| |
| |||||||
Log-Analyse und Auswertung: Bildschirm bleibt schwarz nach hochfahrenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
07.03.2014, 09:34
| #1 |
 |  Bildschirm bleibt schwarz nach hochfahren Hi, mein Bildschirm bleibt seit gestern schwarz nach den Hochfahren.Habe ein HP G62 Notebook. Er überhitzt auch total schnell, wenn er normal auf dem Schreibtisch steht. Habe schon den Akku herausgenommen und das Kabel gezogen und 15 Minuten gewartet (Tip aus dem Netz). Hat leider gar nichts gebracht. Im abgesicherten Modus fährt er hoch und der Bildschirm ist hell, aber es nervt in diesem Modus zu arbeiten  Bitte helft mir  Danke. Oh, noch was, ich habe nicht viel Ahnung also Erklärungen bitte für Dummies..  Danke |
|
07.03.2014, 09:53
| #2 |
| /// the machine /// TB-Ausbilder    | Bildschirm bleibt schwarz nach hochfahren hi,
__________________aus dem abgesicherten Modus: Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
07.03.2014, 10:11
| #3 |
| | Bildschirm bleibt schwarz nach hochfahren Hi, hoffe mit copy paste ist es ok?FRST Additions Logfile:
__________________Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-03-2014
Ran by usuaria at 2014-03-07 10:01:47
Running from C:\Users\usuaria\Downloads
Boot Mode: Safe Mode (with Networking)
==========================================================
==================== Security Center ========================
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\{9ECF7817-DB11-4FBA-9DF1-296A578D513A}) (Version: 11.5.7.609 - Adobe Systems, Inc)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.95 - WildTangent) Hidden
AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
ATI Catalyst Install Manager (HKLM\...\{1795BAA8-65EC-66D0-9DA4-D4B1FBE7700E}) (Version: 3.0.778.0 - ATI Technologies, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.338 - Avira)
Barra Yahoo! (HKLM-x32\...\Yahoo! Companion) (Version: - )
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.350.6 - Broadcom Corporation)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0621.2137.36973 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0621.2137.36973 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0621.2137.36973 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0621.2137.36973 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help English (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help French (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help German (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0621.2137.36973 - Nombre de su organización) Hidden
ccc-utility64 (Version: 2010.0621.2137.36973 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.27 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3003 - CyberLink Corp.)
CyberLink DVD Suite (x32 Version: 7.0.3003 - CyberLink Corp.) Hidden
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.1.4217 - CyberLink Corp.)
CyberLink PowerDVD 9 (x32 Version: 9.0.1.4217 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2511 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.0.2511 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hacer clic y ejecutar de Microsoft Office 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Hacer clic y ejecutar de Microsoft Office 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.4 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet 3050A J611 series Ayuda (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Deskjet 3050A J611 series Estudio para la mejora del producto (HKLM\...\{6C20FCC8-E40D-4011-AAAD-B00DCF0BAA98}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Software básico del dispositivo (HKLM\...\{143259FE-9C5D-4AA0-BC95-AADB5E8C49D7}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Documentation (HKLM-x32\...\{B360E24A-BF25-4353-AA79-1B54F509024A}) (Version: 1.0.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.3 - WildTangent)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Power Manager (HKLM-x32\...\{D8BCE5B9-67CF-4F3F-93AE-3ACC754C72EB}) (Version: 1.4.7 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{00A42832-B21A-4296-B5F4-D296D0BC4A3E}) (Version: 2.6.3 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Software Framework (HKLM-x32\...\{824A35FE-EAB8-48E5-89EC-94D7D730C5FB}) (Version: 3.5.23.1 - Hewlett-Packard Company)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{60B72AB8-52E9-4D34-99A9-BC7377EB35DE}) (Version: 4.0.9.0 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Insaniquarium Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
Java 7 Update 15 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417015FF}) (Version: 7.0.150 - Oracle)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Jewel Quest II (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
jZip (HKLM-x32\...\jZip) (Version: - Bandoo Media Inc.) <==== ATTENTION
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2907 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2907 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}) (Version: 1.18.15.1 - LightScribe)
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: - EasyBits Software AS)
Malwarebytes Anti-Malware Version 1.70.0.1100 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.70.0.1100 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile ESN Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Español (HKLM-x32\...\{90140011-0066-0C0A-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Small Basic v1.0 (HKLM-x32\...\{7AAA27E4-CDB3-49C0-AA2D-41827C001BA3}) (Version: 1.0.0.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 18.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 18.0 (x86 de)) (Version: 18.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 18.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenOffice.org 3.2 (HKLM-x32\...\{76896231-3040-4D77-B0D4-87D2256AC0CB}) (Version: 3.2.9483 - OpenOffice.org)
Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN (HKLM\...\Microsoft .NET Framework 4 Client Profile ESN Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
PDF Creator (HKLM\...\PDF Creator) (Version: - )
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.210.0 - Tracker Software Products Ltd)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4204 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4204 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3003 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.3003 - CyberLink Corp.) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qtrax Player (HKCU\...\3426712600.portal.qtrax.com) (Version: - portal.qtrax.com)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30105 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.3023 - CyberLink Corp.) Hidden
RtVOsd (HKLM\...\{091A0130-A82F-4A6D-9C61-3BBBB3289030}) (Version: 1.0.6 - Realtek Semiconductor Corp.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.0.14735.1561 - Microsoft Corporation)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
Visor de Microsoft PowerPoint (HKLM-x32\...\{95140000-00AF-0C0A-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App (HP Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.10.20 - WildTangent)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{914DD274-9C5D-44CA-9AC7-12B8D2D4DA08}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Yahoo! BrowserPlus 2.9.8 (HKCU\...\Yahoo! BrowserPlus) (Version: - Yahoo! Inc.)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
==================== Restore Points =========================
==================== Hosts content: ==========================
2009-07-14 03:34 - 2013-02-14 16:19 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {02AC9520-FC0E-463D-BEDD-231017F84D96} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {0356D953-590B-4031-98C3-B7B82A284509} - System32\Tasks\HPCeeScheduleForUSUARIA-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard)
Task: {06E1E6C2-0F23-40B4-86EC-28F42766FEAD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {12DC5C2F-D0E3-4B40-A10C-22EF3F759C41} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-11-22] (Hewlett-Packard)
Task: {2E06F63E-49A3-4C15-92C8-70B0E5BF4E67} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-09] (Google Inc.)
Task: {4D3E5CDC-E988-4AE8-AC47-1C7E55F87854} - System32\Tasks\HPCustParticipation HP Deskjet 3050A J611 series => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {533D4F5C-484F-4F98-BD45-BDECB2F43195} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {5E1B658C-7123-4633-BAFA-7DB4131C9FFE} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2051178920-43645615-1976691682-1000Core => C:\Users\usuaria\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-10] (Facebook Inc.)
Task: {6F1A1CA9-45FB-49E4-AF54-78A2615565D9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21] (Adobe Systems Incorporated)
Task: {890A227D-F093-47CD-AF76-45A244FF5C37} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN3781FMYV => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-11-22] (Hewlett-Packard)
Task: {9756FC36-9A3B-4BA9-9DAF-D88D2C870AC2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-01-23] (Piriform Ltd)
Task: {9E81AA51-D577-4DDA-8D01-357975E45DD0} - System32\Tasks\HPCeeScheduleForusuaria => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard)
Task: {A4D2C83E-52CD-46FC-B86D-380481EB2E29} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-09] (Google Inc.)
Task: {D8FB81F2-9AD3-4B3F-9587-738A8BFAE797} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
Task: {EE1CE260-F3AC-420E-BE29-5FBAAEB03796} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2014-02-25] (Microsoft)
Task: {F51F127B-1643-43AA-A441-262333BE1EA5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2051178920-43645615-1976691682-1000UA => C:\Users\usuaria\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-10] (Facebook Inc.)
Task: {F6911182-A219-4F65-9168-334FFBD15FC6} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2051178920-43645615-1976691682-1000Core.job => C:\Users\usuaria\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2051178920-43645615-1976691682-1000UA.job => C:\Users\usuaria\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForUSUARIA-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForusuaria.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Loaded Modules (whitelisted) =============
2014-03-06 15:11 - 2014-03-02 03:35 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\chrome_elf.dll
2014-03-06 15:11 - 2014-03-02 03:35 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\pdf.dll
2014-03-06 15:11 - 2014-03-02 03:35 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll
2014-03-06 15:11 - 2014-03-02 03:35 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ffmpegsumo.dll
2014-03-06 15:11 - 2014-03-02 03:35 - 13632840 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\usuaria\Downloads\Adiós a un gran amor.eml:OECustomProperty
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^usuaria^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk => C:\Windows\pss\OpenOffice.org 3.2.lnk.Startup
MSCONFIG\startupreg: Easybits Recovery => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: HP Quick Launch => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: HPWirelessAssistant => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: PCSpeedUp => C:\Program Files (x86)\Acelerar el PC\PCSUNotifier.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
==================== Faulty Device Manager Devices =============
Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Deskjet 3050A J611 series
Description: Deskjet 3050A J611 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/07/2014 09:43:27 AM) (Source: ATIeRecord) (User: )
Description: ATI EEU Client event error
Error: (03/07/2014 09:15:38 AM) (Source: ATIeRecord) (User: )
Description: ATI EEU Client event error
Error: (03/07/2014 09:09:26 AM) (Source: CVHSVC) (User: )
Description: Solo información.
No se puede completar la acción. Vuelva a intentarlo. Si el problema persiste, póngase en contacto con el servicio de soporte técnico de Microsoft.
Error: (03/07/2014 09:09:06 AM) (Source: ATIeRecord) (User: )
Description: ATI EEU Client event error
Error: (03/06/2014 11:04:22 PM) (Source: CVHSVC) (User: )
Description: Solo información.
(Stream product id=0x0066): Streaming Failed
Error: (03/06/2014 11:03:52 PM) (Source: CVHSVC) (User: )
Description: Solo información.
Too many failures while downloading ranges: 2
Error: (03/06/2014 11:02:15 PM) (Source: ATIeRecord) (User: )
Description: ATI EEU Client event error
Error: (03/06/2014 07:09:29 PM) (Source: SideBySide) (User: )
Description: Error al generar el contexto de activación para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Error en el archivo de manifiesto o directiva "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" en la línea C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Error: (03/06/2014 07:09:16 PM) (Source: SideBySide) (User: )
Description: Error al generar el contexto de activación para "assemblyIdentity1". Error en el archivo de manifiesto o directiva "assemblyIdentity2" en la línea assemblyIdentity3.
El valor "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" del atributo "version" del elemento "assemblyIdentity" no es válido.
Error: (03/06/2014 06:58:47 PM) (Source: CVHSVC) (User: )
Description: Solo información.
(Patch task for {90140011-0066-0C0A-0000-0000000FF1CE}): DownloadLatest Failed: No hay ninguna conexión de red activa en este momento. El Servicio de transferencia inteligente en segundo plano (BITS) lo intentará de nuevo cuando se conecte un adaptador.
System errors:
=============
Error: (03/07/2014 10:00:36 AM) (Source: Service Control Manager) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error:
%%1068
Error: (03/07/2014 10:00:36 AM) (Source: Service Control Manager) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error:
%%1068
Error: (03/07/2014 10:00:36 AM) (Source: Service Control Manager) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error:
%%1068
Error: (03/07/2014 09:55:36 AM) (Source: Service Control Manager) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error:
%%1068
Error: (03/07/2014 09:55:36 AM) (Source: Service Control Manager) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error:
%%1068
Error: (03/07/2014 09:55:36 AM) (Source: Service Control Manager) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error:
%%1068
Error: (03/07/2014 09:53:28 AM) (Source: Service Control Manager) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error:
%%1068
Error: (03/07/2014 09:53:28 AM) (Source: Service Control Manager) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error:
%%1068
Error: (03/07/2014 09:53:28 AM) (Source: Service Control Manager) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error:
%%1068
Error: (03/07/2014 09:53:18 AM) (Source: Service Control Manager) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error:
%%1068
Microsoft Office Sessions:
=========================
Error: (03/07/2014 09:43:27 AM) (Source: ATIeRecord)(User: )
Description:
Error: (03/07/2014 09:15:38 AM) (Source: ATIeRecord)(User: )
Description:
Error: (03/07/2014 09:09:26 AM) (Source: CVHSVC)(User: )
Description: No se puede completar la acción. Vuelva a intentarlo. Si el problema persiste, póngase en contacto con el servicio de soporte técnico de Microsoft.
Error: (03/07/2014 09:09:06 AM) (Source: ATIeRecord)(User: )
Description:
Error: (03/06/2014 11:04:22 PM) (Source: CVHSVC)(User: )
Description: (Stream product id=0x0066): Streaming Failed
Error: (03/06/2014 11:03:52 PM) (Source: CVHSVC)(User: )
Description: Too many failures while downloading ranges: 2
Error: (03/06/2014 11:02:15 PM) (Source: ATIeRecord)(User: )
Description:
Error: (03/06/2014 07:09:29 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
Error: (03/06/2014 07:09:16 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3
Error: (03/06/2014 06:58:47 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0C0A-0000-0000000FF1CE}): DownloadLatest Failed: No hay ninguna conexión de red activa en este momento. El Servicio de transferencia inteligente en segundo plano (BITS) lo intentará de nuevo cuando se conecte un adaptador.
==================== Memory info ===========================
Percentage of memory in use: 21%
Total physical RAM: 3893.86 MB
Available physical RAM: 3056.06 MB
Total Pagefile: 4967.62 MB
Available Pagefile: 4190.3 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:281.05 GB) (Free:0.51 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:16.74 GB) (Free:1 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 9739692A)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=281 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=17 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
==================== End Of Log ============================
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-03-2014
Ran by usuaria (administrator) on USUARIA-HP on 07-03-2014 10:00:50
Running from C:\Users\usuaria\Downloads
Windows 7 Home Premium (X64) OS Language: Spanish Modern Sort
Internet Explorer Version 8
Boot Mode: Safe Mode (with Networking)
==================== Processes (Whitelisted) =================
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6486120 2013-05-26] (Realtek Semiconductor)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [577408 2012-02-15] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-02-25] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2051178920-43645615-1976691682-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2051178920-43645615-1976691682-1000\...\Run: [Facebook Update] - C:\Users\usuaria\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-04-10] (Facebook Inc.)
HKU\S-1-5-21-2051178920-43645615-1976691682-1000\...\Run: [Messenger (Yahoo!)] - C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-2051178920-43645615-1976691682-1000\...\Run: [HP Deskjet 3050A J611 series (NET)] - C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-search.com/?affID=119828&tt=190313_wo1&babsrc=HP_ss&mntrId=0A94AC81122D9BFD
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON/10
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON/10
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON/10
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {60F87348-86E5-451B-9BF5-827962FDC2AA} URL = hxxp://es.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM - {E3848119-4DC7-48D3-9206-9CB0B3FC721B} URL = hxxp://es.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {60F87348-86E5-451B-9BF5-827962FDC2AA} URL = hxxp://es.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 - {E3848119-4DC7-48D3-9206-9CB0B3FC721B} URL = hxxp://es.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&affID=119828&tt=190313_wo1&babsrc=SP_ss&mntrId=0A94AC81122D9BFD
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&affID=119828&tt=190313_wo1&babsrc=SP_ss&mntrId=0A94AC81122D9BFD
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {60F87348-86E5-451B-9BF5-827962FDC2AA} URL = hxxp://es.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - {E3848119-4DC7-48D3-9206-9CB0B3FC721B} URL = hxxp://es.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKCU - {F61419D5-D060-49ED-80E4-2DBECF4F5941} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=crm&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYES&apn_uid=1601AC53-9BA2-4C27-83B8-26CB7F9DAF94&apn_sauid=BEE13FE5-DF16-435B-94AE-43312CDE147E
BHO: No Name - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Aplicación auxiliar de inicio de sesión de Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Barra Yahoo! - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2010-07-17] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\usuaria\AppData\Roaming\Mozilla\Firefox\Profiles\mmvl8w6m.default-1358496739434
FF user.js: detected! => C:\Users\usuaria\AppData\Roaming\Mozilla\Firefox\Profiles\mmvl8w6m.default-1358496739434\user.js
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Ask.com
FF Homepage: hxxp://www.delta-search.com/?affID=119828&tt=190313_wo1&babsrc=HP_ss&mntrId=0A94AC81122D9BFD
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.15.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.15.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\usuaria\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @yahoo.com/BrowserPlus,version=2.9.8 - C:\Users\usuaria\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Users\usuaria\AppData\Roaming\Mozilla\Firefox\Profiles\mmvl8w6m.default-1358496739434\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\usuaria\AppData\Roaming\Mozilla\Firefox\Profiles\mmvl8w6m.default-1358496739434\searchplugins\delta.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: Yahoo! Toolbar - C:\Users\usuaria\AppData\Roaming\Mozilla\Firefox\Profiles\mmvl8w6m.default-1358496739434\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2013-11-16]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-01-03]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-12-16]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-12-16]
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR Plugin: (Shockwave Flash) - C:\Users\usuaria\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.139\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\pdf.dll ()
CHR Plugin: (Skype Click to Call) - C:\Users\usuaria\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U39) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (BrowserPlus (from Yahoo!) v2.9.8) - C:\Users\usuaria\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.390.4) - C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Extension: (Skype Click to Call) - C:\Users\usuaria\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-02-11]
CHR Extension: (Google Wallet) - C:\Users\usuaria\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-01-03]
==================== Services (Whitelisted) =================
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
S2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363616 2014-01-03] (Microsoft Corporation)
S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748640 2014-01-03] (Microsoft Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [398184 2012-12-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [682344 2012-12-14] (Malwarebytes Corporation)
==================== Drivers (Whitelisted) ====================
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24176 2012-12-14] (Malwarebytes Corporation)
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-23] (Realtek Semiconductor Corp.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-07 10:00 - 2014-03-07 10:01 - 00018404 _____ () C:\Users\usuaria\Downloads\FRST.txt
2014-03-07 10:00 - 2014-03-07 10:00 - 02156544 _____ (Farbar) C:\Users\usuaria\Downloads\FRST64.exe
2014-03-07 10:00 - 2014-03-07 10:00 - 00000000 ____D () C:\FRST
2014-03-07 09:45 - 2014-03-07 09:45 - 00000000 ____D () C:\Users\test\AppData\Roaming\Windows Live Writer
2014-03-07 09:45 - 2014-03-07 09:45 - 00000000 ____D () C:\Users\test\AppData\Local\Windows Live Writer
2014-03-07 09:45 - 2014-03-07 09:45 - 00000000 ____D () C:\Users\test\AppData\Local\Cyberlink
2014-03-07 09:45 - 2014-03-07 09:45 - 00000000 ____D () C:\Users\test\AppData\Local\{81E2B03F-4A6A-42AD-92F3-0DD1159A5398}
2014-03-07 09:44 - 2014-03-07 09:45 - 00000000 ____D () C:\Users\test\AppData\Roaming\CyberLink
2014-03-07 09:44 - 2014-03-07 09:44 - 00000000 ____D () C:\Users\test\Documents\CyberLink
2014-03-06 18:55 - 2014-03-06 18:55 - 00000000 ____D () C:\Users\test\AppData\Roaming\HpUpdate
2014-03-06 18:11 - 2014-03-06 18:11 - 00000941 _____ () C:\Windows\SysWOW64\InstallUtil.InstallLog
2014-03-06 15:38 - 2014-03-06 15:38 - 00362840 _____ () C:\Windows\Minidump\030614-64350-01.dmp
2014-03-06 15:35 - 2014-03-06 15:35 - 00000000 ____D () C:\Users\test\AppData\Local\Skype
2014-03-06 15:30 - 2014-03-06 15:30 - 00339784 _____ () C:\Windows\Minidump\030614-22261-01.dmp
2014-03-06 15:29 - 2014-03-06 15:37 - 301894593 ____N () C:\Windows\MEMORY.DMP
2014-03-06 15:29 - 2014-03-06 15:32 - 00369075 ____N () C:\Windows\Minidump\030614-18049-01.dmp
2014-03-06 15:29 - 2014-03-06 15:31 - 00369075 ____N () C:\Windows\Minidump\030614-16879-01.dmp
2014-03-01 16:54 - 2014-03-01 16:54 - 00000000 ____D () C:\Users\usuaria\AppData\Local\{54337F79-013D-47F3-898A-AA2FC0517E44}
2014-02-25 02:21 - 2014-02-25 02:22 - 00000000 ____D () C:\Users\usuaria\AppData\Local\{0CC415D3-E879-410F-A82B-98CFB13C8826}
2014-02-24 18:56 - 2014-02-24 18:56 - 00000000 ____D () C:\Users\usuaria\AppData\Local\{F2AB60D1-CB39-4FAD-A4E0-9941021692AB}
2014-02-16 18:14 - 2014-02-16 18:14 - 00002177 _____ () C:\Users\usuaria\Desktop\HP Support Assistant.lnk
2014-02-16 18:05 - 2014-02-16 18:05 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-02-09 14:28 - 2014-02-09 14:28 - 00000000 ____D () C:\Users\usuaria\AppData\Local\{53A40D8C-0C7A-47B0-A39F-11522574CA49}
==================== One Month Modified Files and Folders =======
2014-03-07 10:01 - 2014-03-07 10:00 - 00018404 _____ () C:\Users\usuaria\Downloads\FRST.txt
2014-03-07 10:00 - 2014-03-07 10:00 - 02156544 _____ (Farbar) C:\Users\usuaria\Downloads\FRST64.exe
2014-03-07 10:00 - 2014-03-07 10:00 - 00000000 ____D () C:\FRST
2014-03-07 09:45 - 2014-03-07 09:45 - 00000000 ____D () C:\Users\test\AppData\Roaming\Windows Live Writer
2014-03-07 09:45 - 2014-03-07 09:45 - 00000000 ____D () C:\Users\test\AppData\Local\Windows Live Writer
2014-03-07 09:45 - 2014-03-07 09:45 - 00000000 ____D () C:\Users\test\AppData\Local\Cyberlink
2014-03-07 09:45 - 2014-03-07 09:45 - 00000000 ____D () C:\Users\test\AppData\Local\{81E2B03F-4A6A-42AD-92F3-0DD1159A5398}
2014-03-07 09:45 - 2014-03-07 09:44 - 00000000 ____D () C:\Users\test\AppData\Roaming\CyberLink
2014-03-07 09:44 - 2014-03-07 09:44 - 00000000 ____D () C:\Users\test\Documents\CyberLink
2014-03-07 09:43 - 2013-03-30 18:57 - 00035341 _____ () C:\Windows\setupact.log
2014-03-07 09:43 - 2013-02-09 03:40 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-07 09:43 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-07 09:19 - 2011-01-03 15:50 - 01344317 _____ () C:\Windows\WindowsUpdate.log
2014-03-06 19:13 - 2013-04-10 00:08 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2051178920-43645615-1976691682-1000UA.job
2014-03-06 18:56 - 2009-07-14 05:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-06 18:56 - 2009-07-14 05:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-06 18:55 - 2014-03-06 18:55 - 00000000 ____D () C:\Users\test\AppData\Roaming\HpUpdate
2014-03-06 18:11 - 2014-03-06 18:11 - 00000941 _____ () C:\Windows\SysWOW64\InstallUtil.InstallLog
2014-03-06 17:20 - 2012-06-11 11:31 - 00000000 ____D () C:\Users\usuaria\Desktop\Sissys stuff
2014-03-06 17:15 - 2013-03-30 19:17 - 00000000 ____D () C:\Users\usuaria\Desktop\Fotos laptop sissy
2014-03-06 15:54 - 2013-01-30 01:15 - 00000000 ____D () C:\Users\usuaria\Desktop\virenbeseitigung
2014-03-06 15:47 - 2013-07-04 03:39 - 00000000 ____D () C:\Users\usuaria\Desktop\Skinny fiber
2014-03-06 15:38 - 2014-03-06 15:38 - 00362840 _____ () C:\Windows\Minidump\030614-64350-01.dmp
2014-03-06 15:38 - 2012-02-29 19:00 - 00000000 ____D () C:\Windows\Minidump
2014-03-06 15:37 - 2014-03-06 15:29 - 301894593 ____N () C:\Windows\MEMORY.DMP
2014-03-06 15:35 - 2014-03-06 15:35 - 00000000 ____D () C:\Users\test\AppData\Local\Skype
2014-03-06 15:35 - 2013-06-24 11:50 - 00000000 ____D () C:\Users\test\AppData\Roaming\Skype
2014-03-06 15:35 - 2012-06-29 12:03 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-06 15:35 - 2012-06-29 12:03 - 00000000 ____D () C:\ProgramData\Skype
2014-03-06 15:34 - 2013-02-09 03:40 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-06 15:32 - 2014-03-06 15:29 - 00369075 ____N () C:\Windows\Minidump\030614-18049-01.dmp
2014-03-06 15:31 - 2014-03-06 15:29 - 00369075 ____N () C:\Windows\Minidump\030614-16879-01.dmp
2014-03-06 15:30 - 2014-03-06 15:30 - 00339784 _____ () C:\Windows\Minidump\030614-22261-01.dmp
2014-03-06 15:27 - 2012-07-08 02:52 - 00000838 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-06 15:07 - 2012-06-29 12:03 - 00000000 ____D () C:\Users\usuaria\AppData\Roaming\Skype
2014-03-06 09:17 - 2013-01-13 02:47 - 00003994 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{12AEB229-F206-469F-BEDF-568CC887206D}
2014-03-06 03:03 - 2012-10-27 21:24 - 00003198 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForusuaria
2014-03-06 03:03 - 2012-10-27 21:24 - 00000340 _____ () C:\Windows\Tasks\HPCeeScheduleForusuaria.job
2014-03-06 01:13 - 2013-04-10 00:08 - 00000914 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2051178920-43645615-1976691682-1000Core.job
2014-03-03 23:39 - 2013-11-14 23:55 - 00669696 ___SH () C:\Users\usuaria\Desktop\Thumbs.db
2014-03-01 16:54 - 2014-03-01 16:54 - 00000000 ____D () C:\Users\usuaria\AppData\Local\{54337F79-013D-47F3-898A-AA2FC0517E44}
2014-03-01 16:54 - 2013-10-13 16:13 - 02018816 ___SH () C:\Users\usuaria\Downloads\Thumbs.db
2014-03-01 15:02 - 2011-12-22 22:41 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-03-01 15:02 - 2011-12-20 16:38 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-02-27 16:03 - 2012-01-13 23:09 - 00000000 ____D () C:\Users\usuaria\AppData\Roaming\HpUpdate
2014-02-25 02:22 - 2014-02-25 02:21 - 00000000 ____D () C:\Users\usuaria\AppData\Local\{0CC415D3-E879-410F-A82B-98CFB13C8826}
2014-02-25 02:22 - 2012-06-29 00:24 - 00000000 ____D () C:\Users\usuaria\AppData\Local\Windows Live
2014-02-24 18:56 - 2014-02-24 18:56 - 00000000 ____D () C:\Users\usuaria\AppData\Local\{F2AB60D1-CB39-4FAD-A4E0-9941021692AB}
2014-02-21 00:27 - 2012-07-08 02:52 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-21 00:27 - 2012-07-08 02:52 - 00003776 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-21 00:27 - 2011-12-07 15:27 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-19 03:31 - 2012-01-03 16:30 - 00000000 ____D () C:\Users\usuaria\AppData\Roaming\SoftGrid Client
2014-02-17 02:26 - 2013-07-24 03:58 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-17 02:22 - 2011-12-26 01:13 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-16 23:06 - 2012-02-29 21:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-16 18:14 - 2014-02-16 18:14 - 00002177 _____ () C:\Users\usuaria\Desktop\HP Support Assistant.lnk
2014-02-16 18:14 - 2010-07-17 16:58 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-16 18:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2014-02-16 18:07 - 2010-07-17 16:56 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-02-16 18:05 - 2014-02-16 18:05 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-02-16 18:04 - 2010-07-17 18:05 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-02-16 18:03 - 2009-09-07 01:40 - 00000000 ____D () C:\SwSetup
2014-02-16 17:29 - 2013-02-09 03:40 - 00004098 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-16 17:29 - 2013-02-09 03:40 - 00003846 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-16 17:28 - 2012-01-10 00:25 - 00003222 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForUSUARIA-HP$
2014-02-16 17:28 - 2012-01-10 00:25 - 00000346 _____ () C:\Windows\Tasks\HPCeeScheduleForUSUARIA-HP$.job
2014-02-15 11:32 - 2009-07-14 06:08 - 00032622 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-14 21:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-09 14:28 - 2014-02-09 14:28 - 00000000 ____D () C:\Users\usuaria\AppData\Local\{53A40D8C-0C7A-47B0-A39F-11522574CA49}
Some content of TEMP:
====================
C:\Users\test\AppData\Local\Temp\avgnt.exe
C:\Users\usuaria\AppData\Local\Temp\APNStub.exe
C:\Users\usuaria\AppData\Local\Temp\avgnt.exe
C:\Users\usuaria\AppData\Local\Temp\cyclon-assistant-20032013.exe
C:\Users\usuaria\AppData\Local\Temp\Extract.exe
C:\Users\usuaria\AppData\Local\Temp\FileSystemView.dll
C:\Users\usuaria\AppData\Local\Temp\i4jdel0.exe
C:\Users\usuaria\AppData\Local\Temp\SkypeSetup.exe
C:\Users\usuaria\AppData\Local\Temp\SP50701.exe
C:\Users\usuaria\AppData\Local\Temp\SP51865.exe
C:\Users\usuaria\AppData\Local\Temp\SP52264.exe
C:\Users\usuaria\AppData\Local\Temp\SP55430.exe
C:\Users\usuaria\AppData\Local\Temp\SP56215.exe
C:\Users\usuaria\AppData\Local\Temp\SP56221.exe
C:\Users\usuaria\AppData\Local\Temp\sp64126.exe
C:\Users\usuaria\AppData\Local\Temp\uninst1.exe
C:\Users\usuaria\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\usuaria\AppData\Local\Temp\vlc-2.1.2-win32.exe
C:\Users\usuaria\AppData\Local\Temp\{165C722D-2309-4658-A95B-494EE208F3A2}-33.0.1750.146_chrome_installer.exe
C:\Users\usuaria\AppData\Local\Temp\{345E2710-8C52-420A-97BA-4801E936D2E2}-32.0.1700.76_31.0.1650.63_chrome_updater.exe
C:\Users\usuaria\AppData\Local\Temp\{5C67C251-1838-4ABF-B07A-165874242D03}-30.0.1599.66_29.0.1547.76_chrome_updater.exe
C:\Users\usuaria\AppData\Local\Temp\{CE68014A-D298-4124-9363-5A12E5320C9F}-32.0.1700.76_31.0.1650.63_chrome_updater.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-02 13:03
==================== End Of Log ============================
--- --- --- |
|
08.03.2014, 12:33
| #4 |
| /// the machine /// TB-Ausbilder | Bildschirm bleibt schwarz nach hochfahren Perfekt Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.03.2014, 23:08
| #5 |
| | Bildschirm bleibt schwarz nach hochfahren (code)Combofix Logfile: Code:
ATTFilter ComboFix 14-03-05.01 - usuaria 08/03/2014 22:55:54.2.4 - x64 NETWORK
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.34.3082.18.3894.3042 [GMT 1:00]
Running from: c:\users\usuaria\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\usuaria\4.0
.
.
((((((((((((((((((((((((( Files Created from 2014-02-08 to 2014-03-08 )))))))))))))))))))))))))))))))
.
.
2014-03-08 22:03 . 2014-03-08 22:03 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-03-08 22:03 . 2014-03-08 22:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-03-08 22:03 . 2014-03-08 22:03 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2014-03-07 09:00 . 2014-03-07 09:01 -------- d-----w- C:\FRST
2014-03-07 07:33 . 2014-03-07 08:56 -------- d-----w- c:\users\usuaria\AppData\Local\ElevatedDiagnostics
2014-03-06 14:35 . 2014-03-06 14:35 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-02-16 17:05 . 2014-02-16 17:05 -------- d-----w- c:\programdata\{18165758-115C-4DC0-9EC2-FF89F725767F}
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-20 23:27 . 2012-07-08 01:52 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-20 23:27 . 2011-12-07 14:27 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-17 01:22 . 2011-12-26 00:13 88567024 ----a-w- c:\windows\system32\MRT.exe
2014-01-26 02:25 . 2014-01-26 02:25 0 ----a-w- c:\windows\SysWow64\sho5045.tmp
2014-01-08 02:11 . 2014-01-08 02:11 0 ----a-w- c:\windows\SysWow64\shoFA41.tmp
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-02-10 20922016]
"Messenger (Yahoo!)"="c:\progra~2\Yahoo!\Messenger\YahooMessenger.exe" [2012-05-25 6595928]
"HP Deskjet 3050A J611 series (NET)"="c:\program files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" [2012-10-17 2573416]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-02-15 577408]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
R2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
R2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
R2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
R2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 RtVOsdService;RtVOsdService Installer;c:\program files\Realtek\RtVOsd\RtVOsdService.exe;c:\program files\Realtek\RtVOsd\RtVOsdService.exe [x]
R2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
R3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
R3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
R3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
R3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-05-19 09:36 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-06 14:10 1150280 ----a-w- c:\program files (x86)\Google\Chrome\Application\33.0.1750.146\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-03-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-08 23:27]
.
2014-03-06 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2051178920-43645615-1976691682-1000Core.job
- c:\users\usuaria\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-09 23:08]
.
2014-03-06 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2051178920-43645615-1976691682-1000UA.job
- c:\users\usuaria\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-09 23:08]
.
2014-03-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-09 02:40]
.
2014-03-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-09 02:40]
.
2014-02-16 c:\windows\Tasks\HPCeeScheduleForUSUARIA-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 01:53]
.
2014-03-06 c:\windows\Tasks\HPCeeScheduleForusuaria.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 01:53]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2013-05-26 6486120]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="c:\program files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2014-02-25 21720]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.delta-search.com/?affID=119828&tt=190313_wo1&babsrc=HP_ss&mntrId=0A94AC81122D9BFD
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\usuaria\AppData\Roaming\Mozilla\Firefox\Profiles\mmvl8w6m.default-1358496739434\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://www.delta-search.com/?affID=119828&tt=190313_wo1&babsrc=HP_ss&mntrId=0A94AC81122D9BFD
FF - ExtSQL: !HIDDEN! 2011-12-16 11:04; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - 0a94ed1d000000000000ac81122d9bfd
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15794
FF - user.js: extensions.delta.vrsn - 1.8.10.0
FF - user.js: extensions.delta.vrsni - 1.8.10.0
FF - user.js: extensions.delta.vrsnTs - 1.8.10.016:37
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
BHO-{3706EE7C-3CAD-445D-8A43-03EBC3B75908} - (no file)
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
AddRemove-3426712600.portal.qtrax.com - c:\program files (x86)\Microsoft Silverlight\5.1.10411.0\Silverlight.Configuration.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-03-08 23:05:46
ComboFix-quarantined-files.txt 2014-03-08 22:05
ComboFix2.txt 2013-01-08 22:05
.
Pre-Run: 3.466.735.616 bytes libres
Post-Run: 4.300.832.768 bytes libres
.
- - End Of File - - 9BE77FEB17FEDA811B6F3B42596054BD
(/code) |
|
09.03.2014, 18:42
| #6 |
| /// the machine /// TB-Ausbilder | Bildschirm bleibt schwarz nach hochfahren Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> Bildschirm bleibt schwarz nach hochfahren |
|
10.03.2014, 10:06
| #7 |
| | Bildschirm bleibt schwarz nach hochfahren (code)Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.03.10.03 Windows 7 x64 NTFS (Abgesichertenmodus/Netzwerkfähig) Internet Explorer 8.0.7600.16385 usuaria :: USUARIA-HP [Administrator] 10/03/2014 9:20:08 mbam-log-2014-03-10 (09-20-08).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 255115 Laufzeit: 5 Minute(n), 31 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 2 HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\BabylonToolbar (PUP.Optional.BabylonToolBar.A) -> Keine Aktion durchgeführt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 1 HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.StartPage) -> Bösartig: (hxxp://www.delta-search.com/?affID=119828&tt=190313_wo1&babsrc=HP_ss&mntrId=0A94AC81122D9BFD) Gut: (hxxp://www.google.com) -> Keine Aktion durchgeführt. Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 5 C:\Users\usuaria\Downloads\JewelQuest3SDM.exe (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt. C:\Users\usuaria\Downloads\SoftonicDownloader_fuer_microsoft-small-basic.exe (PUP.Optional.Softonic.A) -> Keine Aktion durchgeführt. C:\Users\usuaria\Downloads\SoftonicDownloader_para_contaplus-suscripcion-anual.exe (PUP.Optional.Softonic) -> Keine Aktion durchgeführt. C:\Users\usuaria\Downloads\WiseConvert_1.2.exe (PUP.Optional.Conduit.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt. (Ende) (/code) (code)AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v3.020 - Reporte Creado 10/03/2014 en 09:37:29
# Actualizado 27/02/2014 por Xplode
# Sistema Operativo : Windows 7 Home Premium (64 bits)
# Nombre de usuario : usuaria - USUARIA-HP
# Ejecutado desde : C:\Users\usuaria\Desktop\adwcleaner (1).exe
# Opción : Limpiar
***** [ Servicios ] *****
***** [ Archivos / Carpetas ] *****
Carpeta Borrar : C:\ProgramData\Ask
Carpeta Borrar : C:\ProgramData\Babylon
Carpeta Borrar : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jZip
Carpeta Borrar : C:\Program Files (x86)\jZip
Carpeta Borrar : C:\Users\usuaria\AppData\Local\jZip
Carpeta Borrar : C:\Users\usuaria\AppData\Roaming\Babylon
Carpeta Borrar : C:\Users\test\AppData\LocalLow\AskToolbar
Carpeta Borrar : C:\Users\usuaria\AppData\Roaming\Mozilla\Firefox\Profiles\mmvl8w6m.default-1358496739434\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Archivo Borrar : C:\Users\usuaria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
Archivo Borrar : C:\Users\usuaria\AppData\Roaming\Mozilla\Firefox\Profiles\mmvl8w6m.default-1358496739434\searchplugins\Askcom.xml
Archivo Borrar : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml
Archivo Borrar : C:\Users\usuaria\AppData\Roaming\Mozilla\Firefox\Profiles\mmvl8w6m.default-1358496739434\searchplugins\delta.xml
Archivo Borrar : C:\Users\usuaria\AppData\Roaming\Mozilla\Firefox\Profiles\mmvl8w6m.default-1358496739434\user.js
Archivo Borrar : C:\Users\usuaria\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage
Archivo Borrar : C:\Users\usuaria\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage-journal
Archivo Borrar : C:\Users\usuaria\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.delta-search.com_0.localstorage
Archivo Borrar : C:\Users\usuaria\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.delta-search.com_0.localstorage-journal
***** [ Accesos directos ] *****
***** [ Registro ] *****
Clave Borrar : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Clave Borrar : HKLM\SOFTWARE\Classes\jZip.file
Clave Borrar : HKLM\SOFTWARE\Classes\Prod.cap
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\WiseConvert_1_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\WiseConvert_1_RASMANCS
Clave Borrar : HKCU\Software\5b57d7dde168ed15
Clave Borrar : HKLM\SOFTWARE\5b57d7dde168ed15
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_microsoft-small-basic_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_microsoft-small-basic_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft-server_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft-server_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_contaplus-suscripcion-anual_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_contaplus-suscripcion-anual_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Clave Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-750DD60FFC73}
Clave Borrar : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Clave Borrar : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Valor Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Clave Borrar : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clave Borrar : [x64] HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Clave Borrar : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clave Borrar : HKCU\Software\BabylonToolbar
Clave Borrar : HKCU\Software\Conduit
Clave Borrar : HKCU\Software\OCS
Clave Borrar : HKCU\Software\Softonic
Clave Borrar : HKCU\Software\AppDataLow\Software\SmartBar
Clave Borrar : HKLM\Software\Babylon
Clave Borrar : HKLM\Software\caphyon
Clave Borrar : HKLM\Software\DataMngr
Clave Borrar : HKLM\Software\jZip
Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\jZip
Clave Borrar : [x64] HKLM\SOFTWARE\Speedchecker Limited
***** [ Navegadores ] *****
-\\ Internet Explorer v8.0.7600.17267
Ajustes Restaurar : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v18.0 (de)
[ Archivo : C:\Users\usuaria\AppData\Roaming\Mozilla\Firefox\Profiles\mmvl8w6m.default-1358496739434\prefs.js ]
Linea borrada : user_pref("browser.search.order.1", "Ask.com");
Linea borrada : user_pref("browser.search.selectedEngine", "Ask.com");
Linea borrada : user_pref("browser.startup.homepage", "hxxp://www.delta-search.com/?affID=119828&tt=190313_wo1&babsrc=HP_ss&mntrId=0A94AC81122D9BFD");
Linea borrada : user_pref("extensions.delta.admin", false);
Linea borrada : user_pref("extensions.delta.aflt", "babsst");
Linea borrada : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Linea borrada : user_pref("extensions.delta.autoRvrt", "false");
Linea borrada : user_pref("extensions.delta.dfltLng", "en");
Linea borrada : user_pref("extensions.delta.excTlbr", false);
Linea borrada : user_pref("extensions.delta.id", "0a94ed1d000000000000ac81122d9bfd");
Linea borrada : user_pref("extensions.delta.instlDay", "15794");
Linea borrada : user_pref("extensions.delta.instlRef", "sst");
Linea borrada : user_pref("extensions.delta.newTab", false);
Linea borrada : user_pref("extensions.delta.prdct", "delta");
Linea borrada : user_pref("extensions.delta.prtnrId", "delta");
Linea borrada : user_pref("extensions.delta.rvrt", "false");
Linea borrada : user_pref("extensions.delta.smplGrp", "none");
Linea borrada : user_pref("extensions.delta.tlbrId", "base");
Linea borrada : user_pref("extensions.delta.tlbrSrchUrl", "");
Linea borrada : user_pref("extensions.delta.vrsn", "1.8.10.0");
Linea borrada : user_pref("extensions.delta.vrsnTs", "1.8.10.016:37:13");
Linea borrada : user_pref("extensions.delta.vrsni", "1.8.10.0");
[ Archivo : C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\4needgza.default\prefs.js ]
Linea borrada : user_pref("browser.search.selectedEngine", "Ask.com");
Linea borrada : user_pref("browser.search.order.1", "Ask.com");
Linea borrada : user_pref("browser.search.defaultengine", "Ask.com");
Linea borrada : user_pref("browser.search.defaultenginename", "Ask.com");
Linea borrada : user_pref("extensions.asktb.ff-original-keyword-url", "");
-\\ Google Chrome v33.0.1750.146
[ Archivo : C:\Users\usuaria\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ Archivo : C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [10670 octets] - [10/03/2014 09:33:55]
AdwCleaner[S0].txt - [9578 octets] - [10/03/2014 09:37:29]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9638 octets] ##########
(/code) (code)AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v3.020 - Reporte Creado 10/03/2014 en 09:33:55
# Actualizado 27/02/2014 por Xplode
# Sistema Operativo : Windows 7 Home Premium (64 bits)
# Nombre de usuario : usuaria - USUARIA-HP
# Ejecutado desde : C:\Users\usuaria\Desktop\adwcleaner (1).exe
# Opción : Escanear
***** [ Servicios ] *****
***** [ Archivos / Carpetas ] *****
Archivo Encontrado : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml
Archivo Encontrado : C:\Users\usuaria\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage
Archivo Encontrado : C:\Users\usuaria\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage-journal
Archivo Encontrado : C:\Users\usuaria\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.delta-search.com_0.localstorage
Archivo Encontrado : C:\Users\usuaria\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.delta-search.com_0.localstorage-journal
Archivo Encontrado : C:\Users\usuaria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
Archivo Encontrado : C:\Users\usuaria\AppData\Roaming\Mozilla\Firefox\Profiles\mmvl8w6m.default-1358496739434\searchplugins\Askcom.xml
Archivo Encontrado : C:\Users\usuaria\AppData\Roaming\Mozilla\Firefox\Profiles\mmvl8w6m.default-1358496739434\searchplugins\delta.xml
Archivo Encontrado : C:\Users\usuaria\AppData\Roaming\Mozilla\Firefox\Profiles\mmvl8w6m.default-1358496739434\user.js
Carpeta Encontrado : C:\Users\usuaria\AppData\Roaming\Mozilla\Firefox\Profiles\mmvl8w6m.default-1358496739434\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Carpeta Encontrado C:\Program Files (x86)\jZip
Carpeta Encontrado C:\ProgramData\Ask
Carpeta Encontrado C:\ProgramData\Babylon
Carpeta Encontrado C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jZip
Carpeta Encontrado C:\Users\test\AppData\LocalLow\AskToolbar
Carpeta Encontrado C:\Users\usuaria\AppData\Local\jZip
Carpeta Encontrado C:\Users\usuaria\AppData\Roaming\Babylon
***** [ Accesos directos ] *****
***** [ Registro ] *****
Clave Encontrado : HKCU\Software\5b57d7dde168ed15
Clave Encontrado : HKCU\Software\AppDataLow\Software\SmartBar
Clave Encontrado : HKCU\Software\BabylonToolbar
Clave Encontrado : HKCU\Software\Conduit
Clave Encontrado : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Clave Encontrado : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Clave Encontrado : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Clave Encontrado : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clave Encontrado : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Clave Encontrado : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Clave Encontrado : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clave Encontrado : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Clave Encontrado : HKCU\Software\OCS
Clave Encontrado : HKCU\Software\Softonic
Clave Encontrado : [x64] HKCU\Software\BabylonToolbar
Clave Encontrado : [x64] HKCU\Software\Conduit
Clave Encontrado : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Clave Encontrado : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Clave Encontrado : [x64] HKCU\Software\OCS
Clave Encontrado : [x64] HKCU\Software\Softonic
Clave Encontrado : HKLM\SOFTWARE\5b57d7dde168ed15
Clave Encontrado : HKLM\Software\Babylon
Clave Encontrado : HKLM\Software\caphyon
Clave Encontrado : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Clave Encontrado : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Clave Encontrado : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Clave Encontrado : HKLM\SOFTWARE\Classes\jZip.file
Clave Encontrado : HKLM\SOFTWARE\Classes\Prod.cap
Clave Encontrado : HKLM\Software\DataMngr
Clave Encontrado : HKLM\Software\jZip
Clave Encontrado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-750DD60FFC73}
Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASAPI32
Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASMANCS
Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASAPI32
Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASMANCS
Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_microsoft-small-basic_RASAPI32
Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_microsoft-small-basic_RASMANCS
Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft-server_RASAPI32
Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft-server_RASMANCS
Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_contaplus-suscripcion-anual_RASAPI32
Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_contaplus-suscripcion-anual_RASMANCS
Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\WiseConvert_1_RASAPI32
Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\WiseConvert_1_RASMANCS
Clave Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Clave Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clave Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Clave Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Clave Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\jZip
Clave Encontrado : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clave Encontrado : [x64] HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Clave Encontrado : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clave Encontrado : [x64] HKLM\SOFTWARE\Speedchecker Limited
Valor Encontrado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
***** [ Navegadores ] *****
-\\ Internet Explorer v8.0.7600.17267
Ajustes Encontrado : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.delta-search.com/?affID=119828&tt=190313_wo1&babsrc=HP_ss&mntrId=0A94AC81122D9BFD
-\\ Mozilla Firefox v18.0 (de)
[ Archivo : C:\Users\usuaria\AppData\Roaming\Mozilla\Firefox\Profiles\mmvl8w6m.default-1358496739434\prefs.js ]
Linea encontrada : user_pref("browser.search.order.1", "Ask.com");
Linea encontrada : user_pref("browser.search.selectedEngine", "Ask.com");
Linea encontrada : user_pref("browser.startup.homepage", "hxxp://www.delta-search.com/?affID=119828&tt=190313_wo1&babsrc=HP_ss&mntrId=0A94AC81122D9BFD");
Linea encontrada : user_pref("extensions.delta.admin", false);
Linea encontrada : user_pref("extensions.delta.aflt", "babsst");
Linea encontrada : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Linea encontrada : user_pref("extensions.delta.autoRvrt", "false");
Linea encontrada : user_pref("extensions.delta.dfltLng", "en");
Linea encontrada : user_pref("extensions.delta.excTlbr", false);
Linea encontrada : user_pref("extensions.delta.id", "0a94ed1d000000000000ac81122d9bfd");
Linea encontrada : user_pref("extensions.delta.instlDay", "15794");
Linea encontrada : user_pref("extensions.delta.instlRef", "sst");
Linea encontrada : user_pref("extensions.delta.newTab", false);
Linea encontrada : user_pref("extensions.delta.prdct", "delta");
Linea encontrada : user_pref("extensions.delta.prtnrId", "delta");
Linea encontrada : user_pref("extensions.delta.rvrt", "false");
Linea encontrada : user_pref("extensions.delta.smplGrp", "none");
Linea encontrada : user_pref("extensions.delta.tlbrId", "base");
Linea encontrada : user_pref("extensions.delta.tlbrSrchUrl", "");
Linea encontrada : user_pref("extensions.delta.vrsn", "1.8.10.0");
Linea encontrada : user_pref("extensions.delta.vrsnTs", "1.8.10.016:37:13");
Linea encontrada : user_pref("extensions.delta.vrsni", "1.8.10.0");
[ Archivo : C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\4needgza.default\prefs.js ]
Linea encontrada : user_pref("browser.search.selectedEngine", "Ask.com");
Linea encontrada : user_pref("browser.search.order.1", "Ask.com");
Linea encontrada : user_pref("browser.search.defaultengine", "Ask.com");
Linea encontrada : user_pref("browser.search.defaultenginename", "Ask.com");
Linea encontrada : user_pref("extensions.asktb.ff-original-keyword-url", "");
-\\ Google Chrome v33.0.1750.146
[ Archivo : C:\Users\usuaria\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ Archivo : C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [10488 octets] - [10/03/2014 09:33:55]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [10549 octets] ##########
(/code) (code)~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.1.2 (02.20.2014:1) OS: Windows 7 Home Premium x64 Ran by usuaria on 10/03/2014 at 9:52:09,83 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin.1 Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2051178920-43645615-1976691682-1000\Software\sweetim Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E3848119-4DC7-48D3-9206-9CB0B3FC721B} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{F61419D5-D060-49ED-80E4-2DBECF4F5941} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{E3848119-4DC7-48D3-9206-9CB0B3FC721B} ~~~ Files Successfully deleted: [File] "C:\Users\usuaria\appdata\locallow\microsoft\silverlight\outofbrowser\index\portal.qtrax.com" Successfully deleted: [File] C:\Windows\syswow64\sho5045.tmp Successfully deleted: [File] C:\Windows\syswow64\sho704D.tmp Successfully deleted: [File] C:\Windows\syswow64\shoC66A.tmp Successfully deleted: [File] C:\Windows\syswow64\shoFA41.tmp ~~~ Folders Successfully deleted: [Folder] "C:\Users\usuaria\music\qtrax media library" Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{00722363-9377-4F5E-9405-1BEB351F8836} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{00845514-106C-4A64-BC01-489DF5F950A2} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{0133D128-495A-4767-ADAE-D2961157F8CC} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{0140EF72-9AD5-48F3-9123-60BBDB9EDC65} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{01C71BF9-F692-4125-A01C-285E1BD8523F} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{01D9D089-023F-406E-829C-6241426228F0} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{0214C43A-785C-405F-A14B-3873C3176DDE} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{02817BBC-0514-43F4-9812-ABC7D01425D5} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{056BC49D-57FB-4AB0-A7F5-8C9D4D9F240C} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{05E44B8C-C368-48DF-ABBF-5CB52EA3174E} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{060502BB-8093-418B-8BCC-AA3B9229C87E} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{06FC5BF8-699E-4D0C-BF76-17256FFF6E0E} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{071793E6-93EA-449E-8A67-186F573CF1F6} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{0736251E-37E9-44CF-9510-6DFA4C6E4202} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{07CD6DBA-99DA-40B5-B080-B3CAE3A4D392} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{07E0CDD0-CAE9-44A7-87A3-06346B510B41} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{08A1F093-A610-41FE-B185-9A8715377078} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{09037E25-42DE-4E84-90A0-228ECF91AD88} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{0A4749BA-6B23-4CE6-AB58-31AFFD3DD445} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{0C376E7C-04CB-4A64-861C-33DFC2404C3D} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{0C4D93F1-5E5C-4EAD-B36B-8FB1B03129F8} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{0CC415D3-E879-410F-A82B-98CFB13C8826} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{0D72CF39-962D-4F7F-8065-B1816AC15883} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{0DF34279-9D82-449C-9A2F-648842CB6270} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{0E428AF1-0933-4057-8BF2-7F7D36EF033D} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{0EA3479B-8CA0-4860-90AC-505B6977D1E4} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{0F57C9AA-3C5E-4A4B-BBD7-7573E345D31A} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{0F6BBE08-EF23-4D5E-A281-94CD76D0A19F} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{0FD20FFA-0E0E-404E-AE64-46435F4A8998} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{10C50A01-F57D-4D08-A4F8-EA87AB2536D1} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{116619E4-10EA-4D2F-AEB0-788877CD8039} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{13618D76-4182-40B4-889B-7D0047568032} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{13841E1C-107C-44B0-A477-67652D1258E2} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{14C06D40-6601-4D93-877A-8BFA4ACD22A3} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{14C1F01D-472A-405C-A57A-6C56407CE843} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{16234C82-8131-4242-9084-D09E3C62DB17} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{16887664-32C8-4A33-AECC-82A9F4359291} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{16A663D4-4402-45BE-B01C-77E14653354B} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{171327EB-539E-46AE-B45A-B00EC92B1D34} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{184998B3-E2AA-4C06-8D2C-5769AED28A12} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{18A962AE-8B4C-4DB4-BF9B-18E957C03837} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{199D6032-C2B5-41D5-A648-24A883DE9839} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{1A8C541D-666A-47D3-8425-D0621C0DB331} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{1B4C35D9-DC47-4284-8212-8BD291B92105} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{1D0E7D25-1E60-448D-9D81-A12AF23E946F} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{1DC2690D-160E-4A03-ABE1-B2637E148DE3} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{1E9A6D11-2337-45C4-8FD7-221E2655DC77} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{1FD18F64-9BDA-4CA5-B582-B64374F0A930} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{20F114AC-1E10-4876-9DD9-615C459654AA} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{21E89823-7EF3-460B-8CA8-3765CE1299D8} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{22059B34-D947-4BC0-B2F6-38D629C89EFC} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{223FDCF3-C19B-4320-A191-B31EFA010A74} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{2285F0B8-89D4-471D-85C2-729A3E1B0E15} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{23D5C378-24F2-48F7-AEE9-30901D5CDDAE} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{24D568E6-7691-4435-BE7B-BEA136E855D6} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{24FBC35E-F0F4-47D5-BAF3-EA2C2616EC0E} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{26F7C0F2-8A5D-4132-AF78-6AA8C5A39637} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{26FDF719-264B-4802-AF93-390E4CD838EB} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{2722ACA5-EE5B-466D-BA4E-21785E3AA778} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{277C2D1E-7D2A-4491-A56B-F6C052B05B8D} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{27CE1D21-0BF7-4E0C-95D3-641117ACD976} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{286344D4-DA25-4358-A820-590FDAC3E933} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{287988DC-1A45-454E-B1C3-DA17B6D15BB7} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{28A53F33-F1A6-49B3-8428-D3D2AEAA67B3} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{29141E28-FB27-4122-A6AD-5CA911079C89} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{2936E34E-8988-442F-8004-637EE053AEC9} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{29A246F6-E75D-4B7B-82C6-1345186161B5} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{2A64B4ED-0690-4CF6-BE70-CA1ABC7246A7} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{2A821EE9-15A2-4CBD-8186-3B265AE13A42} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{2BC8FE0D-C258-43B4-8CCD-B0835FA9C6D1} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{2BE7C041-CBC2-437C-BAEA-9E5CA66D8AF4} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{2CB4DDF3-2864-4C29-9F8A-57ACAB5CC410} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{2D569DFE-C12E-4C85-8DB8-10DF6E14CB7D} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{2D7AA22C-4DE4-4971-BA70-66E2755962D6} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{2D878F6E-8C2C-49B8-8073-E904A08820D9} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{2DA7BD38-EBB0-4517-8E5E-A65A8609C974} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{2F4668DA-8AEF-46C1-A7E0-87F7FA21E4EC} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{2F572930-2076-44B7-8CD2-4EBAE6D5CBDC} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{2F8DA475-DCAC-45CD-99BB-E5AAA92D7A23} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{3061E06A-476B-419C-8FA2-641048532F2E} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{323F02F5-E533-4889-9001-E814E99369F0} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{3295F84E-8E67-4337-A4EA-60BFCECF7739} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{32D993B5-0996-49AA-A0A1-8939BB5854E9} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{33F00F9B-F962-4237-8114-4770ED735991} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{34D6ADA6-BA1F-43DA-99AE-F7DDE8096A9F} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{35B4947D-6A27-4095-884A-8ABF1C710A7C} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{35DEFE57-E3C5-4537-AC54-6980FAEF53B3} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{38085404-47C7-41C8-B605-A7496105A794} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{3AD3203D-D025-4838-95E0-E91180D32E60} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{3B0F6A83-B341-4AC2-8203-8E660D2416B3} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{3BC95191-2F0C-43D7-A914-C43AA92AB62D} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{3BEF217D-925F-4C3F-8DDE-640E0D4265C3} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{3D9866D0-C629-4AF8-B578-29D89F0C26E4} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{3E5FD6B7-79A3-418D-893E-7E5C064A820E} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{3F8696B1-4DA3-43C6-B1BF-5DD3F7D5B332} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{3FD0CA37-BFF5-4629-9FAE-B7FC002F077A} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{412CD63A-7C5C-462C-B3D4-34E6F010874E} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{418D5971-EA46-48F6-BFED-980421B36FCE} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{42AB292A-839E-4EE2-8407-FA08C01577D8} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{42FD0C9B-B21E-4F55-B9A1-5C771B442E4D} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{434DFB7C-7666-47E9-B126-38C8D6036F43} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{451B2B91-C8CB-45EB-9F02-4DE0B6DB8CCE} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{458A65FC-5A5B-4CCE-8F63-C89669058CD4} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{45EC5E15-4F5E-4A73-A515-DC3280FC5180} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{462A5DE8-78F6-4AF7-85AB-C1D34065BF49} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{482A8E1D-4501-4101-9250-E8ED22AEA5B2} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{489C376C-CF9E-4F98-AC92-759252C5A9E5} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{4A3AEC06-C449-4B13-83A9-FBF5AB7B37F7} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{4B58C6B5-854D-4EEA-947C-D0D90F16E04D} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{4B928137-DD2D-4C0F-9059-A76B93D9A29F} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{4CB3C5D8-BD12-4E1C-A985-2B81D11B746A} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{4EA7D354-6339-42FD-8C78-4BDD2764C8F7} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{4ED36B96-E47E-4AD2-88ED-A7983A2EC403} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{4EDDAC4C-8E90-496C-8DE4-A4187759E9D2} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{5022A5E0-6A4C-4DED-8517-6B24F2437656} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{50FAE7D8-DFCC-4353-9F07-92D067589AFA} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{51D268FF-B352-42B5-BDCA-D667EDEA0718} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{522781A7-E382-4D5E-A940-015DB32A908D} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{532FE285-E8DD-42A8-97F1-96640F8B62FE} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{53A40D8C-0C7A-47B0-A39F-11522574CA49} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{53FB2A59-6A88-4C69-91A8-9A50AF201B98} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{54337F79-013D-47F3-898A-AA2FC0517E44} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{5755F625-7429-46A4-962F-BA2087DEB6A1} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{57EB15F4-CE3C-4FE9-81A7-A8A1617A8562} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{57F863D3-999C-4FF1-8516-8755784E7ACC} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{580B6136-FC54-4390-A87D-02AA8EF38D42} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{583AE38A-7C79-44EA-BB2E-354A5DCDA53F} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{5949938C-BEEE-4EFE-9D00-9DC9BBFB71B0} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{5A64733B-99DE-4527-985A-476F960DA2AF} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{5ACCEA88-F259-4B9A-99EB-3C83BF90B851} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{5AF6DD46-9D36-45DE-BB1E-BE117AB1BD8B} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{5D0839B9-D0F3-43EF-8823-5CCAD6A62947} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{5EF33FE8-A22E-4D55-9C93-EBF8F36A9925} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{5F15680E-3050-4791-95F6-A7FF5EDAF93F} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{5FA62B28-9F83-4C78-96A7-0FC6318A17C9} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{60818FD6-497A-4FBD-8EE8-84F250081146} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{61450B83-3ED9-4ECF-95F1-124970099BF5} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{6196BBB9-7C2D-4265-A511-6A0B2A70FB5D} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{63787384-44F8-4D14-9D13-2873C6B56EFB} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{6473052D-F992-4287-B41E-5396D74CD2FE} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{68747EB6-CE4B-44B7-973F-9567C8C16510} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{68F135F4-2995-4B25-B888-76D4B012C2C9} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{6A2847BB-A8F5-4D9F-BAD6-2BA3B4CD1BDF} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{6B593FB7-124B-4532-84C4-578676ABA719} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{6E0B5626-957A-40D4-9376-031D8835B4FB} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{6E10B102-221E-4473-ADF4-3D7AC253046B} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{6E2CC64A-8E00-4585-BC67-06840BA26BAD} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{6E7A9E3C-D8D7-46E6-A853-B65AAD347BD4} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{6E90E895-181C-4ABE-B2CC-B0F3B268DE68} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{722B3E7F-E9E3-454A-A5C9-ED09FCF5DC6E} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{733D7247-C0FD-4489-8458-CAEA2DA66BED} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{73B2CB43-09AB-4D55-8C28-70FC662DA5C9} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{74DCB271-F49D-4B82-B575-3C8A846DE6D0} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{766531BA-DF67-4D05-A60F-2BE18BFB3684} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{76AC7A89-00E4-44C9-A751-5E11F991352E} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{770F6B8F-B901-489A-A6D2-45E38DC117B3} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{7899ACCE-35F7-4A47-A330-117AC734ED95} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{78F65C81-9E55-4A6B-97C6-0D42C3CF08BC} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{7955351B-C1BB-4EEC-907B-159735D73EF5} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{7980638D-EAEF-466D-BB63-FA0248460A01} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{79C0178D-83CB-45D5-A7E5-3A7A77E083BA} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{7BB8E34D-F231-4DF4-A6B3-54A0ECEE759B} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{7BEAE344-D384-4442-804E-23A7FBB16272} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{7C6A942D-5631-4B54-8D9B-3E1B12611286} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{7CA10D8F-500C-42C3-B162-D5CD181D60DA} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{7E44D4A3-9FA9-403E-A496-384C11AA8DCD} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{7E4A3DA8-BFF2-477E-AEC4-44DAE57A0B2A} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{7F53ED98-3675-4D6B-B78D-253361D19A12} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{7F6B0477-EAA7-4A6B-A1B8-C7D215F20F81} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{7F8ED09D-D1C0-497F-A056-6266733FCF5C} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{8232A976-CD4D-4FCE-9F2D-6957C3450171} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{8339069D-60F2-4311-B08E-86DD82B6CEF8} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{84612D07-76CE-4658-BDBE-CCBA427ABC44} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{8472D8B1-FDB5-4056-BA4B-67CD4AD8A6AB} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{84AE107F-405A-4C0A-8509-605304ACCFA3} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{85D949F1-6C06-467C-99C9-E664548EA4D0} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{86084EBB-C8A6-4504-AB11-B256D87DF4BA} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{8737BA9F-48A4-45E4-9ABC-AD189C53ABFC} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{881243F2-CEF8-4485-82E4-D9FD8BDEF615} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{88313C46-5092-4300-9911-FAA4DDC51B78} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{897D107B-3780-4B25-9D6D-AD25E033034C} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{89FEA865-0805-44AB-BFE3-59DF738C49EC} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{8A4F1AA4-380E-45BD-B721-54A8CD167255} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{8AAC6E80-6C64-4A7D-ACD2-209E929DBF4C} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{8AE20D1D-A334-4B04-B097-1A52B04D70A9} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{8BC005ED-4394-4A4C-BFCB-376D46B4809E} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{8D3FD79A-5881-4C90-8ABA-727678F60310} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{8E75C5EE-6F7C-417E-965B-3C1756061ECD} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{8E7C12DB-3058-4C1E-9C34-8532788D9162} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{8EA25AC3-9B70-4CA2-82DF-72D6C521F415} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{8F90EDEB-68D9-4D2C-B533-D0FACD65B55A} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{8FE21426-6FB0-412F-B9CA-800BE234734C} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{90816043-75A9-4622-BE98-8C8C0E7A874C} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{91EED53F-9571-48D7-A559-4CA0645799DB} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{95CF5815-C5A5-40E3-950E-2B0A6B7C2ADD} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{9664D9D0-6508-4061-AA45-D20CE14667EC} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{9691DA8F-A62A-4996-BCF5-7B99A7798AA0} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{9694C480-10F5-46D7-A50F-C8830647E1C1} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{9754176E-B575-4B58-B0E0-A732CD05548D} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{97ACCBDB-D4CB-46C2-B1DA-101FFC4CC6B9} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{97B0A534-45EA-49D5-88DD-40942E160041} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{97FBD828-3EBE-4A13-B073-B5169E2967EE} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{980A9AF7-2D15-4994-A9E2-57E0A709C913} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{982299BD-8C77-44E9-B59E-427AC033A91E} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{994605AB-69A9-4F82-ABC1-E61B6E4A5AB5} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{99DB0509-FBCC-4613-B8A2-770154439260} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{9C73D368-3E19-45F1-8102-5334B6042A8E} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{9C983535-C3E6-4D86-B011-290A4B5DDB3C} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{9D318B42-072A-4387-B0E9-560B9ADE15A0} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{9D634C0F-F1D2-4099-8FE6-F0E178AD1505} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{9EA90C1C-221D-498C-9FD4-F8058A9F3CEA} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{A0E81307-7C2E-4F32-BC81-A9F364969AA3} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{A1486690-3F40-43E8-880E-6A70EB23150F} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{A175DB62-54AF-4664-A22E-D979D65933E6} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{A261B15C-0EB2-4752-B8E7-11CBC2D1DAB2} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{A35BD05C-8B1E-4DE5-A0AB-D729B02E15F0} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{A51931CB-C80D-4288-85D9-095A140F5B17} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{A53B79E6-37C5-4D9E-A94D-DF5E49F60F72} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{A55C9AC1-BED9-490B-8907-176FC5FDF699} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{A64BA4B4-65A7-4278-93DF-55BCA8843468} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{A7AFF421-7711-46FB-88D7-899D95C8B3F3} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{A84314F9-3836-4064-BA3F-16E18F1EFBD9} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{A9B49244-313D-4EC0-BE54-DA7CAB84CD44} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{A9D586E5-06D8-40EB-9328-9715108FE4CD} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{A9E70427-00C0-4ABC-8CE8-75705FB8CA03} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{AAD4DBF9-53D6-4A8F-AC7E-A7B58306139F} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{ABB50FA0-A1B3-463A-B2A6-C6D489889385} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{AC9E0111-D81E-46CB-9E26-E09D1DD1676D} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{ADE7B920-9013-4C0A-A8A8-B10C53C4E83D} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{AE0B6507-60BB-40B4-A42C-DB42BF8A9175} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{AE0D0BFC-E6A2-44CA-A322-CE36614B5773} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{AE28564C-6237-4E1B-8040-B4CD998E01D9} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{AEAE7073-74A8-4A54-907C-5AF59C5B99A9} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{AF0FDC74-C0FE-4968-94AB-731ABB41DCC9} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{AF556D6C-5834-4338-959B-C9B72185C6BA} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{B0C8CD6C-B8F8-4932-BE05-01715430FDDD} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{B12F53D8-6833-43A9-A6B3-31C4D7FE1F1A} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{B27ABDE7-BA30-4639-85E0-3EADECCDA631} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{B2E7FB65-76FC-4C24-A4D6-6A49ADDD9B5F} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{B518FF9E-A327-4115-BFFC-A673F4997120} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{B62675F5-42BC-4904-93B4-9D24E543DED9} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{B77BA717-F8D5-45A6-B365-87510B6D20A8} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{B84D4606-DE7B-45D9-B82F-5DA645E2AA3B} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{B93DB1B0-BAEC-4EC7-9246-D127EB96EA3E} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{B9821E4D-A23D-4054-B918-3BED95377B48} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{B9BC608A-A5D5-4D10-BF52-7EFDA047F211} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{B9D28A52-4761-4948-8AD2-0AD6F9C733AC} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{BA4F03A6-3167-4FD6-907D-C5CEA7E6AA02} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{BA6EF5A9-CA74-453D-A2E2-196EB0EF8AFB} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{BA8CEF8A-1420-4D05-B969-8759BFE1209C} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{BADBB3D3-3263-42E4-A5F4-057D8DA184DD} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{BBE6A816-FD13-4B3F-81D8-4900E00B4367} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{BC95BBFC-7A4E-4AA6-BF81-31B8A0C445DF} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{BD557CB4-2B4C-4D61-9DCE-5D0FE3F92706} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{BDB165CB-4F9F-4AC6-ADA9-59BD43433E00} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{BE51897F-5A9A-4235-B7DC-AFD2BED5CB8B} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{BE746CF6-C068-414D-8956-CDC7D043098E} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{BF53D20D-3E94-47EE-98ED-96D88B8DB793} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{C01AF3A6-D141-453D-ADBE-CB13DB45B32D} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{C04E8B3B-8EE1-40AD-87E4-FCA68DBA6125} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{C0921A25-D3D6-4F8F-AD01-3CD960CB9907} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{C0C656B7-B2FF-4657-AE9F-190EDAF7382D} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{C0F5CE53-7FB2-4612-B6C8-51F9E9B80F70} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{C1D01EAC-C83B-4C88-9300-4302DE776D47} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{C212F46C-5DEB-4C16-8DC5-1CE291E0DD01} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{C3E0CD0E-3018-41A5-B2DA-3BD5F4B9D7D0} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{C4096813-CB8A-4A30-BF4F-E5F18980CABD} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{C60F1B12-CDAB-40B9-A83C-F78E7200E2E2} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{C8ED2B7A-5D87-4F7E-B648-3FDA46D59B7C} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{C909CBB3-EDBD-4FEC-8378-92F1EA881728} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{C94A609F-CAE8-4EAB-894E-DA07849C697C} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{CACFAEAD-4815-424A-84C4-85C09E15AF59} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{CCFC2F58-BA30-47BC-90E3-B8A14D3A76E9} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{CF52716D-F549-4CD0-9A9C-236CB3D5A689} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{D00199A4-E94F-4C84-8AE0-10EACC4B1019} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{D0281FEA-E8F6-4E90-AB58-DB99260F7E88} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{D09EC77E-8385-4A1D-AAE7-72C6357369C8} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{D0EBEE8F-C2F0-49D9-B5BF-FCC02A3ABF01} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{D3A7E384-C731-4020-A907-EB0F40AE2B7C} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{D479D5DE-E454-4C1F-985A-ADEF0944C91E} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{D5092811-B6A7-45BC-9CFD-2C7DC255D873} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{D5410FFE-7819-4C1D-B0E7-D255C883F362} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{D568BE48-34A7-4F16-A3CF-58AE141FB025} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{D5721A73-9886-4FC9-BD89-1ABB91A780BC} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{D6336A34-2347-46F8-9DB6-0C4185545405} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{D7AAB65E-5D24-48B7-893E-F87A0AE40459} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{D89637A3-6288-46F7-9050-A3561EE67ED4} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{D89890ED-82CA-415F-8AA1-2250605C8F9A} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{D8A61607-BE8D-4357-86D5-0CC7059316F4} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{DA457764-F2A2-4559-9B72-A66E6C60BBFF} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{DA47F82F-E88A-408A-8F14-E3150EA62251} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{DAA4F9BE-CC0B-4583-B6D1-B00648225B96} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{DB8585B5-AA93-4871-926C-8B33D5F98ED3} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{DC0B3877-700A-434E-955D-843E9B24F56F} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{DC75BD34-A72F-4D19-836B-1E8EF06D03B0} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{DEFC2E03-F0BF-4A29-81A9-A29BDF55FDE2} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{DF235D9B-2A4A-427A-B6C8-DE6E9198C4C0} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{E076132B-68CC-4291-A569-B294FAC2065F} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{E0D0C644-6B92-4EEA-BA17-F0B904205BBB} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{E0F6162C-46D5-4307-A57D-CDCBFB490B68} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{E21FDCCA-C9BE-4C6F-B2AE-B9ECCB53DD52} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{E22C0F06-FCF0-4367-BB17-F18EAEC04742} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{E27719DD-B572-4A9B-AD33-76C275B97961} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{E316F4E7-FAEE-49FA-9D61-BAF19DA8660C} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{E5A0F52C-BBA7-4671-9940-EFBA4CD3D72D} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{E5D89465-1E70-46C5-8E1F-4A877EF1F833} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{E5FE99F9-978A-4DCC-B7C6-3E569B87D51B} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{E6DA0B43-E8F3-4F27-B98D-2377194201A7} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{E6EC60CB-E2DE-4BD8-8717-9FD145794765} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{E846881C-A767-4130-AD13-0D39915B587D} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{E99337B2-A028-4B58-BDEA-7805741B05D5} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{EA28D9E6-F167-4BBE-9174-96BE68F7919D} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{EB03A0FE-1449-49BE-B66C-84FB6870E18F} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{EC16155A-1822-4A9F-ABEF-6E0368833EE0} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{EC5F56B0-AE27-4D20-8EC0-349EBB343CBC} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{ED0D4E2B-3AEB-42AF-8B1D-6A497B842094} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{ED3C58B2-2E6D-48C2-8C45-D8D94DC1963A} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{EF1D55AA-B47F-4F75-9B55-AE7B8E0C7750} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{EF7DD9BB-B9B2-494F-B4F2-21DDCF9AE4C6} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{F0E97688-0959-4A11-808B-CB8529A7936A} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{F178E216-8381-4B17-831B-F13B5A5F43D7} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{F1C6347E-786A-49CF-B0E0-AD61E914828F} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{F2AB60D1-CB39-4FAD-A4E0-9941021692AB} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{F2C0F19F-953F-4257-A828-70780C5E1309} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{F2E0FE64-ACD1-448A-BD1D-87E00BA287DD} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{F386DEB5-1258-4C3E-A094-E24C89E98DFD} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{F6CD1212-DFD5-4195-87BF-30D5B0BDCC38} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{F6FD2CDF-5CE7-4AE5-B518-A7369E6983DF} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{F76F4E99-A90C-4CBF-8CFC-78F091E396BC} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{F77D2A19-B46C-4C87-8849-1BAC1F1F6EF8} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{F7B26B78-3A37-4281-B0BE-AE4A72D75B09} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{F82A228C-313B-4C55-BDF6-EFECDE36210D} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{F8BEB806-4706-48D2-B66A-74EE0E6E3C3B} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{F9223519-1536-4DBA-8BCB-3EB63BD8ECC9} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{FB95A7A0-7840-466F-B710-50A041CFA759} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{FBB3B7AC-1990-436E-9299-C782EA3F7FF5} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{FBC1D5A0-DA7A-4D36-9E23-4731E58E90A7} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{FC4561E2-B197-42DA-89FF-39B378F1DF52} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{FC973D47-54B7-45E3-8632-7B4CEC9930D1} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{FE141C47-41E7-4F0F-80E5-A56CBC03438A} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{FE85549A-5B0F-4312-83FA-6D83E83CEBC1} Successfully deleted: [Empty Folder] C:\Users\usuaria\appdata\local\{FEF22102-A60D-4DA1-91DE-788E79AA46E4} ~~~ FireFox Emptied folder: C:\Users\usuaria\AppData\Roaming\mozilla\firefox\profiles\mmvl8w6m.default-1358496739434\minidumps [2 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 10/03/2014 at 9:55:18,86 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ (/code) (code) FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-03-2014 02 Ran by usuaria (administrator) on USUARIA-HP on 10-03-2014 10:04:12 Running from C:\Users\usuaria\Desktop Windows 7 Home Premium (X64) OS Language: Spanish Modern Sort Internet Explorer Version 8 Boot Mode: Safe Mode (with Networking) ==================== Processes (Whitelisted) ================= (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6486120 2013-05-26] (Realtek Semiconductor) HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [577408 2012-02-15] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard) HKLM-x32\...\Run: [] - [X] HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-02-25] (Hewlett-Packard) HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware ] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1 HKU\S-1-5-21-2051178920-43645615-1976691682-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.) HKU\S-1-5-21-2051178920-43645615-1976691682-1000\...\Run: [Messenger (Yahoo!)] - C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.) HKU\S-1-5-21-2051178920-43645615-1976691682-1000\...\Run: [HP Deskjet 3050A J611 series (NET)] - C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-2051178920-43645615-1976691682-1000\...\RunOnce: [Report] - C:\AdwCleaner\AdwCleaner[S0].txt [9734 2014-03-10] () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON/10 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON/10 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON/10 StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKLM - {60F87348-86E5-451B-9BF5-827962FDC2AA} URL = hxxp://es.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF SearchScopes: HKLM - {E3848119-4DC7-48D3-9206-9CB0B3FC721B} URL = hxxp://es.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKLM-x32 - {60F87348-86E5-451B-9BF5-827962FDC2AA} URL = hxxp://es.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF SearchScopes: HKCU - {60F87348-86E5-451B-9BF5-827962FDC2AA} URL = hxxp://es.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF BHO: No Name - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - No File BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard) BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Aplicación auxiliar de inicio de sesión de Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard) BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2010-07-17] (EasyBits Software Corp.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\usuaria\AppData\Roaming\Mozilla\Firefox\Profiles\mmvl8w6m.default-1358496739434 FF DefaultSearchEngine: Google FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll () FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin: @java.com/DTPlugin,version=10.15.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.15.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\usuaria\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Plugin HKCU: @yahoo.com/BrowserPlus,version=2.9.8 - C:\Users\usuaria\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-01-03] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-12-16] FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-12-16] Chrome: ======= CHR HomePage: hxxp://www.google.com/ CHR Plugin: (Shockwave Flash) - C:\Users\usuaria\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.139\pepflashplayer.dll No File CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\pdf.dll () CHR Plugin: (Skype Click to Call) - C:\Users\usuaria\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\npSkypeChromePlugin.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll No File CHR Plugin: (Java(TM) Platform SE 6 U39) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (BrowserPlus (from Yahoo!) v2.9.8) - C:\Users\usuaria\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.) CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll No File CHR Plugin: (Java Deployment Toolkit 6.0.390.4) - C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation) CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File CHR Extension: (Skype Click to Call) - C:\Users\usuaria\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-02-11] CHR Extension: (Google Wallet) - C:\Users\usuaria\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-01-03] ==================== Services (Whitelisted) ================= S2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363616 2014-01-03] (Microsoft Corporation) S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748640 2014-01-03] (Microsoft Corporation) S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) ==================== Drivers (Whitelisted) ==================== S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-23] (Realtek Semiconductor Corp.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-03-10 10:04 - 2014-03-10 10:04 - 00001167 _____ () C:\Users\usuaria\Desktop\FRST.txt 2014-03-10 10:04 - 2014-03-10 10:04 - 00000000 ____D () C:\Users\usuaria\Desktop\FRST-OlderVersion 2014-03-10 09:52 - 2014-03-10 09:52 - 00000000 ____D () C:\Windows\ERUNT 2014-03-10 09:33 - 2014-03-10 09:37 - 00000000 ____D () C:\AdwCleaner 2014-03-08 23:16 - 2014-03-08 23:18 - 138607664 _____ () C:\Users\usuaria\Downloads\avira_free_antivirus_de_14.0.3.350.exe 2014-03-08 23:05 - 2014-03-08 23:05 - 00018336 _____ () C:\ComboFix.txt 2014-03-08 22:45 - 2014-03-08 22:46 - 05187267 ____R (Swearware) C:\Users\usuaria\Desktop\ComboFix.exe 2014-03-07 22:05 - 2014-03-07 22:05 - 00057454 _____ () C:\Users\usuaria\Downloads\Curriculum Sissy van Weber, General trilingual.odt 2014-03-07 22:05 - 2014-03-07 22:05 - 00057454 _____ () C:\Users\usuaria\Downloads\Curriculum Sissy van Weber, General trilingual (1).odt 2014-03-07 10:01 - 2014-03-07 10:01 - 00037907 _____ () C:\Users\usuaria\Downloads\Addition.txt 2014-03-07 10:00 - 2014-03-10 10:04 - 02157056 _____ (Farbar) C:\Users\usuaria\Desktop\FRST64.exe 2014-03-07 10:00 - 2014-03-10 10:04 - 00000000 ____D () C:\FRST 2014-03-07 10:00 - 2014-03-07 10:01 - 00030286 _____ () C:\Users\usuaria\Downloads\FRST.txt 2014-03-07 09:45 - 2014-03-07 09:45 - 00000000 ____D () C:\Users\test\AppData\Roaming\Windows Live Writer 2014-03-07 09:45 - 2014-03-07 09:45 - 00000000 ____D () C:\Users\test\AppData\Local\Windows Live Writer 2014-03-07 09:45 - 2014-03-07 09:45 - 00000000 ____D () C:\Users\test\AppData\Local\Cyberlink 2014-03-07 09:45 - 2014-03-07 09:45 - 00000000 ____D () C:\Users\test\AppData\Local\{81E2B03F-4A6A-42AD-92F3-0DD1159A5398} 2014-03-07 09:44 - 2014-03-07 09:45 - 00000000 ____D () C:\Users\test\AppData\Roaming\CyberLink 2014-03-07 09:44 - 2014-03-07 09:44 - 00000000 ____D () C:\Users\test\Documents\CyberLink 2014-03-06 18:55 - 2014-03-06 18:55 - 00000000 ____D () C:\Users\test\AppData\Roaming\HpUpdate 2014-03-06 18:11 - 2014-03-06 18:11 - 00000941 _____ () C:\Windows\SysWOW64\InstallUtil.InstallLog 2014-03-06 15:38 - 2014-03-06 15:38 - 00362840 _____ () C:\Windows\Minidump\030614-64350-01.dmp 2014-03-06 15:35 - 2014-03-06 15:35 - 00000000 ____D () C:\Users\test\AppData\Local\Skype 2014-03-06 15:30 - 2014-03-06 15:30 - 00339784 _____ () C:\Windows\Minidump\030614-22261-01.dmp 2014-03-06 15:29 - 2014-03-06 15:37 - 301894593 ____N () C:\Windows\MEMORY.DMP 2014-03-06 15:29 - 2014-03-06 15:32 - 00369075 ____N () C:\Windows\Minidump\030614-18049-01.dmp 2014-03-06 15:29 - 2014-03-06 15:31 - 00369075 ____N () C:\Windows\Minidump\030614-16879-01.dmp 2014-02-16 18:14 - 2014-02-16 18:14 - 00002177 _____ () C:\Users\usuaria\Desktop\HP Support Assistant.lnk 2014-02-16 18:05 - 2014-02-16 18:05 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F} ==================== One Month Modified Files and Folders ======= 2014-03-10 10:04 - 2014-03-10 10:04 - 00001167 _____ () C:\Users\usuaria\Desktop\FRST.txt 2014-03-10 10:04 - 2014-03-10 10:04 - 00000000 ____D () C:\Users\usuaria\Desktop\FRST-OlderVersion 2014-03-10 10:04 - 2014-03-07 10:00 - 02157056 _____ (Farbar) C:\Users\usuaria\Desktop\FRST64.exe 2014-03-10 10:04 - 2014-03-07 10:00 - 00000000 ____D () C:\FRST 2014-03-10 09:59 - 2013-01-30 01:15 - 00000000 ____D () C:\Users\usuaria\Desktop\virenbeseitigung 2014-03-10 09:52 - 2014-03-10 09:52 - 00000000 ____D () C:\Windows\ERUNT 2014-03-10 09:39 - 2013-03-30 18:57 - 00035677 _____ () C:\Windows\setupact.log 2014-03-10 09:39 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-03-10 09:37 - 2014-03-10 09:33 - 00000000 ____D () C:\AdwCleaner 2014-03-10 00:54 - 2011-09-01 00:41 - 00000000 ____D () C:\ProgramData\Recovery 2014-03-08 23:21 - 2013-03-30 18:57 - 00004918 _____ () C:\Windows\PFRO.log 2014-03-08 23:20 - 2012-12-28 06:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-03-08 23:18 - 2014-03-08 23:16 - 138607664 _____ () C:\Users\usuaria\Downloads\avira_free_antivirus_de_14.0.3.350.exe 2014-03-08 23:05 - 2014-03-08 23:05 - 00018336 _____ () C:\ComboFix.txt 2014-03-08 23:05 - 2013-01-08 22:37 - 00000000 ____D () C:\Qoobox 2014-03-08 23:03 - 2011-12-07 15:10 - 00000000 ____D () C:\Users\usuaria 2014-03-08 23:03 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini 2014-03-08 22:46 - 2014-03-08 22:45 - 05187267 ____R (Swearware) C:\Users\usuaria\Desktop\ComboFix.exe 2014-03-08 22:45 - 2014-01-28 00:14 - 00000000 ____D () C:\Users\usuaria\Desktop\enero 2014 2014-03-08 22:32 - 2012-06-11 11:31 - 00000000 ____D () C:\Users\usuaria\Desktop\Sissys stuff 2014-03-08 22:31 - 2013-06-03 13:45 - 00000000 ____D () C:\Users\usuaria\Desktop\for sale 2014-03-08 22:18 - 2013-02-09 03:40 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-03-07 22:05 - 2014-03-07 22:05 - 00057454 _____ () C:\Users\usuaria\Downloads\Curriculum Sissy van Weber, General trilingual.odt 2014-03-07 22:05 - 2014-03-07 22:05 - 00057454 _____ () C:\Users\usuaria\Downloads\Curriculum Sissy van Weber, General trilingual (1).odt 2014-03-07 10:01 - 2014-03-07 10:01 - 00037907 _____ () C:\Users\usuaria\Downloads\Addition.txt 2014-03-07 10:01 - 2014-03-07 10:00 - 00030286 _____ () C:\Users\usuaria\Downloads\FRST.txt 2014-03-07 09:45 - 2014-03-07 09:45 - 00000000 ____D () C:\Users\test\AppData\Roaming\Windows Live Writer 2014-03-07 09:45 - 2014-03-07 09:45 - 00000000 ____D () C:\Users\test\AppData\Local\Windows Live Writer 2014-03-07 09:45 - 2014-03-07 09:45 - 00000000 ____D () C:\Users\test\AppData\Local\Cyberlink 2014-03-07 09:45 - 2014-03-07 09:45 - 00000000 ____D () C:\Users\test\AppData\Local\{81E2B03F-4A6A-42AD-92F3-0DD1159A5398} 2014-03-07 09:45 - 2014-03-07 09:44 - 00000000 ____D () C:\Users\test\AppData\Roaming\CyberLink 2014-03-07 09:44 - 2014-03-07 09:44 - 00000000 ____D () C:\Users\test\Documents\CyberLink 2014-03-07 09:19 - 2011-01-03 15:50 - 01344317 _____ () C:\Windows\WindowsUpdate.log 2014-03-06 19:13 - 2013-04-10 00:08 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2051178920-43645615-1976691682-1000UA.job 2014-03-06 18:56 - 2009-07-14 05:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-03-06 18:56 - 2009-07-14 05:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-03-06 18:55 - 2014-03-06 18:55 - 00000000 ____D () C:\Users\test\AppData\Roaming\HpUpdate 2014-03-06 18:11 - 2014-03-06 18:11 - 00000941 _____ () C:\Windows\SysWOW64\InstallUtil.InstallLog 2014-03-06 17:15 - 2013-03-30 19:17 - 00000000 ____D () C:\Users\usuaria\Desktop\Fotos laptop sissy 2014-03-06 15:47 - 2013-07-04 03:39 - 00000000 ____D () C:\Users\usuaria\Desktop\Skinny fiber 2014-03-06 15:38 - 2014-03-06 15:38 - 00362840 _____ () C:\Windows\Minidump\030614-64350-01.dmp 2014-03-06 15:38 - 2012-02-29 19:00 - 00000000 ____D () C:\Windows\Minidump 2014-03-06 15:37 - 2014-03-06 15:29 - 301894593 ____N () C:\Windows\MEMORY.DMP 2014-03-06 15:35 - 2014-03-06 15:35 - 00000000 ____D () C:\Users\test\AppData\Local\Skype 2014-03-06 15:35 - 2013-06-24 11:50 - 00000000 ____D () C:\Users\test\AppData\Roaming\Skype 2014-03-06 15:35 - 2012-06-29 12:03 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-03-06 15:35 - 2012-06-29 12:03 - 00000000 ____D () C:\ProgramData\Skype 2014-03-06 15:34 - 2013-02-09 03:40 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-03-06 15:32 - 2014-03-06 15:29 - 00369075 ____N () C:\Windows\Minidump\030614-18049-01.dmp 2014-03-06 15:31 - 2014-03-06 15:29 - 00369075 ____N () C:\Windows\Minidump\030614-16879-01.dmp 2014-03-06 15:30 - 2014-03-06 15:30 - 00339784 _____ () C:\Windows\Minidump\030614-22261-01.dmp 2014-03-06 15:27 - 2012-07-08 02:52 - 00000838 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-03-06 15:07 - 2012-06-29 12:03 - 00000000 ____D () C:\Users\usuaria\AppData\Roaming\Skype 2014-03-06 09:17 - 2013-01-13 02:47 - 00003994 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{12AEB229-F206-469F-BEDF-568CC887206D} 2014-03-06 03:03 - 2012-10-27 21:24 - 00003198 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForusuaria 2014-03-06 03:03 - 2012-10-27 21:24 - 00000340 _____ () C:\Windows\Tasks\HPCeeScheduleForusuaria.job 2014-03-06 01:13 - 2013-04-10 00:08 - 00000914 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2051178920-43645615-1976691682-1000Core.job 2014-03-03 23:39 - 2013-11-14 23:55 - 00669696 ___SH () C:\Users\usuaria\Desktop\Thumbs.db 2014-03-01 16:54 - 2013-10-13 16:13 - 02018816 ___SH () C:\Users\usuaria\Downloads\Thumbs.db 2014-03-01 15:02 - 2011-12-22 22:41 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt 2014-03-01 15:02 - 2011-12-20 16:38 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log 2014-02-27 16:03 - 2012-01-13 23:09 - 00000000 ____D () C:\Users\usuaria\AppData\Roaming\HpUpdate 2014-02-25 02:22 - 2012-06-29 00:24 - 00000000 ____D () C:\Users\usuaria\AppData\Local\Windows Live 2014-02-21 00:27 - 2012-07-08 02:52 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-02-21 00:27 - 2012-07-08 02:52 - 00003776 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-02-21 00:27 - 2011-12-07 15:27 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-02-19 03:31 - 2012-01-03 16:30 - 00000000 ____D () C:\Users\usuaria\AppData\Roaming\SoftGrid Client 2014-02-17 02:26 - 2013-07-24 03:58 - 00000000 ____D () C:\Windows\system32\MRT 2014-02-17 02:22 - 2011-12-26 01:13 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-02-16 23:06 - 2012-02-29 21:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-02-16 18:14 - 2014-02-16 18:14 - 00002177 _____ () C:\Users\usuaria\Desktop\HP Support Assistant.lnk 2014-02-16 18:14 - 2010-07-17 16:58 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-02-16 18:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help 2014-02-16 18:07 - 2010-07-17 16:56 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard 2014-02-16 18:05 - 2014-02-16 18:05 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F} 2014-02-16 18:04 - 2010-07-17 18:05 - 00000000 ____D () C:\ProgramData\Hewlett-Packard 2014-02-16 18:03 - 2009-09-07 01:40 - 00000000 ____D () C:\SwSetup 2014-02-16 17:29 - 2013-02-09 03:40 - 00004098 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-02-16 17:29 - 2013-02-09 03:40 - 00003846 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-02-16 17:28 - 2012-01-10 00:25 - 00003222 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForUSUARIA-HP$ 2014-02-16 17:28 - 2012-01-10 00:25 - 00000346 _____ () C:\Windows\Tasks\HPCeeScheduleForUSUARIA-HP$.job 2014-02-15 11:32 - 2009-07-14 06:08 - 00032622 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-02-14 21:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF Some content of TEMP: ==================== C:\Users\test\AppData\Local\Temp\avgnt.exe C:\Users\usuaria\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-03-02 13:03 ==================== End Of Log ============================ --- --- --- (/code) |
|
11.03.2014, 08:41
| #8 |
| /// the machine /// TB-Ausbilder | Bildschirm bleibt schwarz nach hochfahrenESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.03.2014, 15:22
| #9 |
| | Bildschirm bleibt schwarz nach hochfahren (CODE)ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6844 # api_version=3.0.2 # EOSSerial=1d1202d48d5cb2478782c407f99fac40 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=false # unsafe_checked=false # antistealth_checked=true # utc_time=2013-01-13 12:15:41 # local_time=2013-01-13 01:15:41 (+0100, Hora estándar romance) # country="Spain" # lang=1033 # osver=6.1.7600 NT # compatibility_mode=1799 16775165 100 96 35456 223459431 28240 0 # compatibility_mode=5893 16776574 100 94 3749065 109665991 0 0 # scanned=370415 # found=1 # cleaned=0 # scan_time=19828 H:\Users\Usuario\AppData\Local\Temp\is2063840535\YontooSetup-DropDownDeals-SilentInstaller.exe multiple threats (unable to clean) 9974203F4B01A56D0BF8DDA08F205E244DB37744 I ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=1d1202d48d5cb2478782c407f99fac40 # engine=13217 # end=finished # remove_checked=false # archives_checked=false # unwanted_checked=false # unsafe_checked=false # antistealth_checked=true # utc_time=2013-02-22 02:23:37 # local_time=2013-02-22 03:23:37 (+0100, Hora estándar romance) # country="Spain" # lang=1033 # osver=6.1.7600 NT # compatibility_mode=1799 16775165 100 96 26005 226923107 18786 0 # compatibility_mode=5893 16776574 100 94 7212741 113129667 0 0 # scanned=198726 # found=0 # cleaned=0 # scan_time=5507 ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=1d1202d48d5cb2478782c407f99fac40 # engine=17391 # end=stopped # remove_checked=false # archives_checked=true # unwanted_checked=false # unsafe_checked=false # antistealth_checked=true # utc_time=2014-03-11 09:13:28 # local_time=2014-03-11 10:13:28 (+0100, Hora estándar romance) # country="Spain" # lang=1033 # osver=6.1.7600 NT # compatibility_mode=5893 16776573 100 94 202123 146159058 0 0 # scanned=120681 # found=1 # cleaned=0 # scan_time=2917 sh=C093C0DD1DC61F70CDAED22D2048ECFBAC812AAB ft=1 fh=a887a1b73a753760 vn="Win32/AdWare.CycloneAd.A application" ac=I fn="C:\Users\usuaria\AppData\Local\Context2pro\conadvanced.exe" ESETSmartInstaller@High as downloader log: all ok ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=1d1202d48d5cb2478782c407f99fac40 # engine=17394 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=false # unsafe_checked=false # antistealth_checked=true # utc_time=2014-03-11 01:20:46 # local_time=2014-03-11 02:20:46 (+0100, Hora estándar romance) # country="Spain" # lang=1033 # osver=6.1.7600 NT # compatibility_mode=5893 16776573 100 94 216961 146173896 0 0 # scanned=401245 # found=2 # cleaned=0 # scan_time=9987 sh=C093C0DD1DC61F70CDAED22D2048ECFBAC812AAB ft=1 fh=a887a1b73a753760 vn="Win32/AdWare.CycloneAd.A application" ac=I fn="C:\Users\usuaria\AppData\Local\Context2pro\conadvanced.exe" sh=9974203F4B01A56D0BF8DDA08F205E244DB37744 ft=1 fh=c1e21f80a1b61219 vn="multiple threats" ac=I fn="H:\Users\Usuario\AppData\Local\Temp\is2063840535\YontooSetup-DropDownDeals-SilentInstaller.exe" (/CODE) (code) Results of screen317's Security Check version 0.99.80 Windows 7 x64 (UAC is enabled) Out of date service pack!! ``````````````Antivirus/Firewall Check:`````````````` Windows Security Center service is not running! This report may not be accurate! WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 1.75.0.1300 Java 7 Update 25 Java version out of Date! Adobe Flash Player 12.0.0.70 Mozilla Firefox 18.0 Firefox out of Date! Google Chrome 33.0.1750.117 Google Chrome 33.0.1750.146 ````````Process Check: objlist.exe by Laurent```````` `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` (/code) (code) FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-03-2014 02 Ran by usuaria (administrator) on USUARIA-HP on 11-03-2014 15:18:25 Running from C:\Users\usuaria\Desktop\virenbeseitigung Windows 7 Home Premium (X64) OS Language: Spanish Modern Sort Internet Explorer Version 8 Boot Mode: Safe Mode (with Networking) ==================== Processes (Whitelisted) ================= (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6486120 2013-05-26] (Realtek Semiconductor) HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [577408 2012-02-15] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard) HKLM-x32\...\Run: [] - [X] HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-02-25] (Hewlett-Packard) HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware ] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1 HKU\S-1-5-21-2051178920-43645615-1976691682-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.) HKU\S-1-5-21-2051178920-43645615-1976691682-1000\...\Run: [Messenger (Yahoo!)] - C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.) HKU\S-1-5-21-2051178920-43645615-1976691682-1000\...\Run: [HP Deskjet 3050A J611 series (NET)] - C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-2051178920-43645615-1976691682-1000\...\RunOnce: [Report] - C:\AdwCleaner\AdwCleaner[S0].txt [9734 2014-03-10] () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON/10 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON/10 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON/10 StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKLM - {60F87348-86E5-451B-9BF5-827962FDC2AA} URL = hxxp://es.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF SearchScopes: HKLM - {E3848119-4DC7-48D3-9206-9CB0B3FC721B} URL = hxxp://es.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKLM-x32 - {60F87348-86E5-451B-9BF5-827962FDC2AA} URL = hxxp://es.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF SearchScopes: HKCU - DefaultScope {60F87348-86E5-451B-9BF5-827962FDC2AA} URL = hxxp://es.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF SearchScopes: HKCU - {60F87348-86E5-451B-9BF5-827962FDC2AA} URL = hxxp://es.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF BHO: No Name - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - No File BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard) BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Aplicación auxiliar de inicio de sesión de Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard) BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2010-07-17] (EasyBits Software Corp.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\usuaria\AppData\Roaming\Mozilla\Firefox\Profiles\mmvl8w6m.default-1358496739434 FF DefaultSearchEngine: Google FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll () FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin: @java.com/DTPlugin,version=10.15.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.15.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\usuaria\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Plugin HKCU: @yahoo.com/BrowserPlus,version=2.9.8 - C:\Users\usuaria\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-01-03] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-12-16] FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-12-16] Chrome: ======= CHR HomePage: hxxp://www.google.com/ CHR Plugin: (Shockwave Flash) - C:\Users\usuaria\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.139\pepflashplayer.dll No File CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\pdf.dll () CHR Plugin: (Skype Click to Call) - C:\Users\usuaria\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\npSkypeChromePlugin.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll No File CHR Plugin: (Java(TM) Platform SE 6 U39) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (BrowserPlus (from Yahoo!) v2.9.8) - C:\Users\usuaria\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.) CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll No File CHR Plugin: (Java Deployment Toolkit 6.0.390.4) - C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation) CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File CHR Extension: (Skype Click to Call) - C:\Users\usuaria\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-02-11] CHR Extension: (Google Wallet) - C:\Users\usuaria\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-01-03] ==================== Services (Whitelisted) ================= S2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363616 2014-01-03] (Microsoft Corporation) S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748640 2014-01-03] (Microsoft Corporation) S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) ==================== Drivers (Whitelisted) ==================== S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-23] (Realtek Semiconductor Corp.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-03-11 15:14 - 2014-03-11 15:14 - 00987442 _____ () C:\Users\usuaria\Downloads\SecurityCheck.exe 2014-03-10 10:04 - 2014-03-10 10:04 - 00000000 ____D () C:\Users\usuaria\Desktop\FRST-OlderVersion 2014-03-10 09:52 - 2014-03-10 09:52 - 00000000 ____D () C:\Windows\ERUNT 2014-03-10 09:33 - 2014-03-10 09:37 - 00000000 ____D () C:\AdwCleaner 2014-03-08 23:16 - 2014-03-08 23:18 - 138607664 _____ () C:\Users\usuaria\Downloads\avira_free_antivirus_de_14.0.3.350.exe 2014-03-08 23:05 - 2014-03-08 23:05 - 00018336 _____ () C:\ComboFix.txt 2014-03-08 22:45 - 2014-03-08 22:46 - 05187267 ____R (Swearware) C:\Users\usuaria\Desktop\ComboFix.exe 2014-03-07 22:05 - 2014-03-07 22:05 - 00057454 _____ () C:\Users\usuaria\Downloads\Curriculum Sissy van Weber, General trilingual.odt 2014-03-07 22:05 - 2014-03-07 22:05 - 00057454 _____ () C:\Users\usuaria\Downloads\Curriculum Sissy van Weber, General trilingual (1).odt 2014-03-07 10:01 - 2014-03-07 10:01 - 00037907 _____ () C:\Users\usuaria\Downloads\Addition.txt 2014-03-07 10:00 - 2014-03-11 15:18 - 00000000 ____D () C:\FRST 2014-03-07 10:00 - 2014-03-07 10:01 - 00030286 _____ () C:\Users\usuaria\Downloads\FRST.txt 2014-03-07 09:45 - 2014-03-07 09:45 - 00000000 ____D () C:\Users\test\AppData\Roaming\Windows Live Writer 2014-03-07 09:45 - 2014-03-07 09:45 - 00000000 ____D () C:\Users\test\AppData\Local\Windows Live Writer 2014-03-07 09:45 - 2014-03-07 09:45 - 00000000 ____D () C:\Users\test\AppData\Local\Cyberlink 2014-03-07 09:45 - 2014-03-07 09:45 - 00000000 ____D () C:\Users\test\AppData\Local\{81E2B03F-4A6A-42AD-92F3-0DD1159A5398} 2014-03-07 09:44 - 2014-03-07 09:45 - 00000000 ____D () C:\Users\test\AppData\Roaming\CyberLink 2014-03-07 09:44 - 2014-03-07 09:44 - 00000000 ____D () C:\Users\test\Documents\CyberLink 2014-03-06 18:55 - 2014-03-06 18:55 - 00000000 ____D () C:\Users\test\AppData\Roaming\HpUpdate 2014-03-06 18:11 - 2014-03-06 18:11 - 00000941 _____ () C:\Windows\SysWOW64\InstallUtil.InstallLog 2014-03-06 15:38 - 2014-03-06 15:38 - 00362840 _____ () C:\Windows\Minidump\030614-64350-01.dmp 2014-03-06 15:35 - 2014-03-06 15:35 - 00000000 ____D () C:\Users\test\AppData\Local\Skype 2014-03-06 15:30 - 2014-03-06 15:30 - 00339784 _____ () C:\Windows\Minidump\030614-22261-01.dmp 2014-03-06 15:29 - 2014-03-06 15:37 - 301894593 ____N () C:\Windows\MEMORY.DMP 2014-03-06 15:29 - 2014-03-06 15:32 - 00369075 ____N () C:\Windows\Minidump\030614-18049-01.dmp 2014-03-06 15:29 - 2014-03-06 15:31 - 00369075 ____N () C:\Windows\Minidump\030614-16879-01.dmp 2014-02-16 18:14 - 2014-02-16 18:14 - 00002177 _____ () C:\Users\usuaria\Desktop\HP Support Assistant.lnk 2014-02-16 18:05 - 2014-02-16 18:05 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F} ==================== One Month Modified Files and Folders ======= 2014-03-11 15:18 - 2014-03-07 10:00 - 00000000 ____D () C:\FRST 2014-03-11 15:18 - 2013-01-30 01:15 - 00000000 ____D () C:\Users\usuaria\Desktop\virenbeseitigung 2014-03-11 15:14 - 2014-03-11 15:14 - 00987442 _____ () C:\Users\usuaria\Downloads\SecurityCheck.exe 2014-03-11 15:04 - 2010-07-18 02:27 - 00704276 _____ () C:\Windows\system32\perfh00A.dat 2014-03-11 15:04 - 2010-07-18 02:27 - 00138016 _____ () C:\Windows\system32\perfc00A.dat 2014-03-11 15:04 - 2009-07-14 06:13 - 01557434 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-03-11 09:13 - 2013-03-30 18:57 - 00035733 _____ () C:\Windows\setupact.log 2014-03-11 09:13 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-03-10 10:04 - 2014-03-10 10:04 - 00000000 ____D () C:\Users\usuaria\Desktop\FRST-OlderVersion 2014-03-10 09:52 - 2014-03-10 09:52 - 00000000 ____D () C:\Windows\ERUNT 2014-03-10 09:37 - 2014-03-10 09:33 - 00000000 ____D () C:\AdwCleaner 2014-03-10 00:54 - 2011-09-01 00:41 - 00000000 ____D () C:\ProgramData\Recovery 2014-03-08 23:21 - 2013-03-30 18:57 - 00004918 _____ () C:\Windows\PFRO.log 2014-03-08 23:20 - 2012-12-28 06:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-03-08 23:18 - 2014-03-08 23:16 - 138607664 _____ () C:\Users\usuaria\Downloads\avira_free_antivirus_de_14.0.3.350.exe 2014-03-08 23:05 - 2014-03-08 23:05 - 00018336 _____ () C:\ComboFix.txt 2014-03-08 23:05 - 2013-01-08 22:37 - 00000000 ____D () C:\Qoobox 2014-03-08 23:03 - 2011-12-07 15:10 - 00000000 ____D () C:\Users\usuaria 2014-03-08 23:03 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini 2014-03-08 22:46 - 2014-03-08 22:45 - 05187267 ____R (Swearware) C:\Users\usuaria\Desktop\ComboFix.exe 2014-03-08 22:45 - 2014-01-28 00:14 - 00000000 ____D () C:\Users\usuaria\Desktop\enero 2014 2014-03-08 22:32 - 2012-06-11 11:31 - 00000000 ____D () C:\Users\usuaria\Desktop\Sissys stuff 2014-03-08 22:31 - 2013-06-03 13:45 - 00000000 ____D () C:\Users\usuaria\Desktop\for sale 2014-03-08 22:18 - 2013-02-09 03:40 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-03-07 22:05 - 2014-03-07 22:05 - 00057454 _____ () C:\Users\usuaria\Downloads\Curriculum Sissy van Weber, General trilingual.odt 2014-03-07 22:05 - 2014-03-07 22:05 - 00057454 _____ () C:\Users\usuaria\Downloads\Curriculum Sissy van Weber, General trilingual (1).odt 2014-03-07 10:01 - 2014-03-07 10:01 - 00037907 _____ () C:\Users\usuaria\Downloads\Addition.txt 2014-03-07 10:01 - 2014-03-07 10:00 - 00030286 _____ () C:\Users\usuaria\Downloads\FRST.txt 2014-03-07 09:45 - 2014-03-07 09:45 - 00000000 ____D () C:\Users\test\AppData\Roaming\Windows Live Writer 2014-03-07 09:45 - 2014-03-07 09:45 - 00000000 ____D () C:\Users\test\AppData\Local\Windows Live Writer 2014-03-07 09:45 - 2014-03-07 09:45 - 00000000 ____D () C:\Users\test\AppData\Local\Cyberlink 2014-03-07 09:45 - 2014-03-07 09:45 - 00000000 ____D () C:\Users\test\AppData\Local\{81E2B03F-4A6A-42AD-92F3-0DD1159A5398} 2014-03-07 09:45 - 2014-03-07 09:44 - 00000000 ____D () C:\Users\test\AppData\Roaming\CyberLink 2014-03-07 09:44 - 2014-03-07 09:44 - 00000000 ____D () C:\Users\test\Documents\CyberLink 2014-03-07 09:19 - 2011-01-03 15:50 - 01344317 _____ () C:\Windows\WindowsUpdate.log 2014-03-06 19:13 - 2013-04-10 00:08 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2051178920-43645615-1976691682-1000UA.job 2014-03-06 18:56 - 2009-07-14 05:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-03-06 18:56 - 2009-07-14 05:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-03-06 18:55 - 2014-03-06 18:55 - 00000000 ____D () C:\Users\test\AppData\Roaming\HpUpdate 2014-03-06 18:11 - 2014-03-06 18:11 - 00000941 _____ () C:\Windows\SysWOW64\InstallUtil.InstallLog 2014-03-06 17:15 - 2013-03-30 19:17 - 00000000 ____D () C:\Users\usuaria\Desktop\Fotos laptop sissy 2014-03-06 15:47 - 2013-07-04 03:39 - 00000000 ____D () C:\Users\usuaria\Desktop\Skinny fiber 2014-03-06 15:38 - 2014-03-06 15:38 - 00362840 _____ () C:\Windows\Minidump\030614-64350-01.dmp 2014-03-06 15:38 - 2012-02-29 19:00 - 00000000 ____D () C:\Windows\Minidump 2014-03-06 15:37 - 2014-03-06 15:29 - 301894593 ____N () C:\Windows\MEMORY.DMP 2014-03-06 15:35 - 2014-03-06 15:35 - 00000000 ____D () C:\Users\test\AppData\Local\Skype 2014-03-06 15:35 - 2013-06-24 11:50 - 00000000 ____D () C:\Users\test\AppData\Roaming\Skype 2014-03-06 15:35 - 2012-06-29 12:03 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-03-06 15:35 - 2012-06-29 12:03 - 00000000 ____D () C:\ProgramData\Skype 2014-03-06 15:34 - 2013-02-09 03:40 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-03-06 15:32 - 2014-03-06 15:29 - 00369075 ____N () C:\Windows\Minidump\030614-18049-01.dmp 2014-03-06 15:31 - 2014-03-06 15:29 - 00369075 ____N () C:\Windows\Minidump\030614-16879-01.dmp 2014-03-06 15:30 - 2014-03-06 15:30 - 00339784 _____ () C:\Windows\Minidump\030614-22261-01.dmp 2014-03-06 15:27 - 2012-07-08 02:52 - 00000838 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-03-06 15:07 - 2012-06-29 12:03 - 00000000 ____D () C:\Users\usuaria\AppData\Roaming\Skype 2014-03-06 09:17 - 2013-01-13 02:47 - 00003994 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{12AEB229-F206-469F-BEDF-568CC887206D} 2014-03-06 03:03 - 2012-10-27 21:24 - 00003198 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForusuaria 2014-03-06 03:03 - 2012-10-27 21:24 - 00000340 _____ () C:\Windows\Tasks\HPCeeScheduleForusuaria.job 2014-03-06 01:13 - 2013-04-10 00:08 - 00000914 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2051178920-43645615-1976691682-1000Core.job 2014-03-03 23:39 - 2013-11-14 23:55 - 00669696 ___SH () C:\Users\usuaria\Desktop\Thumbs.db 2014-03-01 16:54 - 2013-10-13 16:13 - 02018816 ___SH () C:\Users\usuaria\Downloads\Thumbs.db 2014-03-01 15:02 - 2011-12-22 22:41 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt 2014-03-01 15:02 - 2011-12-20 16:38 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log 2014-02-27 16:03 - 2012-01-13 23:09 - 00000000 ____D () C:\Users\usuaria\AppData\Roaming\HpUpdate 2014-02-25 02:22 - 2012-06-29 00:24 - 00000000 ____D () C:\Users\usuaria\AppData\Local\Windows Live 2014-02-21 00:27 - 2012-07-08 02:52 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-02-21 00:27 - 2012-07-08 02:52 - 00003776 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-02-21 00:27 - 2011-12-07 15:27 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-02-19 03:31 - 2012-01-03 16:30 - 00000000 ____D () C:\Users\usuaria\AppData\Roaming\SoftGrid Client 2014-02-17 02:26 - 2013-07-24 03:58 - 00000000 ____D () C:\Windows\system32\MRT 2014-02-17 02:22 - 2011-12-26 01:13 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-02-16 23:06 - 2012-02-29 21:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-02-16 18:14 - 2014-02-16 18:14 - 00002177 _____ () C:\Users\usuaria\Desktop\HP Support Assistant.lnk 2014-02-16 18:14 - 2010-07-17 16:58 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-02-16 18:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help 2014-02-16 18:07 - 2010-07-17 16:56 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard 2014-02-16 18:05 - 2014-02-16 18:05 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F} 2014-02-16 18:04 - 2010-07-17 18:05 - 00000000 ____D () C:\ProgramData\Hewlett-Packard 2014-02-16 18:03 - 2009-09-07 01:40 - 00000000 ____D () C:\SwSetup 2014-02-16 17:29 - 2013-02-09 03:40 - 00004098 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-02-16 17:29 - 2013-02-09 03:40 - 00003846 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-02-16 17:28 - 2012-01-10 00:25 - 00003222 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForUSUARIA-HP$ 2014-02-16 17:28 - 2012-01-10 00:25 - 00000346 _____ () C:\Windows\Tasks\HPCeeScheduleForUSUARIA-HP$.job 2014-02-15 11:32 - 2009-07-14 06:08 - 00032622 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-02-14 21:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF Some content of TEMP: ==================== C:\Users\test\AppData\Local\Temp\avgnt.exe C:\Users\usuaria\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-03-02 13:03 ==================== End Of Log ============================ --- --- --- --- --- --- (/code) Soll ich jetzt versuchen, den Laptop ohne abgesichterten Modus starten und sehen ob es geht? Oder noch nicht? |
|
12.03.2014, 12:09
| #10 |
| /// the machine /// TB-Ausbilder | Bildschirm bleibt schwarz nach hochfahren Ja. Java und Adobe updaten. Unbedingt WIndows updaten, da fehlt ein ganzes Servicepack-. Downloade dir bitte  Farbar Service Scanner
Poste bitte den Inhalt hier. und nen FRST Scan aus dem normalen Modus bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
12.03.2014, 16:39
| #11 |
| | Bildschirm bleibt schwarz nach hochfahren Bildschirm ist noch immer schwarz. Kann Windows nicht updaten. Liegt das am sicheren Modus?? Kann auch nicht Java updaten. Adobe ist nicht mehr aufzufinden auf dem laptop.. Trotzdem weiter mit FSS?? |
|
13.03.2014, 10:43
| #12 |
| /// the machine /// TB-Ausbilder | Bildschirm bleibt schwarz nach hochfahren Im normalen Modus immer noch scwarz und sonst gar nix zu sehen? IM abgesicherten Modus bitte ein neues Benutzerkonto mit Adminrechten anlegen, im normalen Modus in dieses neue Konto booten. Geht das?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
13.03.2014, 11:42
| #13 |
| | Bildschirm bleibt schwarz nach hochfahren Ok hab ich gemacht, neues Konto angelegt, gebootet im normalen Modus.. hochgefahren und alles hell.. 3 Minuten später total crash..blaue Schrift..Fehler im Windows driver oder so.. war zu kurz zum Lesen, da der Bildschrim wieder schwarz wurde... Im normalem Modus auf meinem Konto ist alles schwarz.. beim Start sieht man das Windows Zeichen, dann wird alles schwarz und bleibt schwarz. Was nun?? |
|
14.03.2014, 10:11
| #14 |
| /// the machine /// TB-Ausbilder | Bildschirm bleibt schwarz nach hochfahren Das neue Konto ist auch direkt hinüber? Nett. Öffne mal FRST im abgesicherten Modus, setz nen Haken bei Additional und scanne, poste beide Logfiles. Was hast Du als letztes am Rechner gemacht oder installiert, bevor das Problem das erste mal kam?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
16.03.2014, 13:58
| #15 |
| | Bildschirm bleibt schwarz nach hochfahren Hi, sorry hatte etwas viel Stress, deshalb erst jetzt die Antwort. Das Datum und die Uhr im Laptop hat jetzt auch den Geist aufgegeben. Läuft nur noch, wenn der Laptop an ist und kann nicht auf automatisch anpassen gestellt werden..Hier die 2 Logs vom FRST. (code) FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by usuaria (administrator) on USUARIA-HP on 16-03-2014 00:43:10
Running from C:\Users\usuaria\Downloads
Windows 7 Home Premium (X64) OS Language: Spanish Modern Sort
Internet Explorer Version 8
Boot Mode: Safe Mode (with Networking)
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6486120 2013-05-26] (Realtek Semiconductor)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [577408 2012-02-15] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-03-12] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2051178920-43645615-1976691682-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2051178920-43645615-1976691682-1000\...\Run: [Messenger (Yahoo!)] - C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-2051178920-43645615-1976691682-1000\...\Run: [HP Deskjet 3050A J611 series (NET)] - C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON/10
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON/10
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON/10
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {60F87348-86E5-451B-9BF5-827962FDC2AA} URL = hxxp://es.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM - {E3848119-4DC7-48D3-9206-9CB0B3FC721B} URL = hxxp://es.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {60F87348-86E5-451B-9BF5-827962FDC2AA} URL = hxxp://es.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - DefaultScope {60F87348-86E5-451B-9BF5-827962FDC2AA} URL = hxxp://es.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - {60F87348-86E5-451B-9BF5-827962FDC2AA} URL = hxxp://es.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
BHO: No Name - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Aplicación auxiliar de inicio de sesión de Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2010-07-17] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\usuaria\AppData\Roaming\Mozilla\Firefox\Profiles\mmvl8w6m.default-1358496739434
FF DefaultSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.15.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.15.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\usuaria\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @yahoo.com/BrowserPlus,version=2.9.8 - C:\Users\usuaria\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-01-03]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-12-16]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-12-16]
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\usuaria\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\pdf.dll ()
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (PDF-XChange Viewer) - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\usuaria\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (BrowserPlus (from Yahoo!) v2.9.8) - C:\Users\usuaria\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll No File
CHR Extension: (Skype Click to Call) - C:\Users\usuaria\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-02-11]
CHR Extension: (Google Wallet) - C:\Users\usuaria\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-01-03]
==================== Services (Whitelisted) =================
S2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363616 2014-01-03] (Microsoft Corporation)
S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748640 2014-01-03] (Microsoft Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-23] (Realtek Semiconductor Corp.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-16 00:41 - 2014-03-16 00:41 - 02157056 _____ (Farbar) C:\Users\usuaria\Downloads\FRST64.exe
2014-03-12 01:57 - 2014-03-12 01:57 - 00003180 _____ () C:\Windows\System32\Tasks\HPCeeScheduleFortest
2014-03-12 01:57 - 2014-03-12 01:57 - 00000000 ____D () C:\Users\usuaria\AppData\Local\Tracker Software
2014-03-12 01:57 - 2014-03-12 01:41 - 00000328 _____ () C:\Windows\Tasks\HPCeeScheduleFortest.job
2014-03-12 01:49 - 2014-03-12 01:49 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-03-12 01:49 - 2014-03-12 01:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-03-12 01:48 - 2014-03-12 01:49 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-03-12 01:48 - 2014-03-12 01:48 - 00000000 ____D () C:\Users\test\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2014-03-12 01:44 - 2014-03-12 01:44 - 00000000 ____D () C:\Users\usuaria\AppData\Local\Skype
2014-03-11 15:14 - 2014-03-11 15:14 - 00987442 _____ () C:\Users\usuaria\Downloads\SecurityCheck.exe
2014-03-10 10:04 - 2014-03-10 10:04 - 00000000 ____D () C:\Users\usuaria\Desktop\FRST-OlderVersion
2014-03-10 09:52 - 2014-03-10 09:52 - 00000000 ____D () C:\Windows\ERUNT
2014-03-10 09:33 - 2014-03-10 09:37 - 00000000 ____D () C:\AdwCleaner
2014-03-08 23:16 - 2014-03-08 23:18 - 138607664 _____ () C:\Users\usuaria\Downloads\avira_free_antivirus_de_14.0.3.350.exe
2014-03-08 23:05 - 2014-03-08 23:05 - 00018336 _____ () C:\ComboFix.txt
2014-03-08 22:45 - 2014-03-08 22:46 - 05187267 ____R (Swearware) C:\Users\usuaria\Desktop\ComboFix.exe
2014-03-07 22:05 - 2014-03-07 22:05 - 00057454 _____ () C:\Users\usuaria\Downloads\Curriculum Sissy van Weber, General trilingual.odt
2014-03-07 22:05 - 2014-03-07 22:05 - 00057454 _____ () C:\Users\usuaria\Downloads\Curriculum Sissy van Weber, General trilingual (1).odt
2014-03-07 10:01 - 2014-03-07 10:01 - 00037907 _____ () C:\Users\usuaria\Downloads\Addition.txt
2014-03-07 10:00 - 2014-03-16 00:43 - 00015964 _____ () C:\Users\usuaria\Downloads\FRST.txt
2014-03-07 10:00 - 2014-03-16 00:43 - 00000000 ____D () C:\FRST
2014-03-07 09:45 - 2014-03-07 09:45 - 00000000 ____D () C:\Users\test\AppData\Roaming\Windows Live Writer
2014-03-07 09:45 - 2014-03-07 09:45 - 00000000 ____D () C:\Users\test\AppData\Local\Windows Live Writer
2014-03-07 09:45 - 2014-03-07 09:45 - 00000000 ____D () C:\Users\test\AppData\Local\Cyberlink
2014-03-07 09:45 - 2014-03-07 09:45 - 00000000 ____D () C:\Users\test\AppData\Local\{81E2B03F-4A6A-42AD-92F3-0DD1159A5398}
2014-03-07 09:44 - 2014-03-07 09:45 - 00000000 ____D () C:\Users\test\AppData\Roaming\CyberLink
2014-03-07 09:44 - 2014-03-07 09:44 - 00000000 ____D () C:\Users\test\Documents\CyberLink
2014-03-06 18:55 - 2014-03-06 18:55 - 00000000 ____D () C:\Users\test\AppData\Roaming\HpUpdate
2014-03-06 18:11 - 2014-03-12 02:34 - 00001879 _____ () C:\Windows\SysWOW64\InstallUtil.InstallLog
2014-03-06 15:38 - 2014-03-06 15:38 - 00362840 _____ () C:\Windows\Minidump\030614-64350-01.dmp
2014-03-06 15:35 - 2014-03-06 15:35 - 00000000 ____D () C:\Users\test\AppData\Local\Skype
2014-03-06 15:30 - 2014-03-06 15:30 - 00339784 _____ () C:\Windows\Minidump\030614-22261-01.dmp
2014-03-06 15:29 - 2014-03-12 02:21 - 01691688 ____N () C:\Windows\Minidump\031214-30841-01.dmp
2014-03-06 15:29 - 2014-03-12 01:42 - 00551486 ____N () C:\Windows\Minidump\031214-18408-01.dmp
2014-03-06 15:29 - 2014-03-12 01:42 - 00550791 ____N () C:\Windows\Minidump\031214-18532-01.dmp
2014-03-06 15:29 - 2014-03-12 01:41 - 00876815 ____N () C:\Windows\Minidump\031214-26972-01.dmp
2014-03-06 15:29 - 2014-03-12 01:41 - 00350770 ____N () C:\Windows\Minidump\031214-21933-01.dmp
2014-03-06 15:29 - 2014-03-06 15:32 - 00369075 ____N () C:\Windows\Minidump\030614-18049-01.dmp
2014-03-06 15:29 - 2014-03-06 15:31 - 00369075 ____N () C:\Windows\Minidump\030614-16879-01.dmp
2014-02-16 18:14 - 2014-02-16 18:14 - 00002177 _____ () C:\Users\usuaria\Desktop\HP Support Assistant.lnk
2014-02-16 18:05 - 2014-02-16 18:05 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
==================== One Month Modified Files and Folders =======
2014-03-16 00:43 - 2014-03-07 10:00 - 00015964 _____ () C:\Users\usuaria\Downloads\FRST.txt
2014-03-16 00:43 - 2014-03-07 10:00 - 00000000 ____D () C:\FRST
2014-03-16 00:41 - 2014-03-16 00:41 - 02157056 _____ (Farbar) C:\Users\usuaria\Downloads\FRST64.exe
2014-03-16 00:39 - 2013-01-30 01:15 - 00000000 ____D () C:\Users\usuaria\Desktop\virenbeseitigung
2014-03-16 00:31 - 2013-03-30 18:57 - 00036573 _____ () C:\Windows\setupact.log
2014-03-16 00:31 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-15 20:12 - 2011-01-03 15:50 - 01574147 _____ () C:\Windows\WindowsUpdate.log
2014-03-12 02:38 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-12 02:37 - 2013-01-13 02:47 - 00003994 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{12AEB229-F206-469F-BEDF-568CC887206D}
2014-03-12 02:34 - 2014-03-06 18:11 - 00001879 _____ () C:\Windows\SysWOW64\InstallUtil.InstallLog
2014-03-12 02:34 - 2013-02-09 03:40 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-12 02:27 - 2012-07-08 02:52 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 02:27 - 2012-07-08 02:52 - 00003776 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 02:27 - 2012-07-08 02:52 - 00000838 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-12 02:27 - 2011-12-07 15:27 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 02:21 - 2014-03-06 15:29 - 01691688 ____N () C:\Windows\Minidump\031214-30841-01.dmp
2014-03-12 02:21 - 2012-06-29 12:03 - 00000000 ____D () C:\Users\usuaria\AppData\Roaming\Skype
2014-03-12 01:57 - 2014-03-12 01:57 - 00003180 _____ () C:\Windows\System32\Tasks\HPCeeScheduleFortest
2014-03-12 01:57 - 2014-03-12 01:57 - 00000000 ____D () C:\Users\usuaria\AppData\Local\Tracker Software
2014-03-12 01:55 - 2011-12-22 22:41 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-03-12 01:55 - 2011-12-20 16:38 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-03-12 01:50 - 2013-07-24 03:58 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-12 01:49 - 2014-03-12 01:49 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-03-12 01:49 - 2014-03-12 01:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-03-12 01:49 - 2014-03-12 01:48 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-03-12 01:49 - 2009-07-14 05:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-12 01:49 - 2009-07-14 05:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-12 01:48 - 2014-03-12 01:48 - 00000000 ____D () C:\Users\test\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2014-03-12 01:48 - 2013-01-28 19:57 - 00000000 ____D () C:\Users\test\AppData\Roaming\Adobe
2014-03-12 01:47 - 2011-12-26 01:13 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-12 01:46 - 2010-07-18 02:27 - 00704526 _____ () C:\Windows\system32\perfh00A.dat
2014-03-12 01:46 - 2010-07-18 02:27 - 00138234 _____ () C:\Windows\system32\perfc00A.dat
2014-03-12 01:46 - 2009-07-14 06:13 - 01557434 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-12 01:45 - 2012-05-18 10:29 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-12 01:45 - 2012-05-18 10:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-12 01:44 - 2014-03-12 01:44 - 00000000 ____D () C:\Users\usuaria\AppData\Local\Skype
2014-03-12 01:42 - 2014-03-06 15:29 - 00551486 ____N () C:\Windows\Minidump\031214-18408-01.dmp
2014-03-12 01:42 - 2014-03-06 15:29 - 00550791 ____N () C:\Windows\Minidump\031214-18532-01.dmp
2014-03-12 01:42 - 2013-02-09 03:40 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-12 01:41 - 2014-03-12 01:57 - 00000328 _____ () C:\Windows\Tasks\HPCeeScheduleFortest.job
2014-03-12 01:41 - 2014-03-06 15:29 - 00876815 ____N () C:\Windows\Minidump\031214-26972-01.dmp
2014-03-12 01:41 - 2014-03-06 15:29 - 00350770 ____N () C:\Windows\Minidump\031214-21933-01.dmp
2014-03-12 01:41 - 2012-02-29 19:00 - 00000000 ____D () C:\Windows\Minidump
2014-03-11 15:14 - 2014-03-11 15:14 - 00987442 _____ () C:\Users\usuaria\Downloads\SecurityCheck.exe
2014-03-10 10:04 - 2014-03-10 10:04 - 00000000 ____D () C:\Users\usuaria\Desktop\FRST-OlderVersion
2014-03-10 09:52 - 2014-03-10 09:52 - 00000000 ____D () C:\Windows\ERUNT
2014-03-10 09:37 - 2014-03-10 09:33 - 00000000 ____D () C:\AdwCleaner
2014-03-10 00:54 - 2011-09-01 00:41 - 00000000 ____D () C:\ProgramData\Recovery
2014-03-08 23:21 - 2013-03-30 18:57 - 00004918 _____ () C:\Windows\PFRO.log
2014-03-08 23:20 - 2012-12-28 06:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-08 23:18 - 2014-03-08 23:16 - 138607664 _____ () C:\Users\usuaria\Downloads\avira_free_antivirus_de_14.0.3.350.exe
2014-03-08 23:05 - 2014-03-08 23:05 - 00018336 _____ () C:\ComboFix.txt
2014-03-08 23:05 - 2013-01-08 22:37 - 00000000 ____D () C:\Qoobox
2014-03-08 23:03 - 2011-12-07 15:10 - 00000000 ____D () C:\Users\usuaria
2014-03-08 23:03 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-03-08 22:46 - 2014-03-08 22:45 - 05187267 ____R (Swearware) C:\Users\usuaria\Desktop\ComboFix.exe
2014-03-08 22:45 - 2014-01-28 00:14 - 00000000 ____D () C:\Users\usuaria\Desktop\enero 2014
2014-03-08 22:32 - 2012-06-11 11:31 - 00000000 ____D () C:\Users\usuaria\Desktop\Sissys stuff
2014-03-08 22:31 - 2013-06-03 13:45 - 00000000 ____D () C:\Users\usuaria\Desktop\for sale
2014-03-07 22:05 - 2014-03-07 22:05 - 00057454 _____ () C:\Users\usuaria\Downloads\Curriculum Sissy van Weber, General trilingual.odt
2014-03-07 22:05 - 2014-03-07 22:05 - 00057454 _____ () C:\Users\usuaria\Downloads\Curriculum Sissy van Weber, General trilingual (1).odt
2014-03-07 10:01 - 2014-03-07 10:01 - 00037907 _____ () C:\Users\usuaria\Downloads\Addition.txt
2014-03-07 09:45 - 2014-03-07 09:45 - 00000000 ____D () C:\Users\test\AppData\Roaming\Windows Live Writer
2014-03-07 09:45 - 2014-03-07 09:45 - 00000000 ____D () C:\Users\test\AppData\Local\Windows Live Writer
2014-03-07 09:45 - 2014-03-07 09:45 - 00000000 ____D () C:\Users\test\AppData\Local\Cyberlink
2014-03-07 09:45 - 2014-03-07 09:45 - 00000000 ____D () C:\Users\test\AppData\Local\{81E2B03F-4A6A-42AD-92F3-0DD1159A5398}
2014-03-07 09:45 - 2014-03-07 09:44 - 00000000 ____D () C:\Users\test\AppData\Roaming\CyberLink
2014-03-07 09:44 - 2014-03-07 09:44 - 00000000 ____D () C:\Users\test\Documents\CyberLink
2014-03-06 19:13 - 2013-04-10 00:08 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2051178920-43645615-1976691682-1000UA.job
2014-03-06 18:55 - 2014-03-06 18:55 - 00000000 ____D () C:\Users\test\AppData\Roaming\HpUpdate
2014-03-06 17:15 - 2013-03-30 19:17 - 00000000 ____D () C:\Users\usuaria\Desktop\Fotos laptop sissy
2014-03-06 15:47 - 2013-07-04 03:39 - 00000000 ____D () C:\Users\usuaria\Desktop\Skinny fiber
2014-03-06 15:38 - 2014-03-06 15:38 - 00362840 _____ () C:\Windows\Minidump\030614-64350-01.dmp
2014-03-06 15:35 - 2014-03-06 15:35 - 00000000 ____D () C:\Users\test\AppData\Local\Skype
2014-03-06 15:35 - 2013-06-24 11:50 - 00000000 ____D () C:\Users\test\AppData\Roaming\Skype
2014-03-06 15:35 - 2012-06-29 12:03 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-06 15:35 - 2012-06-29 12:03 - 00000000 ____D () C:\ProgramData\Skype
2014-03-06 15:32 - 2014-03-06 15:29 - 00369075 ____N () C:\Windows\Minidump\030614-18049-01.dmp
2014-03-06 15:31 - 2014-03-06 15:29 - 00369075 ____N () C:\Windows\Minidump\030614-16879-01.dmp
2014-03-06 15:30 - 2014-03-06 15:30 - 00339784 _____ () C:\Windows\Minidump\030614-22261-01.dmp
2014-03-06 03:03 - 2012-10-27 21:24 - 00003198 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForusuaria
2014-03-06 03:03 - 2012-10-27 21:24 - 00000340 _____ () C:\Windows\Tasks\HPCeeScheduleForusuaria.job
2014-03-06 01:13 - 2013-04-10 00:08 - 00000914 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2051178920-43645615-1976691682-1000Core.job
2014-03-03 23:39 - 2013-11-14 23:55 - 00669696 ___SH () C:\Users\usuaria\Desktop\Thumbs.db
2014-03-01 16:54 - 2013-10-13 16:13 - 02018816 ___SH () C:\Users\usuaria\Downloads\Thumbs.db
2014-02-27 16:03 - 2012-01-13 23:09 - 00000000 ____D () C:\Users\usuaria\AppData\Roaming\HpUpdate
2014-02-25 02:22 - 2012-06-29 00:24 - 00000000 ____D () C:\Users\usuaria\AppData\Local\Windows Live
2014-02-19 03:31 - 2012-01-03 16:30 - 00000000 ____D () C:\Users\usuaria\AppData\Roaming\SoftGrid Client
2014-02-16 23:06 - 2012-02-29 21:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-16 18:14 - 2014-02-16 18:14 - 00002177 _____ () C:\Users\usuaria\Desktop\HP Support Assistant.lnk
2014-02-16 18:14 - 2010-07-17 16:58 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-16 18:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2014-02-16 18:07 - 2010-07-17 16:56 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-02-16 18:05 - 2014-02-16 18:05 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-02-16 18:04 - 2010-07-17 18:05 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-02-16 18:03 - 2009-09-07 01:40 - 00000000 ____D () C:\SwSetup
2014-02-16 17:29 - 2013-02-09 03:40 - 00004098 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-16 17:29 - 2013-02-09 03:40 - 00003846 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-16 17:28 - 2012-01-10 00:25 - 00003222 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForUSUARIA-HP$
2014-02-16 17:28 - 2012-01-10 00:25 - 00000346 _____ () C:\Windows\Tasks\HPCeeScheduleForUSUARIA-HP$.job
2014-02-15 11:32 - 2009-07-14 06:08 - 00032622 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
Some content of TEMP:
====================
C:\Users\test\AppData\Local\Temp\avgnt.exe
C:\Users\usuaria\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-02 13:03
==================== End Of Log ============================
--- --- --- (/code) (code)Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014 Ran by usuaria at 2014-03-16 00:44:16 Running from C:\Users\usuaria\Downloads Boot Mode: Safe Mode (with Networking) ========================================================== ==================== Security Center ======================== AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} ==================== Installed Programs ====================== 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.) Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated) Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated) Adobe Shockwave Player 11.5 (HKLM-x32\...\{9ECF7817-DB11-4FBA-9DF1-296A578D513A}) (Version: 11.5.7.609 - Adobe Systems, Inc) Agatha Christie - Death on the Nile (x32 Version: 2.2.0.95 - WildTangent) Hidden AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) H (/code) |
|
| Themen zu Bildschirm bleibt schwarz nach hochfahren |
| 5 minuten, abgesicherten modus, bildschirm, helft, minute, nervt, pup.optional.babylon.a, pup.optional.babylontoolbar.a, pup.optional.conduit.a, pup.optional.delta.a, pup.optional.softonic, pup.optional.softonic.a, pup.optional.startpage, pup.optional.sweetim, schnell, schwarz, win32/adware.cyclonead.a |
WARNUNG an die MITLESER: 
Linear-Darstellung
