Liebe Helfer,

Meine Freundin hat ein HP Mini Notebook von ihrer Schwestern bekommen und der bereitet Probleme. Der PC ist unheimlich langsam (selbst fuer einen so schachen PC) und ich habe den Verdacht, dass Malware am Werk ist. Z.B. wechselt die Firefox Startseite immer auf eine Werbeseite (portaldosites*com).

Ich habe jetzt Sophos 10 installiert. Vorher waren aeltere Versionen von AVG und McAfee auf dem PC.

Koennt ihr mir bitte sagen, wie ich den Firefox clean bekomme und ob womoeglich noch andere Malware auf dem PC ist?

Vielen, vielen Dank!
Felix

Defogger

Code: Alles auswählenAufklappen

ATTFilter

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 19:44 on 10/11/2013 (Miranda)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         

FRST

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-11-2013 01
Ran by Miranda (administrator) on MIRANDA-HP on 10-11-2013 19:50:14
Running from C:\Users\Miranda\Desktop
Microsoft Windows 7 Starter  (X86) OS Language: Spanish Modern Sort
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files\WinZipper\winzipersvc.exe
(Wsys Co., Ltd.) C:\ProgramData\eSafe\eGdpSvc.exe
(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
() C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Microsoft Corp.) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG8\avgam.exe
(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG8\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG8\avgnsx.exe
(Iminent) C:\Program Files\Common Files\Umbrella\umbrella.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\loggingserver.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG8\avgtray.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\aestsrv.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [AVG8_TRAY] - C:\Program Files\AVG\AVG8\avgtray.exe [2042208 2012-11-07] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [tutoriales100_es_14] - [x]
HKLM\...\Run: [majtutoriales100_es_17] - [x]
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe [495708 2010-06-09] (IDT, Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-11-05] (Hewlett-Packard)
MountPoints2: E - E:\AutoRun.exe
MountPoints2: {3bacb821-1618-11e3-abd3-002682e21e10} - E:\AutoRun.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=SAMSUNGXHM250HI_S24FJ90Z922064&ts=1377203796
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=SAMSUNGXHM250HI_S24FJ90Z922064&ts=1377203796
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=SAMSUNGXHM250HI_S24FJ90Z922064&ts=1377203796
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=SAMSUNGXHM250HI_S24FJ90Z922064&ts=1377203796
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: HKCU - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} -  No File
URLSearchHook: HKCU - (No Name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} -  No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.portaldosites.com/?utm_source=b&utm_medium=slbnew&from=slbnew&uid=SAMSUNGXHM250HI_S24FJ90Z922064&ts=1364758821
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.portaldosites.com/web/?utm_source=b&utm_medium=slbnew&from=slbnew&uid=SAMSUNGXHM250HI_S24FJ90Z922064&ts=3407937
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.portaldosites.com/web/?utm_source=b&utm_medium=slbnew&from=slbnew&uid=SAMSUNGXHM250HI_S24FJ90Z922064&ts=3407937
SearchScopes: HKLM - {82D8AA4E-6228-4678-A7FF-CD3D19C1BC6A} URL = hxxp://es.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM - {870A6C78-1F98-4687-998F-7A0FC925BAC3} URL = hxxp://es.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM - {DA585FF3-EA29-456D-B90C-EFDE318721E4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=SAMSUNGXHM250HI_S24FJ90Z922064&ts=1377203802
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&babsrc=SP_ss_sps&mntrId=0A3B002682E21E10&affID=121962&tsp=4939
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=SAMSUNGXHM250HI_S24FJ90Z922064&ts=1377203802
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKCU - {5D77453B-D036-449B-A889-513452B2FD84} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ATU2&o=14670&src=crm&q={searchTerms}&locale=&apn_ptnrs=^T8&apn_dtid=^zzz001^YY^ES&apn_uid=5e5cc23d-99db-4c14-8757-b8f21155bed2&apn_sauid=41D124EE-1E33-4E17-A580-9E607C8995DE
SearchScopes: HKCU - {82D8AA4E-6228-4678-A7FF-CD3D19C1BC6A} URL = hxxp://es.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKCU - {870A6C78-1F98-4687-998F-7A0FC925BAC3} URL = hxxp://es.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={748608C9-E3D1-4D2C-B0C7-51F1EF9A9386}&mid=48028d568abaa62b934a1ac1d424bf8b-d38c757f8ecf80a90f6fb3769d9bf2ccc7c72bd0&lang=es-es&ds=AVG&pr=&d=2012-11-07 11:03:51&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {BB758E94-3969-408E-951A-EDE630141376} URL = hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
SearchScopes: HKCU - {DA585FF3-EA29-456D-B90C-EFDE318721E4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.0.1.12\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO: IMinent WebBooster (BHO) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files\Iminent\Iminent.WebBooster.InternetExplorer.dll (SIEN)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.0.1.12\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKCU - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll (AVG Secure Search)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MIF5BA~1\Office12\GR469A~1.DLL [2210608 2006-10-27] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Miranda\AppData\Roaming\Mozilla\Firefox\Profiles\wge3sqo7.default
FF user.js: detected! => C:\Users\Miranda\AppData\Roaming\Mozilla\Firefox\Profiles\wge3sqo7.default\user.js
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Homepage: www.google.es
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\\npsitesafety.dll (AVG Technologies)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Miranda\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Miranda\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Miranda\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Miranda\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Miranda\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\Miranda\AppData\Roaming\Mozilla\Firefox\Profiles\wge3sqo7.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\Miranda\AppData\Roaming\Mozilla\Firefox\Profiles\wge3sqo7.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Miranda\AppData\Roaming\Mozilla\Firefox\Profiles\wge3sqo7.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\Miranda\AppData\Roaming\Mozilla\Firefox\Profiles\wge3sqo7.default\searchplugins\holasearch.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\delta-homes.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\portaldosites.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\drae.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-es.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-es.xml
FF Extension: Adblock Plus - C:\Users\Miranda\AppData\Roaming\Mozilla\Firefox\Profiles\wge3sqo7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF Extension: webbooster - C:\Users\Miranda\AppData\Roaming\Mozilla\Firefox\Profiles\wge3sqo7.default\Extensions\webbooster@iminent.com.xpi
FF Extension: Adblock Plus - C:\Users\Miranda\AppData\Roaming\Mozilla\Firefox\Profiles\wge3sqo7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\17.0.1.12
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\17.0.1.12
FF HKLM\...\Firefox\Extensions: [webbooster@iminent.com] - C:\Program Files\Iminent\webbooster@iminent.com
FF Extension: Iminent Minibar - C:\Program Files\Iminent\webbooster@iminent.com

Chrome: 
=======
CHR Extension: (Google Drive) - C:\Users\Miranda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Miranda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Miranda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (hola Toolbar) - C:\Users\Miranda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagpjgjmoaccgkkpjeoinehnoaimnbla\1.1_0
CHR Extension: () - C:\Users\Miranda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1
CHR Extension: (Wajam) - C:\Users\Miranda\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0
CHR Extension: (Skype Click to Call) - C:\Users\Miranda\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0
CHR Extension: (AVG Security Toolbar) - C:\Users\Miranda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\15.3.0.11_0
CHR Extension: (Gmail) - C:\Users\Miranda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Miranda\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\17.0.1.12\avg.crx

========================== Services (Whitelisted) =================

R2 avg8wd; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [297752 2012-11-06] (AVG Technologies CZ, s.r.o.)
R2 HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [103992 2010-06-18] (Hewlett-Packard Company)
R2 HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [27192 2010-07-02] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [235216 2013-09-06] (McAfee, Inc.)
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
R2 SProtection; C:\Program Files\Common Files\Umbrella\umbrella.exe [2894144 2013-11-09] (Iminent)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [237650 2010-06-09] (IDT, Inc.)
R2 vToolbarUpdater17.0.12; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [1734680 2013-10-30] (AVG Secure Search)
R2 winzipersvc; C:\Program Files\WinZipper\winzipersvc.exe [424104 2013-08-22] (Taiwan Shui Mu Chih Ching Technology Limited.)
R2 WsysSvc; C:\ProgramData\eSafe\eGdpSvc.exe [303680 2013-08-22] (Wsys Co., Ltd.)

==================== Drivers (Whitelisted) ====================

R1 AvgLdx86; C:\Windows\System32\Drivers\avgldx86.sys [335240 2012-11-06] (AVG Technologies CZ, s.r.o.)
R1 AvgMfx86; C:\Windows\System32\Drivers\avgmfx86.sys [27784 2012-11-06] (AVG Technologies CZ, s.r.o.)
R0 AvgRkx86; C:\Windows\System32\Drivers\avgrkx86.sys [12552 2012-11-06] (AVG Technologies CZ, s.r.o.)
R1 AvgTdiX; C:\Windows\System32\Drivers\avgtdix.sys [108552 2012-11-06] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-10-30] (AVG Technologies)
R1 DVMIO; C:\Windows\System32\DRIVERS\dvmio.sys [18136 2009-11-11] (DeviceVM, Inc.)
R3 RSPCIESTOR; C:\Windows\System32\DRIVERS\RtsPStor.sys [230944 2010-05-07] (Realtek Semiconductor Corp.)
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [x]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [x]
S3 Huawei; system32\DRIVERS\ewdcsc.sys [x]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [x]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]
S3 massfilter; system32\drivers\massfilter.sys [x]
S3 massfilter_hs; system32\drivers\massfilter_hs.sys [x]
S3 USBZTECCID; system32\DRIVERS\ZTEusbccid.sys [x]
S3 ZTEusbMB; system32\DRIVERS\ZTEusbnmeaext2.sys [x]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]
S3 ZTEusbwwan; system32\DRIVERS\ZTEusbwwan.sys [x]
S3 zte_massejct; System32\Drivers\zte_massejct.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-10 19:49 - 2013-11-10 19:49 - 00000000 ____D C:\FRST
2013-11-10 19:47 - 2013-11-10 19:47 - 01090275 _____ (Farbar) C:\Users\Miranda\Desktop\FRST.exe
2013-11-10 19:44 - 2013-11-10 19:45 - 00000476 _____ C:\Users\Miranda\Desktop\defogger_disable.log
2013-11-10 19:44 - 2013-11-10 19:44 - 00000000 _____ C:\Users\Miranda\defogger_reenable
2013-11-10 19:42 - 2013-11-10 19:42 - 00050477 _____ C:\Users\Miranda\Desktop\Defogger.exe
2013-11-10 19:40 - 2013-11-10 19:40 - 00000000 ____D C:\Program Files\IDT
2013-11-10 19:40 - 2010-06-09 10:06 - 00527872 ____N (IDT, Inc.) C:\Windows\system32\stapi32.dll
2013-11-10 19:39 - 2010-06-09 10:06 - 12648540 _____ (IDT, Inc.) C:\Windows\system32\idtcpl.cpl
2013-11-10 19:39 - 2010-06-09 10:06 - 03473408 _____ (IDT, Inc.) C:\Windows\system32\stlang.dll
2013-11-10 19:39 - 2010-06-09 10:06 - 00536576 _____ (IDT, Inc.) C:\Windows\system32\idtmini1.exe
2013-11-10 19:39 - 2010-06-09 10:06 - 00495708 _____ (IDT, Inc.) C:\Windows\sttray.exe
2013-11-10 19:39 - 2010-04-01 23:06 - 00139776 _____ (Andrea Electronics Corporation) C:\Windows\system32\aestacap.dll
2013-11-10 19:39 - 2009-10-10 09:45 - 00380928 _____ (Andrea Electronics Corporation) C:\Windows\system32\aestecap.dll
2013-11-10 19:39 - 2009-03-03 10:57 - 00061440 _____ (Andrea Electronics Corporation) C:\Windows\system32\aestaren.dll
2013-11-10 19:39 - 2009-03-03 10:47 - 00086016 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTCom.dll
2013-11-04 11:51 - 2013-11-04 11:51 - 00002012 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-11-04 10:56 - 2013-11-04 10:56 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-11-04 10:55 - 2013-11-04 11:50 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-11-04 10:55 - 2013-11-04 10:55 - 00000000 ____D C:\ProgramData\McAfee
2013-11-04 10:54 - 2013-11-10 19:38 - 00000838 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-02 21:31 - 2013-11-03 08:17 - 00000000 ____D C:\Users\Miranda\Desktop\Nueva carpeta
2013-11-02 17:28 - 2013-11-02 17:28 - 00000000 ____D C:\Users\Miranda\AppData\Local\avgchrome
2013-10-30 08:09 - 2013-10-30 08:09 - 00001809 _____ C:\Users\Miranda\Desktop\The Official Guide for GMAT Review, 13th Edition - Acceso directo.lnk
2013-10-30 08:03 - 2013-10-30 08:03 - 50053120 _____ C:\Program Files\GUTA8B.tmp
2013-10-30 08:03 - 2013-10-30 08:03 - 00000000 ____D C:\Program Files\GUMA8A.tmp

==================== One Month Modified Files and Folders =======

2013-11-10 19:49 - 2013-11-10 19:49 - 00000000 ____D C:\FRST
2013-11-10 19:47 - 2013-11-10 19:47 - 01090275 _____ (Farbar) C:\Users\Miranda\Desktop\FRST.exe
2013-11-10 19:45 - 2013-11-10 19:44 - 00000476 _____ C:\Users\Miranda\Desktop\defogger_disable.log
2013-11-10 19:44 - 2013-11-10 19:44 - 00000000 _____ C:\Users\Miranda\defogger_reenable
2013-11-10 19:44 - 2012-09-26 21:36 - 00000000 ____D C:\Users\Miranda
2013-11-10 19:42 - 2013-11-10 19:42 - 00050477 _____ C:\Users\Miranda\Desktop\Defogger.exe
2013-11-10 19:40 - 2013-11-10 19:40 - 00000000 ____D C:\Program Files\IDT
2013-11-10 19:40 - 2013-07-10 21:59 - 00011005 _____ C:\Windows\setupact.log
2013-11-10 19:38 - 2013-11-04 10:54 - 00000838 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-10 19:37 - 2009-07-14 05:34 - 00014128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-10 19:37 - 2009-07-14 05:34 - 00014128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-10 19:36 - 2013-03-31 20:43 - 00000000 ____D C:\ProgramData\eSafe
2013-11-10 19:34 - 2010-09-23 20:43 - 01924925 _____ C:\Windows\WindowsUpdate.log
2013-11-10 19:33 - 2013-08-22 21:35 - 00000000 ____D C:\Program Files\WinZipper
2013-11-10 19:30 - 2013-06-03 15:28 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2013-11-10 19:30 - 2012-11-07 11:15 - 00001086 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-10 19:30 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-10 19:30 - 2009-07-14 05:33 - 00417288 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-10 19:29 - 2013-07-10 21:59 - 00016854 _____ C:\Windows\PFRO.log
2013-11-10 19:29 - 2010-07-28 14:00 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-11-10 19:29 - 2010-07-28 13:58 - 00000000 ____D C:\Program Files\Hewlett-Packard
2013-11-10 19:24 - 2010-09-23 21:13 - 00000000 ____D C:\ProgramData\WildTangent
2013-11-10 19:24 - 2010-09-23 21:13 - 00000000 ____D C:\Program Files\HP Games
2013-11-10 19:21 - 2010-09-23 21:10 - 00000000 ____D C:\Program Files\Downloaded Installations
2013-11-10 19:18 - 2012-11-07 11:16 - 00001090 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-10 19:11 - 2012-11-07 18:00 - 00000000 ____D C:\Program Files\Defraggler
2013-11-10 19:09 - 2012-12-06 16:56 - 00000000 ____D C:\Program Files\DsNET Corp
2013-11-10 19:01 - 2013-09-05 15:10 - 00001118 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4234750219-565304826-628335460-1000UA.job
2013-11-10 18:58 - 2010-07-28 15:57 - 00000000 ____D C:\ProgramData\CyberLink
2013-11-10 18:33 - 2013-03-31 20:41 - 00000000 ____D C:\Program Files\Iminent
2013-11-10 18:33 - 2013-03-31 20:41 - 00000000 ____D C:\Program Files\Common Files\Umbrella
2013-11-10 18:26 - 2012-12-06 19:56 - 00000000 ____D C:\Windows\pss
2013-11-10 18:15 - 2012-12-05 20:24 - 00000000 ____D C:\Users\Miranda\AppData\Roaming\Skype
2013-11-10 18:04 - 2012-11-06 20:55 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-10 13:12 - 2013-05-29 11:31 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-10 13:12 - 2012-11-06 20:56 - 00000000 ____D C:\Users\Miranda\AppData\Local\Mozilla
2013-11-09 14:15 - 2012-09-27 19:59 - 00000000 ____D C:\Users\Miranda\AppData\Roaming\ZumoDrive
2013-11-09 11:57 - 2012-11-13 17:33 - 00000052 _____ C:\Windows\system32\DOErrors.log
2013-11-09 11:56 - 2013-03-07 16:33 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-11-04 19:32 - 2012-11-06 18:16 - 00000000 ____D C:\Users\Miranda\AppData\Local\Microsoft Help
2013-11-04 11:51 - 2013-11-04 11:51 - 00002012 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-11-04 11:50 - 2013-11-04 10:55 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-11-04 11:40 - 2012-11-07 11:27 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-11-04 11:40 - 2012-11-07 11:27 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-11-04 10:57 - 2012-11-19 15:53 - 00000000 ____D C:\Users\Miranda\AppData\Local\Adobe
2013-11-04 10:56 - 2013-11-04 10:56 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-11-04 10:55 - 2013-11-04 10:55 - 00000000 ____D C:\ProgramData\McAfee
2013-11-03 09:59 - 2009-09-07 00:02 - 01555646 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-03 08:17 - 2013-11-02 21:31 - 00000000 ____D C:\Users\Miranda\Desktop\Nueva carpeta
2013-11-02 17:28 - 2013-11-02 17:28 - 00000000 ____D C:\Users\Miranda\AppData\Local\avgchrome
2013-10-30 08:09 - 2013-10-30 08:09 - 00001809 _____ C:\Users\Miranda\Desktop\The Official Guide for GMAT Review, 13th Edition - Acceso directo.lnk
2013-10-30 08:05 - 2012-11-06 20:56 - 00000000 ____D C:\Users\Miranda\AppData\Roaming\Mozilla
2013-10-30 08:03 - 2013-10-30 08:03 - 50053120 _____ C:\Program Files\GUTA8B.tmp
2013-10-30 08:03 - 2013-10-30 08:03 - 00000000 ____D C:\Program Files\GUMA8A.tmp
2013-10-30 08:02 - 2013-07-30 13:44 - 00003727 _____ C:\Program Files\Mozilla Firefoxavg-secure-search.xml
2013-10-30 08:01 - 2013-09-05 15:10 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4234750219-565304826-628335460-1000Core.job
2013-10-30 08:00 - 2012-11-07 11:04 - 00000000 ____D C:\Program Files\AVG Secure Search
2013-10-30 07:59 - 2012-11-18 12:34 - 00037664 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx86.sys

Some content of TEMP:
====================
C:\Users\Miranda\AppData\Local\Temp\DataCard_Setup.exe
C:\Users\Miranda\AppData\Local\Temp\ResetDevice.exe
C:\Users\Miranda\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Miranda\AppData\Local\Temp\swt-gdip-win32-3448.dll
C:\Users\Miranda\AppData\Local\Temp\swt-win32-3448.dll
C:\Users\Miranda\AppData\Local\Temp\uninst1.exe
C:\Users\Miranda\AppData\Local\Temp\WindowsAPI.dll


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-06 14:53

==================== End Of Log ============================
         

--- --- ---


Addition

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 10-11-2013 01
Ran by Miranda at 2013-11-10 19:54:16
Running from C:\Users\Miranda\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG Anti-Virus (Enabled - Up to date) {0C939084-9E57-CBDB-EA61-0B0C7F62AF82}
AS: AVG Anti-Virus (Enabled - Up to date) {B7F27160-B86D-C455-D0D1-307E04E5E53F}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Acrobat.com (Version: 1.6.65)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Reader 9.3 MUI (Version: 9.3.0)
Adobe Shockwave Player 11.5 (Version: 11.5.7.609)
AVG 8.5
AVG Security Toolbar (Version: 17.0.1.12)
Broadcom 802.11 Wireless LAN Adapter (Version: 5.60.350.6)
Compresor WinRAR
ESU for Microsoft Windows 7 (Version: 1.0.0)
Galería fotográfica de Windows Live (Version: 14.0.8117.416)
Google Chrome (Version: 30.0.1599.101)
Google Talk Plugin (Version: 4.8.2.15856)
Google Update Helper (Version: 1.3.21.165)
Herramienta de carga de Windows Live (Version: 14.0.8014.1029)
Hewlett-Packard ACLM.NET v1.2.1.1 (Version: 1.00.0000)
HP Customer Experience Enhancements (Version: 6.0.1.3)
HP Documentation (Version: 1.1.1.0)
HP HomeBase (Version: 3.2.2.90)
HP Power Manager (Version: 1.0.3)
HP Quick Launch (Version: 2.1.5)
HP QuickSync (Version: 6.2.684.10454)
HP Software Framework (Version: 4.0.39.1)
HP Support Assistant (Version: 7.0.39.15)
HP Wireless Assistant (Version: 4.0.9.0)
Iminent (Version: 6.4.56.0)
Intel(R) Graphics Media Accelerator Driver (Version: 8.14.10.2117)
Intel® Matrix Storage Manager
Java Auto Updater (Version: 2.0.2.1)
Java(TM) 6 Update 20 (Version: 6.0.200)
Junk Mail filter update (Version: 14.0.8117.416)
McAfee Security Scan Plus (Version: 3.8.130.8)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile ESN Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Access MUI (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014)
Microsoft Office Excel MUI (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Groove MUI (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office InfoPath MUI (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office OneNote MUI (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Outlook MUI (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office PowerPoint MUI (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Basque) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Catalan) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Galician) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Portuguese (Brazil)) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared MUI (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Word MUI (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Search Enhancement Pack (Version: 1.2.123.0)
Microsoft Silverlight (Version: 4.0.60310.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Mozilla Firefox 25.0 (x86 es-ES) (Version: 25.0)
Mozilla Maintenance Service (Version: 25.0)
MSVCRT (Version: 14.0.1468.721)
Nero 7 Ultra Edition (Version: 7.02.2620)
Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN (Version: 4.0.30319)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.21.531.2010)
Realtek PCIE Card Reader (Version: 6.1.7600.00048)
Recovery Manager (Version: 5.5.3023)
Skype Click to Call (Version: 6.3.11079)
Skype™ 6.3 (Version: 6.3.107)
Synaptics Pointing Device Driver (Version: 15.0.24.0)
Windows Live Asistente para el inicio de sesión (Version: 5.000.818.5)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Toolbar (Version: 14.0.8117.416)
Windows Live Writer (Version: 14.0.8117.0416)
WinZipper (Version: 1.4.8)

==================== Restore Points  =========================

30-05-2013 10:36:22 Removed Energy Star Digital Logo
30-05-2013 10:39:14 Removed Evernote
06-06-2013 14:41:42 Punto de control programado
10-11-2013 17:47:50 Configurado PowerStarter
10-11-2013 17:53:25 Configurado Power2Go
10-11-2013 17:59:08 Removed HP Setup
10-11-2013 18:10:02 Removed Windows Movie Maker 2.6
10-11-2013 18:11:50 Removed Energy Star Digital Logo
10-11-2013 18:12:26 Removed HP QuickWeb Installer.
10-11-2013 18:25:55 Eliminado IDT Audio
10-11-2013 18:34:35 Removed Evernote

==================== Hosts content: ==========================

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {036CEF0F-1A5E-4F14-831C-8DCCB64579CA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-10-15] (Hewlett-Packard)
Task: {06757E30-B543-4DA1-BB09-1D953EB8600C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {176B79C8-5250-4C8E-A1A2-062B80E492D9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-04] (Adobe Systems Incorporated)
Task: {19F8FB9F-89EA-4EFA-B648-83B2BCAA6CF7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-07] (Google Inc.)
Task: {459F0DE8-32D9-4435-A282-0AEBA780BEFF} - System32\Tasks\337_wallpaper_schedule_update => C:\Users\Miranda\AppData\Roaming\337\337 Wallpaper\plusapp.exe [2013-05-26] ()
Task: {6F99E99E-7D72-4D00-BFFB-9C59C1758034} - System32\Tasks\DealPly => C:\Users\Miranda\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE
Task: {7437A3D9-E99D-4B7B-9EF4-3D19499214A2} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files\Desk 365\desk365.exe
Task: {7C438D47-04A8-4D93-82FB-3051CCF854D0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4234750219-565304826-628335460-1000UA => C:\Users\Miranda\AppData\Local\Google\Update\GoogleUpdate.exe [2013-07-13] (Google Inc.)
Task: {9FD5940C-1681-4B9D-B898-E98FFE0FBD64} - System32\Tasks\JavaUpdateSched => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18] (Sun Microsystems, Inc.)
Task: {A4CBDFFD-0DBB-4A95-9227-B944A0BA92EF} - System32\Tasks\Omiga Plus RunAsStdUser => C:\Program Files\Omiga Plus\omigaplus.exe
Task: {BEC9D0A4-C14A-441A-B3F6-DF25BCC4E7F6} - System32\Tasks\RunAsStdUser => C:\Program Files\Desk 365\desk365.exe
Task: {C15D85E6-5F35-421E-A6F3-88C8EB27C85A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2013-11-05] (Microsoft)
Task: {CEBBE015-4CEC-43C0-8F34-694643F188DA} - System32\Tasks\{370A5E39-8D5D-41B3-8986-9762C80FE025} => C:\Users\Miranda\Downloads\install_flashplayer11x32_mssa_aaa_aih.exe
Task: {D4BEFD7E-44E1-4D15-A0CB-1401014480D0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4234750219-565304826-628335460-1000Core => C:\Users\Miranda\AppData\Local\Google\Update\GoogleUpdate.exe [2013-07-13] (Google Inc.)
Task: {DCCFE0F4-DFBC-42FC-807B-A927B91FF5F6} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{5117CC2D-2B00-4FA5-8B4B-3D2CA5A3B2AF}.exe
Task: {E3499FFB-DF9E-413B-BA74-789C749BD534} - System32\Tasks\RecoveryCDWin7 => C:\Program Files\Hewlett-Packard\HP Setup\RemEngine.exe
Task: {ED3EED49-020B-4B6F-A5BE-2FC63048A6EA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {F47757DC-76C8-46F7-BE9B-9E4F63C41C6B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-04-01] (Hewlett-Packard Company)
Task: {F68358C0-C388-43E6-9B7E-70EBE4784D34} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-07] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{5117CC2D-2B00-4FA5-8B4B-3D2CA5A3B2AF}.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4234750219-565304826-628335460-1000Core.job => C:\Users\Miranda\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4234750219-565304826-628335460-1000UA.job => C:\Users\Miranda\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-11-06 21:04 - 2008-09-16 20:18 - 00132608 _____ () C:\Program Files\WinRAR\rarext.dll
2013-05-29 11:32 - 2013-11-10 13:11 - 03368048 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/10/2013 06:47:46 PM) (Source: VSS) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.
.
A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.


Operación:
   Recopilando datos del escritor

Contexto:
   Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}
   Nombre del escritor: System Writer
   Id. de instancia del escritor: {5dbbe3db-f44d-4513-9a97-59c7c94f3d81}

Error: (11/10/2013 05:59:20 PM) (Source: Application Hang) (User: )
Description: El programa Skype.exe, versión 6.3.0.107, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

Identificador de proceso: ee8

Hora de inicio: 01cedd4dacd46a5b

Hora de finalización: 115

Ruta de acceso de la aplicación: C:\Program Files\Skype\Phone\Skype.exe

Identificador de informe: 657d9225-4a29-11e3-a74f-0021cc5a63ff

Error: (11/10/2013 11:19:40 AM) (Source: SkypeUpdate) (User: )
Description: File C:\Windows\TEMP\SKY868F.tmp has invalid signature.

Error: (11/05/2013 02:33:48 PM) (Source: VSS) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x80070013, El medio está protegido contra escritura.
.

Error: (11/05/2013 02:33:48 PM) (Source: VSS) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x80070013, El medio está protegido contra escritura.
]

Error: (11/05/2013 02:33:48 PM) (Source: VSS) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x80070013, El medio está protegido contra escritura.
.

Error: (11/05/2013 02:33:48 PM) (Source: VSS) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x80070013, El medio está protegido contra escritura.
]

Error: (11/02/2013 05:31:42 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/30/2013 08:04:53 AM) (Source: Microsoft-Windows-RestartManager) (User: Miranda-HP)
Description: No se pudo cerrar la aplicación o el servicio 'Plugin Container for Firefox'.

Error: (09/19/2013 04:44:20 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)(NULL)(NULL)


System errors:
=============
Error: (11/10/2013 07:31:46 PM) (Source: Service Control Manager) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
cdrom

Error: (11/10/2013 07:31:34 PM) (Source: Service Control Manager) (User: )
Description: El servicio Wsys Service no respondió después de iniciar.

Error: (11/10/2013 07:28:22 PM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (11/10/2013 06:31:21 PM) (Source: Service Control Manager) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
cdrom

Error: (11/10/2013 06:30:35 PM) (Source: Service Control Manager) (User: )
Description: El servicio Wsys Service no respondió después de iniciar.

Error: (11/10/2013 06:07:15 PM) (Source: Service Control Manager) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
cdrom

Error: (11/10/2013 06:06:28 PM) (Source: Service Control Manager) (User: )
Description: El servicio Wsys Service no respondió después de iniciar.

Error: (11/10/2013 04:34:55 PM) (Source: Service Control Manager) (User: )
Description: El servicio Wsys Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (11/10/2013 04:34:26 PM) (Source: Service Control Manager) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la respuesta de transacción del servicio ShellHWDetection.

Error: (11/10/2013 00:07:04 PM) (Source: Service Control Manager) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la respuesta de transacción del servicio HPWMISVC.


Microsoft Office Sessions:
=========================
Error: (01/29/2013 09:34:39 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 18599 seconds with 1740 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Percentage of memory in use: 81%
Total physical RAM: 1011.9 MB
Available physical RAM: 184.45 MB
Total Pagefile: 2035.9 MB
Available Pagefile: 922.75 MB
Total Virtual: 2047.88 MB
Available Virtual: 1903.04 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:215.73 GB) (Free:174.1 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:16.86 GB) (Free:2.44 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 233 GB) (Disk ID: CFF3C22F)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=216 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=17 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End Of Log ============================
         

Gmer

Code: Alles auswählenAufklappen

ATTFilter

GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-11-10 21:41:37
Windows 6.1.7600  \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 SAMSUNG_ rev.2AC1 232,89GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Miranda\AppData\Local\Temp\awliykow.sys


---- Kernel code sections - GMER 2.1 ----

.text           ntkrnlpa.exe!ZwSaveKeyEx + 13BD                                                                    81C435C9 1 Byte  [06]
.text           ntkrnlpa.exe!KiDispatchInterrupt + 5A2                                                             81C68092 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}

---- User code sections - GMER 2.1 ----

.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] ntdll.dll!RtlExitUserThread                     76E90859 5 Bytes  JMP 72F8E640 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] ntdll.dll!KiUserExceptionDispatcher             76EA6448 5 Bytes  JMP 72F8A2B0 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] ntdll.dll!LdrLoadDll                            76EBF585 5 Bytes  JMP 61B2F920 C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] kernel32.dll!CreateProcessA                     753C2062 5 Bytes  JMP 72F8E5E0 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] kernel32.dll!ResumeThread                       75403F14 5 Bytes  JMP 72F8E740 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] kernel32.dll!VirtualProtect                     754050AB 5 Bytes  JMP 72F8E780 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] kernel32.dll!CreateActCtxW                      754075A3 5 Bytes  JMP 72F87DC0 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] kernel32.dll!LoadLibraryExW                     7540B6BF 5 Bytes  JMP 72F87AD0 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] kernel32.dll!LoadLibraryExA                     7540BC8B 5 Bytes  JMP 72F8E6E0 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] kernel32.dll!K32GetDeviceDriverBaseNameW + 16F  7540C0CF 7 Bytes  JMP 622F329A C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] kernel32.dll!GlobalAlloc                        7540D35C 5 Bytes  JMP 72F8E6A0 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] kernel32.dll!CloseHandle + 38                   7541060F 7 Bytes  JMP 622F32BD C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] kernel32.dll!CreateFileW                        75410B7D 5 Bytes  JMP 72F87CC0 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] kernel32.dll!WriteFile                          754111EC 5 Bytes  JMP 72F8E7E0 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] kernel32.dll!GetProcAddress                     75411857 5 Bytes  JMP 72F8E660 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] kernel32.dll!FreeLibrary                        75411A09 5 Bytes  JMP 72F87BD0 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] kernel32.dll!LoadLibraryA                       75412884 5 Bytes  JMP 72F8E6C0 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] kernel32.dll!LoadLibraryW                       754128D2 5 Bytes  JMP 72F8E720 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] kernel32.dll!CreateFileA                        7541291C 5 Bytes  JMP 72F8E5C0 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] kernel32.dll!ExitProcess                        75412AEF 5 Bytes  JMP 72F8E620 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] kernel32.dll!GetExitCodeProcess + 2C            7541315D 7 Bytes  JMP 61B340F6 C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] kernel32.dll!CreateProcessInternalA             7541F596 5 Bytes  JMP 72F8E600 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] kernel32.dll!ReplaceFile                        75423660 5 Bytes  JMP 72F87810 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] kernel32.dll!WriteFileEx                        754262BD 5 Bytes  JMP 72F8E800 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] kernel32.dll!WriteProcessMemory                 754285C1 5 Bytes  JMP 72F8E820 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] kernel32.dll!GetThreadContext                   7542964F 5 Bytes  JMP 72F8E680 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] kernel32.dll!WinExec                            7544E76D 5 Bytes  JMP 72F8E7C0 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] kernel32.dll!VirtualProtectEx                   7544F729 5 Bytes  JMP 72F8E7A0 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] kernel32.dll!SetThreadContext                   754502A3 5 Bytes  JMP 72F8E760 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] USER32.dll!CreateWindowExW                      764D0E51 5 Bytes  JMP 72F87E80 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] USER32.dll!GetWindowInfo                        764D6A82 5 Bytes  JMP 6221089F C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] GDI32.dll!GetViewportOrgEx + 21C                76FD85EB 7 Bytes  JMP 622F321B C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] WS2_32.dll!closesocket                          76593BED 5 Bytes  JMP 72F8E960 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] WS2_32.dll!bind                                 765946BC 5 Bytes  JMP 72F8E940 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] WS2_32.dll!recv                                 765947DF 5 Bytes  JMP 72F8E9E0 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] WS2_32.dll!connect                              765948BE 5 Bytes  JMP 72F8E980 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] WS2_32.dll!listen                               7659A6EA 5 Bytes  JMP 72F8E9C0 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] WS2_32.dll!WSASocketA                           7659B7FC 5 Bytes  JMP 72F8E8E0 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] WS2_32.dll!WSAStartup                           7659C0FB 7 Bytes  JMP 72F8E900 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] WS2_32.dll!getpeername                          7659C355 5 Bytes  JMP 72F8E9A0 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] WS2_32.dll!send                                 7659C4C8 5 Bytes  JMP 72F8EA00 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] WS2_32.dll!accept                               7659E64B 5 Bytes  JMP 72F8E920 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] ole32.dll!StgOpenStorageEx                      76BE71FF 5 Bytes  JMP 72F8DB70 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] SHELL32.dll!SHExtractIconsW                     759C8173 5 Bytes  JMP 72F943C0 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] WININET.dll!InternetReadFile                    76D7E2A4 5 Bytes  JMP 72F8E8C0 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] WININET.dll!InternetQueryDataAvailable          76D8420B 5 Bytes  JMP 72F8E8A0 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] WININET.dll!InternetOpenA                       76D87E1C 5 Bytes  JMP 72F8E860 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
.text           C:\Program Files\Mozilla Firefox\firefox.exe[4012] WININET.dll!InternetOpenUrlA                    76D8DC18 5 Bytes  JMP 72F8E880 C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL

---- Devices - GMER 2.1 ----

AttachedDevice  \Driver\kbdclass \Device\KeyboardClass0                                                            Wdf01000.sys
AttachedDevice  \Driver\kbdclass \Device\KeyboardClass1                                                            Wdf01000.sys
AttachedDevice  \FileSystem\fastfat \Fat                                                                           fltmgr.sys

---- Disk sectors - GMER 2.1 ----

Disk            \Device\Harddisk0\DR0                                                                              unknown MBR code

---- EOF - GMER 2.1 ----
]
         

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

• WICHTIG: Speichere Combofix auf deinem Desktop.
• Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
• Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
• Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
• Wenn Combofix fertig ist, wird es ein Logfile erstellen.
• Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

Hi Schrauber,

Danke fuer die schnelle Antwort. Ich habe Combofix laufen lassen (Log unten).
Das Problem mit Firefox ist definitiv behoben.

Gibt es noch sonstige Scans, die ich laufen lassen koennte/sollte?

Falls nein, gibt es noch ande nuetzliche Tipps um den PC ein wenig von dem groben Muell zu entfernen und schneller zu machen?

Besten Dank und Gruesse,
Felix

Code: Alles auswählenAufklappen

ATTFilter

ComboFix 13-11-11.01 - Miranda 11/11/2013  19:26:44.1.2 - x86
Microsoft Windows 7 Starter   6.1.7600.0.1252.34.3082.18.1012.286 [GMT 1:00]
Running from: c:\users\Miranda\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Windows Live\Messenger\msacm32.dll
c:\users\Miranda\AppData\Local\EoRezo
c:\users\Miranda\AppData\Local\EoRezo\eorezo\1.10\eorezo.cyl
c:\users\Miranda\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
c:\users\Miranda\AppData\Local\Google\Chrome\User Data\Default\bProtectorPreferences
c:\users\Miranda\AppData\Roaming\337
c:\users\Miranda\AppData\Roaming\337\337 Wallpaper\ebase.dll
c:\users\Miranda\AppData\Roaming\337\337 Wallpaper\image\default\app_close.png
c:\users\Miranda\AppData\Roaming\337\337 Wallpaper\image\default\app_max.png
c:\users\Miranda\AppData\Roaming\337\337 Wallpaper\image\default\app_min.png
c:\users\Miranda\AppData\Roaming\337\337 Wallpaper\image\default\app_restore.png
c:\users\Miranda\AppData\Roaming\337\337 Wallpaper\image\default\wallpaper_resource.xml
c:\users\Miranda\AppData\Roaming\337\337 Wallpaper\image\default\window.png
c:\users\Miranda\AppData\Roaming\337\337 Wallpaper\language\en_us\wallpaper_lang.ini
c:\users\Miranda\AppData\Roaming\337\337 Wallpaper\language\es_es\wallpaper_lang.ini
c:\users\Miranda\AppData\Roaming\337\337 Wallpaper\language\pt_br\wallpaper_lang.ini
c:\users\Miranda\AppData\Roaming\337\337 Wallpaper\language\tr_tr\wallpaper_lang.ini
c:\users\Miranda\AppData\Roaming\337\337 Wallpaper\language\zh_tw\wallpaper_lang.ini
c:\users\Miranda\AppData\Roaming\337\337 Wallpaper\layout\default\dp_appwnd.xml
c:\users\Miranda\AppData\Roaming\337\337 Wallpaper\layout\default\msgbox.xml
c:\users\Miranda\AppData\Roaming\337\337 Wallpaper\libpng.dll
c:\users\Miranda\AppData\Roaming\337\337 Wallpaper\main
c:\users\Miranda\AppData\Roaming\337\337 Wallpaper\msvcp100.dll
c:\users\Miranda\AppData\Roaming\337\337 Wallpaper\msvcr100.dll
c:\users\Miranda\AppData\Roaming\337\337 Wallpaper\ouilibnl.dll
c:\users\Miranda\AppData\Roaming\337\337 Wallpaper\plusapp.exe
c:\users\Miranda\AppData\Roaming\337\337 Wallpaper\style\wallpaper_style.xml
c:\users\Miranda\AppData\Roaming\337\337 Wallpaper\TrayDownloader.exe
c:\windows\system32\FlashPlayerApp.exe
c:\windows\system32\roboot.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_WsysSvc
.
.
(((((((((((((((((((((((((   Files Created from 2013-10-11 to 2013-11-11  )))))))))))))))))))))))))))))))
.
.
2013-11-11 18:41 . 2013-11-11 18:43	--------	d-----w-	c:\users\Miranda\AppData\Local\temp
2013-11-11 18:41 . 2013-11-11 18:41	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-11-10 19:23 . 2013-11-11 18:42	--------	d-----w-	c:\programdata\Sophos
2013-11-10 19:23 . 2013-11-11 18:18	--------	d-----w-	c:\program files\Sophos
2013-11-10 18:49 . 2013-11-10 18:49	--------	d-----w-	C:\FRST
2013-11-10 18:40 . 2010-06-09 09:06	527872	------w-	c:\windows\system32\stapi32.dll
2013-11-10 18:40 . 2013-11-10 18:40	--------	d-----w-	c:\program files\IDT
2013-11-10 18:39 . 2009-10-10 08:45	380928	----a-w-	c:\windows\system32\aestecap.dll
2013-11-10 18:39 . 2010-04-01 22:06	139776	----a-w-	c:\windows\system32\aestacap.dll
2013-11-10 18:39 . 2009-03-03 09:57	61440	----a-w-	c:\windows\system32\aestaren.dll
2013-11-10 18:39 . 2010-06-09 09:06	536576	----a-w-	c:\windows\system32\idtmini1.exe
2013-11-10 18:39 . 2009-03-03 09:47	86016	----a-w-	c:\windows\system32\AESTCom.dll
2013-11-10 18:39 . 2010-06-09 09:06	495708	----a-w-	c:\windows\sttray.exe
2013-11-10 18:39 . 2010-06-09 09:06	3473408	----a-w-	c:\windows\system32\stlang.dll
2013-11-10 18:39 . 2010-06-09 09:06	12648540	----a-w-	c:\windows\system32\idtcpl.cpl
2013-11-04 09:55 . 2013-11-04 09:55	--------	d-----w-	c:\programdata\McAfee
2013-11-04 09:48 . 2013-11-04 09:48	--------	d-----w-	c:\users\Miranda\AppData\Local\ElevatedDiagnostics
2013-11-02 16:28 . 2013-11-02 16:28	--------	d-----w-	c:\users\Miranda\AppData\Local\avgchrome
2013-10-30 07:03 . 2013-10-30 07:03	--------	d-----w-	c:\program files\GUMA8A.tmp
2013-10-30 07:03 . 2013-10-30 07:03	50053120	----a-w-	c:\program files\GUTA8B.tmp
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-11 18:31 . 2013-09-20 11:09	60872	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{3F164F1D-93E3-45EB-9334-CCE6CBADA4CB}\offreg.dll
2013-11-04 10:40 . 2012-11-07 10:27	71048	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2013-08-22 20:35 . 2011-02-19 21:03	421032	----a-w-	c:\windows\system32\msvcp100.dll
2013-08-22 20:35 . 2011-02-18 22:40	773800	----a-w-	c:\windows\system32\msvcr100.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-04-23 150552]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2010-06-09 495708]
"Sophos AutoUpdate Monitor"="c:\program files\Sophos\AutoUpdate\almon.exe" [2012-07-06 900160]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="c:\program files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2013-11-05 21720]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Media Suite.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Media Suite.lnk
backup=c:\windows\pss\HP Media Suite.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Miranda^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Recorte de pantalla e Inicio rápido de OneNote 2007.lnk]
path=c:\users\Miranda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recorte de pantalla e Inicio rápido de OneNote 2007.lnk
backup=c:\windows\pss\Recorte de pantalla e Inicio rápido de OneNote 2007.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2009-12-11 13:57	948672	----a-r-	c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-12-22 09:57	35760	----a-w-	c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2013-07-13 15:28	116648	----atw-	c:\users\Miranda\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 23:47	31016	----a-w-	c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Quick Launch]
2010-07-02 09:48	602680	----a-w-	c:\program files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPWirelessAssistant]
2010-06-18 14:26	8192	----a-w-	c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2009-10-13 09:25	186904	----a-w-	c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Iminent]
2013-01-25 11:47	1074736	----a-w-	c:\program files\Iminent\Iminent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IminentMessenger]
2013-01-25 11:47	884784	----a-w-	c:\program files\Iminent\Iminent.Messengers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 14:40	155648	----a-w-	c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-07-14 01:14	1173504	----a-w-	c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-04-19 13:19	18678376	----a-r-	c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2010-06-04 03:17	1791272	----a-w-	c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
2010-06-09 09:06	495708	----a-w-	c:\program files\IDT\WDM\sttray.exe
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-04-19 161384]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x]
R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [x]
R3 massfilter_hs;USB Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys [x]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 USBZTECCID;ZTE USB Smartcard Driver;c:\windows\system32\DRIVERS\ZTEusbccid.sys [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296]
R3 zte_massejct;ZTEMassEjctServ;c:\windows\system32\Drivers\zte_massejct.sys [x]
R3 ZTEusbMB;ZTE NMEAExt2 Port;c:\windows\system32\DRIVERS\ZTEusbnmeaext2.sys [x]
R3 ZTEusbwwan;ZTE MBN Miniport;c:\windows\system32\DRIVERS\ZTEusbwwan.sys [x]
S1 DVMIO;DeviceVM IO Service;c:\windows\system32\DRIVERS\dvmio.sys [2009-11-11 18136]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\aestsrv.exe [2009-03-03 81920]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-06-18 103992]
S2 HPWMISVC;HPWMISVC;c:\program files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-07-02 27192]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
S2 SProtection;SProtection;c:\program files\Common Files\Umbrella\umbrella.exe [2013-11-09 2894144]
S2 winzipersvc;WinZiper service;c:\program files\WinZipper\winzipersvc.exe [2013-08-22 424104]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2010-05-07 230944]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-05-31 267880]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4FB2407C-C8E4-BBC8-BB1C-FCCB2EF5914B}]
2010-06-23 17:47	687104	----a-w-	c:\program files\Hewlett-Packard\HP Media Suite\Home\HPMediaSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4FB2AA7C-C8E4-BBC8-BB1C-FAAB2EF5914B}]
2009-07-14 01:14	141824	----a-w-	c:\windows\System32\wscript.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-11-03 07:20	1185744	----a-w-	c:\program files\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-11-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-07 10:40]
.
2013-11-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-11-07 10:15]
.
2013-11-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-11-07 10:15]
.
2013-10-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4234750219-565304826-628335460-1000Core.job
- c:\users\Miranda\AppData\Local\Google\Update\GoogleUpdate.exe [2013-09-05 15:28]
.
2013-11-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4234750219-565304826-628335460-1000UA.job
- c:\users\Miranda\AppData\Local\Google\Update\GoogleUpdate.exe [2013-09-05 15:28]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=SAMSUNGXHM250HI_S24FJ90Z922064&ts=1377203796
mStart Page = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=SAMSUNGXHM250HI_S24FJ90Z922064&ts=1377203796
IE: E&xportar a Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Miranda\AppData\Roaming\Mozilla\Firefox\Profiles\wge3sqo7.default\
FF - prefs.js: browser.search.selectedEngine - 
FF - prefs.js: browser.startup.homepage - www.google.es
FF - ExtSQL: 2013-10-30 08:03; webbooster@iminent.com; c:\users\Miranda\AppData\Roaming\Mozilla\Firefox\Profiles\wge3sqo7.default\extensions\webbooster@iminent.com.xpi
FF - ExtSQL: 2013-11-10 18:20; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Miranda\AppData\Roaming\Mozilla\Firefox\Profiles\wge3sqo7.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: !HIDDEN! 2013-03-31 21:42; webbooster@iminent.com; c:\program files\Iminent\webbooster@iminent.com
FF - user.js: extensions.holasearch.tlbrSrchUrl - 
FF - user.js: extensions.holasearch.id - 0a3bc6a2000000000000002682e21e10
FF - user.js: extensions.holasearch.appId - {8D5CFE57-B0FD-4396-97A2-DFD0B7DA935B}
FF - user.js: extensions.holasearch.instlDay - 15896
FF - user.js: extensions.holasearch.vrsn - 1.8.16.16
FF - user.js: extensions.holasearch.vrsni - 1.8.16.16
FF - user.js: extensions.holasearch.vrsnTs - 1.8.16.1619:22
FF - user.js: extensions.holasearch.prtnrId - holasearch
FF - user.js: extensions.holasearch.prdct - holasearch
FF - user.js: extensions.holasearch.aflt - babsst
FF - user.js: extensions.holasearch.smplGrp - none
FF - user.js: extensions.holasearch.tlbrId - base
FF - user.js: extensions.holasearch.instlRef - sst
FF - user.js: extensions.holasearch.dfltLng - es
FF - user.js: extensions.holasearch.excTlbr - false
FF - user.js: extensions.holasearch.ffxUnstlRst - false
FF - user.js: extensions.holasearch.admin - false
FF - user.js: extensions.holasearch.autoRvrt - false
FF - user.js: extensions.holasearch.rvrt - false
FF - user.js: extensions.holasearch.newTab - false
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
HKLM-Run-tutoriales100_es_14 - (no file)
HKLM-Run-majtutoriales100_es_17 - (no file)
MSConfigStartUp-ApnUpdater - c:\program files\Ask.com\Updater\Updater.exe
MSConfigStartUp-majtutoriales100_es_17 - c:\program files\majtutoriales100_es_17\majtutoriales100_es_17.exe
MSConfigStartUp-PCSpeedUp - c:\program files\Acelerar el PC\PCSUNotifier.exe
MSConfigStartUp-PNYYESEVSC - c:\users\Miranda\AppData\Roaming\msxml6K.dll
MSConfigStartUp-tutoriales100_es_14 - c:\program files\tutoriales100_es_14\tutoriales100_es_14.exe
MSConfigStartUp-vProt - c:\program files\AVG Secure Search\vprot.exe
MSConfigStartUp-ZumoDrive - c:\program files\Hewlett-Packard\HP CloudDrive\ZumoLauncher.lnk
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-4234750219-565304826-628335460-1000\Software\Microsoft\Internet Explorer\Approved Extensions]
@DACL=(02 0000)
"{4B6ACEA2-308A-4876-AD36-57CEC5B4FCC7}"=hex:51,66,7a,6c,4c,1d,3b,1b,b2,d4,7a,
   51,b9,64,1c,05,b3,3c,1c,8e,c0,f1,bc,d8
"{4D2D3B0F-69BE-477A-90F5-FDDB05357975}"=hex:51,66,7a,6c,4c,1d,3b,1b,1f,21,3d,
   57,8d,3d,10,0a,8e,ff,b6,9b,00,70,39,6a
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\IDT\WDM\STacSV.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Sophos\AutoUpdate\ALsvc.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
.
**************************************************************************
.
Completion time: 2013-11-11  19:48:25 - machine was rebooted
ComboFix-quarantined-files.txt  2013-11-11 18:48
.
Pre-Run: 186.090.455.040 bytes libres
Post-Run: 188.755.087.360 bytes libres
.
- - End Of File - - AB56E8920D39A01DFE0A75F63076C230
D2B054A4A7728D0968EE7AD2FEC7B57C
         

Downloade Dir bitte Malwarebytes Anti-Malware

• Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
• Starte Malwarebytes' Anti-Malware (MBAM).
• Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
• Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
• Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
• Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
• Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
• Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte AdwCleaner auf deinen Desktop.

• Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
• Starte die AdwCleaner.exe mit einem Doppelklick.
• Stimme den Nutzungsbedingungen zu.
• Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
  • "Tracing" Schlüssel löschen
  • Winsock Einstellungen zurücksetzen
  • Proxy Einstellungen zurücksetzen
  • Internet Explorer Richtlinien zurücksetzen
  • Chrome Richtlinien zurücksetzen
  • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
• Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
• Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
• Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

• Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
• Drücke eine beliebige Taste, um das Tool zu starten.
• Je nach System kann der Scan eine Weile dauern.
• Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
• Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Hi Schrauber,

dank´ Dir fuer die Antwort.
Gibt es noch Weiteres zu erledigen?

Beste Gruesse,
Felix


Hier sind die Logs:

mbam

Code: Alles auswählenAufklappen

ATTFilter

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Versión de la Base de Datos: v2013.11.12.13

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
Miranda :: MIRANDA-HP [administrador]

12/11/2013 20:39:26
mbam-log-2013-11-12 (20-39-26).txt

Tipos de Análisis: Análisis Completo (C:\|D:\|)
Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opciones de análisis desactivados: P2P
Objetos examinados: 329413
Tiempo transcurrido: 2 hora(s), 26 minuto(s), 52 segundo(s)

Procesos en Memoria Detectados: 1
C:\Program Files\Common Files\Umbrella\umbrella.exe (PUP.Optional.Iminent) -> 2596 -> Se eliminarán al reiniciar.

Módulos de Memoria Detectados: 0
(No se han detectado elementos maliciosos)

Claves del Registro Detectados: 69
HKLM\SYSTEM\CurrentControlSet\Services\SProtection (PUP.Optional.Iminent) -> En cuarentena y eliminado con éxito.
HKCR\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} (PUP.Optional.Wajam.A) -> En cuarentena y eliminado con éxito.
HKCR\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7} (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6} (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC} (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113} (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\IminentWebBooster.ScriptExtender.1 (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\IminentWebBooster.ScriptExtender (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\IminentWebBooster.BrowserHelperObject.1 (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\IminentWebBooster.BrowserHelperObject (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} (PUP.Optional.Wajam) -> En cuarentena y eliminado con éxito.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} (PUP.Optional.Wajam) -> En cuarentena y eliminado con éxito.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0af350d9-3916-454b-ac53-0b0b65f41301} (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08} (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Business.Tinyfying.DownloadArgs (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Business.Tinyfying.LinkToPromoteArgs (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Business.Tinyfying.RawDataArgs (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Business.Tinyfying.TinyUrlArgs (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Business.Tinyfying.ViralLinkArgs (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Mediator.Communication.ClientCallback (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Mediator.Communication.ContractBase (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Mediator.Communication.DataContracts.GameOverCallback (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Mediator.Communication.DataContracts.GetCreditCommand (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Mediator.Communication.DataContracts.GetVariableCommand (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Mediator.Communication.DataContracts.GetVariableResult (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Mediator.Communication.DataContracts.InstallationContextResult (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Mediator.Communication.DataContracts.LoadContentCommand (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Mediator.Communication.DataContracts.LoginCommand (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Mediator.Communication.DataContracts.LogoutCommand (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Mediator.Communication.DataContracts.MyAccountCommand (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Mediator.Communication.DataContracts.PlayContentCommand (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Mediator.Communication.DataContracts.PostContentCallback (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Mediator.Communication.DataContracts.SetVariableCommand (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Mediator.Communication.DataContracts.TestContentCommand (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Mediator.Communication.DataContracts.WarmUpCommand (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Mediator.Communication.DataContracts.WelcomeCommand (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Mediator.Communication.ServerCommand (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Mediator.Communication.ServerResult (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Mediator.LightContent (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Mediator.LightUri (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\Iminent.Mediator.MediatorServiceProxy (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCR\AppID\Iminent.WebBooster.InternetExplorer.DLL (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> En cuarentena y eliminado con éxito.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (PUP.Optional.Qone8) -> En cuarentena y eliminado con éxito.
HKCU\SOFTWARE\IMINENT (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo (PUP.Optional.Elex.A) -> En cuarentena y eliminado con éxito.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (PUP.Optional.Qone8) -> En cuarentena y eliminado con éxito.
HKLM\SOFTWARE\Speedchecker Limited\PC Speed Up (PUP.Optional.PCSpeedUp.A) -> En cuarentena y eliminado con éxito.
HKLM\SOFTWARE\UMBRELLA (PUP.Optional.Umbrella.A) -> En cuarentena y eliminado con éxito.

Valores del Registro Detectados: 3
HKCU\Software\Iminent|SearchEngineOptin (PUP.Optional.Iminent.A) -> datos: 0 -> En cuarentena y eliminado con éxito.
HKLM\SOFTWARE\Umbrella|MUpdBlock (PUP.Optional.Umbrella.A) -> datos: {
   "MASSUPDATE" : {
      "CHROME_MBAR" : {
         "Checked" : 1,
         "RetryIdx" : 0,
         "Url" : "hxxp://vzapp.iminent.com/vz/08B41628-E2B5-44C7-970F-6847FDCBD8E1/1/MinibarChrome.exe",
         "Version" : 1
      },
      "FIREFOX_MBAR" : {
         "Checked" : 1,
         "RetryIdx" : 0,
         "Version" : 1
      },
      "IEXPLORE_BHO" : {
         "Checked" : 1,
         "RetryIdx" : 0,
         "Version" : 1
      }
   }
}
 -> En cuarentena y eliminado con éxito.
HKLM\SYSTEM\CurrentControlSet\Services\SProtection|ImagePath (PUP.Optional.Iminent.A) -> datos: C:\Program Files\Common Files\Umbrella\umbrella.exe -> En cuarentena y eliminado con éxito.

Elementos de Datos del Registro Detectados: 1
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|DefaultScope (PUP.Optional.Qone8) -> Malo: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}) Bueno: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}) -> En cuarentena y reparado con éxito.

Carpetas Detectadas: 45
C:\Users\Miranda\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> En cuarentena y eliminado con éxito.
C:\ProgramData\eSafe (PUP.Optional.Esafe.A) -> En cuarentena y eliminado con éxito.
C:\ProgramData\eSafe\log (PUP.Optional.Esafe.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365 (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\components (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\desk_bkg (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CProgramFilesHPGamesHPGameConsoleGameConsole (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CProgramFilesInternetExploreriexploreexe (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CProgramFilesMozillaFirefoxfirefoxexe (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CProgramFilesNeroNero7NeroStartSmartNeroStartSmart (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CProgramFilesOnlineServiceseBayebay (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CProgramFilesSkypePhoneSkype (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CSystemRecoveryFiles (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CUsersMirandaAppDataRoamingDesk365icons (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CWindowsInstaller{EE202411-2C26-49E8-9784-1BC1DBF7DE96}NewShortcut2_06EDE08E9D6342F1AC2C30BC31ED1770 (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CProgramFilesHewlett-PackardHPCloudDriveiconswindows_hard_drive (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CWindowsInstaller{40C19172-F700-4056-8683-2C64BE3202C8}NewShortcut2_1B1AE516C570424EAD1EBCEEC9A9A837 (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CProgramFilesAcelerarelPCPCSULauncher (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CProgramFilesDefragglerDefraggler (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CProgramFilesDsNETCorpaTubeCatcher20yct (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CProgramFilesFLVMediaPlayerFLVMPlayer (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CProgramFilesGeoGebraGeoGebra (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CProgramFilesGeoGebraGeoGebraPrim (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CProgramFilesGoogleChromeApplicationchromeexe (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\promote (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\sysicons (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\update (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\wp (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Program Files\Desk 365 (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Program Files\Desk 365\Temp (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\DealPly (PUP.Optional.DealPly.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\DealPly\UpdateProc (PUP.Optional.DealPly.A) -> En cuarentena y eliminado con éxito.
C:\ProgramData\Iminent\Mediator (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
C:\ProgramData\Iminent\Mediator\Datas (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
C:\ProgramData\Iminent\Mediator\Datas\Cache (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
C:\ProgramData\Iminent\Mediator\Datas\Cache\apix.iminent.com (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Iminent\Mediator (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Iminent\Mediator\Datas (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
C:\Program Files\Common Files\337\libcef (PUP.Optional.337Technologies.A) -> En cuarentena y eliminado con éxito.
C:\Program Files\Common Files\337\libcef\1.1364.1123 (PUP.Optional.337Technologies.A) -> En cuarentena y eliminado con éxito.
C:\Program Files\Common Files\337\libcef\1.1364.1123\locales (PUP.Optional.337Technologies.A) -> En cuarentena y eliminado con éxito.
C:\Program Files\Common Files\337\libcef\1.963.439 (PUP.Optional.337Technologies.A) -> En cuarentena y eliminado con éxito.
C:\Program Files\Common Files\337\libcef\1.963.439\locales (PUP.Optional.337Technologies.A) -> En cuarentena y eliminado con éxito.

Archivos Detectados: 214
C:\Program Files\Common Files\Umbrella\umbrella.exe (PUP.Optional.Iminent) -> Se eliminarán al reiniciar.
C:\Program Files\Iminent\Iminent.WebBooster.InternetExplorer.dll (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
C:\Program Files\Common Files\Umbrella\chrmbar_upd.exe (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
C:\Program Files\Iminent\inst\Bootstrapper\Bootstrapper.exe (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
C:\ProgramData\eSafe\eGdpSvc.exe (PUP.Optional.Wsys.A) -> En cuarentena y eliminado con éxito.
C:\Qoobox\Quarantine\C\Windows\System32\roboot.exe.vir (PUP.Optional.PCPerformer.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\components\component_libcef_1.1364.1123.exe (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\components\component_libcef_1.963.439.exe (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\eIntaller\0C9403A3AA2448bb9BFFA72EEA500A55\dp.exe (PUP.Optional.DealPly.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\eIntaller\CA4E93236FC24029AEDC821D8E06A583\Desk365.exe (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Omiga Plus\wallpaper_components.exe (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Windows\Installer\287766.msi (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5ILW1XIS\wajam_update[1].004 (PUP.Optional.Wajam.A) -> En cuarentena y eliminado con éxito.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5ILW1XIS\wajam_update[2].004 (PUP.Optional.Wajam.A) -> En cuarentena y eliminado con éxito.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FUM1XUG5\wajam_update[4].exe (PUP.Optional.Wajam.A) -> En cuarentena y eliminado con éxito.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NPRJ4F1X\wajam_update[1].004 (PUP.Optional.Wajam) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> En cuarentena y eliminado con éxito.
C:\Program Files\Mozilla Firefox\defaults\pref\all-iminent.js (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
C:\ProgramData\eSafe\eDelayinfo.edb (PUP.Optional.Esafe.A) -> En cuarentena y eliminado con éxito.
C:\ProgramData\eSafe\eSafeSvc.exe (PUP.Optional.Esafe.A) -> En cuarentena y eliminado con éxito.
C:\ProgramData\eSafe\_eUpdate_2013529161152.exe (PUP.Optional.Esafe.A) -> En cuarentena y eliminado con éxito.
C:\ProgramData\eSafe\log\eGdpSvc.LOG (PUP.Optional.Esafe.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\promote.xml (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\desk_bkg_list.xml (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\desk_list.xml (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\desk_settings.ini (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\process_mgr.xml (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\recent.xml (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\replacegc (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_1.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_2.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_3.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_4.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_5.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_default.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\337_7c9140b13c049fd26989f7fa25b77cb1.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\337_7c9140b13c049fd26989f7fa25b77cb1_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\Acrobat.com_1f347f1a4477d6fba3e918fd7715044f.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\Acrobat.com_1f347f1a4477d6fba3e918fd7715044f_16_16.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\AcroRd32_dd800fcdcf3145da9a1d084344883a41.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\AcroRd32_dd800fcdcf3145da9a1d084344883a41_16_16.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\angrybirds_00ff92c12703baaf0130d6aec427d047.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\angrybirds_00ff92c12703baaf0130d6aec427d047_32_32.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\angrybirds_00ff92c12703baaf0130d6aec427d047_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\angrybirds_b4809bc0d01a9c0eca70946ba95e53b2.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\angrybirds_b4809bc0d01a9c0eca70946ba95e53b2_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\Barbie_00a67ff4ef657679a6c88553135d62ad.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\Barbie_00a67ff4ef657679a6c88553135d62ad_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\ebay_bf251010c0de77e981e583a9344c7051_16_16.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\Empire_22b42f57d1c467841280810e218d5510.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\Empire_22b42f57d1c467841280810e218d5510_32_32.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\Empire_22b42f57d1c467841280810e218d5510_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\Empire_38d4bcba336f4dc1d184d952a6add09a.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\Empire_38d4bcba336f4dc1d184d952a6add09a_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\Facebook_aab07bc79cf599b25c0110f32d46a3ef.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\iexplore_10b5070763457bf93b9c3a073ef606ff_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\Mario_52934d81761dc31187a93a3a0be7fecc.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\Mario_52934d81761dc31187a93a3a0be7fecc_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\master5_ff1b5d897f6b5bc9155b26fecccd6f65_16_16.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\MOVIEMK_0135a5b9c5e54ecf34d1cd6047b4767b.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\MOVIEMK_0135a5b9c5e54ecf34d1cd6047b4767b_16_16.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\MSOO_790751399960dff16fa13939d55cbeb6.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\MSOO_790751399960dff16fa13939d55cbeb6_16_16.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\BigFarm_6f49716246524b44324568431fd00880.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\BigFarm_6f49716246524b44324568431fd00880_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\BigFarm_de933b0e5218a4db24bebe3d55ed3558.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\BigFarm_de933b0e5218a4db24bebe3d55ed3558_32_32.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\BigFarm_de933b0e5218a4db24bebe3d55ed3558_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\chrome_029ea53f6db3f0d220704e00636b9734.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\chrome_029ea53f6db3f0d220704e00636b9734_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\chrome_7aa89bb93e2c40231bbc8d908f7260e1.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\chrome_7aa89bb93e2c40231bbc8d908f7260e1_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\Facebook_aab07bc79cf599b25c0110f32d46a3ef_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\firefox_a5e6860672586495554ad366653972b3.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\firefox_a5e6860672586495554ad366653972b3_16_16.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\firefox_a5e6860672586495554ad366653972b3_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\Gmail_731b6d011bd9f67463a916a496775935.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\Gmail_731b6d011bd9f67463a916a496775935_32_32.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\Gmail_731b6d011bd9f67463a916a496775935_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\iexplore_10b5070763457bf93b9c3a073ef606ff.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\sys_downloads_20_20.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\sys_my_documents_20_20.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\Twitter_ebddd85ec04b7b94a2b2e97b73a90a4a.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\Twitter_ebddd85ec04b7b94a2b2e97b73a90a4a_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\unknown_16_16.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\WFSR_64757c9bcef67df93bfc391177e29bb5.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\WFSR_64757c9bcef67df93bfc391177e29bb5_16_16.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\WindowsAnytimeUpgradeUI_a4017f6180d2616b55b4507c46732fa4.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\WindowsAnytimeUpgradeUI_a4017f6180d2616b55b4507c46732fa4_16_16.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\wmplayer_b480926aa5784f7e0186d1008d4213c7.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\wmplayer_b480926aa5784f7e0186d1008d4213c7_16_16.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\wucltux_4a368564244e244cd699bc77b9665493.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\wucltux_4a368564244e244cd699bc77b9665493_16_16.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\XpsRchVw_000a9ef3dd493ecbe3e60c16119a8712.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\XpsRchVw_000a9ef3dd493ecbe3e60c16119a8712_16_16.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\Youtube_bf18fdfc4aefd6417a8bacae4be5b415.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\Youtube_bf18fdfc4aefd6417a8bacae4be5b415_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\Outlook_6f817b67fa6af1a9c8abfa3813a8595c.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\Outlook_6f817b67fa6af1a9c8abfa3813a8595c_32_32.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\Outlook_6f817b67fa6af1a9c8abfa3813a8595c_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\sidebar_e54e4e1867c4c3f3497ee6cf350567b9.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\sidebar_e54e4e1867c4c3f3497ee6cf350567b9_16_16.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\sys_computer_20_20.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\sys_computer_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\sys_control_panel_20_20.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CProgramFilesHPGamesHPGameConsoleGameConsole\GameConsole_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CProgramFilesInternetExploreriexploreexe\iexplore.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CProgramFilesInternetExploreriexploreexe\iexplore_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CProgramFilesMozillaFirefoxfirefoxexe\firefox.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CProgramFilesMozillaFirefoxfirefoxexe\firefox_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CProgramFilesNeroNero7NeroStartSmartNeroStartSmart\NeroStartSmart.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CProgramFilesNeroNero7NeroStartSmartNeroStartSmart\NeroStartSmart_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CProgramFilesOnlineServiceseBayebay\ebay_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CProgramFilesSkypePhoneSkype\Skype.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CProgramFilesSkypePhoneSkype\Skype_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CSystemRecoveryFiles\System Recovery Files_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CUsersMirandaAppDataRoamingDesk365icons\Facebook.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CUsersMirandaAppDataRoamingDesk365icons\337.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CUsersMirandaAppDataRoamingDesk365icons\337_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CUsersMirandaAppDataRoamingDesk365icons\angrybirds.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CUsersMirandaAppDataRoamingDesk365icons\angrybirds_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CUsersMirandaAppDataRoamingDesk365icons\battledawn.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CUsersMirandaAppDataRoamingDesk365icons\battledawn_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CUsersMirandaAppDataRoamingDesk365icons\BigFarm.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CUsersMirandaAppDataRoamingDesk365icons\BigFarm_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CUsersMirandaAppDataRoamingDesk365icons\Empire.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CUsersMirandaAppDataRoamingDesk365icons\Empire_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CUsersMirandaAppDataRoamingDesk365icons\Facebook_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CUsersMirandaAppDataRoamingDesk365icons\Gmail.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CUsersMirandaAppDataRoamingDesk365icons\Gmail_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CUsersMirandaAppDataRoamingDesk365icons\Mario.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CUsersMirandaAppDataRoamingDesk365icons\Mario_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CUsersMirandaAppDataRoamingDesk365icons\Outlook.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CUsersMirandaAppDataRoamingDesk365icons\Outlook_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CUsersMirandaAppDataRoamingDesk365icons\Twitter.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CUsersMirandaAppDataRoamingDesk365icons\Twitter_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CUsersMirandaAppDataRoamingDesk365icons\wallpaper.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CUsersMirandaAppDataRoamingDesk365icons\wallpaper_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CUsersMirandaAppDataRoamingDesk365icons\Youtube.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CUsersMirandaAppDataRoamingDesk365icons\Youtube_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CWindowsInstaller{EE202411-2C26-49E8-9784-1BC1DBF7DE96}NewShortcut2_06EDE08E9D6342F1AC2C30BC31ED1770\NewShortcut2_06EDE08E9D6342F1AC2C30BC31ED1770.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CWindowsInstaller{EE202411-2C26-49E8-9784-1BC1DBF7DE96}NewShortcut2_06EDE08E9D6342F1AC2C30BC31ED1770\NewShortcut2_06EDE08E9D6342F1AC2C30BC31ED1770_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CProgramFilesHewlett-PackardHPCloudDriveiconswindows_hard_drive\windows_hard_drive_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CWindowsInstaller{40C19172-F700-4056-8683-2C64BE3202C8}NewShortcut2_1B1AE516C570424EAD1EBCEEC9A9A837\NewShortcut2_1B1AE516C570424EAD1EBCEEC9A9A837.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CWindowsInstaller{40C19172-F700-4056-8683-2C64BE3202C8}NewShortcut2_1B1AE516C570424EAD1EBCEEC9A9A837\NewShortcut2_1B1AE516C570424EAD1EBCEEC9A9A837_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CProgramFilesAcelerarelPCPCSULauncher\PCSULauncher.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CProgramFilesAcelerarelPCPCSULauncher\PCSULauncher_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CProgramFilesDefragglerDefraggler\Defraggler.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CProgramFilesDefragglerDefraggler\Defraggler_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CProgramFilesDsNETCorpaTubeCatcher20yct\yct.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CProgramFilesDsNETCorpaTubeCatcher20yct\yct_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CProgramFilesFLVMediaPlayerFLVMPlayer\FLVMPlayer.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CProgramFilesFLVMediaPlayerFLVMPlayer\FLVMPlayer_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CProgramFilesGeoGebraGeoGebra\GeoGebra.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CProgramFilesGeoGebraGeoGebra\GeoGebra_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CProgramFilesGeoGebraGeoGebraPrim\GeoGebraPrim.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CProgramFilesGeoGebraGeoGebraPrim\GeoGebraPrim_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CProgramFilesGoogleChromeApplicationchromeexe\chrome.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\icons\CProgramFilesGoogleChromeApplicationchromeexe\chrome_48_48.png (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\promote\337.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\promote\337_7c9140b13c049fd26989f7fa25b77cb1.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\promote\barbie.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\promote\Barbie_00a67ff4ef657679a6c88553135d62ad.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\promote\facebook.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\promote\Facebook_aab07bc79cf599b25c0110f32d46a3ef.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\promote\GameCenter.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\promote\google.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\promote\mario.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\promote\Mario_52934d81761dc31187a93a3a0be7fecc.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\promote\twitter.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\promote\Twitter_ebddd85ec04b7b94a2b2e97b73a90a4a.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\promote\v9.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\promote\youtube.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\sysicons\imageres.dll_104.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\sysicons\imageres.dll_107.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\sysicons\imageres.dll_153.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\sysicons\imageres.dll_175.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\sysicons\imageres.dll_2.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\sysicons\shell32.dll_21.ico (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\update\desk365_update_v1.10.15.exe (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\update\desk365_update_v1.11.16.exe (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\update\desk365_update_v1.9.6.exe (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\wp\r0.jpg (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\wp\r1.jpg (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\wp\r2.jpg (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\wp\r3.jpg (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\wp\r4.jpg (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\wp\r5.jpg (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\wp\r6.jpg (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\wp\r7.jpg (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\wp\r8.jpg (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Desk 365\wp\r9.jpg (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Program Files\Desk 365\promote.xml (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Program Files\Desk 365\desk_bkg_list.xml (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Program Files\Desk 365\desk_list.xml (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Program Files\Desk 365\desk_settings.ini (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Program Files\Desk 365\process_mgr.xml (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\Program Files\Desk 365\recent.xml (PUP.Optional.Desk365.A) -> En cuarentena y eliminado con éxito.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent\SearchTheWeb.lnk (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent\Blog.lnk (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent\FAQ.lnk (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent\Help.lnk (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\DealPly\UpdateProc\config.dat (PUP.Optional.DealPly.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\DealPly\UpdateProc\src.dat (PUP.Optional.DealPly.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\DealPly\UpdateProc\TTL.DAT (PUP.Optional.DealPly.A) -> En cuarentena y eliminado con éxito.
C:\ProgramData\Iminent\Mediator\Datas\Cache\apix.iminent.com\1033.11575f00-7bdc-4181-ba0a-b298aeab228c.dat (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Iminent\Mediator\Datas\globalcache.dat (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
C:\Users\Miranda\AppData\Roaming\Iminent\Mediator\Datas\user.dat (PUP.Optional.Iminent.A) -> En cuarentena y eliminado con éxito.
C:\Program Files\Common Files\337\libcef\1.1364.1123\icudt.dll (PUP.Optional.337Technologies.A) -> En cuarentena y eliminado con éxito.
C:\Program Files\Common Files\337\libcef\1.1364.1123\libcef.dll (PUP.Optional.337Technologies.A) -> En cuarentena y eliminado con éxito.
C:\Program Files\Common Files\337\libcef\1.1364.1123\locales\en-US.pak (PUP.Optional.337Technologies.A) -> En cuarentena y eliminado con éxito.
C:\Program Files\Common Files\337\libcef\1.963.439\icudt.dll (PUP.Optional.337Technologies.A) -> En cuarentena y eliminado con éxito.
C:\Program Files\Common Files\337\libcef\1.963.439\libcef.dll (PUP.Optional.337Technologies.A) -> En cuarentena y eliminado con éxito.
C:\Program Files\Common Files\337\libcef\1.963.439\locales\en-US.pak (PUP.Optional.337Technologies.A) -> En cuarentena y eliminado con éxito.

fin)
         

AdwCleaner

Code: Alles auswählenAufklappen

ATTFilter

# AdwCleaner v3.012 - Reporte Creado 13/11/2013 en 21:35:41
# Actualizado 11/11/2013 por Xplode
# Sistema Operativo : Windows 7 Starter  (32 bits)
# Nombre de usuario : Miranda - MIRANDA-HP
# Ejecutado desde : C:\Users\Miranda\Desktop\adwcleaner.exe
# Opción : Limpiar

***** [ Servicios ] *****

Servicio Borrar : winzipersvc

***** [ Archivos / Carpetas ] *****

Carpeta Borrar : C:\ProgramData\Ask
Carpeta Borrar : C:\ProgramData\Babylon
Carpeta Borrar : C:\ProgramData\boost_interprocess
Carpeta Borrar : C:\ProgramData\Iminent
Carpeta Borrar : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Carpeta Borrar : C:\Program Files\Iminent
Carpeta Borrar : C:\Program Files\Omiga Plus
Carpeta Borrar : C:\Program Files\WinZipper
Carpeta Borrar : C:\Program Files\Common Files\337
Carpeta Borrar : C:\Program Files\Common Files\Umbrella
Carpeta Borrar : C:\Users\Miranda\AppData\Local\apn
Carpeta Borrar : C:\Users\Miranda\AppData\LocalLow\holasearch
Carpeta Borrar : C:\Users\Miranda\AppData\Roaming\eIntaller
Carpeta Borrar : C:\Users\Miranda\AppData\Roaming\Iminent
Carpeta Borrar : C:\Users\Miranda\AppData\Roaming\Omiga Plus
Carpeta Borrar : C:\Users\Miranda\AppData\Roaming\PerformerSoft
Carpeta Borrar : C:\Users\Miranda\AppData\Roaming\WinZipper
Carpeta Borrar : C:\Users\Miranda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagpjgjmoaccgkkpjeoinehnoaimnbla
Carpeta Borrar : C:\Users\Miranda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Carpeta Borrar : C:\Users\Miranda\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Carpeta Borrar : C:\Users\Miranda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Archivo Borrar : C:\Users\Miranda\AppData\Roaming\Mozilla\Firefox\Profiles\wge3sqo7.default\Extensions\webbooster@iminent.com.xpi
Archivo Borrar : C:\Users\Miranda\AppData\Roaming\Mozilla\Firefox\Profiles\wge3sqo7.default\searchplugins\Askcom.xml
Archivo Borrar : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
Archivo Borrar : C:\Users\Miranda\AppData\Roaming\Mozilla\Firefox\Profiles\wge3sqo7.default\searchplugins\Babylon.xml
Archivo Borrar : C:\Users\Miranda\AppData\Roaming\Mozilla\Firefox\Profiles\wge3sqo7.default\searchplugins\BrowserDefender.xml
Archivo Borrar : C:\Program Files\Mozilla Firefox\searchplugins\delta-homes.xml
Archivo Borrar : C:\Users\Miranda\AppData\Roaming\Mozilla\Firefox\Profiles\wge3sqo7.default\searchplugins\holasearch.xml
Archivo Borrar : C:\Program Files\Mozilla Firefox\searchplugins\portaldosites.xml
Archivo Borrar : C:\Users\Miranda\AppData\Roaming\Mozilla\Firefox\Profiles\wge3sqo7.default\user.js
Archivo Borrar : C:\Users\Miranda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ojcgaoafcmbadjkfdippkdddgkeaipbn_0.localstorage-journal
Archivo Borrar : C:\Users\Miranda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.iminent.com_0.localstorage-journal
Archivo Borrar : C:\Users\Miranda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.wajam.com_0.localstorage-journal
Archivo Borrar : C:\Windows\System32\Tasks\Dealply
Archivo Borrar : C:\Windows\System32\Tasks\Desk 365 RunAsStdUser
Archivo Borrar : C:\Windows\System32\Tasks\Omiga Plus RunAsStdUser

***** [ Accesos directos ] *****

Acceso directo Desinfectado : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Acceso directo Desinfectado : C:\Users\Miranda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Acceso directo Desinfectado : C:\Users\Miranda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Acceso directo Desinfectado : C:\Users\Miranda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Acceso directo Desinfectado : C:\Users\Miranda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
Acceso directo Desinfectado : C:\Users\Miranda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk

***** [ Registro ] *****

Valor Borrar : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [webbooster@iminent.com]
[#] Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6F99E99E-7D72-4D00-BFFB-9C59C1758034}
[#] Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F99E99E-7D72-4D00-BFFB-9C59C1758034}
[#] Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7437A3D9-E99D-4B7B-9EF4-3D19499214A2}
[#] Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7437A3D9-E99D-4B7B-9EF4-3D19499214A2}
[#] Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A4CBDFFD-0DBB-4A95-9227-B944A0BA92EF}
[#] Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A4CBDFFD-0DBB-4A95-9227-B944A0BA92EF}
Clave Borrar : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Clave Borrar : HKLM\SOFTWARE\Classes\Iminent
Clave Borrar : HKLM\SOFTWARE\Classes\Prod.cap
Valor Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs [bProtectTabs]
Clave Borrar : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Iminent
Clave Borrar : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IminentMessenger
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\DEALPL~1_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\DEALPL~1_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
Clave Borrar : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Clave Borrar : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Clave Borrar : HKCU\Software\5b57dd8be73abd43
Clave Borrar : HKLM\SOFTWARE\5b57dd8be73abd43
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_ares_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_ares_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_atube-catcher_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_atube-catcher_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_geogebra_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_geogebra_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_malwarebytes-anti-malware_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_malwarebytes-anti-malware_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_windows-movie-maker_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_windows-movie-maker_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Clave Borrar : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Clave Borrar : HKLM\SOFTWARE\Classes\AppID\{8D5CFE57-B0FD-4396-97A2-DFD0B7DA935B}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Clave Borrar : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Clave Borrar : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Clave Borrar : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Clave Borrar : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C510DFFB-0AFE-484C-BA40-CED5B74C4EEF}
Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DFF9B2DA-EF99-4B26-83CB-7058299999D8}
Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B6ACEA2-308A-4876-AD36-57CEC5B4FCC7}
Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C510DFFB-0AFE-484C-BA40-CED5B74C4EEF}
Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DFF9B2DA-EF99-4B26-83CB-7058299999D8}
Clave Borrar : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Clave Borrar : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Clave Borrar : HKCU\Software\APN PIP
Clave Borrar : HKCU\Software\holasearch LTD
Clave Borrar : HKCU\Software\Softonic
Clave Borrar : HKCU\Software\Tutoriales100
Clave Borrar : HKCU\Software\Tutorials
Clave Borrar : HKCU\Software\TutoTag
Clave Borrar : HKCU\Software\V9
Clave Borrar : HKLM\Software\delta-homesSoftware
Clave Borrar : HKLM\Software\Desksvc
Clave Borrar : HKLM\Software\eSafeSecControl
Clave Borrar : HKLM\Software\hdcode
Clave Borrar : HKLM\Software\Iminent
Clave Borrar : HKLM\Software\omigaplusSvc
Clave Borrar : HKLM\Software\PIP
Clave Borrar : HKLM\Software\portaldositesSoftware
Clave Borrar : HKLM\Software\Tutoriales100
Clave Borrar : HKLM\Software\V9
Clave Borrar : HKLM\Software\V9Software
Clave Borrar : HKLM\Software\winzipersvc
Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{118D6CE9-5F18-42F9-958A-14676A629FDE}
Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EC6D81181F59F2459A84176A626F9ED
Clave Borrar : HKLM\Software\Classes\Installer\Features\9EC6D81181F59F2459A84176A626F9ED
Clave Borrar : HKLM\Software\Classes\Installer\Products\9EC6D81181F59F2459A84176A626F9ED

***** [ Navegadores ] *****

-\\ Internet Explorer v8.0.7600.16385

Ajustes Restaurar : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Ajustes Restaurar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Ajustes Restaurar : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [bProtectTabs]

-\\ Mozilla Firefox v25.0 (es-ES)

[ Archivo : C:\Users\Miranda\AppData\Roaming\Mozilla\Firefox\Profiles\wge3sqo7.default\prefs.js ]

Linea borrada : user_pref("extensions.enabledAddons", "webbooster%40iminent.com:6.13.4.1,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0");
Linea borrada : user_pref("extensions.holasearch.admin", false);
Linea borrada : user_pref("extensions.holasearch.aflt", "babsst");
Linea borrada : user_pref("extensions.holasearch.appId", "{8D5CFE57-B0FD-4396-97A2-DFD0B7DA935B}");
Linea borrada : user_pref("extensions.holasearch.autoRvrt", "false");
Linea borrada : user_pref("extensions.holasearch.dfltLng", "es");
Linea borrada : user_pref("extensions.holasearch.excTlbr", false);
Linea borrada : user_pref("extensions.holasearch.ffxUnstlRst", false);
Linea borrada : user_pref("extensions.holasearch.id", "0a3bc6a2000000000000002682e21e10");
Linea borrada : user_pref("extensions.holasearch.instlDay", "15896");
Linea borrada : user_pref("extensions.holasearch.instlRef", "sst");
Linea borrada : user_pref("extensions.holasearch.newTab", false);
Linea borrada : user_pref("extensions.holasearch.prdct", "holasearch");
Linea borrada : user_pref("extensions.holasearch.prtnrId", "holasearch");
Linea borrada : user_pref("extensions.holasearch.rvrt", "false");
Linea borrada : user_pref("extensions.holasearch.smplGrp", "none");
Linea borrada : user_pref("extensions.holasearch.tlbrId", "base");
Linea borrada : user_pref("extensions.holasearch.tlbrSrchUrl", "");
Linea borrada : user_pref("extensions.holasearch.vrsn", "1.8.16.16");
Linea borrada : user_pref("extensions.holasearch.vrsnTs", "1.8.16.1619:22:52");
Linea borrada : user_pref("extensions.holasearch.vrsni", "1.8.16.16");
Linea borrada : user_pref("extensions.wajam.affiliate_id", "1401");
Linea borrada : user_pref("extensions.wajam.firstrun", "false");
Linea borrada : user_pref("extensions.wajam.log_send_info", "false");
Linea borrada : user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21087\",\"update_interval\":975,\"base_url\":\"hxxp:\\/\\/www.wajam.com\\/\",\"update_url\":\"hxxp:\\/\\/www.wajam.com\\/addon\\/m[...]
Linea borrada : user_pref("extensions.wajam.no_trace", "false");
Linea borrada : user_pref("extensions.wajam.server_current_mapping_version", "0.21087");
Linea borrada : user_pref("extensions.wajam.supported_sites.encryptedgoogle.wajam_google_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'W[...]
Linea borrada : user_pref("extensions.wajam.supported_sites.google.wajam_google_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';[...]
Linea borrada : user_pref("extensions.wajam.trace_log", "1383657479579 - onFlagInfoReceived - No user current mapping version specified, set to '0'\n1383657479581 - onFlagInfoReceived - Unique ID saved\n");
Linea borrada : user_pref("extensions.wajam.unique_id", "8DBBBA7FFB1BFCBFC7AA82C05684A945");
Linea borrada : user_pref("extensions.wajam.user_current_mapping_version", "0");
Linea borrada : user_pref("extensions.wajam.version", "1.26");
Linea borrada : user_pref("iminent.LayoutId", "1");
Linea borrada : user_pref("iminent.ShowThankyouPixel", "0");
Linea borrada : user_pref("iminent.registerToolbarEvent102", "1384086798653");
Linea borrada : user_pref("iminent.version", "7.43.4.1");
Linea borrada : user_pref("iminent.versioning", "{\"CurrentVersion\":\"7.43.4.1\",\"InstallEventCTime\":1384085566409,\"InstallEvent\":\"True\"}");

-\\ Google Chrome v31.0.1650.48

[ Archivo : C:\Users\Miranda\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Borrar : icon_url
Borrar : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [27677 octets] - [13/11/2013 21:23:48]
AdwCleaner[S0].txt - [24681 octets] - [13/11/2013 21:35:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [24742 octets] ##########
         

JRT

Code: Alles auswählenAufklappen

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Starter x86
Ran by Miranda on 13/11/2013 at 21:50:10,30
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted [Registry Value] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\bProtectTabs



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4234750219-565304826-628335460-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\omigaplussvc
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{5D77453B-D036-449B-A889-513452B2FD84}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{82D8AA4E-6228-4678-A7FF-CD3D19C1BC6A}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BB758E94-3969-408E-951A-EDE630141376}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{82D8AA4E-6228-4678-A7FF-CD3D19C1BC6A}



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Miranda\AppData\Roaming\mozilla\firefox\profiles\wge3sqo7.default\minidumps [76 files]



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Miranda\appdata\local\Google\Chrome\User Data\Default\Extensions\fagpjgjmoaccgkkpjeoinehnoaimnbla
Successfully deleted: [Folder] C:\Users\Miranda\appdata\local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Successfully deleted: [Folder] C:\Users\Miranda\appdata\local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13/11/2013 at 21:56:47,24
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

FRST

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-11-2013 01
Ran by Miranda (administrator) on MIRANDA-HP on 13-11-2013 21:58:16
Running from C:\Users\Miranda\Desktop
Microsoft Windows 7 Starter  (X86) OS Language: Spanish Modern Sort
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\aestsrv.exe
() C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Microsoft Corp.) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Sophos Limited) C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Sophos Limited) C:\Program Files\Sophos\AutoUpdate\ALMon.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Sophos Limited) C:\ProgramData\Sophos\AutoUpdate\cache\sophos_autoupdate1.dir\alupdate.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe [495708 2010-06-09] (IDT, Inc.)
HKLM\...\Run: [Sophos AutoUpdate Monitor] - C:\Program Files\Sophos\AutoUpdate\ALMon.exe [900160 2012-07-06] (Sophos Limited)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-11-05] (Hewlett-Packard)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {870A6C78-1F98-4687-998F-7A0FC925BAC3} URL = hxxp://es.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM - {DA585FF3-EA29-456D-B90C-EFDE318721E4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKCU - {870A6C78-1F98-4687-998F-7A0FC925BAC3} URL = hxxp://es.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - {DA585FF3-EA29-456D-B90C-EFDE318721E4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKCU - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MIF5BA~1\Office12\GR469A~1.DLL [2210608 2006-10-27] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Miranda\AppData\Roaming\Mozilla\Firefox\Profiles\wge3sqo7.default
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Homepage: www.google.es
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Miranda\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Miranda\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Miranda\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Miranda\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Miranda\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\drae.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-es.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-es.xml
FF Extension: Adblock Plus - C:\Users\Miranda\AppData\Roaming\Mozilla\Firefox\Profiles\wge3sqo7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF Extension: Adblock Plus - C:\Users\Miranda\AppData\Roaming\Mozilla\Firefox\Profiles\wge3sqo7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

Chrome: 
=======
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR Extension: (Google Drive) - C:\Users\Miranda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Miranda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Miranda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Skype Click to Call) - C:\Users\Miranda\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0
CHR Extension: (Gmail) - C:\Users\Miranda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

========================== Services (Whitelisted) =================

R2 HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [103992 2010-06-18] (Hewlett-Packard Company)
R2 HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [27192 2010-07-02] ()
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
R2 Sophos AutoUpdate Service; C:\Program Files\Sophos\AutoUpdate\ALsvc.exe [232512 2012-07-06] (Sophos Limited)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [237650 2010-06-09] (IDT, Inc.)

==================== Drivers (Whitelisted) ====================

R1 DVMIO; C:\Windows\System32\DRIVERS\dvmio.sys [18136 2009-11-11] (DeviceVM, Inc.)
R3 RSPCIESTOR; C:\Windows\System32\DRIVERS\RtsPStor.sys [230944 2010-05-07] (Realtek Semiconductor Corp.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Miranda\AppData\Local\Temp\catchme.sys [x]
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [x]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [x]
S3 Huawei; system32\DRIVERS\ewdcsc.sys [x]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [x]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]
S3 massfilter; system32\drivers\massfilter.sys [x]
S3 massfilter_hs; system32\drivers\massfilter_hs.sys [x]
S3 USBZTECCID; system32\DRIVERS\ZTEusbccid.sys [x]
S3 ZTEusbMB; system32\DRIVERS\ZTEusbnmeaext2.sys [x]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]
S3 ZTEusbwwan; system32\DRIVERS\ZTEusbwwan.sys [x]
S3 zte_massejct; System32\Drivers\zte_massejct.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-13 21:56 - 2013-11-13 21:56 - 00002208 _____ C:\Users\Miranda\Desktop\JRT.txt
2013-11-13 21:50 - 2013-11-13 21:50 - 00000000 ____D C:\Windows\ERUNT
2013-11-13 21:41 - 2013-11-13 21:41 - 00024823 _____ C:\Users\Miranda\Desktop\AdwCleaner[S0].txt
2013-11-13 21:23 - 2013-11-13 21:36 - 00000000 ____D C:\AdwCleaner
2013-11-12 20:33 - 2013-11-12 20:33 - 00001027 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-12 20:32 - 2013-11-12 20:33 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-11-12 20:32 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-12 20:30 - 2013-11-12 20:30 - 01034531 _____ (Thisisu) C:\Users\Miranda\Desktop\JRT.exe
2013-11-12 20:29 - 2013-11-12 22:47 - 00001807 _____ C:\Users\Miranda\Desktop\Anleitung.txt
2013-11-12 20:28 - 2013-11-12 20:29 - 01085542 _____ C:\Users\Miranda\Desktop\adwcleaner.exe
2013-11-12 20:25 - 2013-11-12 20:25 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Miranda\Desktop\mbam-setup-1.75.0.1300.exe
2013-11-11 19:58 - 2013-11-13 21:48 - 00000000 ____D C:\Program Files\Sophos
2013-11-11 19:48 - 2013-11-11 19:48 - 00018612 _____ C:\Users\Miranda\Desktop\ComboFix.txt
2013-11-11 19:23 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-11-11 19:14 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-11-11 19:14 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-11-11 19:14 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-11-11 19:14 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-11-11 19:14 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-11-11 19:14 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-11-11 19:14 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-11-11 19:11 - 2013-11-11 19:48 - 00000000 ____D C:\Qoobox
2013-11-11 19:10 - 2013-11-11 19:45 - 00000000 ____D C:\Windows\erdnt
2013-11-11 18:57 - 2013-11-11 18:58 - 05145576 ____R (Swearware) C:\Users\Miranda\Desktop\ComboFix.exe
2013-11-10 21:41 - 2013-11-10 21:41 - 00010400 _____ C:\Users\Miranda\Desktop\Gmer.log
2013-11-10 20:33 - 2013-11-10 20:33 - 00059647 _____ C:\Users\Miranda\Desktop\Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten  - Trojaner-Board.htm
2013-11-10 20:33 - 2013-11-10 20:33 - 00000000 ____D C:\Users\Miranda\Desktop\Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten  - Trojaner-Board_files
2013-11-10 20:31 - 2013-11-10 20:32 - 00377856 _____ C:\Users\Miranda\Desktop\gmer_2.1.19163.exe
2013-11-10 20:23 - 2013-11-13 21:47 - 00000000 ____D C:\ProgramData\Sophos
2013-11-10 20:03 - 2013-11-10 20:08 - 104051208 _____ C:\Users\Miranda\Downloads\SophosAV.exe
2013-11-10 19:54 - 2013-11-10 19:55 - 00017690 _____ C:\Users\Miranda\Desktop\Addition1.txt
2013-11-10 19:49 - 2013-11-10 19:49 - 00000000 ____D C:\FRST
2013-11-10 19:47 - 2013-11-10 19:47 - 01090275 _____ (Farbar) C:\Users\Miranda\Desktop\FRST.exe
2013-11-10 19:44 - 2013-11-10 19:45 - 00000476 _____ C:\Users\Miranda\Desktop\defogger_disable.log
2013-11-10 19:44 - 2013-11-10 19:44 - 00000000 _____ C:\Users\Miranda\defogger_reenable
2013-11-10 19:42 - 2013-11-10 19:42 - 00050477 _____ C:\Users\Miranda\Desktop\Defogger.exe
2013-11-10 19:40 - 2013-11-10 19:40 - 00000000 ____D C:\Program Files\IDT
2013-11-10 19:40 - 2010-06-09 10:06 - 00527872 ____N (IDT, Inc.) C:\Windows\system32\stapi32.dll
2013-11-10 19:39 - 2010-06-09 10:06 - 12648540 _____ (IDT, Inc.) C:\Windows\system32\idtcpl.cpl
2013-11-10 19:39 - 2010-06-09 10:06 - 03473408 _____ (IDT, Inc.) C:\Windows\system32\stlang.dll
2013-11-10 19:39 - 2010-06-09 10:06 - 00536576 _____ (IDT, Inc.) C:\Windows\system32\idtmini1.exe
2013-11-10 19:39 - 2010-06-09 10:06 - 00495708 _____ (IDT, Inc.) C:\Windows\sttray.exe
2013-11-10 19:39 - 2010-04-01 23:06 - 00139776 _____ (Andrea Electronics Corporation) C:\Windows\system32\aestacap.dll
2013-11-10 19:39 - 2009-10-10 09:45 - 00380928 _____ (Andrea Electronics Corporation) C:\Windows\system32\aestecap.dll
2013-11-10 19:39 - 2009-03-03 10:57 - 00061440 _____ (Andrea Electronics Corporation) C:\Windows\system32\aestaren.dll
2013-11-10 19:39 - 2009-03-03 10:47 - 00086016 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTCom.dll
2013-11-04 10:55 - 2013-11-04 10:55 - 00000000 ____D C:\ProgramData\McAfee
2013-11-04 10:54 - 2013-11-13 21:38 - 00000838 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-02 21:31 - 2013-11-03 08:17 - 00000000 ____D C:\Users\Miranda\Desktop\Nueva carpeta
2013-11-02 17:28 - 2013-11-02 17:28 - 00000000 ____D C:\Users\Miranda\AppData\Local\avgchrome
2013-10-30 08:09 - 2013-10-30 08:09 - 00001809 _____ C:\Users\Miranda\Desktop\The Official Guide for GMAT Review, 13th Edition - Acceso directo.lnk
2013-10-30 08:03 - 2013-10-30 08:03 - 50053120 _____ C:\Program Files\GUTA8B.tmp
2013-10-30 08:03 - 2013-10-30 08:03 - 00000000 ____D C:\Program Files\GUMA8A.tmp

==================== One Month Modified Files and Folders =======

2013-11-13 21:56 - 2013-11-13 21:56 - 00002208 _____ C:\Users\Miranda\Desktop\JRT.txt
2013-11-13 21:56 - 2009-07-14 05:34 - 00014128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-13 21:56 - 2009-07-14 05:34 - 00014128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-13 21:50 - 2013-11-13 21:50 - 00000000 ____D C:\Windows\ERUNT
2013-11-13 21:48 - 2013-11-11 19:58 - 00000000 ____D C:\Program Files\Sophos
2013-11-13 21:48 - 2013-07-10 21:59 - 00096138 _____ C:\Windows\PFRO.log
2013-11-13 21:48 - 2013-07-10 21:59 - 00011789 _____ C:\Windows\setupact.log
2013-11-13 21:48 - 2012-11-07 11:15 - 00001086 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-13 21:48 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-13 21:47 - 2013-11-10 20:23 - 00000000 ____D C:\ProgramData\Sophos
2013-11-13 21:47 - 2010-09-23 20:43 - 01991770 _____ C:\Windows\WindowsUpdate.log
2013-11-13 21:41 - 2013-11-13 21:41 - 00024823 _____ C:\Users\Miranda\Desktop\AdwCleaner[S0].txt
2013-11-13 21:38 - 2013-11-04 10:54 - 00000838 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-13 21:36 - 2013-11-13 21:23 - 00000000 ____D C:\AdwCleaner
2013-11-13 21:36 - 2012-09-26 21:42 - 00001090 _____ C:\Users\Miranda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-13 16:01 - 2013-09-05 15:10 - 00001118 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4234750219-565304826-628335460-1000UA.job
2013-11-13 15:39 - 2012-11-07 11:16 - 00001090 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-13 08:22 - 2009-07-14 05:52 - 00000000 ____D C:\Windows\addins
2013-11-13 08:01 - 2013-09-05 15:10 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4234750219-565304826-628335460-1000Core.job
2013-11-12 22:47 - 2013-11-12 20:29 - 00001807 _____ C:\Users\Miranda\Desktop\Anleitung.txt
2013-11-12 20:33 - 2013-11-12 20:33 - 00001027 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-12 20:33 - 2013-11-12 20:32 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-11-12 20:30 - 2013-11-12 20:30 - 01034531 _____ (Thisisu) C:\Users\Miranda\Desktop\JRT.exe
2013-11-12 20:29 - 2013-11-12 20:28 - 01085542 _____ C:\Users\Miranda\Desktop\adwcleaner.exe
2013-11-12 20:25 - 2013-11-12 20:25 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Miranda\Desktop\mbam-setup-1.75.0.1300.exe
2013-11-12 13:23 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2013-11-12 08:53 - 2012-11-22 21:31 - 00000000 ____D C:\Users\Miranda\AppData\Local\CrashDumps
2013-11-11 19:48 - 2013-11-11 19:48 - 00018612 _____ C:\Users\Miranda\Desktop\ComboFix.txt
2013-11-11 19:48 - 2013-11-11 19:11 - 00000000 ____D C:\Qoobox
2013-11-11 19:48 - 2009-07-14 03:37 - 00000000 ___RD C:\Users\Public
2013-11-11 19:45 - 2013-11-11 19:10 - 00000000 ____D C:\Windows\erdnt
2013-11-11 19:43 - 2009-07-14 03:04 - 00000215 _____ C:\Windows\system.ini
2013-11-11 19:42 - 2009-07-14 03:03 - 47185920 _____ C:\Windows\system32\config\SOFTWARE.bak
2013-11-11 19:42 - 2009-07-14 03:03 - 15466496 _____ C:\Windows\system32\config\SYSTEM.bak
2013-11-11 19:42 - 2009-07-14 03:03 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2013-11-11 19:42 - 2009-07-14 03:03 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2013-11-11 19:42 - 2009-07-14 03:03 - 00262144 _____ C:\Windows\system32\config\DEFAULT.bak
2013-11-11 18:58 - 2013-11-11 18:57 - 05145576 ____R (Swearware) C:\Users\Miranda\Desktop\ComboFix.exe
2013-11-10 22:17 - 2012-11-06 20:56 - 00000000 ____D C:\Users\Miranda\AppData\Roaming\Mozilla
2013-11-10 21:41 - 2013-11-10 21:41 - 00010400 _____ C:\Users\Miranda\Desktop\Gmer.log
2013-11-10 20:33 - 2013-11-10 20:33 - 00059647 _____ C:\Users\Miranda\Desktop\Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten  - Trojaner-Board.htm
2013-11-10 20:33 - 2013-11-10 20:33 - 00000000 ____D C:\Users\Miranda\Desktop\Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten  - Trojaner-Board_files
2013-11-10 20:32 - 2013-11-10 20:31 - 00377856 _____ C:\Users\Miranda\Desktop\gmer_2.1.19163.exe
2013-11-10 20:08 - 2013-11-10 20:03 - 104051208 _____ C:\Users\Miranda\Downloads\SophosAV.exe
2013-11-10 19:55 - 2013-11-10 19:54 - 00017690 _____ C:\Users\Miranda\Desktop\Addition1.txt
2013-11-10 19:49 - 2013-11-10 19:49 - 00000000 ____D C:\FRST
2013-11-10 19:47 - 2013-11-10 19:47 - 01090275 _____ (Farbar) C:\Users\Miranda\Desktop\FRST.exe
2013-11-10 19:45 - 2013-11-10 19:44 - 00000476 _____ C:\Users\Miranda\Desktop\defogger_disable.log
2013-11-10 19:44 - 2013-11-10 19:44 - 00000000 _____ C:\Users\Miranda\defogger_reenable
2013-11-10 19:44 - 2012-09-26 21:36 - 00000000 ____D C:\Users\Miranda
2013-11-10 19:42 - 2013-11-10 19:42 - 00050477 _____ C:\Users\Miranda\Desktop\Defogger.exe
2013-11-10 19:40 - 2013-11-10 19:40 - 00000000 ____D C:\Program Files\IDT
2013-11-10 19:30 - 2009-07-14 05:33 - 00417288 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-10 19:29 - 2010-07-28 14:00 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-11-10 19:29 - 2010-07-28 13:58 - 00000000 ____D C:\Program Files\Hewlett-Packard
2013-11-10 19:24 - 2010-09-23 21:13 - 00000000 ____D C:\ProgramData\WildTangent
2013-11-10 19:24 - 2010-09-23 21:13 - 00000000 ____D C:\Program Files\HP Games
2013-11-10 19:21 - 2010-09-23 21:10 - 00000000 ____D C:\Program Files\Downloaded Installations
2013-11-10 19:11 - 2012-11-07 18:00 - 00000000 ____D C:\Program Files\Defraggler
2013-11-10 19:09 - 2012-12-06 16:56 - 00000000 ____D C:\Program Files\DsNET Corp
2013-11-10 18:58 - 2010-07-28 15:57 - 00000000 ____D C:\ProgramData\CyberLink
2013-11-10 18:26 - 2012-12-06 19:56 - 00000000 ____D C:\Windows\pss
2013-11-10 18:15 - 2012-12-05 20:24 - 00000000 ____D C:\Users\Miranda\AppData\Roaming\Skype
2013-11-10 18:04 - 2012-11-06 20:55 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-10 13:12 - 2013-05-29 11:31 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-10 13:12 - 2012-11-06 20:56 - 00000000 ____D C:\Users\Miranda\AppData\Local\Mozilla
2013-11-09 14:15 - 2012-09-27 19:59 - 00000000 ____D C:\Users\Miranda\AppData\Roaming\ZumoDrive
2013-11-09 11:57 - 2012-11-13 17:33 - 00000052 _____ C:\Windows\system32\DOErrors.log
2013-11-09 11:56 - 2013-03-07 16:33 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-11-04 19:32 - 2012-11-06 18:16 - 00000000 ____D C:\Users\Miranda\AppData\Local\Microsoft Help
2013-11-04 11:40 - 2012-11-07 11:27 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-11-04 10:57 - 2012-11-19 15:53 - 00000000 ____D C:\Users\Miranda\AppData\Local\Adobe
2013-11-04 10:55 - 2013-11-04 10:55 - 00000000 ____D C:\ProgramData\McAfee
2013-11-03 09:59 - 2009-09-07 00:02 - 01555646 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-03 08:17 - 2013-11-02 21:31 - 00000000 ____D C:\Users\Miranda\Desktop\Nueva carpeta
2013-11-02 17:28 - 2013-11-02 17:28 - 00000000 ____D C:\Users\Miranda\AppData\Local\avgchrome
2013-10-30 08:09 - 2013-10-30 08:09 - 00001809 _____ C:\Users\Miranda\Desktop\The Official Guide for GMAT Review, 13th Edition - Acceso directo.lnk
2013-10-30 08:03 - 2013-10-30 08:03 - 50053120 _____ C:\Program Files\GUTA8B.tmp
2013-10-30 08:03 - 2013-10-30 08:03 - 00000000 ____D C:\Program Files\GUMA8A.tmp

Some content of TEMP:
====================
C:\Users\Miranda\AppData\Local\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-12 23:55

==================== End Of Log ============================
         

--- --- ---

ESET Online Scanner

• Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
• Lade und starte Eset Online Scanner
• Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
• Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
• Klicke auf Starten.
• Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
• Klicke am Ende des Suchlaufs auf Fertig stellen.
• Schließe das Fenster von ESET.
• Explorer öffnen.
• C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
• Logfile hier posten.
• Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
• Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte SecurityCheck und:

• Speichere es auf dem Desktop.
• Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
• Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?