Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I have the same problem to remove de Gosavee extension from Chrome


  • This topic is locked This topic is locked
3 replies to this topic

#1 dospreguntas

dospreguntas

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:02:18 AM

Posted 19 September 2014 - 01:53 PM

Hi

can you help?

these are the copy of the logs of frst

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by 2014 (administrator) on 2014-PC on 19-09-2014 20:25:57
Running from C:\Users\2014\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Español (España, internacional)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\SysWOW64\NMSAccess64.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(BitTorrent Inc.) C:\Users\2014\AppData\Roaming\uTorrent\uTorrent.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4085896 2014-08-23] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2707992 2014-09-03] (Sony Corporation)
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-12-26] (Microsoft Corporation)
HKU\S-1-5-21-1019919434-4079251976-2657971504-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1019919434-4079251976-2657971504-1000\...\Run: [uTorrent] => C:\Users\2014\AppData\Roaming\uTorrent\uTorrent.exe [1416016 2014-09-18] (BitTorrent Inc.)
Startup: C:\Users\2014\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Supervisar alertas de tinta - HP Deskjet 1050 J410 series.lnk
ShortcutTarget: Supervisar alertas de tinta - HP Deskjet 1050 J410 series.lnk -> C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShA64.dll (AVAST Software)
BootExecute: autocheck autochk * PCloudBroom64.exe \systemroot\system32\BroomData.bit
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://es.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xCE4C57D0D9FFCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://es.yahoo.com?fr=hp-avast&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 62.81.29.254 62.81.16.213
 
FireFox:
========
FF ProfilePath: C:\Users\2014\AppData\Roaming\Mozilla\Firefox\Profiles\pwtqzf67.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\2014\AppData\Roaming\Mozilla\Firefox\Profiles\pwtqzf67.default\searchplugins\yahoo-avast.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\drae.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-es.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-es.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2014-06-06]
 
Chrome: 
=======
CHR HomePage: Default -> 
CHR StartupUrls: Default -> "https://www.google.com/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\2014\AppData\Local\Google\Chrome\User Data\default
CHR Extension: (GoSavee) - C:\Users\2014\AppData\Local\Google\Chrome\User Data\default\Extensions\aioaglgpapgcpoeldincnhcajakofbbm [2014-09-15]
CHR Extension: (Google Drive) - C:\Users\2014\AppData\Local\Google\Chrome\User Data\default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-06]
CHR Extension: (YouTube) - C:\Users\2014\AppData\Local\Google\Chrome\User Data\default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-06]
CHR Extension: (Búsqueda de Google) - C:\Users\2014\AppData\Local\Google\Chrome\User Data\default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-06]
CHR Extension: (Google Wallet) - C:\Users\2014\AppData\Local\Google\Chrome\User Data\default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-06]
CHR Extension: (Gmail) - C:\Users\2014\AppData\Local\Google\Chrome\User Data\default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-06]
CHR Extension: (GoSavee) - C:\Users\2014\AppData\Local\Google\Chrome\User Data\default\Extensions\aioaglgpapgcpoeldincnhcajakofbbm\2.0 [2014-09-15]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2014-08-23]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-08-23] (AVAST Software)
R2 NMSAccess64; C:\Windows\SysWOW64\NMSAccess64.exe [82872 2009-01-12] ()
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [484888 2014-09-03] (Sony Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-23] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-23] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-23] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-23] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-23] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-23] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-23] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-23] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-12-23] (Disc Soft Ltd)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-19 20:25 - 2014-09-19 20:26 - 00012676 _____ () C:\Users\2014\Desktop\FRST.txt
2014-09-19 20:25 - 2014-09-19 20:25 - 00000000 ____D () C:\FRST
2014-09-19 20:24 - 2014-09-19 20:24 - 02105856 _____ (Farbar) C:\Users\2014\Desktop\FRST64.exe
2014-09-19 18:59 - 2014-09-19 18:59 - 00000605 _____ () C:\Users\2014\Downloads\769878401_AU14-009553421.txt
2014-09-19 00:09 - 2014-09-19 00:14 - 00000000 ____D () C:\Users\2014\Desktop\videos evangelisticos
2014-09-18 00:40 - 2014-09-18 00:56 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-09-18 00:38 - 2014-09-18 00:39 - 11194928 _____ (SurfRight B.V.) C:\Users\2014\Downloads\HitmanPro_x64.exe
2014-09-18 00:29 - 2014-09-18 00:29 - 00001332 _____ () C:\Users\2014\Desktop\JRT.txt
2014-09-18 00:19 - 2014-09-18 00:19 - 00000000 ____D () C:\Windows\ERUNT
2014-09-18 00:17 - 2014-09-18 00:17 - 01016035 _____ (Thisisu) C:\Users\2014\Downloads\JRT.exe
2014-09-18 00:07 - 2014-09-18 00:07 - 01373475 _____ () C:\Users\2014\Downloads\adwcleaner_3.310.exe
2014-09-17 23:36 - 2014-09-17 23:36 - 00000920 _____ () C:\Windows\SysWOW64\BroomData.bit
2014-09-17 23:36 - 2013-04-08 16:30 - 00022752 _____ () C:\Windows\system32\PCloudBroom64.exe
2014-09-17 23:05 - 2014-09-17 23:05 - 00001296 _____ () C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
2014-09-17 23:05 - 2014-09-17 23:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2014-09-17 23:05 - 2014-09-17 23:05 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-09-17 23:05 - 2013-04-29 09:17 - 00047632 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2014-09-17 22:59 - 2014-09-17 22:59 - 00001782 _____ () C:\sc-cleaner.txt
2014-09-17 22:58 - 2014-09-17 22:59 - 00441592 _____ (Bleeping Computer, LLC) C:\Users\2014\Downloads\sc-cleaner.exe
2014-09-17 22:56 - 2014-09-17 22:57 - 32305576 _____ (Panda Security ) C:\Users\2014\Downloads\PandaCloudCleaner.exe
2014-09-17 22:44 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-17 22:43 - 2014-09-18 00:09 - 00000000 ____D () C:\AdwCleaner
2014-09-17 22:43 - 2014-09-17 22:43 - 01373475 _____ () C:\Users\2014\Downloads\AdwCleaner.exe
2014-09-17 22:38 - 2014-09-17 22:40 - 00004262 _____ () C:\Users\2014\Desktop\Rkill.txt
2014-09-17 22:36 - 2014-09-17 22:36 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\2014\Downloads\rkill.exe
2014-09-16 22:28 - 2014-09-16 22:28 - 00010996 _____ () C:\Users\2014\Downloads\4224_downton_abbey_--_temporada_4_[hdtv][cap.407][espanol_castellano].torrent
2014-09-16 22:27 - 2014-09-16 22:27 - 00011056 _____ () C:\Users\2014\Downloads\3045_downton_abbey_--_temporada_4_[hdtv][cap.406][espanol_castellano].torrent
2014-09-16 22:26 - 2014-09-16 22:26 - 00021075 _____ () C:\Users\2014\Downloads\1192_downton_abbey_--_temporada_4_[hdtv][cap.405][espanol_castellano].torrent
2014-09-16 22:25 - 2014-09-16 22:25 - 00011075 _____ () C:\Users\2014\Downloads\9990_downton_abbey_--_temporada_4_[hdtv][cap.404][espanol_castellano].torrent
2014-09-16 22:24 - 2014-09-16 22:24 - 00011015 _____ () C:\Users\2014\Downloads\3463_downton_abbey_--_temporada_4_[hdtv][cap.403][espanol_castellano].torrent
2014-09-16 22:23 - 2014-09-16 22:23 - 00011044 _____ () C:\Users\2014\Downloads\1625_downton_abbey_--_temporada_4_[hdtv][cap.402][espanol_castellano].torrent
2014-09-16 22:22 - 2014-09-16 22:22 - 00015204 _____ () C:\Users\2014\Downloads\5411_downton_abbey_--_temporada_4_[hdtv][cap.401][espanol_castellano].torrent
2014-09-16 22:21 - 2014-09-16 22:21 - 00014525 _____ () C:\Users\2014\Downloads\2646_downton_abbey_--_temporada_4_[hdtv][cap.400][espanol_castellano].torrent
2014-09-16 22:18 - 2014-09-16 22:18 - 00015355 _____ () C:\Users\2014\Downloads\6949_downton_abbey_--_temporada_4_[hdtv][cap.408][espanol_castellano].torrent
2014-09-16 21:49 - 2014-09-16 21:49 - 00024773 _____ () C:\Users\2014\Downloads\Shrek.4.3D.1080p.BluRay.x264.%5BSBT%5D.t21681.torrent
2014-09-16 21:20 - 2014-09-16 21:20 - 00000861 _____ () C:\Users\2014\Desktop\µTorrent.lnk
2014-09-16 21:19 - 2014-09-19 20:25 - 00000000 ____D () C:\Users\2014\AppData\Roaming\uTorrent
2014-09-16 21:19 - 2014-09-16 21:19 - 03850496 _____ (Systweak Inc ) C:\Users\2014\Desktop\rcpsetup_sdl_en_sdl_en.exe
2014-09-16 21:19 - 2014-09-16 21:19 - 01936720 _____ (BitTorrent Inc.) C:\Users\2014\Desktop\uTorrent_3_4_2_32691.exe
2014-09-15 23:45 - 2014-09-16 21:33 - 00000000 ____D () C:\ProgramData\YouTubeeADBlocke
2014-09-15 23:45 - 2014-09-16 21:33 - 00000000 ____D () C:\ProgramData\GooSavE
2014-09-15 23:45 - 2014-09-16 21:33 - 00000000 ____D () C:\Program Files (x86)\YouTubeeADBlocke
2014-09-15 23:45 - 2014-09-16 21:33 - 00000000 ____D () C:\Program Files (x86)\GooSavE
2014-09-15 23:41 - 2014-09-15 23:45 - 00000000 ____D () C:\ProgramData\1b960f7e12c8a21a
2014-09-15 23:41 - 2014-09-15 23:41 - 00000418 __RSH () C:\ProgramData\ntuser.pol
2014-09-15 23:41 - 2014-09-15 23:41 - 00000000 ____D () C:\Users\Invitado\AppData\Local\Google
2014-09-15 23:41 - 2014-09-15 23:41 - 00000000 ____D () C:\Users\Invitado\AppData\Local\Comodo
2014-09-15 23:41 - 2014-09-15 23:41 - 00000000 ____D () C:\Users\Invitado
2014-09-15 23:41 - 2014-09-15 23:41 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-09-15 23:41 - 2014-09-15 23:41 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-09-15 23:41 - 2014-09-15 23:41 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-09-15 23:41 - 2014-09-15 23:41 - 00000000 ____D () C:\Users\Administrador\AppData\Local\Google
2014-09-15 23:41 - 2014-09-15 23:41 - 00000000 ____D () C:\Users\Administrador\AppData\Local\Comodo
2014-09-15 23:41 - 2014-09-15 23:41 - 00000000 ____D () C:\Users\Administrador
2014-09-15 23:41 - 2014-09-15 23:41 - 00000000 ____D () C:\Users\2014\AppData\Local\Comodo
2014-09-15 22:41 - 2014-09-15 22:41 - 00045189 _____ () C:\Users\2014\Downloads\3.Dias.Para.Matar.DVDR.[Eng-Spa].[www.MoviesDVDR.com].torrent
2014-09-08 19:58 - 2014-09-08 19:58 - 00002098 _____ () C:\Users\Public\Desktop\FotoLibro.lnk
2014-09-05 23:42 - 2014-09-05 23:49 - 00000000 ____D () C:\Users\2014\Desktop\benasque14
2014-09-05 21:26 - 2014-09-05 21:26 - 00001964 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home.lnk
2014-09-05 21:26 - 2014-09-05 21:26 - 00001940 _____ () C:\Users\Public\Desktop\PlayMemories Home.lnk
2014-09-05 21:26 - 2014-09-05 21:26 - 00001842 _____ () C:\Users\Public\Desktop\Ayuda de PlayMemories Home.lnk
2014-09-05 21:26 - 2014-09-05 21:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home
2014-09-05 19:32 - 2014-09-05 19:33 - 00000000 ____D () C:\Users\2014\Desktop\Carmen
2014-08-26 17:40 - 2014-09-08 19:58 - 00002114 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\FotoLibro.lnk
2014-08-26 17:40 - 2014-08-26 17:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FotoPrix
2014-08-26 17:30 - 2014-08-26 17:30 - 00000000 ____D () C:\Program Files (x86)\Fotoprix
2014-08-26 17:03 - 2014-08-26 17:17 - 06103512 _____ (Systweak Software ) C:\Users\2014\Downloads\afosetup_pha.exe
2014-08-23 09:52 - 2014-08-23 09:52 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-22 01:38 - 2014-08-22 01:38 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_ZuneDriver_01_09_00.Wdf
2014-08-22 01:38 - 2014-08-22 01:38 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf
2014-08-22 01:37 - 2014-08-22 01:37 - 00000000 ___RD () C:\Users\2014\Podcasts
2014-08-22 01:33 - 2014-08-22 01:36 - 00000000 ____D () C:\Program Files\Zune
2014-08-22 01:33 - 2014-08-22 01:33 - 00000937 _____ () C:\Users\Public\Desktop\Zune.lnk
2014-08-22 01:33 - 2014-08-22 01:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zune
2014-08-22 00:38 - 2014-08-22 01:29 - 283639032 _____ (Microsoft Corporation) C:\Users\2014\Downloads\ZunePackage.exe
2014-08-22 00:36 - 2014-08-22 00:37 - 105664248 _____ (Microsoft Corporation) C:\Users\2014\Downloads\ZuneSetupPkg.exe
2014-08-21 12:39 - 2014-08-21 12:39 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-19 20:26 - 2014-09-19 20:25 - 00012676 _____ () C:\Users\2014\Desktop\FRST.txt
2014-09-19 20:25 - 2014-09-19 20:25 - 00000000 ____D () C:\FRST
2014-09-19 20:25 - 2014-09-16 21:19 - 00000000 ____D () C:\Users\2014\AppData\Roaming\uTorrent
2014-09-19 20:24 - 2014-09-19 20:24 - 02105856 _____ (Farbar) C:\Users\2014\Desktop\FRST64.exe
2014-09-19 19:35 - 2014-01-03 23:02 - 00000838 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-19 19:31 - 2014-06-06 22:07 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-19 18:59 - 2014-09-19 18:59 - 00000605 _____ () C:\Users\2014\Downloads\769878401_AU14-009553421.txt
2014-09-19 18:45 - 2009-07-14 06:45 - 00020800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-19 18:45 - 2009-07-14 06:45 - 00020800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-19 18:41 - 2002-01-01 02:31 - 01840968 _____ () C:\Windows\WindowsUpdate.log
2014-09-19 18:40 - 2014-06-30 21:26 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-19 18:37 - 2014-06-15 05:57 - 00023696 _____ () C:\Windows\setupact.log
2014-09-19 18:37 - 2014-06-06 22:07 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-19 18:37 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-19 00:14 - 2014-09-19 00:09 - 00000000 ____D () C:\Users\2014\Desktop\videos evangelisticos
2014-09-19 00:00 - 2013-12-23 14:28 - 00000000 ____D () C:\Users\2014\AppData\Roaming\DAEMON Tools Lite
2014-09-18 23:58 - 2014-06-06 21:55 - 00004184 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-18 22:53 - 2014-02-22 15:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-18 22:41 - 2014-06-15 22:57 - 00023438 _____ () C:\Windows\PFRO.log
2014-09-18 00:56 - 2014-09-18 00:40 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-09-18 00:39 - 2014-09-18 00:38 - 11194928 _____ (SurfRight B.V.) C:\Users\2014\Downloads\HitmanPro_x64.exe
2014-09-18 00:31 - 2009-07-14 06:45 - 00000000 ____D () C:\Windows\Setup
2014-09-18 00:29 - 2014-09-18 00:29 - 00001332 _____ () C:\Users\2014\Desktop\JRT.txt
2014-09-18 00:19 - 2014-09-18 00:19 - 00000000 ____D () C:\Windows\ERUNT
2014-09-18 00:17 - 2014-09-18 00:17 - 01016035 _____ (Thisisu) C:\Users\2014\Downloads\JRT.exe
2014-09-18 00:12 - 2014-06-15 13:03 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-18 00:09 - 2014-09-17 22:43 - 00000000 ____D () C:\AdwCleaner
2014-09-18 00:07 - 2014-09-18 00:07 - 01373475 _____ () C:\Users\2014\Downloads\adwcleaner_3.310.exe
2014-09-17 23:36 - 2014-09-17 23:36 - 00000920 _____ () C:\Windows\SysWOW64\BroomData.bit
2014-09-17 23:36 - 2014-01-05 20:23 - 00000000 ____D () C:\Program Files (x86)\Rayman Legends
2014-09-17 23:05 - 2014-09-17 23:05 - 00001296 _____ () C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
2014-09-17 23:05 - 2014-09-17 23:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2014-09-17 23:05 - 2014-09-17 23:05 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-09-17 22:59 - 2014-09-17 22:59 - 00001782 _____ () C:\sc-cleaner.txt
2014-09-17 22:59 - 2014-09-17 22:58 - 00441592 _____ (Bleeping Computer, LLC) C:\Users\2014\Downloads\sc-cleaner.exe
2014-09-17 22:57 - 2014-09-17 22:56 - 32305576 _____ (Panda Security ) C:\Users\2014\Downloads\PandaCloudCleaner.exe
2014-09-17 22:43 - 2014-09-17 22:43 - 01373475 _____ () C:\Users\2014\Downloads\AdwCleaner.exe
2014-09-17 22:40 - 2014-09-17 22:38 - 00004262 _____ () C:\Users\2014\Desktop\Rkill.txt
2014-09-17 22:36 - 2014-09-17 22:36 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\2014\Downloads\rkill.exe
2014-09-17 21:31 - 2009-07-14 11:31 - 00747396 _____ () C:\Windows\system32\perfh00A.dat
2014-09-17 21:31 - 2009-07-14 11:31 - 00158868 _____ () C:\Windows\system32\perfc00A.dat
2014-09-17 21:31 - 2009-07-14 07:13 - 01676890 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-16 22:55 - 2014-04-20 10:11 - 00000000 ____D () C:\Users\2014\Desktop\Pelis
2014-09-16 22:28 - 2014-09-16 22:28 - 00010996 _____ () C:\Users\2014\Downloads\4224_downton_abbey_--_temporada_4_[hdtv][cap.407][espanol_castellano].torrent
2014-09-16 22:27 - 2014-09-16 22:27 - 00011056 _____ () C:\Users\2014\Downloads\3045_downton_abbey_--_temporada_4_[hdtv][cap.406][espanol_castellano].torrent
2014-09-16 22:26 - 2014-09-16 22:26 - 00021075 _____ () C:\Users\2014\Downloads\1192_downton_abbey_--_temporada_4_[hdtv][cap.405][espanol_castellano].torrent
2014-09-16 22:25 - 2014-09-16 22:25 - 00011075 _____ () C:\Users\2014\Downloads\9990_downton_abbey_--_temporada_4_[hdtv][cap.404][espanol_castellano].torrent
2014-09-16 22:24 - 2014-09-16 22:24 - 00011015 _____ () C:\Users\2014\Downloads\3463_downton_abbey_--_temporada_4_[hdtv][cap.403][espanol_castellano].torrent
2014-09-16 22:23 - 2014-09-16 22:23 - 00011044 _____ () C:\Users\2014\Downloads\1625_downton_abbey_--_temporada_4_[hdtv][cap.402][espanol_castellano].torrent
2014-09-16 22:22 - 2014-09-16 22:22 - 00015204 _____ () C:\Users\2014\Downloads\5411_downton_abbey_--_temporada_4_[hdtv][cap.401][espanol_castellano].torrent
2014-09-16 22:21 - 2014-09-16 22:21 - 00014525 _____ () C:\Users\2014\Downloads\2646_downton_abbey_--_temporada_4_[hdtv][cap.400][espanol_castellano].torrent
2014-09-16 22:18 - 2014-09-16 22:18 - 00015355 _____ () C:\Users\2014\Downloads\6949_downton_abbey_--_temporada_4_[hdtv][cap.408][espanol_castellano].torrent
2014-09-16 21:57 - 2014-01-04 16:10 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-09-16 21:49 - 2014-09-16 21:49 - 00024773 _____ () C:\Users\2014\Downloads\Shrek.4.3D.1080p.BluRay.x264.%5BSBT%5D.t21681.torrent
2014-09-16 21:33 - 2014-09-15 23:45 - 00000000 ____D () C:\ProgramData\YouTubeeADBlocke
2014-09-16 21:33 - 2014-09-15 23:45 - 00000000 ____D () C:\ProgramData\GooSavE
2014-09-16 21:33 - 2014-09-15 23:45 - 00000000 ____D () C:\Program Files (x86)\YouTubeeADBlocke
2014-09-16 21:33 - 2014-09-15 23:45 - 00000000 ____D () C:\Program Files (x86)\GooSavE
2014-09-16 21:20 - 2014-09-16 21:20 - 00000861 _____ () C:\Users\2014\Desktop\µTorrent.lnk
2014-09-16 21:19 - 2014-09-16 21:19 - 03850496 _____ (Systweak Inc ) C:\Users\2014\Desktop\rcpsetup_sdl_en_sdl_en.exe
2014-09-16 21:19 - 2014-09-16 21:19 - 01936720 _____ (BitTorrent Inc.) C:\Users\2014\Desktop\uTorrent_3_4_2_32691.exe
2014-09-16 21:16 - 2014-01-04 16:15 - 00000000 ____D () C:\Users\2014\AppData\Roaming\BitTorrent
2014-09-15 23:45 - 2014-09-15 23:41 - 00000000 ____D () C:\ProgramData\1b960f7e12c8a21a
2014-09-15 23:41 - 2014-09-15 23:41 - 00000418 __RSH () C:\ProgramData\ntuser.pol
2014-09-15 23:41 - 2014-09-15 23:41 - 00000000 ____D () C:\Users\Invitado\AppData\Local\Google
2014-09-15 23:41 - 2014-09-15 23:41 - 00000000 ____D () C:\Users\Invitado\AppData\Local\Comodo
2014-09-15 23:41 - 2014-09-15 23:41 - 00000000 ____D () C:\Users\Invitado
2014-09-15 23:41 - 2014-09-15 23:41 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-09-15 23:41 - 2014-09-15 23:41 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-09-15 23:41 - 2014-09-15 23:41 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-09-15 23:41 - 2014-09-15 23:41 - 00000000 ____D () C:\Users\Administrador\AppData\Local\Google
2014-09-15 23:41 - 2014-09-15 23:41 - 00000000 ____D () C:\Users\Administrador\AppData\Local\Comodo
2014-09-15 23:41 - 2014-09-15 23:41 - 00000000 ____D () C:\Users\Administrador
2014-09-15 23:41 - 2014-09-15 23:41 - 00000000 ____D () C:\Users\2014\AppData\Local\Comodo
2014-09-15 23:41 - 2014-06-06 22:07 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-15 23:41 - 2013-12-23 14:28 - 00000000 ____D () C:\Users\2014\AppData\Local\Google
2014-09-15 23:41 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-09-15 23:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-09-15 22:41 - 2014-09-15 22:41 - 00045189 _____ () C:\Users\2014\Downloads\3.Dias.Para.Matar.DVDR.[Eng-Spa].[www.MoviesDVDR.com].torrent
2014-09-10 22:35 - 2014-01-03 23:02 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-10 22:35 - 2014-01-03 23:02 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-10 22:35 - 2014-01-03 23:02 - 00003776 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-10 22:34 - 2014-06-06 22:25 - 00002191 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-10 22:10 - 2014-06-15 05:57 - 00787896 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-08 20:01 - 2014-06-15 10:02 - 00192112 _____ () C:\Users\2014\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-08 19:58 - 2014-09-08 19:58 - 00002098 _____ () C:\Users\Public\Desktop\FotoLibro.lnk
2014-09-08 19:58 - 2014-08-26 17:40 - 00002114 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\FotoLibro.lnk
2014-09-08 19:55 - 2002-01-03 10:57 - 00000000 ____D () C:\ProgramData\Adobe
2014-09-05 23:49 - 2014-09-05 23:42 - 00000000 ____D () C:\Users\2014\Desktop\benasque14
2014-09-05 21:26 - 2014-09-05 21:26 - 00001964 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home.lnk
2014-09-05 21:26 - 2014-09-05 21:26 - 00001940 _____ () C:\Users\Public\Desktop\PlayMemories Home.lnk
2014-09-05 21:26 - 2014-09-05 21:26 - 00001842 _____ () C:\Users\Public\Desktop\Ayuda de PlayMemories Home.lnk
2014-09-05 21:26 - 2014-09-05 21:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home
2014-09-05 19:33 - 2014-09-05 19:32 - 00000000 ____D () C:\Users\2014\Desktop\Carmen
2014-08-26 17:40 - 2014-08-26 17:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FotoPrix
2014-08-26 17:30 - 2014-08-26 17:30 - 00000000 ____D () C:\Program Files (x86)\Fotoprix
2014-08-26 17:30 - 2014-01-03 23:02 - 00000000 ____D () C:\Users\2014\AppData\Roaming\Adobe
2014-08-26 17:30 - 2002-01-03 10:56 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-08-26 17:17 - 2014-08-26 17:03 - 06103512 _____ (Systweak Software ) C:\Users\2014\Downloads\afosetup_pha.exe
2014-08-23 09:52 - 2014-08-23 09:52 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-23 09:52 - 2014-06-06 22:01 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-08-23 09:52 - 2014-06-06 22:01 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-23 09:52 - 2014-06-06 21:55 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-08-23 09:52 - 2014-06-06 21:55 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-08-23 09:52 - 2014-06-06 21:55 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-08-23 09:52 - 2014-06-06 21:55 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-08-23 09:52 - 2014-06-06 21:55 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-08-23 09:52 - 2013-12-23 14:19 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-08-23 09:52 - 2013-12-23 14:19 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-08-23 09:52 - 2013-12-23 14:19 - 00001987 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-08-22 01:38 - 2014-08-22 01:38 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_ZuneDriver_01_09_00.Wdf
2014-08-22 01:38 - 2014-08-22 01:38 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf
2014-08-22 01:37 - 2014-08-22 01:37 - 00000000 ___RD () C:\Users\2014\Podcasts
2014-08-22 01:37 - 2013-12-23 12:36 - 00000000 ____D () C:\Users\2014
2014-08-22 01:36 - 2014-08-22 01:33 - 00000000 ____D () C:\Program Files\Zune
2014-08-22 01:33 - 2014-08-22 01:33 - 00000937 _____ () C:\Users\Public\Desktop\Zune.lnk
2014-08-22 01:33 - 2014-08-22 01:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zune
2014-08-22 01:32 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-08-22 01:29 - 2014-08-22 00:38 - 283639032 _____ (Microsoft Corporation) C:\Users\2014\Downloads\ZunePackage.exe
2014-08-22 00:37 - 2014-08-22 00:36 - 105664248 _____ (Microsoft Corporation) C:\Users\2014\Downloads\ZuneSetupPkg.exe
2014-08-21 12:39 - 2014-08-21 12:39 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
 
Some content of TEMP:
====================
C:\Users\2014\AppData\Local\Temp\Update 4.9.48.284.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-19 19:42
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by 2014 at 2014-09-19 20:26:54
Running from C:\Users\2014\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34024 - BitTorrent Inc.)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Advanced File Optimizer (HKLM-x32\...\Advanced File Optimizer_is1) (Version: 2.1.1000.10518 - Systweak Software)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
Belkin F5D8053 N Wireless USB Adapter (HKLM-x32\...\InstallShield_{E6607F5B-50E7-4B54-81B7-F0600E3C8CF4}) (Version: 2.0.0.04 - Belkin)
Belkin F5D8053 N Wireless USB Adapter (x32 Version: 2.0.0.04 - Belkin) Hidden
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{2BC398D2-11C8-43B1-AB84-675D33EB28C2}) (Version:  - Microsoft)
Eines de correcció del Microsoft Office 2013: català (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Ferramentas de verificación de Microsoft Office 2013 - Galego (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
FotoPrix FotoLibro v4 (HKLM-x32\...\{2FEC2258-5F07-400B-82AE-232510ED187D}) (Version: 6.10.0049 - FotoPrix, S.A.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HP Deskjet 1050 J410 series Ayuda (HKLM-x32\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard)
HP Deskjet 1050 J410 series Estudio para la mejora del producto (HKLM\...\{857BB9C2-560B-4D85-A586-7CCDF1D4CB15}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 1050 J410 series Software básico del dispositivo (HKLM\...\{C585DE2E-0AC0-404C-AC0E-8F5ED300BA93}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
Malwarebytes Anti-Malware versión 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MergeModule_x64 (Version: 9.0.00 - Sony Corporation) Hidden
MergeModule_x86 (x32 Version: 9.0.00 - Sony Corporation) Hidden
Microsoft .NET Framework 4.5.1 (ESN) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (Spanish) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Spanish) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (Spanish) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Spanish) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Spanish) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (Spanish) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Spanish) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Spanish) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Spanish) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Spanish) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Spanish) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office zuzenketa-tresnak 2013 - Euskara (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (Spanish) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Spanish) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Spanish) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Spanish) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Word MUI (Spanish) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 es-ES) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 es-ES)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MPC-HC 1.7.1 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.1.0 - MPC-HC Team)
NMSDVDX64 v1.1 (HKLM\...\{49C4A807-A535-4E85-BD6D-5A7803473CA3}) (Version: 1.01.0001 - FOTOPRIX)
NVIDIA Controlador de audio HD 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Controlador de la controladora 3D Vision 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.154.1168 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA Software del sistema PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.0.104 - Panda Security)
Panel de control de NVIDIA 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
PlayMemories Home (HKLM-x32\...\{93AA5B49-0994-4EF6-80F3-868C9CEA88ED}) (Version: 4.0.00.09031 - Sony Corporation)
PMB_ModeEditor (x32 Version: 9.0.00 - Sony Corporation) Hidden
PMB_ServiceUploader (x32 Version: 9.0.00 - Sony Corporation) Hidden
Rayman Origins (HKLM-x32\...\Rayman Origins_is1) (Version:  - )
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.00042 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
SOHLib for PlayMemories Home (Version: 1.0.3.02170 - Sony Corporation) Hidden
Update for Microsoft Access 2013 (KB2768008) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{B101F909-A38F-4365-85F6-88582A35D922}) (Version:  - Microsoft)
Update for Microsoft Access 2013 (KB2768008) 32-Bit Edition (HKLM-x32\...\{90150000-0015-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{85B201E8-DBAE-4730-B587-C66226E1AF42}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2850074) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{9E727F9E-F177-4AB2-8DB3-3C2F38EF8926}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6E6B2968-B9D7-40C9-9FC2-8E729DDBB39C}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{8684D827-3E5D-4C1F-A217-6BF18A0A2344}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{B299B17D-874D-43DD-84AA-414BD9C70021}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{B299B17D-874D-43DD-84AA-414BD9C70021}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{9D63F9F1-B0C8-428D-AA6D-058B50ED80A5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{9D63F9F1-B0C8-428D-AA6D-058B50ED80A5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{B7EA8070-C37F-4617-82F4-52CF3304595A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2878313) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{1FB43AFB-8112-41B9-B9A6-A43474F46123}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{D27F6360-AE1E-4C8C-8ECD-C0375E20B923}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880464) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{06EF2BF7-7351-4D70-A0D5-588FCCF9808D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7C5CEE0F-6823-4BB7-A28F-76FEC14EB6AC}) (Version:  - Microsoft)
Update for Microsoft Project 2013 (KB2727085) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{DFC72135-28F1-48CD-B39A-AD28ED0AFEF5}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{A7CD05CC-CA85-428C-91FD-74A908D126E1}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.2 - Ubisoft)
Windows Mobile Device Updater Component (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)
Zune (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CHS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CHT) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CSY) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (DAN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (DEU) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ELL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ESP) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (FIN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (FRA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (HUN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (IND) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ITA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (JPN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (KOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (MSL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (NLD) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (NOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PLK) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PTB) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PTG) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (RUS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (SVE) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
05-09-2014 19:26:59 Se ha instalado DirectX
15-09-2014 21:14:23 Punto de control programado
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2014-01-02 23:44 - 2014-01-05 18:59 - 00000923 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 genuine.microsoft.com
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 sls.microsoft.com
 
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {467861B0-6E19-41EF-B65E-0C7944B216C9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {74F76CA1-5444-4C1C-976D-99F681E708D8} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [2014-08-23] (AVAST Software)
Task: {7F20147A-A72D-437A-B00D-33487A319E47} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {905037D8-93BA-461B-84F6-FE13A168874B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {A8D7F7C7-053B-4218-97D0-F8A0991ABD48} - System32\Tasks\{984B3F72-9DA5-452F-AD76-51E9ABE4F901} => E:\setup.exe
Task: {AED18F8F-EBE9-494B-949F-9639BE7B1672} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2014-01-16] (Sony Corporation)
Task: {CE43C602-518B-4DE6-96D4-824E2CA4689D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated)
Task: {E0C18A3A-C4AE-426D-8702-852A55AAE15E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {E92276AB-CDA3-45BA-B95F-1F962317F61F} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {F2977E0E-A546-4CF5-9910-E438A889691D} - System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-12-23 12:46 - 2014-05-20 03:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2009-01-12 07:15 - 2009-01-12 07:15 - 00082872 _____ () C:\Windows\SysWOW64\NMSAccess64.exe
2014-08-23 09:52 - 2014-08-23 09:52 - 00301152 _____ () C:\Program Files\Alwil Software\Avast5\aswProperty.dll
2014-09-19 00:05 - 2014-09-19 00:05 - 02864128 _____ () C:\Program Files\Alwil Software\Avast5\defs\14091804\algo.dll
2014-09-19 18:38 - 2014-09-19 18:38 - 02864128 _____ () C:\Program Files\Alwil Software\Avast5\defs\14091900\algo.dll
2014-09-19 18:46 - 2014-09-19 18:46 - 02864128 _____ () C:\Program Files\Alwil Software\Avast5\defs\14091901\algo.dll
2014-08-23 09:52 - 2014-08-23 09:52 - 19329904 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll
2014-09-10 22:34 - 2014-09-04 05:01 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libglesv2.dll
2014-09-10 22:34 - 2014-09-04 05:01 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libegl.dll
2014-09-10 22:34 - 2014-09-04 05:01 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll
2014-09-10 22:34 - 2014-09-04 05:01 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll
2014-09-10 22:34 - 2014-09-04 05:01 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll
2014-09-10 22:34 - 2014-09-04 05:01 - 14891848 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/19/2014 06:39:38 PM) (Source: MsiInstaller) (EventID: 1024) (User: 2014-PC)
Description: Producto: Adobe Reader XI (11.0.08) - Español - la actualización "{AC76BA86-7AD7-0000-2550-7A8C40011009}" no se pudo instalar. Código de error 1625. Windows Installer no puede crear registros para ayudar a solucionar problemas de instalación de paquetes de software. Use el vínculo siguiente para obtener instrucciones sobre la activación de la compatibilidad de registro: http://go.microsoft.com/fwlink/?LinkId=23127
 
Error: (09/18/2014 11:59:03 PM) (Source: MsiInstaller) (EventID: 1024) (User: 2014-PC)
Description: Producto: Adobe Reader XI (11.0.08) - Español - la actualización "{AC76BA86-7AD7-0000-2550-7A8C40011009}" no se pudo instalar. Código de error 1625. Windows Installer no puede crear registros para ayudar a solucionar problemas de instalación de paquetes de software. Use el vínculo siguiente para obtener instrucciones sobre la activación de la compatibilidad de registro: http://go.microsoft.com/fwlink/?LinkId=23127
 
Error: (09/18/2014 10:43:49 PM) (Source: MsiInstaller) (EventID: 1024) (User: 2014-PC)
Description: Producto: Adobe Reader XI (11.0.08) - Español - la actualización "{AC76BA86-7AD7-0000-2550-7A8C40011009}" no se pudo instalar. Código de error 1625. Windows Installer no puede crear registros para ayudar a solucionar problemas de instalación de paquetes de software. Use el vínculo siguiente para obtener instrucciones sobre la activación de la compatibilidad de registro: http://go.microsoft.com/fwlink/?LinkId=23127
 
Error: (09/18/2014 00:37:45 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Error al generar el contexto de activación para "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="&#x2a;",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0"1".
No se encontró el ensamblado dependiente Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="&#x2a;",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0".
Use sxstrace.exe para obtener un diagnóstico detallado.
 
 
System errors:
=============
Error: (09/19/2014 08:08:27 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Error al intentar leer el archivo local de hosts.
 
Error: (09/19/2014 07:39:08 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Error al intentar leer el archivo local de hosts.
 
Error: (09/19/2014 07:09:16 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Error al intentar leer el archivo local de hosts.
 
Error: (09/19/2014 06:40:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Servicio de Google Update (gupdate) no pudo iniciarse debido al siguiente error: 
%%2
 
Error: (09/19/2014 06:38:29 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Error al intentar leer el archivo local de hosts.
 
Error: (09/19/2014 06:38:29 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Error al intentar leer el archivo local de hosts.
 
Error: (09/19/2014 06:38:29 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Error al intentar leer el archivo local de hosts.
 
Error: (09/19/2014 06:38:04 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Error al intentar leer el archivo local de hosts.
 
Error: (09/19/2014 06:38:04 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Error al intentar leer el archivo local de hosts.
 
Error: (09/19/2014 06:37:48 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Error al intentar leer el archivo local de hosts.
 
 
Microsoft Office Sessions:
=========================
Error: (09/19/2014 06:39:38 PM) (Source: MsiInstaller) (EventID: 1024) (User: 2014-PC)
Description: Adobe Reader XI (11.0.08) - Español{AC76BA86-7AD7-0000-2550-7A8C40011009}1625(NULL)(NULL)(NULL)
 
Error: (09/18/2014 11:59:03 PM) (Source: MsiInstaller) (EventID: 1024) (User: 2014-PC)
Description: Adobe Reader XI (11.0.08) - Español{AC76BA86-7AD7-0000-2550-7A8C40011009}1625(NULL)(NULL)(NULL)
 
Error: (09/18/2014 10:43:49 PM) (Source: MsiInstaller) (EventID: 1024) (User: 2014-PC)
Description: Adobe Reader XI (11.0.08) - Español{AC76BA86-7AD7-0000-2550-7A8C40011009}1625(NULL)(NULL)(NULL)
 
Error: (09/18/2014 00:37:45 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="&#x2a;",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0"C:\Windows\System32\systemcpl.dll
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-09-19 20:25:07.195
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
 
  Date: 2014-09-19 19:45:12.565
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
 
  Date: 2014-09-19 19:20:19.490
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
 
  Date: 2014-09-19 19:07:30.403
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
 
  Date: 2014-09-19 18:37:42.421
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
 
  Date: 2014-09-19 00:14:12.196
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
 
  Date: 2014-09-18 23:58:02.359
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
 
  Date: 2014-09-18 23:53:04.593
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
 
  Date: 2014-09-18 23:32:53.751
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
 
  Date: 2014-09-18 23:22:56.688
  Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™2 CPU 6600 @ 2.40GHz
Percentage of memory in use: 25%
Total physical RAM: 7039.24 MB
Available physical RAM: 5245.21 MB
Total Pagefile: 14076.66 MB
Available Pagefile: 12242.11 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
 
==================== Drives ================================
 
Drive c: (Secundario) (Fixed) (Total:149.04 GB) (Free:55.79 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:74.52 GB) (Free:31.3 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (3_DIAS_PARA_MATAR_DVD9) (CDROM) (Total:4.36 GB) (Free:0 GB) UDF
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: C313C313)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 74.5 GB) (Disk ID: 9ED19ED1)
Partition 1: (Active) - (Size=74.5 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

 



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 40,246 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:18 PM

Posted 24 September 2014 - 07:12 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.

In Windows 7 and 8.
Press the [Windows Icon + R] and enter "notepad" in the box to open Notepad
 
start

HKLM-x32\...\Run: [] => [X]
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
CHR Extension: (GoSavee) - C:\Users\2014\AppData\Local\Google\Chrome\User Data\default\Extensions\aioaglgpapgcpoeldincnhcajakofbbm [2014-09-15]
CHR Extension: (GoSavee) - C:\Users\2014\AppData\Local\Google\Chrome\User Data\default\Extensions\aioaglgpapgcpoeldincnhcajakofbbm\2.0 [2014-09-15]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
C:\Users\2014\AppData\Local\Google\Chrome\User Data\default\Extensions\aioaglgpapgcpoeldincnhcajakofbbm

end

Save the files as fixlist.txt in to the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
====

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Uncheck the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
====

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.

If the site is busy or not available use this mirror site:
http://www.bleepingcomputer.com/download/securitycheck/

How is the computer running now?

#3 dospreguntas

dospreguntas
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:02:18 AM

Posted 24 September 2014 - 01:14 PM

thanks, but finally I solved it with AVG antivirus

best regards



#4 nasdaq

nasdaq

  • Malware Response Team
  • 40,246 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:18 PM

Posted 24 September 2014 - 01:31 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users