers
02:59:24.587 Service scanning
03:02:47.450 Modules scanning
03:02:47.460 Disk 0 trace - called modules:
03:02:47.491 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS pciide.sys
03:02:47.499 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800495a060]
03:02:47.508 3 CLASSPNP.SYS[fffff880019c143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80046b2680]
03:02:47.516 Scan finished successfully
03:03:04.838 Disk 0 MBR has been saved successfully to "C:\Users\JOSE\Desktop\MBR.dat"
03:03:04.845 The log file has been saved successfully to "C:\Users\JOSE\Desktop\aswMBR.txt"
#4
Metachisme
-
- New Member
-
- 3 posts
New Member
Posted 03 October 2014 - 08:31 PM
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2014
Ran by JOSE at 2014-10-04 03:18:43
Running from C:\Users\JOSE\Desktop\Accesos ACER W7\PROTECCION
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: AVG Anti-Virus Free Edition 2012 (Disabled - Up to date) {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: AVG Anti-Virus Free Edition 2012 (Disabled - Up to date) {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.0.6821 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 3.0.6821 - CyberLink Corp.) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.22 - NewTech Infosystems)
Acer Crystal Eye webcam Ver:1.1.74.216 (HKLM-x32\...\{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}) (Version: 1.1.74.216 - Chicony Electronics Co.,Ltd.)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.05.3002 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3003 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1) (Version: 5.1.0.2 - Oberon Media, Inc.)
Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.01.0730 - Acer Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3004 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0903 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Acronis True Image Home 2011 (HKLM-x32\...\{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}) (Version: 14.0.6597 - Acronis)
Ad-Aware Antivirus (HKLM\...\{E39A80AE-0CC0-43EE-AB6B-BE11DC4F969F}_AdAwareUpdater) (Version: 11.3.6321.0 - Lavasoft)
AdAwareInstaller (Version: 11.3.6321.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.3.6321.0 - Lavasoft) Hidden
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.0.0 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.22.87 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.)
Advanced PDF Password Recovery (HKCU\...\Advanced PDF Password Recovery) (Version: 5.0 - ElcomSoft Co. Ltd.)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.105.2015.1103 - Alps Electric)
AnalogX TapTempo (HKLM-x32\...\AnalogX TapTempo) (Version: - AnalogX)
Anki (HKLM-x32\...\Anki) (Version: - )
AnswerWorks Runtime (HKLM-x32\...\AnswerWorks 3.0) (Version: - )
AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
ARKITool 2012 (HKLM-x32\...\{62DB753B-5CC2-42EF-9FDD-8440D49767E4}) (Version: 2012 - Ideas y Programas, S.L.)
ATI AVIVO64 Codecs (Version: 10.7.0.40702 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{D10D9994-4337-8067-F5D7-9F8FEC1E4A00}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
AutoCAD 2012 - Spanish (HKLM\...\AutoCAD 2012 - Spanish) (Version: 18.2.51.0 - Autodesk)
AutoCAD 2012 - Spanish (Version: 18.2.205.0 - Autodesk) Hidden
AutoCAD 2012 - Spanish SP2 (HKLM\...\AutoCAD 2012 - Spanish SP2) (Version: 1 - Autodesk)
AutoCAD 2012 Language Pack - Spanish (Version: 18.2.51.0 - Autodesk) Hidden
Autodesk Inventor Fusion 2012 (HKLM\...\Autodesk Inventor Fusion 2012) (Version: 1.0.0.79 - Autodesk, Inc.)
Autodesk Inventor Fusion 2012 (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion plug-in for AutoCAD 2012 (HKLM\...\Módulo de extensión de Autodesk Inventor Fusion para AutoCAD 2012) (Version: 0.0.1.138 - Autodesk)
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
AutoHotkey 1.1.14.03 (HKLM\...\AutoHotkey) (Version: 1.1.14.03 - Lexikos)
Automation Anywhere Server 6.6 (HKLM-x32\...\{C11ABBC6-78C8-45D4-8B5E-D628CCFA2C75}) (Version: - Automation Anywhere, Inc.)
AVG 2012 (HKLM\...\AVG) (Version: 2012.1.2247 - AVG Technologies)
AVG 2012 (Version: 12.0.4031 - AVG Technologies) Hidden
AVG 2012 (Version: 12.1.2247 - AVG Technologies) Hidden
Backup Manager Basic (x32 Version: 2.0.0.22 - NewTech Infosystems) Hidden
BestPractice (remove only) (HKLM-x32\...\BestPractice) (Version: - )
BPM Counter 1.6.0.0 (HKLM-x32\...\BPM Counter_is1) (Version: 1.6.0.0 - AbyssMedia.com)
Broadcom Gigabit NetLink Controller (HKLM\...\{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}) (Version: 12.26.02 - Broadcom Corporation)
Casals 4.0.5 (HKLM-x32\...\Casals_is1) (Version: - Ventilación Industrial Ind S.L.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.0702.1239.20840 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Czech (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Danish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Dutch (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help English (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Finnish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help French (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help German (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Greek (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Italian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Japanese (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Korean (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Polish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Russian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Spanish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Swedish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Thai (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Turkish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
ccc-core-static (x32 Version: 2009.0702.1239.20840 - Nombre de su organización) Hidden
ccc-utility64 (Version: 2009.0702.1239.20840 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
Cobian Backup 11 Gravity (HKLM-x32\...\CobBackup11) (Version: - )
Configurador_FNMT (HKLM-x32\...\{438D4C4C-B703-4971-9C3D-33FF8A010ADB}) (Version: 3.2 - FNMT-RCM)
CyberLink Audio Pack (5.1ch) for TriDefMediaPlayer 1.0 (HKLM-x32\...\CyberLink Audio Pack for TriDefMediaPlayer_is1) (Version: 1.0 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
EaseUS Partition Master 10.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
EasyBCD 1.7.2 (HKLM-x32\...\EasyBCD) (Version: 1.7.2 - NeoSmart Technologies)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
FactuSOL (HKLM-x32\...\{6E26F091-10F1-4399-B96E-F8E5A0EFCFC6}) (Version: 1.0.0 - Sofware del Sol, S.A.)
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
Fences (HKLM-x32\...\Fences) (Version: - Stardock Corporation)
Fences (x32 Version: 0.95 - Stardock Corporation) Hidden
FileBox eXtender (HKLM-x32\...\FileBox eXtender) (Version: - Hyperionics Technology LLC)
FileBox eXtender (x32 Version: 2.0.4 - Hyperionics Technology LLC) Hidden
FileMenu Tools (HKLM\...\FileMenu Tools_is1) (Version: 6.6 - LopeSoft)
Fine Metronome 3.5.0 (HKLM-x32\...\Fine Metronome_is1) (Version: - Fine Software)
Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Geekbench 3 (HKLM-x32\...\Geekbench 3) (Version: - Primate Labs Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3001 - Acer Incorporated)
Instalable módulo criptográfico DNIe (HKLM\...\{BE9DD44B-344E-46AA-A717-76D2C478ACC7}) (Version: 11.1.0 - Cuerpo Nacional de Policía)
Instalable TC-FNMT (HKLM\...\{2F1D83C7-3F0F-4455-A711-DD163FA527E0}) (Version: 4.0.0 - FNMT-RCM)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.9.0.128 - PandoraTV)
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.03 - Acer Inc.)
Launchy 2.1.2 (HKLM-x32\...\Launchy_21344213_is1) (Version: - Code Jelly)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.1.94 - LSI Corporation)
Malwarebytes Anti-Malware versión 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.285.6 - McAfee, Inc.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft CAPICOM 2.1.0.2 SDK (HKLM-x32\...\{2FF43F5D-5729-4E02-A548-310E30A5F29B}) (Version: 2.1.0.2 - Microsoft Corporation)
Microsoft Office XP Professional con FrontPage (HKLM-x32\...\{90280C0A-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{38BB21D5-B0D1-41DA-A0B0-1EFB5EF4AAC2}) (Version: 9.7.0621 - Microsoft Corporation)
MoboRobo 2.1.6.107 (HKLM-x32\...\{02B934E4-C574-4605-842B-01CD16295185}_is1) (Version: 2.1.6.107 - MoboRobo Inc.)
Módulo de extensión de Autodesk Inventor Fusion para AutoCAD 2012 (Version: 0.0.1.138 - Autodesk) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.3 (x86 es-ES) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 es-ES)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.72.0 - Egis Technology Inc.)
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.0.36 - Symantec)
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.627 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.627 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6619 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6619 - NewTech Infosystems) Hidden
Oficalc 10.2 © Ofimega acadèmies (HKLM-x32\...\Oficalc_is1) (Version: - Ofimega)
Open Metronome (HKLM-x32\...\{4B200398-CA2D-4F67-8D00-C618F04020A7}) (Version: 1.0.0.0 - code::Biscuit)
OpenOffice.org 2.4 (HKLM-x32\...\{3148D1E5-BC1B-4B98-80C8-77234722BF2D}) (Version: 2.4.9286 - OpenOffice.org)
Opera Stable 24.0.1558.64 (HKLM-x32\...\Opera 24.0.1558.64) (Version: 24.0.1558.64 - Opera Software ASA)
Oracle VM VirtualBox 4.3.10 (HKLM\...\{5632714F-6A48-4BF2-89E0-F8B6CE9FE6D1}) (Version: 4.3.10 - Oracle Corporation)
Paquete de idioma de Autodesk Inventor Fusion 2012 (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Paquete de idioma de Autodesk Inventor Fusion para AutoCAD 2012 (Version: 0.0.1.138 - Autodesk) Hidden
PDF Unlocker (HKLM-x32\...\PDF Unlocker - Demo Version 2.0_is1) (Version: - )
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Plus Pack for Acronis True Image Home 2011 (HKLM-x32\...\{F1ED5BD7-4770-4037-9CBD-5DF9A5BEC408}) (Version: 14.0.6597 - Acronis)
Poser 8 (8.0.0.10157) (HKLM-x32\...\Poser 8_is1) (Version: 8.0.0 - Smith Micro Software, Inc.)
PPC Keyword Generator 1.0 (Beta) (HKLM-x32\...\PPC Keyword Generator (Beta)_is1) (Version: - OverZone Software)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5911 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30093 - Realtek Semiconductor Corp.)
Salsa Rhythm Machine v3.2.0 (HKLM-x32\...\Salsa Rhythm Machine_is1) (Version: - )
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Servicio de contenidos de Autodesk (HKLM-x32\...\{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}) (Version: 2.0.90 - Autodesk)
SkyPath (HKLM\...\{94B2B8CC-E8CD-4AAC-943A-1F96D19272CF}) (Version: 1.0.25 - Imageshack)
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Startup Delayer v2.3 (build 125) (HKLM-x32\...\Startup Delayer) (Version: - )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
SyncBackFree (HKLM-x32\...\SyncBackFree_is1) (Version: 6.5.30.0 - 2BrightSparks)
TriDef 3D (OEM-A) 1.4.10 (HKLM-x32\...\experience-oem-a-bundle) (Version: 1.4.10gm - )
TriDef 3D Ignition 2.3.3 (HKLM-x32\...\ignition-pkg) (Version: 2.3.3gm - )
TriDef 3D Media Player 6.4.21 (HKLM-x32\...\media-player-pkg) (Version: 6.4.21gm - )
Unchecky v0.2.16 (HKLM-x32\...\Unchecky) (Version: 0.2.16 - RaMMicHaeL)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.)
Visual Salsa (HKLM-x32\...\{D2CA51E5-35CB-4087-989A-C713600F1635}) (Version: 1.0 - Salsa Rhythm Software)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Waterfox 31.0 (x64 en-US) (HKLM\...\Waterfox 31.0 (x64 en-US)) (Version: 31.0 - Mozilla)
WeFi 4.0.1.0 (HKLM-x32\...\WeFi) (Version: 4.0.1.0 - WeFi Inc.)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3005 - Acer Incorporated)
Wifi Backup Manager (HKLM-x32\...\{7AD92088-C96D-4ECC-B6DC-FC85075B7879}) (Version: 1.0.0 - Shai Raiten)
Windows Driver Package - Dirección General de la Policía (UMPass) SmartCard (03/11/2013 1.0.2.1) (HKLM\...\B52C0A3A839B7EB8677E7EE3DAC12245F751A578) (Version: 03/11/2013 1.0.2.1 - Dirección General de la Policía)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{28F46DFD-F535-4306-BDEB-C5E7FCA2026E}) (Version: 14.0.8064.206 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-4181878685-1256529413-3482687557-1000_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Spanish\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4181878685-1256529413-3482687557-1000_Classes\CLSID\{B77E471C-FBF3-4CB5-880F-D7528AD4B349}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Spanish\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4181878685-1256529413-3482687557-1000_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Spanish\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4181878685-1256529413-3482687557-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Spanish\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4181878685-1256529413-3482687557-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Spanish\acadficn.dll (Autodesk, Inc.)
==================== Restore Points =========================
29-09-2014 13:36:10 zoek.exe restore point
03-10-2014 01:18:30 AA11
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2014-10-03 22:21 - 00002025 ____A C:\Windows\system32\Drivers\etc\hosts
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
There are 5 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {009CCFCC-4494-4E28-8484-C6FFBF716528} - System32\Tasks\2BrightSparks\SyncBackFree\ACER-A04555092B-JOSE\SyncBackFree Goldmine Copia Seguridad 14.00 => C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe [2014-02-24] (2BrightSparks Pte Ltd)
Task: {2035D8B4-1023-49F2-BE63-C7B0D25C596C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-04-08] (Google Inc.)
Task: {33D26AC0-CF94-4000-B59C-10896770AF59} - System32\Tasks\2BrightSparks\SyncBackFree\ACER-A04555092B-JOSE\SyncBackFree Goldmine PRG 02.00 => C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe [2014-02-24] (2BrightSparks Pte Ltd)
Task: {47B6B8CF-2887-4EA2-89A8-F6309A8A9A10} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-21] (Adobe Systems Incorporated)
Task: {5909A58E-82C2-4113-8354-1CD150E40940} - System32\Tasks\2BrightSparks\SyncBackFree\ACER-A04555092B-JOSE\SyncBackFree Goldmine Copia Seguridad 18.00 => C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe [2014-02-24] (2BrightSparks Pte Ltd)
Task: {60C13EB6-6613-4E0F-A8C7-5D759874F4FA} - System32\Tasks\2BrightSparks\SyncBackFree\ACER-A04555092B-JOSE\SyncBackFree Goldmine PRG 21.00 => C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe [2014-02-24] (2BrightSparks Pte Ltd)
Task: {67A527CA-D1D9-43A4-9DAB-23A8FA47BA26} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2009-07-09] (Acer)
Task: {6DF60CE0-EF98-4901-B168-6E5D6A77EA78} - System32\Tasks\2BrightSparks\SyncBackFree\ACER-A04555092B-JOSE\SyncBackFree Goldmine 00.00 => C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe [2014-02-24] (2BrightSparks Pte Ltd)
Task: {792B55CF-25A5-4129-8D1F-84A6FBE10152} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {7D5EA2D6-74A2-45A7-ADE8-0BA35CD5049B} - System32\Tasks\Opera scheduled Autoupdate 1411327760 => C:\Program Files (x86)\Opera\launcher.exe [2014-09-25] (Opera Software)
Task: {83D06586-70B9-475F-8932-A9C73B086216} - System32\Tasks\2BrightSparks\SyncBackFree\ACER-A04555092B-JOSE\SyncBackFree Goldmine 02.00 => C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe [2014-02-24] (2BrightSparks Pte Ltd)
Task: {90230D48-86E4-437D-B579-73FB7F5122F0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {98663158-C972-4B9A-A6A5-272D093EE89A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {A05534A1-42D8-467C-950F-223B48B488D1} - System32\Tasks\2BrightSparks\SyncBackFree\ACER-A04555092B-JOSE\SyncBackFree Goldmine PRG 00.00 => C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe [2014-02-24] (2BrightSparks Pte Ltd)
Task: {A119EA3A-C06B-4285-B3C3-EE62CC8259FD} - System32\Tasks\2BrightSparks\SyncBackFree\ACER-A04555092B-JOSE\SyncBackFree Goldmine 04.00 => C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe [2014-02-24] (2BrightSparks Pte Ltd)
Task: {B03ABC44-0F22-4E3C-928C-5E116BD49B75} - System32\Tasks\2BrightSparks\SyncBackFree\ACER-A04555092B-JOSE\SyncBackFree Goldmine PRG 04.00 => C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe [2014-02-24] (2BrightSparks Pte Ltd)
Task: {C0C0A1D3-FC9B-4E95-8EB8-1DC064C54343} - System32\Tasks\2BrightSparks\SyncBackFree\ACER-A04555092B-JOSE\SyncBackFree Goldmine Copia Seguridad 10.00 => C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe [2014-02-24] (2BrightSparks Pte Ltd)
Task: {C46AB030-799E-424D-AA1C-F4F31C3C2EA1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {D31AE306-669F-47C7-A6A0-9CF59117C134} - System32\Tasks\2BrightSparks\SyncBackFree\ACER-A04555092B-JOSE\SyncBackFree Goldmine 21.00 => C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe [2014-02-24] (2BrightSparks Pte Ltd)
Task: {E50F888C-F358-4A53-A74F-2ED3ACB69B0B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-04-08] (Google Inc.)
Task: {EC225A48-4C09-4D02-B556-D755DF7C3146} - System32\Tasks\WefiStartup => C:\Program Files (x86)\WeFi\WefiStartup.exe [2010-11-03] (WeFi)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\WefiStartup.job => C:\Program Files (x86)\WeFi\WefiStartup.exe
==================== Loaded Modules (whitelisted) =============
2011-02-02 14:08 - 2011-02-02 14:08 - 00018656 _____ () C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
2014-08-27 12:53 - 2014-08-27 12:53 - 08886592 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe
2014-08-27 12:53 - 2014-08-27 12:53 - 03396400 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\RCF.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00123744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_filesystem-vc100-mt-1_55.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00024408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_system-vc100-mt-1_55.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00055648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_date_time-vc100-mt-1_55.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00103768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_thread-vc100-mt-1_55.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00033624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_chrono-vc100-mt-1_55.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00500056 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_locale-vc100-mt-1_55.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 02101568 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\HtmlFramework.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00066872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\DllStorage.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00832848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTrayDefaultSkin.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00811328 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\Localization.dll
2010-04-09 12:46 - 2008-08-05 20:16 - 00286720 _____ () C:\Program Files (x86)\Launchy\Launchy.exe
2009-07-29 13:10 - 2009-07-29 13:10 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-04-08 18:44 - 2010-04-08 18:44 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-06-16 18:28 - 2014-07-13 15:42 - 01880064 _____ () Y:\Dittoprg64\Ditto.exe
2010-04-09 12:46 - 2008-05-24 13:31 - 07061504 _____ () C:\Program Files (x86)\Launchy\QtGui4.dll
2010-04-09 12:46 - 2008-05-24 13:19 - 01961984 _____ () C:\Program Files (x86)\Launchy\QtCore4.dll
2010-04-09 12:47 - 2008-05-24 13:20 - 00561152 _____ () C:\Program Files (x86)\Launchy\QtNetwork4.dll
2010-04-09 12:46 - 2008-08-05 20:15 - 00053248 _____ () C:\Program Files (x86)\Launchy\platform_win.dll
2010-04-09 12:46 - 2008-08-05 20:16 - 00061440 _____ () C:\Program Files (x86)\Launchy\plugins\calcy.dll
2010-04-09 12:46 - 2008-08-05 20:15 - 00021504 _____ () C:\Program Files (x86)\Launchy\plugins\gcalc.dll
2010-04-09 12:46 - 2008-08-05 20:16 - 00069632 _____ () C:\Program Files (x86)\Launchy\plugins\runner.dll
2010-04-09 12:46 - 2008-08-05 20:16 - 00098304 _____ () C:\Program Files (x86)\Launchy\plugins\weby.dll
2014-06-17 01:07 - 2014-03-26 18:50 - 00457512 _____ () Y:\PORTABLES\OFICINA\PhraseExpress v10.1.24ACER\pexlang.dll
2014-10-03 01:51 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-10-03 01:51 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-10-03 01:51 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2010-12-06 07:36 - 2010-12-06 07:36 - 11170744 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\Common\ti_managers.dll
2014-10-03 01:51 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-10-03 01:51 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-09-26 13:48 - 2014-09-23 05:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
2014-09-26 13:48 - 2014-09-23 05:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll
2014-09-26 13:48 - 2014-09-23 05:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
2014-09-26 13:48 - 2014-09-23 05:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
2014-09-26 13:48 - 2014-09-23 05:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:09748A8C
AlternateDataStreams: C:\ProgramData\Temp:0B9176C0
AlternateDataStreams: C:\ProgramData\Temp:1D32EC29
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\ProgramData\Temp:5D7E5A8F
AlternateDataStreams: C:\ProgramData\Temp:93DE1838
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D
AlternateDataStreams: C:\ProgramData\Temp:E3C56885
AlternateDataStreams: C:\Users\JOSE\Desktop\Agenda Cultural Octubre 2014.eml:OECustomProperty
AlternateDataStreams: C:\Users\JOSE\Desktop\CIRCULAR 207.2014 - GUÍA DE APLICACIÓN DEL DB HR (NUEVA VERSIÓN).eml:OECustomProperty
AlternateDataStreams: C:\Users\JOSE\Desktop\COMIDA ANTROPOLÓGICA EL MIÉRCOLES 8 DE OCTUBRE.eml:OECustomProperty
AlternateDataStreams: C:\Users\JOSE\Desktop\Mira las nuevas tarifas. Las hemos ampliado! 
.eml:OECustomProperty
.eml:OECustomPropertyAlternateDataStreams: C:\Users\JOSE\Desktop\Nueva fecha Seminario on line La medida de Turbidez.eml:OECustomProperty
AlternateDataStreams: C:\Users\JOSE\Desktop\Vuelta al cole con Arduino.eml:OECustomProperty
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: Adobe LM Service => 3
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: c2cautoupdatesvc => 2
MSCONFIG\Services: c2cpnrsvc => 2
MSCONFIG\Services: cbVSCService11 => 2
MSCONFIG\Services: CobianBackup11 => 2
MSCONFIG\Services: MoboroboDeviceService => 2
MSCONFIG\Services: NTI IScheduleSvc => 2
MSCONFIG\Services: NTIBackupSvc => 3
MSCONFIG\Services: NTISchedulerSvc => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: WinDefend => 3
MSCONFIG\startupfolder: C:^Users^JOSE^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ChooseMyParent.exe.lnk => C:\Windows\pss\ChooseMyParent.exe.lnk.Startup
MSCONFIG\startupfolder: C:^Users^JOSE^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ControlQ.ahk.lnk => C:\Windows\pss\ControlQ.ahk.lnk.Startup
MSCONFIG\startupfolder: C:^Users^JOSE^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CreateShortcutsIn.exe.lnk => C:\Windows\pss\CreateShortcutsIn.exe.lnk.Startup
MSCONFIG\startupfolder: C:^Users^JOSE^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DesktopShortcuts.ahk.lnk => C:\Windows\pss\DesktopShortcuts.ahk.lnk.Startup
MSCONFIG\startupfolder: C:^Users^JOSE^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EmptyFolderListCreator.ahk.lnk => C:\Windows\pss\EmptyFolderListCreator.ahk.lnk.Startup
MSCONFIG\startupfolder: C:^Users^JOSE^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Emptytxtfile.ahk.lnk => C:\Windows\pss\Emptytxtfile.ahk.lnk.Startup
MSCONFIG\startupfolder: C:^Users^JOSE^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 2.4.lnk => C:\Windows\pss\OpenOffice.org 2.4.lnk.Startup
MSCONFIG\startupfolder: C:^Users^JOSE^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^phraseexpress.exe.lnk => C:\Windows\pss\phraseexpress.exe.lnk.Startup
MSCONFIG\startupfolder: C:^Users^JOSE^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^SyncBackFree.exe.lnk => C:\Windows\pss\SyncBackFree.exe.lnk.Startup
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.0\bin\EpmNews.exe
MSCONFIG\startupreg: EaseUS EPM Tray Agent => "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.0\bin\TrayPopupE\TrayTipAgentE.exe"
MSCONFIG\startupreg: mwlDaemon => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
MSCONFIG\startupreg: PLFSetI => C:\Windows\PLFSetI.exe
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: VirtualCloneDrive => "Y:\PORTABLES\Personaliza pc\Virtual Clone Drive\VCDDaemon.exe" /s
========================= Accounts: ==========================
Administrador (S-1-5-21-4181878685-1256529413-3482687557-500 - Administrator - Disabled)
Invitado (S-1-5-21-4181878685-1256529413-3482687557-501 - Limited - Disabled)
JOSE (S-1-5-21-4181878685-1256529413-3482687557-1000 - Administrator - Enabled) => C:\Users\JOSE
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/04/2014 02:55:40 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1440) SUS20ClientDataStore: No se puede leer el encabezado del archivo de registro C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
Error: (10/04/2014 02:55:40 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1440) SUS20ClientDataStore: No se puede leer el encabezado del archivo de registro C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
Error: (10/04/2014 02:55:40 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1440) SUS20ClientDataStore: No se puede leer el encabezado del archivo de registro C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
Error: (10/04/2014 02:55:40 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1440) SUS20ClientDataStore: No se puede leer el encabezado del archivo de registro C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
Error: (10/04/2014 02:39:40 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download....authrootstl.cab> con el error: Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
.
Error: (10/04/2014 02:32:09 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1440) SUS20ClientDataStore: No se puede leer el encabezado del archivo de registro C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
Error: (10/04/2014 02:32:09 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1440) SUS20ClientDataStore: No se puede leer el encabezado del archivo de registro C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
Error: (10/04/2014 02:32:09 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1440) SUS20ClientDataStore: No se puede leer el encabezado del archivo de registro C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
Error: (10/04/2014 02:32:09 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (1440) SUS20ClientDataStore: No se puede leer el encabezado del archivo de registro C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
Error: (10/04/2014 02:32:03 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download....authrootstl.cab> con el error: Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
.
System errors:
=============
Error: (10/04/2014 03:00:56 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Ad-Aware Service 11 se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (10/03/2014 10:22:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Unchecky se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (10/03/2014 10:21:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Spybot-S&D 2 Scanner Service no pudo iniciarse debido al siguiente error:
%%1053
Error: (10/03/2014 10:21:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Spybot-S&D 2 Scanner Service.
Error: (10/03/2014 08:10:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio WeFi Engine Service no pudo iniciarse debido al siguiente error:
%%1053
Error: (10/03/2014 08:10:10 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio WeFi Engine Service.
Error: (10/03/2014 08:09:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Unchecky se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (10/03/2014 08:08:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Spybot-S&D 2 Security Center Service no pudo iniciarse debido al siguiente error:
%%1053
Error: (10/03/2014 08:08:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Spybot-S&D 2 Security Center Service.
Error: (10/03/2014 08:07:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Spybot-S&D 2 Scanner Service no pudo iniciarse debido al siguiente error:
%%1053
Microsoft Office Sessions:
=========================
Error: (10/04/2014 02:55:40 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll1440SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
Error: (10/04/2014 02:55:40 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll1440SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
Error: (10/04/2014 02:55:40 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll1440SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
Error: (10/04/2014 02:55:40 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll1440SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
Error: (10/04/2014 02:39:40 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: http://www.download....throotstl.cabUn certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
Error: (10/04/2014 02:32:09 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll1440SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
Error: (10/04/2014 02:32:09 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll1440SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
Error: (10/04/2014 02:32:09 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll1440SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
Error: (10/04/2014 02:32:09 AM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll1440SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
Error: (10/04/2014 02:32:03 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: http://www.download....throotstl.cabUn certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
CodeIntegrity Errors:
===================================
Date: 2014-05-06 18:41:26.171
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\MoboRobo\MoboroboAssDriver.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2014-05-06 18:41:26.155
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\MoboRobo\MoboroboAssDriver.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2014-05-06 18:40:44.141
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\MoboRobo\MoboroboAssDriver.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2014-05-06 18:40:44.125
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\MoboRobo\MoboroboAssDriver.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2014-05-06 18:40:06.981
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\MoboRobo\MoboroboAssDriver.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2014-05-06 18:40:06.966
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\MoboRobo\MoboroboAssDriver.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2014-05-03 03:49:47.804
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\MoboRobo\MoboroboAssDriver.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2014-05-03 03:49:47.787
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\MoboRobo\MoboroboAssDriver.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2014-05-03 03:49:29.781
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\MoboRobo\MoboroboAssDriver.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2014-05-03 03:49:29.770
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\MoboRobo\MoboroboAssDriver.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
==================== Memory info ===========================
Processor: Pentium® Dual-Core CPU T4300 @ 2.10GHz
Percentage of memory in use: 38%
Total physical RAM: 4090.93 MB
Available physical RAM: 2517 MB
Total Pagefile: 8180 MB
Available Pagefile: 5723.41 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (ACER) (Fixed) (Total:123.36 GB) (Free:72.5 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive m: (M) (Fixed) (Total:9.76 GB) (Free:4.57 GB) NTFS
Drive o: (O:) (Fixed) (Total:185.54 GB) (Free:24.22 GB) NTFS
Drive u: (ACRONIS) (Fixed) (Total:0.03 GB) (Free:0.01 GB) NTFS
Drive y: (Y) (Fixed) (Total:540.89 GB) (Free:46.05 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 63B611CB)
Partition 1: (Active) - (Size=123.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=30 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=808.1 GB) - (Type=05)
==================== End Of Log ============================
#5
Metachisme
-
- New Member
-
- 3 posts
New Member
Posted 03 October 2014 - 08:40 PM
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2014
Ran by JOSE (administrator) on ACER-A04555092B on 04-10-2014 03:16:50
Running from C:\Users\JOSE\Desktop\Accesos ACER W7\PROTECCION
Loaded Profile: JOSE (Available profiles: JOSE)
Platform: Windows 7 Home Premium (X64) OS Language: Español (España, internacional)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
() C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Automation Anywhere, Inc.) C:\Program Files (x86)\Automation Anywhere Server 6.6\Client\Automation Anywhere Service.exe
(Automation Anywhere, Inc.) C:\Program Files (x86)\Automation Anywhere Server 6.6\Client\AAService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe
(Microsoft Corporation) C:\Windows\winsxs\amd64_microsoft-windows-sidebar_31bf3856ad364e35_6.1.7600.16385_none_2ad19d644059217d\sidebar.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
() C:\Program Files (x86)\Launchy\Launchy.exe
(Bartels Media GmbH) Y:\PORTABLES\OFICINA\PhraseExpress v10.1.24ACER\phraseexpress.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() Y:\DittoPrg64\Ditto.exe
(DonationCoder) Y:\PORTABLES\MULTIMEDIA\ScreenShotCaptor\ScreenshotCaptor.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Jan Fiala) Y:\PORTABLES\DESARROLLO\PSPad\PSPad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-06] (Realtek Semiconductor)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [295936 2009-05-22] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [828960 2009-08-05] (Acer Incorporated)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [390728 2010-12-06] (Acronis)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [RegistrarCeresCertStoreDLL] => C:\Program Files (x86)\FNMT-RCM\uccs.exe [40960 2013-10-30] (C3PO, S.A.)
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe [8886592 2014-08-27] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AVG_TRAY] => C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2598520 2012-11-19] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SAOB Monitor] => C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe [2536752 2010-11-16] (Acronis)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5542488 2010-12-06] (Acronis)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-4181878685-1256529413-3482687557-1000\...\Run: [Screenshot Captor] => Y:\PORTABLES\Multimedia\ScreenShotCaptor\ScreenshotCaptor.exe [7963832 2014-07-01] (DonationCoder)
HKU\S-1-5-21-4181878685-1256529413-3482687557-1000\...\Run: [Sidebar] => C:\Windows\winsxs\amd64_microsoft-windows-sidebar_31bf3856ad364e35_6.1.7600.16385_none_2ad19d644059217d\sidebar.exe [1475072 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-4181878685-1256529413-3482687557-1000\...\Run: [Ditto] => Y:\Dittoprg64\Ditto.exe [1880064 2014-07-13] ()
HKU\S-1-5-21-4181878685-1256529413-3482687557-1000\...\Run: [GoogleChromeAutoLaunch_EE0E85543B1990E5E61A6663EAD29973] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808 2014-09-23] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FileBox eXtender.lnk
ShortcutTarget: FileBox eXtender.lnk -> C:\Program Files (x86)\FileBX\FileBX.exe (Hyperionics Technology LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launchy.lnk
ShortcutTarget: Launchy.lnk -> C:\Program Files (x86)\Launchy\Launchy.exe ()
Startup: C:\Users\JOSE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MiddleButton.ahk.lnk
ShortcutTarget: MiddleButton.ahk.lnk -> O:\Mis documentos en O\SCRIPTING\MiddleMouseClick\MiddleButton.ahk ()
Startup: C:\Users\JOSE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PhraseExpress.lnk
ShortcutTarget: PhraseExpress.lnk -> Y:\PORTABLES\OFICINA\PhraseExpress v10.1.24ACER\phraseexpress.exe (Bartels Media GmbH)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll (Egis Technology Inc.)
ShellIconOverlayIdentifiers: [Identificador de icono superpuesto para firmas digitales de AutoCAD] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll (Egis Technology Inc.)
BootExecute: autocheck autochk * C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restartsdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.es/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...ng}&rlz=1I7ACAW
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.co...q={searchTerms}
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = https://www.google.c...q={searchTerms}
BHO: AVG Do Not Track -> {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} -> C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll (Google Inc.)
BHO-x32: AVG Do Not Track -> {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} -> C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Aplicación auxiliar de inicio de sesión en la cuenta Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.5.1
FireFox:
========
FF ProfilePath: Y:\FIREFOX PERFILES\PEPE
FF NewTab: hxxp://duckduckgo.com
FF SearchEngineOrder.1: Google
FF Homepage: hxxp://www.google.com|https://es-la.facebo...ogspot.com.es/|
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\alexa.xml
FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\alltheinternet.xml
FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\ask.uk.xml
FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\blekko-https.xml
FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\blekko.xml
FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\bmrk-file-host-search.xml
FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\businesscom.xml
FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\crawlersrch.xml
FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\diccionario-de-espaol-rae.xml
FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\diigo--google.xml
FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\diigo-customize-search.xml
FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\dogpile.xml
FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\duckduckgo-http.xml
FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\duckduckgo.xml
FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\f-secure-search.xml
FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\facebook-search.xml
FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\facebook.xml
FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\filezcom.xml
FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\google-images.xml
FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\google-language-de.xml
FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\google-language-fr.xml
FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\honsearch.xml
FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\ixquick-https---espanol.xml
FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\kartoocom.xml
FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\mozilla-add-ons.xml
FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\omgili.xml
FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\qrobeit.xml
FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\rapidlibrarycom.xml
FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\rebuscalo.xml
FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\rollyo-jamn.xml
FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\rollyo-winxppro.xml
FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\sweetim.xml
FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\userlogos.xml
FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\warech.xml
FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\web-search-powered-by-google.xml
FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\webster.xml
FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\wordpot---the-keyword-finder.xml
FF SearchPlugin: Y:\FIREFOX PERFILES\PEPE\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\drae.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-es.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-es.xml
FF Extension: Diccionario de Español/España - Y:\FIREFOX PERFILES\PEPE\Extensions\es-es@dictionaries.addons.mozilla.org [2014-07-14]
FF Extension: Lazarus: Form Recovery - Y:\FIREFOX PERFILES\PEPE\Extensions\lazarus@interclue.com [2014-06-17]
FF Extension: TabGroups Manager - Y:\FIREFOX PERFILES\PEPE\Extensions\{ca526f8b-9e0a-4756-9077-19d6f3e64ea8} [2014-07-29]
FF Extension: fireform - Y:\FIREFOX PERFILES\PEPE\Extensions\fireform@mozilla.org.xpi [2014-07-29]
FF Extension: DuckDuckGo Plus - Y:\FIREFOX PERFILES\PEPE\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2014-08-18]
FF Extension: Español (España) Language Pack - Y:\FIREFOX PERFILES\PEPE\Extensions\langpack-es-ES@firefox.mozilla.org.xpi [2014-07-14]
FF Extension: The Addon Bar (restored) - Y:\FIREFOX PERFILES\PEPE\Extensions\the-addon-bar@GeekInTraining-GiT.xpi [2014-10-04]
FF Extension: Alexa Sparky - Y:\FIREFOX PERFILES\PEPE\Extensions\toolbar@alexa.com.xpi [2014-07-29]
FF Extension: NoScript - Y:\FIREFOX PERFILES\PEPE\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-08-26]
FF Extension: Adblock Plus - Y:\FIREFOX PERFILES\PEPE\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-29]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-09-26]
FF HKLM-x32\...\Firefox\Extensions: [{F53C93F1-07D5-430c-86D4-C9531B27DFAF}] - C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack
FF Extension: AVG Do Not Track - C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack [2012-07-07]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-03-29]
Chrome:
=======
CHR Profile: C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Awesome Screenshot: Capture & Annotate) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce [2014-09-26]
CHR Extension: (Google Docs) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-30]
CHR Extension: (Task Timer) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aomfjmibjhhfdenfkpaodhnlhkolngif [2014-10-03]
CHR Extension: (Google Drive) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-30]
CHR Extension: (YouTube) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-30]
CHR Extension: (Last updated at $time$ on $date$) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-09-26]
CHR Extension: (TimeDoser) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmkneeaihlcdllananjlkmppnkdahdcc [2014-10-03]
CHR Extension: (Google Search) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-30]
CHR Extension: (Light) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\dacdieigeclacgkdlmnojihknoblpafo [2014-10-03]
CHR Extension: (Fluency Tutor™ for Google (Teacher App)) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejajakfhhhhkifioabcekjjlhpoiijfa [2014-09-26]
CHR Extension: (GNotes Extension) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\idpclaojcopihmplcfnmgfkllldpajen [2014-09-26]
CHR Extension: (DéjàClick for Chrome™) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\jndncliamncgdmjicflfcbklpedknkph [2014-09-26]
CHR Extension: (Little Alchemy) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2014-10-03]
CHR Extension: (Business Process Simulator) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\lagcfcefblfnmjkkkdekiidfefhgodmk [2014-10-03]
CHR Extension: (Skype Click to Call) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-05-18]
CHR Extension: (Wordtracker Scout) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkalodfoplipapmeogaehmiabdhhjapb [2014-09-26]
CHR Extension: (Google Drawings) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkaakpdehdafacodkgkpghoibnmamcme [2014-10-03]
CHR Extension: (Google Wallet) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-30]
CHR Extension: (Scientific Calculator) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\npoipmeppdioagbkigdlnpmjphnolaog [2014-10-03]
CHR Extension: (Any.do) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocgddccilgpeepgglnlpchkpgamkgmld [2014-10-03]
CHR Extension: (NotScripts) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\odjhifogjcknibkahlpidmdajjpkkcfn [2014-09-29]
CHR Extension: (ScriptSafe) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf [2014-09-29]
CHR Extension: (Readability) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\oknpjjbmpnndlpmnhmekjpocelpnlfdi [2014-09-26]
CHR Extension: (Accurate Ruler) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pemefhlbiinkcopbapnfghcnjhlgceof [2014-10-03]
CHR Extension: (Gmail) - C:\Users\JOSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-30]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-09-21] (SUPERAntiSpyware.com)
S4 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [69632 2010-04-08] (Adobe Systems) [File not signed]
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
R2 Automation Anywhere Server Service 6.6; C:\Program Files (x86)\Automation Anywhere Server 6.6\Client\Automation Anywhere Service.exe [1142881 2010-12-14] (Automation Anywhere, Inc.) [File not signed]
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [5175856 2013-10-16] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)
S4 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
S4 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
S4 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2013-03-07] (CobianSoft, Luis Cobian) [File not signed]
S4 CobianBackup11; C:\Program Files (x86)\Cobian Backup 11\cbService.exe [1131008 2013-03-07] (Luis Cobian, CobianSoft) [File not signed]
S2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe [706864 2014-08-27] ()
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [234776 2012-09-05] (McAfee, Inc.)
S4 MoboroboDeviceService; C:\Program Files (x86)\MoboRobo\MoboroboDeviceService.exe [70952 2014-03-28] ()
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-07] (Egis Technology Inc.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 TriDefService; C:\Program Files (x86)\TriDef 3D\TriDef\Common\TriDefService.exe [1327104 2009-09-15] () [File not signed]
S2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [111208 2014-09-28] (RaMMicHaeL)
S3 WefiEngSvc; C:\Program Files (x86)\WeFi\WefiEngSvc.exe [120152 2010-11-03] (WeFi)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [127328 2012-12-10] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfiltera.sys [29776 2011-12-23] (AVG Technologies CZ, s.r.o. )
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [28480 2012-04-19] (AVG Technologies CZ, s.r.o. )
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [307040 2012-11-08] (AVG Technologies CZ, s.r.o.)
R1 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [47696 2011-12-23] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [36944 2012-01-31] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [384800 2013-04-11] (AVG Technologies CZ, s.r.o.)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
S3 EZUSB; C:\Windows\System32\DRIVERS\ezusb64.sys [33280 2007-02-06] (Castles Technology Co.,Ltd)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-07-10] (BitDefender S.R.L.)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115488 2014-03-26] (Oracle Corporation)
S3 cpuz135; \??\C:\Users\JOSE\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
U3 aswMBR; \??\C:\Users\JOSE\AppData\Local\Temp\aswMBR.sys [X]
U3 aswVmm; \??\C:\Users\JOSE\AppData\Local\Temp\aswVmm.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-04 03:03 - 2014-10-04 03:03 - 00001940 _____ () C:\Users\JOSE\Desktop\aswMBR.txt
2014-10-04 03:03 - 2014-10-04 03:03 - 00000512 _____ () C:\Users\JOSE\Desktop\MBR.dat
2014-10-04 02:55 - 2014-10-04 02:55 - 00000086 _____ () C:\Users\JOSE\Desktop\Conduit - Virus, Spyware & Malware Removal.url
2014-10-04 02:09 - 2014-10-04 02:11 - 05185536 _____ (AVAST Software) C:\Users\JOSE\Desktop\aswMBR.exe
2014-10-04 02:02 - 2014-10-04 02:02 - 00000000 ____D () C:\ProgramData\Licenses
2014-10-04 02:01 - 2014-10-04 02:09 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-10-04 02:01 - 2014-10-04 02:01 - 00001087 _____ () C:\Users\Public\Desktop\SpywareBlaster.lnk
2014-10-04 02:01 - 2014-10-04 02:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2014-10-04 01:58 - 2014-10-04 01:58 - 00000096 _____ () C:\Users\JOSE\Desktop\Post Here for Malware Removal ....url
2014-10-04 01:08 - 2014-10-04 01:08 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-10-04 00:53 - 2014-10-04 00:53 - 00001145 _____ () C:\Users\JOSE\Desktop\Automatic Web Launcher.lnk
2014-10-04 00:41 - 2014-10-04 00:41 - 00001117 _____ () C:\Users\JOSE\Desktop\Gimnasia constante.lnk
2014-10-04 00:12 - 2014-10-04 00:12 - 00001106 _____ () C:\Users\JOSE\Desktop\Energy University.lnk
2014-10-03 23:22 - 2014-10-03 23:22 - 00001050 _____ () C:\Users\JOSE\Desktop\LopezRuiz.lnk
2014-10-03 23:21 - 2014-10-03 23:21 - 00001034 _____ () C:\Users\JOSE\Desktop\Conduit.lnk
2014-10-03 22:35 - 2010-04-08 20:13 - 00005680 ___SH () C:\Users\JOSE\Desktop\desktop (2).ini
2014-10-03 22:35 - 2010-04-08 20:13 - 00005680 ___SH () C:\Users\JOSE\Desktop\desktop (2) - copia.ini
2014-10-03 20:01 - 2014-10-03 20:01 - 00001204 _____ () C:\Users\JOSE\Desktop\Entrenamiento Mental-Simplifica.lnk
2014-10-03 20:00 - 2014-10-03 20:00 - 00001061 _____ () C:\Users\JOSE\Desktop\Chino-Ruso.lnk
2014-10-03 19:55 - 2014-10-03 19:55 - 00000532 _____ () C:\Windows\PFRO.log
2014-10-03 18:23 - 2014-09-29 15:38 - 00037987 _____ () C:\zoek-results2014-09-29-143831.log
2014-10-03 15:21 - 2014-10-03 15:23 - 00000000 ____D () C:\Users\JOSE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome
2014-10-03 15:21 - 2014-10-03 15:21 - 00000000 ____D () C:\Users\JOSE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-03 02:46 - 2014-10-03 02:46 - 00000000 ____D () C:\Users\JOSE\AppData\Roaming\Lavasoft
2014-10-03 02:45 - 2014-10-03 02:45 - 00000000 ____D () C:\Users\JOSE\AppData\Roaming\LavasoftStatistics
2014-10-03 02:45 - 2014-10-03 02:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2014-10-03 02:31 - 2014-10-03 02:31 - 00000000 ____D () C:\Program Files\Lavasoft
2014-10-03 02:24 - 2014-10-03 02:24 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-10-03 02:17 - 2014-10-03 02:17 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-10-03 01:52 - 2014-10-03 01:52 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-10-03 01:51 - 2014-10-03 02:39 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-10-03 01:51 - 2014-10-03 02:06 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-10-03 01:51 - 2014-10-03 01:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-10-03 01:51 - 2014-10-03 01:51 - 00001399 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-10-03 01:51 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-10-03 01:43 - 2014-10-04 03:17 - 00000000 ____D () C:\FRST
2014-10-03 00:19 - 2014-10-03 00:19 - 00001145 _____ () C:\Users\JOSE\Desktop\Entrenamiento auditivo.lnk
2014-10-02 23:36 - 2014-10-02 23:36 - 00000088 _____ () C:\Users\JOSE\Desktop\Mozilla Hispano • Ver Tema - Información posicionamiento addons.url
2014-10-02 22:45 - 2014-10-02 22:45 - 00047630 _____ () C:\Users\JOSE\Desktop\Vuelta al cole con Arduino.eml
2014-10-02 22:44 - 2014-10-02 22:44 - 00015141 _____ () C:\Users\JOSE\Desktop\Mira las nuevas tarifas. Las hemos ampliado! .eml
.eml2014-10-02 22:20 - 2014-10-02 22:20 - 00013524 _____ () C:\Users\JOSE\Desktop\Nueva fecha Seminario on line La medida de Turbidez.eml
2014-10-02 22:17 - 2014-10-02 22:17 - 00064033 _____ () C:\Users\JOSE\Desktop\Agenda Cultural Octubre 2014.eml
2014-10-02 22:16 - 2014-10-02 22:17 - 00099332 _____ () C:\Users\JOSE\Desktop\CIRCULAR 207.2014 - GUÍA DE APLICACIÓN DEL DB HR (NUEVA VERSIÓN).eml
2014-10-02 22:16 - 2014-10-02 22:17 - 00010663 _____ () C:\Users\JOSE\Desktop\COMIDA ANTROPOLÓGICA EL MIÉRCOLES 8 DE OCTUBRE.eml
2014-10-02 21:56 - 2014-10-02 22:13 - 00000000 ____D () C:\Users\JOSE\AppData\Local\Popcorn-Time
2014-10-02 21:13 - 2014-10-02 21:13 - 00000000 ____D () C:\Users\JOSE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time
2014-10-02 21:13 - 2014-10-02 21:13 - 00000000 ____D () C:\Users\JOSE\AppData\Local\Popcorn Time
2014-10-01 23:43 - 2014-10-01 23:43 - 00000184 _____ () C:\Users\JOSE\Desktop\Control interruptor casero de pared - Arduino Forum.URL
2014-10-01 22:28 - 2014-10-02 01:56 - 00000000 ____D () C:\Users\JOSE\AppData\Roaming\SkyPath
2014-10-01 17:00 - 2014-10-03 22:20 - 00000786 _____ () C:\Windows\setupact.log
2014-10-01 17:00 - 2014-10-01 17:00 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-01 15:10 - 2014-10-01 15:10 - 00108320 _____ () C:\Users\JOSE\Documents\cc_20141001_151039.reg
2014-10-01 12:47 - 2014-10-01 12:47 - 00001102 _____ () C:\Users\JOSE\Desktop\Mozart.UNIDAD E.lnk
2014-10-01 11:43 - 2014-10-01 11:43 - 00000912 _____ () C:\Users\JOSE\Desktop\CRONO.10.2014.lnk
2014-10-01 00:18 - 2014-10-01 00:18 - 00000000 ____D () C:\Users\JOSE\AppData\Roaming\Easy Image Modifier
2014-09-30 20:51 - 2014-09-30 21:04 - 00000000 ____D () C:\Users\JOSE\Documents\Anki
2014-09-30 20:44 - 2014-09-30 20:44 - 00000758 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anki.lnk
2014-09-30 20:44 - 2014-09-30 20:44 - 00000000 ____D () C:\Program Files (x86)\Anki
2014-09-30 12:35 - 2014-09-30 12:35 - 00000000 _____ () C:\Users\JOSE\Desktop\borrador autorizacion ana.txt
2014-09-29 14:36 - 2014-10-03 18:33 - 00059967 _____ () C:\zoek-results.log
2014-09-29 00:31 - 2014-09-29 15:13 - 00000000 ____D () C:\zoek_backup
2014-09-29 00:07 - 2014-09-29 00:07 - 00000000 ____D () C:\Windows\ERUNT
2014-09-28 23:50 - 2014-09-28 23:50 - 00000000 ____D () C:\ProgramData\Unchecky
2014-09-28 23:50 - 2014-09-28 23:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky
2014-09-28 23:50 - 2014-09-28 23:50 - 00000000 ____D () C:\Program Files (x86)\Unchecky
2014-09-28 16:46 - 2014-09-28 16:47 - 00000116 _____ () C:\Users\JOSE\Desktop\Borrador el ayuntamiento contra el pueblo.txt
2014-09-28 03:08 - 2014-09-28 03:15 - 00000207 _____ () C:\Users\JOSE\.languagetool.cfg
2014-09-28 01:59 - 2014-09-28 02:08 - 00000706 _____ () C:\Users\JOSE\Desktop\Borrador razonamiento endesa.txt
2014-09-28 00:00 - 2014-09-28 00:00 - 00007611 _____ () C:\Users\JOSE\AppData\Local\Resmon.ResmonCfg
2014-09-26 13:54 - 2014-09-26 13:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-24 22:42 - 2014-09-24 22:42 - 00000000 ____D () C:\Users\JOSE\AppData\Local\ABBYY
2014-09-24 01:57 - 2014-09-24 01:57 - 00001308 _____ () C:\Users\JOSE\Desktop\251.14.proyecto.doc.lnk
2014-09-24 01:13 - 2014-09-24 01:13 - 00001245 _____ () C:\Users\JOSE\Desktop\ReOpen.exe.lnk
2014-09-23 13:32 - 2014-09-23 13:32 - 00001982 _____ () C:\Users\JOSE\Desktop\Explorer addons Escenario Addons.bat.lnk
2014-09-22 23:06 - 2014-09-22 23:06 - 00000000 _RSHD () C:\bootwiz
2014-09-22 21:04 - 2014-09-22 21:07 - 00001024 _____ () C:\Windows\system32\AutoPartNt.let
2014-09-22 21:04 - 2014-09-22 21:04 - 03106144 _____ (Acronis) C:\Windows\system32\AutoPartNt.exe
2014-09-22 19:26 - 2014-09-22 19:26 - 00001915 _____ () C:\Users\JOSE\Desktop\002.Desactivar Internet.bat.lnk
2014-09-22 19:26 - 2014-09-22 19:26 - 00001898 _____ () C:\Users\JOSE\Desktop\002.Activar Internet.bat.lnk
2014-09-22 18:56 - 2014-09-22 19:15 - 00004145 _____ () C:\Users\JOSE\Desktop\DesactivarInternet.notrota..bat
2014-09-22 15:15 - 2014-09-22 15:15 - 00000980 _____ () C:\Users\JOSE\Desktop\Teatro cine danza etc.lnk
2014-09-22 13:41 - 2014-09-22 19:23 - 00000000 ____D () C:\Users\JOSE\Desktop\Correos TB en proceso
2014-09-22 02:47 - 2014-09-22 02:47 - 00000000 ____D () C:\Users\JOSE\AppData\Roaming\Spacejock Software
2014-09-22 01:59 - 2014-09-22 01:59 - 00000926 _____ () C:\Users\JOSE\Desktop\Consultas.lnk
2014-09-22 00:57 - 2014-09-22 00:57 - 00000000 ____D () C:\Program Files (x86)\Shai Raiten
2014-09-22 00:44 - 2014-09-22 00:44 - 00002013 _____ () C:\Users\JOSE\Desktop\Reabrir residentes no imprescindibles.bat.lnk
2014-09-22 00:44 - 2014-09-22 00:44 - 00002010 _____ () C:\Users\JOSE\Desktop\reabrir servicios no imprescindibles.bat.lnk
2014-09-22 00:43 - 2014-09-22 00:43 - 00001999 _____ () C:\Users\JOSE\Desktop\matar residentes no imprescindibles.bat.lnk
2014-09-22 00:13 - 2014-09-22 00:13 - 00001915 _____ () C:\Users\JOSE\Desktop\unnecessary services w7.bat.lnk
2014-09-22 00:12 - 2014-09-22 00:12 - 00001943 _____ () C:\Users\JOSE\Desktop\desactivar-servicios-seguro.bat.txt.lnk
2014-09-22 00:12 - 2014-09-22 00:12 - 00001926 _____ () C:\Users\JOSE\Desktop\desactivar-servicios-mio.bat.lnk
2014-09-22 00:11 - 2014-09-22 00:11 - 00001454 _____ () C:\Users\JOSE\Desktop\batch.lnk
2014-09-21 20:54 - 2014-09-21 20:54 - 00001018 _____ () C:\Users\JOSE\Downloads\respaldo-configuracion-servicios.zip
2014-09-21 20:52 - 2014-09-26 00:54 - 00000000 ____D () C:\KMPlayer
2014-09-21 20:52 - 2014-09-21 20:52 - 00000000 ____D () C:\Users\JOSE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
2014-09-21 20:29 - 2014-09-26 13:32 - 00003860 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1411327760
2014-09-21 20:29 - 2014-09-26 13:32 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-09-21 20:29 - 2014-09-21 20:29 - 00001143 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-09-21 20:29 - 2014-09-21 20:29 - 00000000 ____D () C:\Users\JOSE\AppData\Roaming\Opera Software
2014-09-21 20:29 - 2014-09-21 20:29 - 00000000 ____D () C:\Users\JOSE\AppData\Local\Opera Software
2014-09-21 19:57 - 2014-06-16 07:01 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2014-09-21 19:57 - 2014-06-16 07:01 - 00110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2014-09-21 19:52 - 2014-09-21 19:52 - 00000898 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waterfox.lnk
2014-09-21 19:52 - 2014-09-21 19:52 - 00000000 ____D () C:\Program Files\Waterfox
2014-09-21 19:47 - 2014-09-21 19:47 - 00000000 ____D () C:\Users\JOSE\AppData\Roaming\Oracle
2014-09-21 19:45 - 2014-09-21 19:45 - 00000000 ____D () C:\Users\JOSE\AppData\Roaming\TuneUp Software
2014-09-21 19:44 - 2014-09-21 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-21 19:44 - 2014-07-25 12:55 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-09-21 19:44 - 2014-07-25 12:49 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-09-21 19:44 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-09-21 19:44 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-09-21 19:43 - 2014-09-21 19:44 - 00004487 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-09-21 19:32 - 2014-09-21 19:32 - 00076758 _____ () C:\Users\JOSE\Documents\cc_20140921_193207.reg
2014-09-21 19:29 - 2014-09-21 19:29 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-09-21 19:29 - 2014-09-21 19:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-09-21 19:29 - 2014-09-21 19:29 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-21 19:07 - 2014-10-01 23:01 - 00000000 ___SD () C:\Users\JOSE\Desktop\SkyPathUploads
2014-09-21 19:04 - 2014-10-01 22:27 - 00000000 ____D () C:\Users\JOSE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyPath
2014-09-21 19:04 - 2014-09-21 19:04 - 00000000 ____D () C:\Program Files\Imageshack
2014-09-21 17:28 - 2014-10-03 22:27 - 00000000 ____D () C:\ProgramData\WeFi
2014-09-21 15:49 - 2014-09-21 15:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PPC Keyword Generator
2014-09-21 15:49 - 2014-09-21 15:49 - 00000000 ____D () C:\Program Files (x86)\PPC Keyword Generator
2014-09-21 15:46 - 2014-09-21 15:46 - 00001101 _____ () C:\Users\JOSE\AppData\Roaming\Microsoft\Windows\Start Menu\Dictionary.lnk
2014-09-21 15:46 - 2014-09-21 15:46 - 00000000 ____D () C:\Program Files (x86)\Dictionary
2014-09-21 15:36 - 2014-09-21 15:36 - 00000000 ____D () C:\Users\JOSE\Documents\Launch-n-Go
2014-09-21 15:31 - 2014-09-21 17:28 - 00000000 ____D () C:\Users\JOSE\Documents\Automation Anywhere Server
2014-09-21 15:31 - 2014-09-21 15:31 - 00000000 ____D () C:\Users\Public\Documents\MS Engine
2014-09-21 15:28 - 2014-09-21 15:28 - 00000000 ____D () C:\Users\JOSE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Automation Anywhere Server 6.6
2014-09-21 15:27 - 2014-09-21 15:28 - 00000000 ____D () C:\Program Files (x86)\Automation Anywhere Server 6.6
2014-09-21 15:21 - 2014-09-21 15:21 - 00000000 ____D () C:\Users\JOSE\AppData\Local\Auspex
2014-09-21 15:14 - 2014-09-21 15:14 - 00000000 ____D () C:\Users\JOSE\AppData\Roaming\www.kiwix.org
2014-09-21 15:14 - 2014-09-21 15:14 - 00000000 ____D () C:\Users\JOSE\AppData\Local\www.kiwix.org
2014-09-21 14:36 - 2014-10-03 22:23 - 00000330 _____ () C:\Windows\Tasks\WefiStartup.job
2014-09-21 14:36 - 2014-09-21 20:08 - 00002550 _____ () C:\Windows\System32\Tasks\WefiStartup
2014-09-21 14:36 - 2014-09-21 14:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WeFi
2014-09-21 14:35 - 2014-09-21 14:36 - 00000000 ____D () C:\Program Files (x86)\WeFi
2014-09-21 13:12 - 2014-09-21 13:12 - 00000000 __HDC () C:\ProgramData\{A87EB928-0C6C-4071-AEF1-59E32BAEDF1B}
2014-09-21 13:12 - 2014-09-21 13:12 - 00000000 ____D () C:\Users\JOSE\AppData\Roaming\Stardock
2014-09-21 13:11 - 2014-09-21 13:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fences
2014-09-21 13:11 - 2014-09-21 13:11 - 00000000 ____D () C:\Program Files (x86)\Stardock
2014-09-21 05:22 - 2014-09-20 17:53 - 00001038 _____ () C:\Users\JOSE\Desktop\SOFTWARE NUEVO por probar.lnk
2014-09-21 05:22 - 2014-09-20 17:53 - 00001029 _____ () C:\Users\JOSE\Desktop\RecH.vbox.lnk
2014-09-21 05:22 - 2014-09-20 17:53 - 00000796 _____ () C:\Users\JOSE\Desktop\Utilidades Varias - Acceso directo.lnk
2014-09-21 05:21 - 2014-09-20 17:53 - 00001502 _____ () C:\Users\JOSE\Desktop\mv expedientes.lnk
2014-09-21 05:21 - 2014-09-20 17:53 - 00001462 _____ () C:\Users\JOSE\Desktop\mv comunicaciones.lnk
2014-09-21 05:21 - 2014-09-20 17:53 - 00001458 _____ () C:\Users\JOSE\Desktop\mv fusión total.lnk
2014-09-21 05:21 - 2014-09-20 17:53 - 00001438 _____ () C:\Users\JOSE\Desktop\mv luis yanes bello.lnk
2014-09-21 05:21 - 2014-09-20 17:53 - 00001378 _____ () C:\Users\JOSE\Desktop\FRASEO 2014.lnk
2014-09-21 05:21 - 2014-09-20 17:53 - 00001021 _____ () C:\Users\JOSE\Desktop\PRUEBAS SEO 2014.lnk
2014-09-21 05:21 - 2014-09-20 17:53 - 00000989 _____ () C:\Users\JOSE\Desktop\PROTECCION - Acceso directo.lnk
2014-09-21 05:21 - 2014-09-20 17:53 - 00000951 _____ () C:\Users\JOSE\Desktop\FRASEO.lnk
2014-09-21 05:21 - 2014-07-05 13:27 - 00000000 _____ () C:\Users\JOSE\Desktop\Instrucciones.txt
2014-09-21 05:20 - 2014-09-20 17:53 - 00001129 _____ () C:\Users\JOSE\Desktop\Beyondo.SEO.FRASEO.vbox.lnk
2014-09-21 05:20 - 2014-09-20 17:53 - 00000954 _____ () C:\Users\JOSE\Desktop\Descargas MER.lnk
2014-09-21 05:19 - 2014-09-20 17:53 - 00000923 _____ () C:\Users\JOSE\Desktop\251.14.javier.lnk
2014-09-21 05:19 - 2014-09-20 17:53 - 00000923 _____ () C:\Users\JOSE\Desktop\247.14.Segundo Generador.lnk
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-04 03:18 - 2014-04-05 11:58 - 00000838 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-04 03:01 - 2014-04-03 02:00 - 00000000 ____D () C:\Users\JOSE\AppData\Roaming\Thunderbird
2014-10-04 02:55 - 2010-04-08 18:34 - 01719262 _____ () C:\Windows\WindowsUpdate.log
2014-10-04 02:44 - 2010-04-08 21:12 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-04 02:12 - 2010-04-08 18:50 - 00000000 ____D () C:\ProgramData\Temp
2014-10-03 22:29 - 2009-07-14 05:45 - 00017376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-03 22:29 - 2009-07-14 05:45 - 00017376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-03 22:20 - 2010-04-08 21:12 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-03 22:20 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-03 20:05 - 2014-03-27 14:34 - 00000000 ____D () C:\Users\JOSE\Documents\PhraseExpress
2014-10-03 19:53 - 2014-05-06 20:41 - 00000000 ____D () C:\AdwCleaner
2014-10-03 17:42 - 2014-04-10 22:09 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-10-03 17:02 - 2010-04-08 21:33 - 00000000 ____D () C:\Windows\system32\Drivers\Avg
2014-10-03 15:39 - 2014-04-18 02:31 - 00000000 ___RD () C:\Users\JOSE\Desktop\Accesos ACER W7
2014-10-02 22:55 - 2014-04-10 21:41 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-02 21:09 - 2014-04-05 10:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-10-02 21:09 - 2014-04-05 10:33 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-10-02 21:09 - 2014-04-05 10:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-10-02 01:33 - 2014-04-08 03:03 - 00115584 _____ () C:\Users\JOSE\AppData\Roaming\GDIPFONTCACHEV1.DAT
2014-10-01 01:20 - 2010-04-09 04:26 - 00744986 _____ () C:\Windows\system32\perfh00A.dat
2014-10-01 01:20 - 2010-04-09 04:26 - 00157454 _____ () C:\Windows\system32\perfc00A.dat
2014-10-01 01:20 - 2009-07-14 06:13 - 01669262 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-28 03:08 - 2010-04-08 18:39 - 00000000 ____D () C:\Users\JOSE
2014-09-26 22:11 - 2014-04-10 04:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-23 03:08 - 2005-07-04 01:11 - 00057344 _____ (Optimum X) C:\Users\JOSE\Desktop\Shortcut.exe
2014-09-23 01:14 - 2014-04-12 20:48 - 00000000 ____D () C:\Users\JOSE\AppData\Roaming\Acronis
2014-09-22 16:19 - 2010-03-14 19:12 - 00001461 _____ () C:\Users\JOSE\Desktop\MakeExeFromBat.bat
2014-09-22 00:23 - 2014-04-08 14:37 - 00000000 ____D () C:\Factusol 2000
2014-09-21 21:53 - 2014-04-05 11:58 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-21 21:53 - 2014-04-05 11:58 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-21 21:53 - 2014-04-05 11:58 - 00003776 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-21 19:57 - 2014-04-30 06:39 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-09-21 19:44 - 2014-04-08 00:27 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-21 19:33 - 2009-07-27 21:41 - 00000000 ____D () C:\Windows\Panther
2014-09-21 17:58 - 2014-04-10 21:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-21 17:58 - 2014-04-10 21:41 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-21 17:38 - 2010-04-08 21:12 - 00004096 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-09-21 17:38 - 2010-04-08 21:12 - 00003844 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-09-21 15:36 - 2014-04-26 00:18 - 00000000 ____D () C:\Users\JOSE\Documents\Automation Anywhere
2014-09-21 05:18 - 2010-04-08 20:14 - 00000000 ___RD () C:\Users\JOSE\Desktop\Utilidades Varias
2014-09-21 05:01 - 2014-04-22 05:07 - 00000000 ____D () C:\Users\JOSE\AppData\Roaming\OpenOffice.org2
2014-09-21 05:01 - 2014-03-28 04:41 - 00000000 ____D () C:\Windows\pss
2014-09-21 03:22 - 2014-05-15 23:03 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
Some content of TEMP:
====================
C:\Users\JOSE\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-22 23:33
==================== End Of Log ============================
#6
ken545
-
- Retired Classroom Teacher
-
- 23,225 posts
Forum God
- Interests:Fighting Malware and cooking some great Italian and TexMex food
-
Posted 04 October 2014 - 01:55 PM
You have posted at other sites for help, just so you know we are all volunteers that do this in our spare time helping people remove malware from there computers and we are spread pretty thin. We cannot have more than one forum and one helper helping you for the same problem, its very unfair to other people who are waiting for help.
If you want to continue here then you need to let the other people know in the other forums you have seeked help at and let them close your topic.
If you want to continue here, close all those other topics, send me a pm letting me know that you did this and I will reopen this one, until then, this topic will be closed
Thanks for wasting my time
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
Find us on Facebook
Please LIKE and SHARE
Just a reminder that threads will be closed if no reply in 3 days.
#7
ken545
-
- Retired Classroom Teacher
-
- 23,225 posts
Forum God
- Interests:Fighting Malware and cooking some great Italian and TexMex food
-
Posted 05 October 2014 - 05:06 PM
Your post has been Moved, Closed or Edited for one of the following reasons:
1.) You posted multiple topics at other forums
2.) You are spamming links to other places without approval
3.) Abusive language or other problems in your text
4.) Your topic is too old (20 days or more) and no replies from you after a volunteer tried to help you
This is a family oriented forum to help those that need help.
==============================
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
Find us on Facebook
Please LIKE and SHARE
Just a reminder that threads will be closed if no reply in 3 days.
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
