Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

PC very very slow and a "See simliar" label pop-up [Closed]


  • This topic is locked This topic is locked

#1
dragues

dragues

    Member

  • Member
  • PipPip
  • 74 posts
Hi, it's been a few weeks ago that my pc is very very slow. When it starts windows sometimes it takes like 5 or 10 minutes. Also, and this is very annoying, whenever I'm shopping online, if I mouse over a picture if gives me a popup with similar items from other stores. Thank you.

Here is my log:

OTL logfile created on: 26/10/2013 04:40:33 p.m. - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\dragues\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 0000080A | Country: México | Language: ESM | Date Format: dd/MM/yyyy

7.90 Gb Total Physical Memory | 4.41 Gb Available Physical Memory | 55.73% Memory free
15.74 Gb Paging File | 12.11 Gb Available in Paging File | 76.91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 919.22 Gb Total Space | 0.95 Gb Free Space | 0.10% Space Free | Partition Type: NTFS
Drive Y: | 12.25 Gb Total Space | 4.20 Gb Free Space | 34.29% Space Free | Partition Type: NTFS

Computer Name: DRAGUES-PC | User Name: dragues | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\dragues\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe (Conexant Systems, Inc.)
PRC - C:\Users\dragues\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Windows\SysWOW64\rpcnet.exe (Absolute Software Corp.)
PRC - C:\Program Files (x86)\JDownloader\jre\bin\javaw.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks SAS)
PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE ()
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe ()
PRC - C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe (CyberLink)
PRC - C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe (CyberLink)


========== Modules (No Company Name) ==========

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\c94852f43f7ac59fcbe4c54b119788d2\System.ServiceModel.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\96afc74588c6581e299884469ea0dced\System.Xml.Linq.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\a42743bb1ed71d59b6594b67cf6c9384\System.IdentityModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\4774201dc923674852e089053f76e76e\System.ServiceModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\8f5b881951592b2fd05f710650bf7e04\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bcf51dc88597d0835c819a2d5a755b74\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\51478a61dbd40488e320a0061e23c4df\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\c5f2c02bd940c74019ed4a183c7830c0\System.WorkflowServices.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\6ebbfafc5521934f7e1c154937a2788b\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e043ad64456256a8ee5b934e227d9782\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\1327ad2637aab17189c5461fbf30dc19\SMDiagnostics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll ()
MOD - C:\Users\dragues\AppData\Roaming\Dropbox\bin\libcef.dll ()
MOD - C:\Users\dragues\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_es_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE ()
MOD - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf ()
MOD - C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_es_31bf3856ad364e35\PresentationFramework.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_es_31bf3856ad364e35\PresentationCore.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_es_b77a5c561934e089\System.Runtime.Serialization.resources.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)
SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV:64bit: - (McAPExe) -- C:\Program Files\mcafee\msc\McAPExe.exe (McAfee, Inc.)
SRV:64bit: - (mfecore) -- C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe (McAfee, Inc.)
SRV:64bit: - (McODS) -- C:\Program Files\mcafee\virusscan\mcods.exe (McAfee, Inc.)
SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mcpltsvc) -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (HomeNetSvc) -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (CxUtilSvc) -- C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe (Conexant Systems, Inc.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (McOobeSv) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (ZeroConfigService) -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel® Corporation)
SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel® Corporation)
SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation)
SRV:64bit: - (BTHSSecurityMgr) -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel® Corporation)
SRV:64bit: - (AMPPALR3) -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation)
SRV:64bit: - (Intel® -- c:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel® Corporation)
SRV:64bit: - (McAWFwk) -- c:\Program Files\mcafee\msc\McAWFwk.exe (McAfee, Inc.)
SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel® Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (rpcnet) -- C:\Windows\SysWOW64\rpcnet.exe (Absolute Software Corp.)
SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe (McAfee, Inc.)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (Bluetooth OBEX Service) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation)
SRV - (Bluetooth Media Service) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation)
SRV - (Bluetooth Device Monitor) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks SAS)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (CLHNServiceForPowerDVD) -- C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe ()
SRV - (CyberLink PowerDVD 11.0 Service) -- C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe (CyberLink)
SRV - (CyberLink PowerDVD 11.0 Monitor Service) -- C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe (CyberLink)
SRV - (NOBU) -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe (Dell, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (HipShieldK) -- C:\Windows\SysNative\drivers\HipShieldK.sys (McAfee, Inc.)
DRV:64bit: - (mfencrk) -- C:\Windows\SysNative\drivers\mfencrk.sys (McAfee, Inc.)
DRV:64bit: - (mfencbdc) -- C:\Windows\SysNative\drivers\mfencbdc.sys (McAfee, Inc.)
DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
DRV:64bit: - (RSUSBVSTOR) -- C:\Windows\SysNative\drivers\RtsUVStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\Netwsw00.sys (Intel Corporation)
DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
DRV:64bit: - (ibtfltcoex) -- C:\Windows\SysNative\drivers\iBtFltCoex.sys (Intel Corporation)
DRV:64bit: - (AMPPALP) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (AMPPAL) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (btmhsf) -- C:\Windows\SysNative\drivers\btmhsf.sys (Intel Corporation)
DRV:64bit: - (btmaux) -- C:\Windows\SysNative\drivers\btmaux.sys (Intel Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation)
DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (NBVol) -- C:\Windows\SysNative\drivers\NBVol.sys (Nero AG)
DRV:64bit: - (NBVolUp) -- C:\Windows\SysNative\drivers\NBVolUp.sys (Nero AG)
DRV:64bit: - (CtClsFlt) -- C:\Windows\SysNative\drivers\CtClsFlt.sys (Creative Technology Ltd.)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys (Intel® Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (RimUsb) -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys (Research In Motion Limited)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (ntk_PowerDVD) -- C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys (Cyberlink Corp.)
DRV - ({329F96B6-DF1E-4328-BFDA-39EA953C1312}) -- C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl (CyberLink Corp.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {8735620E-D7A7-4BA2-A061-22B796F062FA}
IE:64bit: - HKLM\..\SearchScopes\{8735620E-D7A7-4BA2-A061-22B796F062FA}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{8735620E-D7A7-4BA2-A061-22B796F062FA}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/22
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\URLSearchHook: {db131c55-60c8-4adc-84dc-9e76ab06e2dc} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..extensions.enabledAddons: %7Ba3a5c777-f583-4fef-9380-ab4add1bc2a8%7D:4.3
FF - prefs.js..extensions.enabledAddons: WebSiteRecommendation%40weliketheweb.com:1.0.6
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\dragues\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\dragues\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\dragues\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/09/30 18:04:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/09/30 18:04:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK [2013/10/25 01:00:49 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/09/30 18:04:06 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/09/30 18:04:07 | 000,000,000 | ---D | M]

[2012/08/10 18:11:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\dragues\AppData\Roaming\Mozilla\Extensions
[2013/09/26 22:32:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\dragues\AppData\Roaming\Mozilla\Firefox\Profiles\tdtexgid.default\extensions
[2013/09/04 19:17:35 | 000,000,000 | ---D | M] ("WebSite Recommendation") -- C:\Users\dragues\AppData\Roaming\Mozilla\Firefox\Profiles\tdtexgid.default\extensions\[email protected]
[2013/09/04 19:15:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\dragues\AppData\Roaming\Mozilla\Firefox\Profilestdtexgid.default\extensions
[2013/09/04 19:15:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\dragues\AppData\Roaming\Mozilla\Firefox\Profilestdtexgid.default\extensions\staged
[2012/11/16 00:12:28 | 000,013,822 | ---- | M] () (No name found) -- C:\Users\dragues\AppData\Roaming\Mozilla\Firefox\Profiles\tdtexgid.default\extensions\{a3a5c777-f583-4fef-9380-ab4add1bc2a8}.xpi
[2013/09/30 18:04:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\Extensions
[2013/09/30 18:04:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013/09/30 18:04:11 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Delta Search (Enabled)
CHR - default_search_provider: search_url = http://www.google.com
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\dragues\AppData\Local\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\dragues\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\dragues\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2013 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: Microsoft Office 2013 (Enabled) = C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
CHR - plugin: Java™ Platform SE 7 U21 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: McAfee Security Scanner + (Enabled) = C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\dragues\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Users\dragues\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: Google Docs = C:\Users\dragues\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\dragues\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\dragues\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: B\u00FAsqueda de Google = C:\Users\dragues\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Gmail = C:\Users\dragues\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/08/11 01:58:51 | 000,001,900 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.nero.com
O1 - Hosts: 127.0.0.1 www.nero.com/esl/index.html
O1 - Hosts: 127.0.0.1 www.nero.com/esl/support.html
O1 - Hosts: 127.0.0.1 www.nero.com/esl/support-customer-service-product-registration.html
O1 - Hosts: 127.0.0.1 www.nero.com/esl/store-upgrade-center.html
O1 - Hosts: 127.0.0.1 www.nero.com/esl/store-volume-licensing.html
O1 - Hosts: 127.0.0.1 www.nero.com/eng/support.html?NeroSID=392cba06859c3dcd87b47525e97a3b80
O1 - Hosts: 127.0.0.1 www.nero.com/eng/store-upgrade-center.html?NeroSID=392cba06859c3dcd87b47525e97a3b80
O1 - Hosts: 127.0.0.1 www.nero.com/eng/support-customer-service-product-registration.html?NeroSID=392cba06859c3dcd87b47525e97a3b80
O1 - Hosts: 127.0.0.1 www.nero.com/eng/index.html
O1 - Hosts: 127.0.0.1 www.nero.com/eng/store-upgrade-center.html&sa=X&oi=smap&resnum=1&ct=result&cd=6&usg=AFQjCNFRzc_q0umeKlIj7pPYNNBYCFbXkg
O1 - Hosts: 127.0.0.1 www.nero.com/enu/support-nero8.html
O1 - Hosts: 127.0.0.1 my.nero.com
O1 - Hosts: 127.0.0.1 secure.nero.com/us/secure.asp
O1 - Hosts: 127.0.0.1 [email protected]
O1 - Hosts: 127.0.0.1 registernero.com
O1 - Hosts: 127.0.0.1 www.registernero.com
O1 - Hosts: 127.0.0.1 nero.com
O1 - Hosts: 127.0.0.1 www.nero.com/eng/privacy.html.
O1 - Hosts: 127.0.0.1 [email protected]
O1 - Hosts: 127.0.0.1 support.nero.com
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [BLEServicesCtrl] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SA3\SACpl.exe (Conexant Systems, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe File not found
O4 - HKCU..\RunOnce: [Uninstall C:\Users\dragues\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\dragues\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64" File not found
O4 - Startup: C:\Users\dragues\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\dragues\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data]
O8:64bit: - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Descargar con Mipony - C:\Program Files (x86)\MiPony\Browser\IEContext.htm ()
O8:64bit: - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Descargar con Mipony - C:\Program Files (x86)\MiPony\Browser\IEContext.htm ()
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: dell.com ([]* in Trusted sites)
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creat...102/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creat...13/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zon...er.cab56986.cab (Minesweeper Flags Class)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...21022/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A780B4AD-2369-44DD-BA4D-A05E1EA9463D}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D4F3D782-62CC-4F93-BEB0-77D40DC9F3BE}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/04/30 16:01:00 | 000,000,053 | -HS- | M] () - Y:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{c553f07e-5303-11e2-b3c6-685d43ee475f}\Shell - "" = AutoRun
O33 - MountPoints2\{c553f07e-5303-11e2-b3c6-685d43ee475f}\Shell\AutoRun\command - "" = E:\MotoCastSetup.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/10/26 15:20:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013/10/20 20:20:19 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2013/10/20 19:47:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/10/20 19:47:05 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/10/20 19:47:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/10/20 19:35:21 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/10/20 19:11:03 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/10/19 13:22:39 | 000,197,704 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\HipShieldK.sys
[2013/10/19 11:37:57 | 000,000,000 | ---D | C] -- C:\Users\dragues\Desktop\AudioChecker
[2013/10/16 01:32:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/10/16 01:31:41 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/10/16 01:31:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013/10/16 01:31:41 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/10/16 01:31:41 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013/10/09 04:36:55 | 000,000,000 | ---D | C] -- C:\Windows\rescache
[2013/10/08 23:36:25 | 000,000,000 | ---D | C] -- C:\Users\dragues\Desktop\Batiz
[2013/10/05 19:10:52 | 000,000,000 | ---D | C] -- C:\Users\dragues\VIDEO_TS
[2013/10/05 19:10:52 | 000,000,000 | ---D | C] -- C:\Users\dragues\AUDIO_TS
[2013/10/05 18:41:17 | 000,000,000 | ---D | C] -- C:\ProgramData\xml_param
[2013/10/05 18:40:15 | 000,000,000 | ---D | C] -- C:\Users\dragues\Documents\Wondershare Video Converter Ultimate
[2013/10/05 18:40:14 | 000,000,000 | ---D | C] -- C:\Users\dragues\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
[2013/10/05 18:39:40 | 000,000,000 | ---D | C] -- C:\Users\dragues\AppData\Local\Wondershare
[2013/10/05 18:39:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wondershare
[2013/10/05 18:39:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Wondershare Video Converter Ultimate
[2013/10/05 18:39:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wondershare
[2013/10/05 18:30:52 | 000,000,000 | ---D | C] -- C:\Users\dragues\Desktop\AVIAddXsub
[2013/10/05 18:15:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSUBMuxer
[2013/10/05 18:15:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XSUBMuxer
[2013/09/30 18:59:25 | 000,000,000 | ---D | C] -- C:\Users\dragues\Desktop\VIDEO_TS
[2013/09/30 18:04:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/08/16 18:18:14 | 006,233,848 | ---- | C] (Absolute Software Corp.) -- C:\Users\dragues\AppData\Roaming\LoJackSetup.exe

========== Files - Modified Within 30 Days ==========

[2013/10/26 16:34:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3623957610-3708665639-4114120845-1001UA.job
[2013/10/26 15:56:00 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/10/26 15:03:10 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/10/26 15:03:10 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/10/26 14:50:19 | 000,017,920 | ---- | M] () -- C:\Windows\SysNative\rpcnetp.exe
[2013/10/26 14:50:13 | 000,069,792 | ---- | M] (Absolute Software Corp.) -- C:\Windows\SysWow64\rpcnet.dll
[2013/10/26 14:50:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/10/26 14:49:53 | 2070,691,839 | -HS- | M] () -- C:\hiberfil.sys
[2013/10/26 02:28:02 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3623957610-3708665639-4114120845-1001UA.job
[2013/10/23 22:34:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3623957610-3708665639-4114120845-1001Core.job
[2013/10/21 20:28:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3623957610-3708665639-4114120845-1001Core.job
[2013/10/21 17:56:16 | 001,670,586 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/10/21 17:56:16 | 000,745,486 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
[2013/10/21 17:56:16 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/10/21 17:56:16 | 000,157,954 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
[2013/10/21 17:56:16 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/10/20 19:47:18 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/10/20 14:11:49 | 000,714,912 | ---- | M] () -- C:\Users\dragues\Desktop\HOMICIDIO Y LESIONES CULPOSAS. SENTENCIA BEATRIZ.pdf
[2013/10/20 13:44:05 | 000,286,644 | ---- | M] () -- C:\Users\dragues\Desktop\B.jpg
[2013/10/20 13:42:18 | 000,248,122 | ---- | M] () -- C:\Users\dragues\Desktop\A.jpg
[2013/10/20 13:41:21 | 001,412,026 | ---- | M] () -- C:\Users\dragues\Desktop\A.png
[2013/10/20 12:18:02 | 000,011,614 | ---- | M] () -- C:\Users\dragues\Desktop\culpables_tri.jpg
[2013/10/19 15:44:58 | 000,025,144 | ---- | M] () -- C:\Users\dragues\Desktop\Moist_Silver.jpg
[2013/10/19 15:42:25 | 000,416,384 | ---- | M] () -- C:\Users\dragues\Desktop\Blackfield+IV+BlackfieldIV.png
[2013/10/19 11:36:58 | 000,002,384 | ---- | M] () -- C:\Users\dragues\Desktop\Google Chrome.lnk
[2013/10/16 01:32:19 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/10/12 02:00:59 | 000,056,354 | ---- | M] () -- C:\Users\dragues\Desktop\299781_607216942625340_1671140989_n.jpg
[2013/10/12 01:48:11 | 000,108,336 | ---- | M] () -- C:\Users\dragues\Desktop\Glasvegas_eponymous.jpg
[2013/10/12 01:14:45 | 000,105,498 | ---- | M] () -- C:\Users\dragues\Desktop\SW_GASMASK-014_2_Lasse Hoile.jpg
[2013/10/12 01:14:37 | 000,237,887 | ---- | M] () -- C:\Users\dragues\Desktop\IA_Cover_Lasse Hoile.jpg
[2013/10/12 01:11:34 | 000,191,949 | ---- | M] () -- C:\Users\dragues\Desktop\Perseids night 2013 lasse hoile.jpg
[2013/10/12 01:03:04 | 000,039,115 | ---- | M] () -- C:\Users\dragues\Desktop\reves.jpg
[2013/10/09 03:48:07 | 000,440,808 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/10/09 03:20:47 | 001,648,560 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/10/08 20:32:57 | 000,614,250 | ---- | M] () -- C:\Users\dragues\Desktop\5225_1_large.jpg
[2013/10/07 00:17:38 | 000,010,640 | ---- | M] () -- C:\Users\dragues\Desktop\Los_Número_Uno.jpg
[2013/10/05 12:56:36 | 000,012,930 | ---- | M] () -- C:\Users\dragues\Desktop\Flying_Towards_the_new_Horizon.jpg
[2013/10/03 19:33:29 | 001,116,652 | ---- | M] () -- C:\Users\dragues\Desktop\lectura.pdf
[2013/10/03 00:35:04 | 000,046,260 | ---- | M] () -- C:\Users\dragues\Desktop\Creedence+Clearwater+Revival+-+Chronicle+-+LP+RECORD-425330.jpg
[2013/10/03 00:00:19 | 000,070,785 | ---- | M] () -- C:\Users\dragues\Desktop\Films+About+Ghosts+The+Best+Of+Counting+Crows+Films+About+Ghosts+Album+Art.jpg
[2013/09/29 22:41:44 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk

========== Files Created - No Company Name ==========

[2013/10/20 19:47:18 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/10/20 14:11:46 | 000,714,912 | ---- | C] () -- C:\Users\dragues\Desktop\HOMICIDIO Y LESIONES CULPOSAS. SENTENCIA BEATRIZ.pdf
[2013/10/20 13:44:05 | 000,286,644 | ---- | C] () -- C:\Users\dragues\Desktop\B.jpg
[2013/10/20 13:42:18 | 000,248,122 | ---- | C] () -- C:\Users\dragues\Desktop\A.jpg
[2013/10/20 13:41:05 | 001,412,026 | ---- | C] () -- C:\Users\dragues\Desktop\A.png
[2013/10/20 12:18:00 | 000,011,614 | ---- | C] () -- C:\Users\dragues\Desktop\culpables_tri.jpg
[2013/10/19 15:44:58 | 000,025,144 | ---- | C] () -- C:\Users\dragues\Desktop\Moist_Silver.jpg
[2013/10/19 15:42:20 | 000,416,384 | ---- | C] () -- C:\Users\dragues\Desktop\Blackfield+IV+BlackfieldIV.png
[2013/10/19 13:22:05 | 000,002,951 | ---- | C] () -- C:\Windows\SysNative\drivers\mfencbdc.inf
[2013/10/19 13:22:05 | 000,002,641 | ---- | C] () -- C:\Windows\SysNative\drivers\mfencrk.inf
[2013/10/16 01:32:19 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/10/12 02:00:59 | 000,056,354 | ---- | C] () -- C:\Users\dragues\Desktop\299781_607216942625340_1671140989_n.jpg
[2013/10/12 01:48:10 | 000,108,336 | ---- | C] () -- C:\Users\dragues\Desktop\Glasvegas_eponymous.jpg
[2013/10/12 01:14:44 | 000,105,498 | ---- | C] () -- C:\Users\dragues\Desktop\SW_GASMASK-014_2_Lasse Hoile.jpg
[2013/10/12 01:14:36 | 000,237,887 | ---- | C] () -- C:\Users\dragues\Desktop\IA_Cover_Lasse Hoile.jpg
[2013/10/12 01:11:34 | 000,191,949 | ---- | C] () -- C:\Users\dragues\Desktop\Perseids night 2013 lasse hoile.jpg
[2013/10/12 01:03:01 | 000,039,115 | ---- | C] () -- C:\Users\dragues\Desktop\reves.jpg
[2013/10/08 20:32:55 | 000,614,250 | ---- | C] () -- C:\Users\dragues\Desktop\5225_1_large.jpg
[2013/10/07 00:17:37 | 000,010,640 | ---- | C] () -- C:\Users\dragues\Desktop\Los_Número_Uno.jpg
[2013/10/05 12:56:36 | 000,012,930 | ---- | C] () -- C:\Users\dragues\Desktop\Flying_Towards_the_new_Horizon.jpg
[2013/10/03 19:33:26 | 001,116,652 | ---- | C] () -- C:\Users\dragues\Desktop\lectura.pdf
[2013/10/03 00:35:03 | 000,046,260 | ---- | C] () -- C:\Users\dragues\Desktop\Creedence+Clearwater+Revival+-+Chronicle+-+LP+RECORD-425330.jpg
[2013/10/03 00:00:18 | 000,070,785 | ---- | C] () -- C:\Users\dragues\Desktop\Films+About+Ghosts+The+Best+Of+Counting+Crows+Films+About+Ghosts+Album+Art.jpg
[2013/01/26 16:58:48 | 007,261,256 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall.exe
[2013/01/26 16:58:48 | 000,018,041 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Music Converter.dat
[2012/12/14 02:42:30 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/12/14 02:42:24 | 000,754,652 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012/12/14 02:42:24 | 000,598,384 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012/08/19 00:28:02 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\rpcnetp.dll
[2012/08/19 00:27:48 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\rpcnetp.exe
[2012/08/11 02:56:23 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012/08/10 17:53:06 | 000,000,552 | ---- | C] () -- C:\Users\dragues\AppData\Roaming\AbsoluteReminder.xml
[2012/07/29 10:04:50 | 000,755,188 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2012/07/29 10:04:49 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012/01/10 20:39:16 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 21:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/08/16 18:36:43 | 000,000,000 | ---D | M] -- C:\Users\dragues\AppData\Roaming\Absolute Software
[2013/10/26 14:51:41 | 000,000,000 | ---D | M] -- C:\Users\dragues\AppData\Roaming\Dropbox
[2013/01/17 21:41:33 | 000,000,000 | ---D | M] -- C:\Users\dragues\AppData\Roaming\EAC
[2012/08/10 17:56:16 | 000,000,000 | ---D | M] -- C:\Users\dragues\AppData\Roaming\Fingertapps
[2013/01/17 19:32:32 | 000,000,000 | ---D | M] -- C:\Users\dragues\AppData\Roaming\freac
[2013/10/19 16:23:56 | 000,000,000 | ---D | M] -- C:\Users\dragues\AppData\Roaming\Mipony
[2012/12/17 01:13:33 | 000,000,000 | ---D | M] -- C:\Users\dragues\AppData\Roaming\Pegasys Inc
[2013/05/14 17:54:10 | 000,000,000 | ---D | M] -- C:\Users\dragues\AppData\Roaming\SoftGrid Client
[2012/08/12 10:41:37 | 000,000,000 | ---D | M] -- C:\Users\dragues\AppData\Roaming\TP
[2013/10/20 19:25:14 | 000,000,000 | ---D | M] -- C:\Users\dragues\AppData\Roaming\uTorrent
[2013/06/15 17:41:03 | 000,000,000 | ---D | M] -- C:\Users\dragues\AppData\Roaming\WinAVI
[2013/10/05 18:40:14 | 000,000,000 | ---D | M] -- C:\Users\dragues\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}

========== Purity Check ==========



< End of report >
  • 0

Advertisements


#2
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello dragues,

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called (FRST.txt) in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run, it makes also another log (Addition.txt). Please also paste that into your reply.

  • 0

#3
dragues

dragues

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts
Hi emeraldnzl, thank you for your help. Here are the logs:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013
Ran by dragues (administrator) on DRAGUES-PC on 01-11-2013 10:51:34
Running from C:\Users\dragues\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Spanish Modern Sort
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
(Conexant Systems, Inc.) C:\Program Files\Conexant\SA3\CxUtilSvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) c:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Conexant Systems, Inc.) C:\Program Files\Conexant\SA3\SmartAudio3.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dropbox, Inc.) C:\Users\dragues\AppData\Roaming\Dropbox\bin\Dropbox.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(McAfee, Inc.) C:\PROGRA~1\McAfee\MSM\McSmtFwk.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BLEServicesCtrl] - C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [178960 2012-03-15] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] - rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SA3\SACpl.exe [1654400 2012-02-21] (Conexant Systems, Inc.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Run: [Google Update] - C:\Users\dragues\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-08-25] (Google Inc.)
HKCU\...\Runonce: [Uninstall C:\Users\dragues\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64] - C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\dragues\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64"
HKCU\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x20000000
MountPoints2: {c553f07e-5303-11e2-b3c6-685d43ee475f} - E:\MotoCastSetup.exe -a
HKLM-x32\...\Run: [mcui_exe] - C:\Program Files\mcafee.com\agent\mcagent.exe [537512 2013-09-24] (McAfee, Inc.)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] - C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\mcafee.com\agent\mcagent.exe [537512 2013-09-24] (McAfee, Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-23] (Apple Inc.)
Startup: C:\Users\dragues\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\dragues\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/22
URLSearchHook: HKCU - (No Name) - {db131c55-60c8-4adc-84dc-9e76ab06e2dc} - No File
SearchScopes: HKLM - DefaultScope {8735620E-D7A7-4BA2-A061-22B796F062FA} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {8735620E-D7A7-4BA2-A061-22B796F062FA} URL =
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Aplicación auxiliar de inicio de sesión en la cuenta Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creat...102/CTSUEng.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creat...13/CTPIDPDE.cab
DPF: HKLM-x32 {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zon...er.cab56986.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...21022/CTPID.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\dragues\AppData\Roaming\Mozilla\Firefox\Profiles\tdtexgid.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\dragues\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\dragues\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\dragues\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolibre-mx.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-mx.xml
FF Extension: WebSite Recommendation - C:\Users\dragues\AppData\Roaming\Mozilla\Firefox\Profiles\tdtexgid.default\Extensions\[email protected]
FF Extension: No Name - C:\Users\dragues\AppData\Roaming\Mozilla\Firefox\Profiles\tdtexgid.default\Extensions\{a3a5c777-f583-4fef-9380-ab4add1bc2a8}.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchURL: (Delta Search) - http://www2.delta-se...119357&tsp=4996
CHR DefaultSuggestURL: (Delta Search) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\dragues\AppData\Local\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\dragues\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\dragues\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2013) - C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2013) - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL No File
CHR Plugin: (Java™ Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\dragues\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Google Update) - C:\Users\dragues\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Extension: (Google Docs) - C:\Users\dragues\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\dragues\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\dragues\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\dragues\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (WebSite Recommendation) - C:\Users\dragues\AppData\Local\Google\Chrome\User Data\Default\Extensions\olakgnkoldmagdblaalodobkmeokmgjj\2.2_0
CHR Extension: (Gmail) - C:\Users\dragues\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [npiecjlhkngdinoeekmccdbjdgclmnbk] - C:\Users\dragues\AppData\Local\CRE\npiecjlhkngdinoeekmccdbjdgclmnbk.crx

==================== Services (Whitelisted) =================

R2 CLHNServiceForPowerDVD; C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [83240 2011-04-19] ()
R2 CxUtilSvc; C:\Program Files\Conexant\SA3\CxUtilSvc.exe [109184 2013-06-23] (Conexant Systems, Inc.)
R2 CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [70952 2011-03-31] (CyberLink)
R2 CyberLink PowerDVD 11.0 Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe [312616 2011-03-31] (CyberLink)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178048 2013-09-24] (McAfee, Inc.)
S3 McAWFwk; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [224704 2011-03-08] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1017016 2013-09-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-09-24] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-09-24] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272688 2012-06-25] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3325232 2012-06-25] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-09-24] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-09-24] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-09-24] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519192 2013-09-24] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [781312 2013-09-24] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [390552 2013-09-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [95984 2013-09-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-09-24] (McAfee, Inc.)
R2 ntk_PowerDVD; C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [75248 2011-04-19] (Cyberlink Corp.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [148976 2011-04-12] (CyberLink Corp.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-01 10:51 - 2013-11-01 10:51 - 00000000 ____D C:\FRST
2013-11-01 10:46 - 2013-11-01 10:47 - 01957098 _____ (Farbar) C:\Users\dragues\Desktop\FRST64.exe
2013-10-29 21:01 - 2013-10-29 21:01 - 00001785 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-10-29 20:59 - 2013-10-29 21:01 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-29 20:59 - 2013-10-29 21:01 - 00000000 ____D C:\Program Files\iTunes
2013-10-29 20:59 - 2013-10-29 21:01 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-10-29 20:59 - 2013-10-29 20:59 - 00000000 ____D C:\Program Files\iPod
2013-10-26 15:39 - 2013-10-26 15:39 - 00602112 _____ (OldTimer Tools) C:\Users\dragues\Downloads\OTL.exe
2013-10-20 19:20 - 2013-10-20 19:43 - 00000000 ____D C:\ProgramData\HitmanPro
2013-10-20 19:14 - 2013-10-20 19:16 - 10201544 _____ (SurfRight B.V.) C:\Users\dragues\Downloads\HitmanPro_x64.exe
2013-10-20 18:47 - 2013-10-20 18:47 - 00001115 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-10-20 18:47 - 2013-10-20 18:47 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-20 18:47 - 2013-04-04 13:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-10-20 18:46 - 2013-10-20 18:46 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\dragues\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-10-20 18:45 - 2013-10-20 18:45 - 00004455 _____ C:\Users\dragues\Desktop\JRT.txt
2013-10-20 18:35 - 2013-10-20 18:35 - 00000000 ____D C:\Windows\ERUNT
2013-10-20 18:31 - 2013-10-20 18:32 - 01033335 _____ (Thisisu) C:\Users\dragues\Downloads\JRT.exe
2013-10-20 18:11 - 2013-10-20 19:45 - 00000000 ____D C:\AdwCleaner
2013-10-20 18:03 - 2013-10-20 18:03 - 01060070 _____ C:\Users\dragues\Downloads\adwcleaner(1).exe
2013-10-19 12:22 - 2013-09-23 12:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2013-10-19 11:07 - 2013-10-19 11:08 - 01015062 _____ C:\Users\dragues\Downloads\Audiochecker_beta_2.0.0.457(1).zip
2013-10-19 10:37 - 2013-10-20 14:07 - 00000000 ____D C:\Users\dragues\Desktop\AudioChecker
2013-10-19 10:37 - 2013-10-19 10:37 - 01004184 _____ C:\Users\dragues\Downloads\Audiochecker_beta_2.0.0.457.zip
2013-10-19 10:36 - 2013-10-19 10:36 - 00412403 _____ C:\Users\dragues\Downloads\LosslessAudioChecker.zip
2013-10-19 10:36 - 2013-10-19 10:36 - 00070378 _____ C:\Users\dragues\Downloads\LAC_Win.zip
2013-10-09 03:36 - 2013-10-09 03:39 - 00000000 ____D C:\Windows\rescache
2013-10-09 02:25 - 2013-09-22 17:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-09 02:25 - 2013-09-22 17:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-09 02:25 - 2013-09-22 17:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-09 02:25 - 2013-09-22 17:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-09 02:25 - 2013-09-22 17:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-09 02:25 - 2013-09-22 17:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-09 02:25 - 2013-09-22 17:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-09 02:25 - 2013-09-22 17:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-09 02:25 - 2013-09-22 17:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-09 02:25 - 2013-09-22 17:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-09 02:25 - 2013-09-22 17:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-09 02:25 - 2013-09-22 17:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-09 02:25 - 2013-09-22 17:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-09 02:25 - 2013-09-22 16:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-09 02:25 - 2013-09-22 16:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-09 02:25 - 2013-09-22 16:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-09 02:25 - 2013-09-22 16:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-09 02:25 - 2013-09-22 16:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-09 02:25 - 2013-09-22 16:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-09 02:25 - 2013-09-22 16:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-09 02:25 - 2013-09-22 16:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-09 02:25 - 2013-09-22 16:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-09 02:25 - 2013-09-22 16:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-09 02:25 - 2013-09-22 16:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-09 02:25 - 2013-09-22 16:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-09 02:25 - 2013-09-22 16:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-09 02:25 - 2013-09-22 16:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-09 02:25 - 2013-09-20 21:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-09 02:25 - 2013-09-20 21:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-09 02:25 - 2013-09-20 20:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-09 02:25 - 2013-09-20 20:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-09 00:43 - 2013-09-13 19:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-09 00:43 - 2013-09-07 20:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-09 00:43 - 2013-09-07 20:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-09 00:43 - 2013-09-07 20:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-09 00:43 - 2013-08-28 20:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-09 00:43 - 2013-08-28 20:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-09 00:43 - 2013-08-28 20:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-09 00:43 - 2013-08-28 20:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-09 00:43 - 2013-08-28 20:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-09 00:43 - 2013-08-28 19:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-09 00:43 - 2013-08-28 19:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-09 00:43 - 2013-08-28 19:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-09 00:43 - 2013-08-28 19:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-09 00:43 - 2013-08-28 19:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-09 00:43 - 2013-08-28 19:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-09 00:43 - 2013-08-28 18:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-09 00:43 - 2013-08-28 18:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-09 00:43 - 2013-08-28 18:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-09 00:43 - 2013-08-28 18:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-09 00:43 - 2013-08-27 19:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-09 00:43 - 2013-08-01 06:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-09 00:43 - 2013-07-20 04:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 00:43 - 2013-07-20 04:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 00:43 - 2013-07-12 04:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-09 00:43 - 2013-07-12 04:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-09 00:43 - 2013-07-04 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-09 00:43 - 2013-07-04 06:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-09 00:43 - 2013-07-04 06:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-09 00:43 - 2013-07-04 05:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-09 00:43 - 2013-07-04 05:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-09 00:43 - 2013-07-04 05:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-09 00:43 - 2013-07-04 04:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-09 00:43 - 2013-07-02 22:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-09 00:43 - 2013-07-02 22:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-09 00:43 - 2013-06-25 16:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-09 00:43 - 2013-06-05 23:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-09 00:43 - 2013-06-05 23:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-09 00:43 - 2013-06-05 23:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-09 00:43 - 2013-06-05 23:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-09 00:43 - 2013-06-05 22:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-09 00:43 - 2013-06-05 22:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-09 00:43 - 2013-06-05 22:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-09 00:43 - 2013-06-05 21:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-09 00:43 - 2013-06-05 21:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-09 00:43 - 2013-06-05 21:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-09 00:42 - 2013-09-03 19:37 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-09 00:42 - 2013-09-03 19:37 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-09 00:42 - 2013-09-03 19:37 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-09 00:42 - 2013-09-03 19:37 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-09 00:42 - 2013-09-03 19:37 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-09 00:42 - 2013-09-03 19:37 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-09 00:42 - 2013-09-03 19:37 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-09 00:42 - 2013-08-27 19:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-08 22:36 - 2013-10-08 22:52 - 00000000 ____D C:\Users\dragues\Desktop\Batiz
2013-10-06 12:56 - 2013-09-27 12:09 - 00000000 ____D C:\Users\dragues\Downloads\Gloria Trevi - De Película (iTunes) (2013)
2013-10-06 12:19 - 2013-10-06 12:22 - 87027876 _____ C:\Users\dragues\Downloads\Gloria Trevi - De Película (iTunes) (2013).zip
2013-10-05 18:10 - 2013-10-05 18:19 - 00000000 ____D C:\Users\dragues\VIDEO_TS
2013-10-05 18:10 - 2013-10-05 18:10 - 00000000 ____D C:\Users\dragues\AUDIO_TS
2013-10-05 17:41 - 2013-10-05 17:41 - 00000000 ____D C:\ProgramData\xml_param
2013-10-05 17:40 - 2013-10-05 17:41 - 00000000 ____D C:\Users\dragues\Documents\Wondershare Video Converter Ultimate
2013-10-05 17:40 - 2013-10-05 17:40 - 00000000 ____D C:\Users\dragues\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2013-10-05 17:39 - 2013-10-20 14:22 - 00000000 ____D C:\Program Files (x86)\Wondershare
2013-10-05 17:39 - 2013-10-05 17:42 - 00000000 ____D C:\ProgramData\Wondershare Video Converter Ultimate
2013-10-05 17:39 - 2013-10-05 17:39 - 00000000 ____D C:\Users\dragues\AppData\Local\Wondershare
2013-10-05 17:39 - 2013-10-05 17:39 - 00000000 ____D C:\Program Files\Common Files\Wondershare
2013-10-05 17:38 - 2013-10-05 17:38 - 37875344 _____ (Wondershare Software ) C:\Users\dragues\Downloads\video-converter-ultimate_full857.exe
2013-10-05 17:30 - 2013-10-05 17:42 - 00000000 ____D C:\Users\dragues\Desktop\AVIAddXsub
2013-10-05 17:15 - 2013-10-05 17:15 - 00000000 ____D C:\Program Files (x86)\XSUBMuxer

==================== One Month Modified Files and Folders =======

2013-11-01 10:51 - 2013-11-01 10:51 - 00000000 ____D C:\FRST
2013-11-01 10:50 - 2012-07-29 00:25 - 01280076 _____ C:\Windows\WindowsUpdate.log
2013-11-01 10:48 - 2010-11-21 01:09 - 00745486 _____ C:\Windows\system32\perfh00A.dat
2013-11-01 10:48 - 2010-11-21 01:09 - 00157954 _____ C:\Windows\system32\perfc00A.dat
2013-11-01 10:48 - 2009-07-13 23:13 - 01670586 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-01 10:47 - 2013-11-01 10:46 - 01957098 _____ (Farbar) C:\Users\dragues\Desktop\FRST64.exe
2013-11-01 10:43 - 2012-10-05 22:35 - 00000000 ___RD C:\Users\dragues\Dropbox
2013-11-01 10:43 - 2012-10-05 22:32 - 00000000 ____D C:\Users\dragues\AppData\Roaming\Dropbox
2013-11-01 10:43 - 2012-07-29 08:02 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2013-11-01 10:43 - 2012-07-29 08:02 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2013-11-01 10:43 - 2012-07-29 07:53 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2013-11-01 10:42 - 2012-08-18 23:27 - 00017920 _____ C:\Windows\system32\rpcnetp.exe
2013-11-01 10:42 - 2012-08-16 17:32 - 00069792 _____ (Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.dll
2013-11-01 10:42 - 2009-07-13 23:08 - 00032636 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-01 10:42 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-01 10:42 - 2009-07-13 22:51 - 00074045 _____ C:\Windows\setupact.log
2013-10-31 00:35 - 2012-08-25 15:35 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3623957610-3708665639-4114120845-1001UA.job
2013-10-31 00:34 - 2012-08-10 19:18 - 00000000 ____D C:\Users\dragues\AppData\Roaming\Skype
2013-10-30 23:56 - 2012-07-29 07:30 - 00000838 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-30 23:28 - 2012-08-10 19:23 - 00000936 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3623957610-3708665639-4114120845-1001UA.job
2013-10-30 22:34 - 2012-08-25 15:35 - 00001002 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3623957610-3708665639-4114120845-1001Core.job
2013-10-30 21:59 - 2009-07-13 22:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-30 21:59 - 2009-07-13 22:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-30 20:28 - 2012-08-10 19:23 - 00000914 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3623957610-3708665639-4114120845-1001Core.job
2013-10-29 21:01 - 2013-10-29 21:01 - 00001785 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-10-29 21:01 - 2013-10-29 20:59 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-29 21:01 - 2013-10-29 20:59 - 00000000 ____D C:\Program Files\iTunes
2013-10-29 21:01 - 2013-10-29 20:59 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-10-29 20:59 - 2013-10-29 20:59 - 00000000 ____D C:\Program Files\iPod
2013-10-26 16:02 - 2013-05-19 08:31 - 00104776 _____ C:\Users\dragues\Downloads\OTL.Txt
2013-10-26 15:39 - 2013-10-26 15:39 - 00602112 _____ (OldTimer Tools) C:\Users\dragues\Downloads\OTL.exe
2013-10-26 15:38 - 2012-08-10 21:57 - 00000000 ____D C:\Program Files (x86)\JDownloader
2013-10-26 01:02 - 2012-07-29 08:11 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-10-26 01:01 - 2010-11-20 21:47 - 00089630 _____ C:\Windows\PFRO.log
2013-10-21 23:12 - 2012-10-07 00:45 - 00010583 _____ C:\Users\dragues\Documents\series.xlsx
2013-10-20 21:48 - 2012-07-29 08:11 - 00000000 ____D C:\ProgramData\McAfee
2013-10-20 19:45 - 2013-10-20 18:11 - 00000000 ____D C:\AdwCleaner
2013-10-20 19:43 - 2013-10-20 19:20 - 00000000 ____D C:\ProgramData\HitmanPro
2013-10-20 19:16 - 2013-10-20 19:14 - 10201544 _____ (SurfRight B.V.) C:\Users\dragues\Downloads\HitmanPro_x64.exe
2013-10-20 18:47 - 2013-10-20 18:47 - 00001115 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-10-20 18:47 - 2013-10-20 18:47 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-20 18:46 - 2013-10-20 18:46 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\dragues\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-10-20 18:45 - 2013-10-20 18:45 - 00004455 _____ C:\Users\dragues\Desktop\JRT.txt
2013-10-20 18:35 - 2013-10-20 18:35 - 00000000 ____D C:\Windows\ERUNT
2013-10-20 18:32 - 2013-10-20 18:31 - 01033335 _____ (Thisisu) C:\Users\dragues\Downloads\JRT.exe
2013-10-20 18:25 - 2012-08-12 19:32 - 00000000 ____D C:\Users\dragues\AppData\Roaming\uTorrent
2013-10-20 18:03 - 2013-10-20 18:03 - 01060070 _____ C:\Users\dragues\Downloads\adwcleaner(1).exe
2013-10-20 14:32 - 2012-07-29 00:24 - 00000000 ____D C:\Program Files (x86)\Intel
2013-10-20 14:30 - 2012-07-29 00:24 - 00000000 ____D C:\Program Files\Common Files\Intel
2013-10-20 14:26 - 2012-07-29 00:23 - 00000000 ____D C:\Intel
2013-10-20 14:22 - 2013-10-05 17:39 - 00000000 ____D C:\Program Files (x86)\Wondershare
2013-10-20 14:07 - 2013-10-19 10:37 - 00000000 ____D C:\Users\dragues\Desktop\AudioChecker
2013-10-20 13:22 - 2012-07-29 08:11 - 00000000 ____D C:\Program Files\Common Files\mcafee
2013-10-20 10:49 - 2013-08-17 16:02 - 00010827 _____ C:\Users\dragues\Documents\movies.xlsx
2013-10-19 17:46 - 2013-01-20 22:45 - 00000000 ____D C:\Users\dragues\Downloads\uTorrent
2013-10-19 15:23 - 2013-05-18 23:25 - 00000000 ____D C:\Users\dragues\AppData\Roaming\Mipony
2013-10-19 12:36 - 2013-05-18 23:27 - 00000000 ____D C:\Users\dragues\Documents\Mipony
2013-10-19 11:08 - 2013-10-19 11:07 - 01015062 _____ C:\Users\dragues\Downloads\Audiochecker_beta_2.0.0.457(1).zip
2013-10-19 10:37 - 2013-10-19 10:37 - 01004184 _____ C:\Users\dragues\Downloads\Audiochecker_beta_2.0.0.457.zip
2013-10-19 10:36 - 2013-10-19 10:36 - 00412403 _____ C:\Users\dragues\Downloads\LosslessAudioChecker.zip
2013-10-19 10:36 - 2013-10-19 10:36 - 00070378 _____ C:\Users\dragues\Downloads\LAC_Win.zip
2013-10-19 10:36 - 2012-08-25 15:37 - 00002384 _____ C:\Users\dragues\Desktop\Google Chrome.lnk
2013-10-14 23:18 - 2013-02-03 00:14 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-14 23:18 - 2012-07-29 07:56 - 00000000 ____D C:\ProgramData\Skype
2013-10-14 21:29 - 2012-08-25 15:35 - 00004028 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3623957610-3708665639-4114120845-1001UA
2013-10-14 21:29 - 2012-08-25 15:35 - 00003632 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3623957610-3708665639-4114120845-1001Core
2013-10-12 12:49 - 2013-05-21 23:19 - 00000000 ____D C:\Users\dragues\AppData\Local\Captcha_Brotherhood
2013-10-09 03:39 - 2013-10-09 03:36 - 00000000 ____D C:\Windows\rescache
2013-10-09 02:48 - 2009-07-13 22:45 - 00440808 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-09 02:47 - 2013-03-13 03:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-09 02:47 - 2013-03-13 03:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-09 02:28 - 2013-05-14 17:14 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-09 02:20 - 2011-02-12 06:26 - 01648560 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-09 02:13 - 2013-08-14 02:01 - 00000000 ____D C:\Windows\system32\MRT
2013-10-09 02:09 - 2012-08-15 23:18 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-08 22:56 - 2012-07-29 07:30 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-08 22:56 - 2012-07-29 07:30 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-08 22:56 - 2012-07-29 07:30 - 00003776 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-08 22:52 - 2013-10-08 22:36 - 00000000 ____D C:\Users\dragues\Desktop\Batiz
2013-10-06 12:22 - 2013-10-06 12:19 - 87027876 _____ C:\Users\dragues\Downloads\Gloria Trevi - De Película (iTunes) (2013).zip
2013-10-05 18:19 - 2013-10-05 18:10 - 00000000 ____D C:\Users\dragues\VIDEO_TS
2013-10-05 18:10 - 2013-10-05 18:10 - 00000000 ____D C:\Users\dragues\AUDIO_TS
2013-10-05 18:10 - 2012-08-10 16:48 - 00000000 ____D C:\Users\dragues
2013-10-05 17:42 - 2013-10-05 17:39 - 00000000 ____D C:\ProgramData\Wondershare Video Converter Ultimate
2013-10-05 17:42 - 2013-10-05 17:30 - 00000000 ____D C:\Users\dragues\Desktop\AVIAddXsub
2013-10-05 17:41 - 2013-10-05 17:41 - 00000000 ____D C:\ProgramData\xml_param
2013-10-05 17:41 - 2013-10-05 17:40 - 00000000 ____D C:\Users\dragues\Documents\Wondershare Video Converter Ultimate
2013-10-05 17:40 - 2013-10-05 17:40 - 00000000 ____D C:\Users\dragues\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2013-10-05 17:39 - 2013-10-05 17:39 - 00000000 ____D C:\Users\dragues\AppData\Local\Wondershare
2013-10-05 17:39 - 2013-10-05 17:39 - 00000000 ____D C:\Program Files\Common Files\Wondershare
2013-10-05 17:38 - 2013-10-05 17:38 - 37875344 _____ (Wondershare Software ) C:\Users\dragues\Downloads\video-converter-ultimate_full857.exe
2013-10-05 17:15 - 2013-10-05 17:15 - 00000000 ____D C:\Program Files (x86)\XSUBMuxer
2013-10-05 11:13 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\system32\NDF
2013-10-05 11:03 - 2012-08-24 18:54 - 00010483 _____ C:\Users\dragues\Desktop\cuenta.xlsx

Some content of TEMP:
====================
C:\Users\dragues\AppData\Local\Temp\ose00000.exe
C:\Users\dragues\AppData\Local\Temp\ose00001.exe
C:\Users\dragues\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-21 18:52

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-10-2013
Ran by dragues at 2013-11-01 10:52:37
Running from C:\Users\dragues\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: McAfee Anti-Virus y Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AS: McAfee Anti-Virus y Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

µTorrent (HKCU Version: 3.3.2.30180)
Adobe AIR (x32 Version: 2.6.0.19120)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader X (10.1.8) MUI (x32 Version: 10.1.8)
Advanced Audio FX Engine (x32 Version: 1.12.05)
Akamai NetSession Interface (HKCU)
AMD Catalyst Install Manager (Version: 8.0.881.0)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
Blio (x32 Version: 2.3.7140)
Bonjour (Version: 3.0.0.10)
Brad Smith Easy SFV Creator (x32)
Captcha Brotherhood (x32 Version: 1.1.8)
Compatibilidad con Aplicaciones de Apple (x32 Version: 2.3.6)
Conexant HD Audio (x32 Version: 1.0.30.0)
CyberLink PowerDVD 11 (x32 Version: 11.0.1620.51)
D3DX10 (x32 Version: 15.4.2368.0902)
dBpoweramp Music Converter (x32 Version: Release 14.3)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Dell DataSafe Local Backup - Support Software (x32 Version: 9.4.67)
Dell DataSafe Local Backup (x32 Version: 9.4.67)
Dell DataSafe Online (x32 Version: 2.1.19634)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (x32 Version: 1.00.0000)
Dell PhotoStage (x32 Version: 1.5.0.130)
Dell Stage (x32 Version: 1.7.209.0)
Dell Stage Remote (x32 Version: 2.0.0.43)
Dell Support Center (Version: 3.1.5907.16)
Dell System Detect (HKCU Version: 4.1.2.11)
Dell Touchpad (Version: 10.3.2.2)
Dell VideoStage (x32 Version: 1.3.0.2513)
Dell Webcam Central (x32 Version: 2.01.15)
D-Fend Reloaded 1.3.1 (desinstalar) (x32 Version: 1.3.1)
Dropbox (HKCU Version: 2.0.22)
DVD Decrypter (Remove Only) (x32)
eMule (x32)
Escenario Musical Dell (x32 Version: 1.6.225.0)
Exact Audio Copy 1.0beta3 (x32 Version: 1.0beta3)
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287)
Galería de fotos (x32 Version: 16.4.3508.0205)
Google Chrome (HKCU Version: 30.0.1599.101)
High-Definition Video Playback (x32 Version: 11.1.10400.2.65)
iCloud (Version: 3.0.2.163)
Intel PROSet Wireless
Intel® Control Center (x32 Version: 1.2.1.1007)
Intel® Management Engine Components (x32 Version: 8.0.1.1399)
Intel® Processor Graphics (x32 Version: 9.17.10.2932)
Intel® PROSet/Wireless for Bluetooth® + High Speed (Version: 15.2.0.0284)
Intel® PROSet/Wireless Software for Bluetooth® Technology (Version: 2.1.1.0191)
Intel® Rapid Storage Technology (x32 Version: 11.1.0.1006)
Intel® USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.4.225)
Intel® WiDi (x32 Version: 3.0.13.0)
Intel® Wireless Display
Intel® Trusted Connect Service Client (Version: 1.23.219.2)
iTunes (Version: 11.1.2.32)
Java 7 Update 21 (x32 Version: 7.0.210)
JavaFX 2.1.1 (x32 Version: 2.1.1)
JDownloader 0.9 (x32 Version: 0.9)
Junk Mail filter update (x32 Version: 16.4.3508.0205)
K-Lite Codec Pack 9.1.0 (Basic) (x32 Version: 9.1.0)
Malwarebytes Anti-Malware versión 1.75.0.1300 (x32 Version: 1.75.0.1300)
McAfee Security Scan Plus (x32 Version: 3.0.318.3)
McAfee SecurityCenter (x32 Version: 12.8.856)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (Spanish) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (Spanish) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Groove MUI (Spanish) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (Spanish) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (Spanish) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (Spanish) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (Spanish) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Basque) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Catalan) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Galician) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Portuguese (Brazil)) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (Spanish) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (Spanish) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (Spanish) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (Spanish) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SkyDrive (HKCU Version: 16.4.6013.0910)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
MiPony 2.1.0 (x32 Version: 2.1.0)
mIRC (x32 Version: 7.29)
Monitor de la tecnología Intel® Turbo Boost 2.0 (Version: 2.1.23.0)
Movie Maker (x32 Version: 16.4.3508.0205)
Mozilla Firefox 24.0 (x86 es-MX) (x32 Version: 24.0)
Mozilla Maintenance Service (x32 Version: 24.0)
MPC-HC 1.6.7.7114 (9eb64ec) (x32 Version: 1.6.7.7114)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
Nero 10 Movie ThemePack Basic (x32 Version: 10.2.10200.0.0)
Nero 11 (x32 Version: 11.0.11000)
Nero 11 Disc Menus Basic (x32 Version: 11.0.11200.12.0)
Nero 11 Effects Basic (x32 Version: 11.0.11200.12.0)
Nero 11 Kwik Themes Basic (x32 Version: 11.0.11200.12.0)
Nero 11 PiP Effects Basic (x32 Version: 11.0.11300.12.0)
Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0)
Nero BackItUp 11 Help (CHM) (x32 Version: 11.0.10200)
Nero Backup Drivers (Version: 1.0.10000.1.0)
Nero Burning ROM 11 (x32 Version: 11.0.12200.23.100)
Nero Burning ROM 11 Help (CHM) (x32 Version: 11.0.10300)
Nero Control Center 10 (x32 Version: 10.6.12800.0.8)
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.2.10800)
Nero ControlCenter 11 (x32 Version: 11.0.12300.0.23)
Nero ControlCenter 11 Help (CHM) (x32 Version: 11.0.10300)
Nero Core Components 10 (x32 Version: 2.0.20500.9.16)
Nero Core Components 11 (x32 Version: 11.0.15000.1.12)
Nero CoverDesigner 11 Help (CHM) (x32 Version: 11.0.10300)
Nero Express 11 (x32 Version: 11.0.11700.23.100)
Nero Express 11 Help (CHM) (x32 Version: 11.0.10300)
Nero Kwik Media Help (CHM) (x32 Version: 11.0.10200)
Nero Recode 11 Help (CHM) (x32 Version: 11.0.10300)
Nero RescueAgent 11 (x32 Version: 4.0.10600.10.100)
Nero RescueAgent 11 Help (CHM) (x32 Version: 11.0.10400)
Nero SoundTrax 11 Help (CHM) (x32 Version: 11.0.10400)
Nero Update (x32 Version: 11.0.10623.22.0)
Nero Video 11 Help (CHM) (x32 Version: 11.0.10300)
Nero WaveEditor 11 Help (CHM) (x32 Version: 11.0.10400)
nero.prerequisites.msi (x32 Version: 11.0.20008)
Photo Common (x32 Version: 16.4.3508.0205)
Photo Gallery (x32 Version: 16.4.3508.0205)
PlayReady PC Runtime x86 (x32 Version: 1.3.0)
Quickset64 (Version: 10.14.010)
QuickTime (x32 Version: 7.74.80.86)
RapidShare Manager 2 (x32 Version: 2)
Realtek Ethernet Controller All-In-One Windows Driver (x32 Version: 7.61.612.2012)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.8400.39030)
Shared C Run-time for x64 (Version: 10.0.0)
Skype™ 6.9 (x32 Version: 6.9.106)
Software Intel® PROSet/Wireless WiFi (Version: 15.02.0000.1258)
SyncUP (x32 Version: 1.12.11500.11.105)
SyncUP (x32 Version: 10.2.16500)
System Requirements Lab CYRI (x32 Version: 4.5.1.0)
TMPGEnc 4.0 XPress (x32 Version: 4.3.1.222)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition (x32)
welcome (x32 Version: 11.0.21500.0.4)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205)
Windows Live Essentials (x32 Version: 16.4.3508.0205)
Windows Live Family Safety (Version: 16.4.3508.0205)
Windows Live Family Safety (x32 Version: 16.4.3508.0205)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (x32 Version: 16.4.3508.0205)
Windows Live Mail (x32 Version: 16.4.3508.0205)
Windows Live Messenger (x32 Version: 16.4.3508.0205)
Windows Live MIME IFilter (Version: 16.4.3508.0205)
Windows Live Photo Common (x32 Version: 16.4.3508.0205)
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205)
Windows Live SOXE (x32 Version: 16.4.3508.0205)
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205)
Windows Live UX Platform (x32 Version: 16.4.3508.0205)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205)
Windows Live Writer (x32 Version: 16.4.3508.0205)
Windows Live Writer Resources (x32 Version: 16.4.3508.0205)
WinRAR 4.20 (64-bit) (Version: 4.20.0)
XSUBMuxer 1.0.0.37 (x32)
Zinio Reader 4 (x32 Version: 4.2.4164)
Zip Motion Block Video codec (Remove Only) (x32)

==================== Restore Points =========================

28-10-2013 06:09:40 Punto de control programado

==================== Hosts content: ==========================

2009-07-13 20:34 - 2012-08-11 00:58 - 00001900 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.nero.com
127.0.0.1 www.nero.com/esl/index.html
127.0.0.1 www.nero.com/esl/support.html
127.0.0.1 www.nero.com/esl/support-customer-service-product-registration.html
127.0.0.1 www.nero.com/esl/store-upgrade-center.html
127.0.0.1 www.nero.com/esl/store-volume-licensing.html
127.0.0.1 www.nero.com/eng/support.html?NeroSID=392cba06859c3dcd87b47525e97a3b80
127.0.0.1 www.nero.com/eng/store-upgrade-center.html?NeroSID=392cba06859c3dcd87b47525e97a3b80
127.0.0.1 www.nero.com/eng/support-customer-service-product-registration.html?NeroSID=392cba06859c3dcd87b47525e97a3b80
127.0.0.1 www.nero.com/eng/index.html
127.0.0.1 www.nero.com/eng/store-upgrade-center.html&sa=X&oi=smap&resnum=1&ct=result&cd=6&usg=AFQjCNFRzc_q0umeKlIj7pPYNNBYCFbXkg
127.0.0.1 www.nero.com/enu/support-nero8.html
127.0.0.1 my.nero.com
127.0.0.1 secure.nero.com/us/secure.asp
127.0.0.1 [email protected]
127.0.0.1 registernero.com
127.0.0.1 www.registernero.com
127.0.0.1 nero.com
127.0.0.1 www.nero.com/eng/privacy.html.
127.0.0.1 [email protected]
127.0.0.1 support.nero.com


==================== Scheduled Tasks (whitelisted) =============

Task: {3EA1D728-784F-4B6E-83A9-FE53CAF15A7C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3623957610-3708665639-4114120845-1001Core => C:\Users\dragues\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-10] (Facebook Inc.)
Task: {5B58A517-E9EB-45A1-A1A9-F847F7D13DE6} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {61AD8E84-7AFC-47ED-8D24-05104752BEBC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-08] (Adobe Systems Incorporated)
Task: {6E64AE14-397C-44CF-9AC7-26415F1DF0F3} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3623957610-3708665639-4114120845-1001UA => C:\Users\dragues\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-10] (Facebook Inc.)
Task: {74325BE3-FFB9-4AFB-A241-DDF27213C651} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {DCBD66C3-817E-492C-8464-14C9B1E06CA4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3623957610-3708665639-4114120845-1001Core => C:\Users\dragues\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-25] (Google Inc.)
Task: {F03370CA-D699-4B46-A764-16A5D7F019AA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3623957610-3708665639-4114120845-1001UA => C:\Users\dragues\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-25] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3623957610-3708665639-4114120845-1001Core.job => C:\Users\dragues\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3623957610-3708665639-4114120845-1001UA.job => C:\Users\dragues\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3623957610-3708665639-4114120845-1001Core.job => C:\Users\dragues\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3623957610-3708665639-4114120845-1001UA.job => C:\Users\dragues\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-03-16 23:07 - 2011-03-16 23:07 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2012-07-29 07:45 - 2012-04-05 13:55 - 00164992 _____ () C:\Program Files\Conexant\SA3\MaxxAudioWrapper.dll
2012-07-29 09:04 - 2012-03-19 17:09 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-05-30 19:06 - 2012-05-30 19:06 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-05-30 19:06 - 2012-05-30 19:06 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-03-13 14:48 - 2013-03-13 14:48 - 24978944 _____ () C:\Users\dragues\AppData\Roaming\Dropbox\bin\libcef.dll
2013-09-30 17:04 - 2013-09-30 17:04 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2011-03-16 23:11 - 2011-03-16 23:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-08-14 02:43 - 2013-08-14 02:43 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\67f2d87ba056e1075fce76a8c50bb57e\IsdiInterop.ni.dll
2012-07-29 07:46 - 2012-02-01 15:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2012-07-29 07:45 - 2012-01-21 05:23 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2013-10-08 22:56 - 2013-10-08 22:56 - 16233864 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/01/2013 10:42:23 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/30/2013 09:47:32 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/30/2013 07:02:37 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (10/30/2013 06:47:48 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/29/2013 08:58:01 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (10/29/2013 07:52:42 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/27/2013 10:58:58 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/27/2013 07:59:24 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/27/2013 02:08:58 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/27/2013 02:06:09 PM) (Source: AVLogEvent) (User: NT AUTHORITY)
Description: McShield encountered error while stopping.
Error Code:a7f40610


System errors:
=============
Error: (10/31/2013 00:49:11 AM) (Source: Service Control Manager) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la respuesta de transacción del servicio mfecore.

Error: (10/31/2013 00:49:05 AM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (10/30/2013 08:25:55 PM) (Source: DCOM) (User: )
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (10/29/2013 09:21:07 PM) (Source: DCOM) (User: )
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (10/29/2013 07:58:23 PM) (Source: Service Control Manager) (User: )
Description: El servicio Windows Update no respondió después de iniciar.

Error: (10/27/2013 11:05:58 PM) (Source: Service Control Manager) (User: )
Description: El servicio Windows Update no respondió después de iniciar.

Error: (10/27/2013 08:05:48 PM) (Source: Service Control Manager) (User: )
Description: El servicio Windows Update no respondió después de iniciar.

Error: (10/27/2013 03:01:12 PM) (Source: DCOM) (User: )
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (10/27/2013 02:13:20 PM) (Source: DCOM) (User: )
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (10/27/2013 02:08:24 PM) (Source: volsnap) (User: )
Description: Se eliminaron las instantáneas del volumen C: porque el almacenamiento de instantáneas no se completó a tiempo. Considere reducir la carga de E/S en el sistema o elija un volumen de almacenamiento de instantáneas del que no se esté haciendo una instantánea.


Microsoft Office Sessions:
=========================
Error: (11/01/2013 10:42:23 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/30/2013 09:47:32 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/30/2013 07:02:37 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (10/30/2013 06:47:48 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/29/2013 08:58:01 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (10/29/2013 07:52:42 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/27/2013 10:58:58 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/27/2013 07:59:24 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/27/2013 02:08:58 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/27/2013 02:06:09 PM) (Source: AVLogEvent)(User: NT AUTHORITY)
Description: a7f40610


CodeIntegrity Errors:
===================================
Date: 2013-10-30 23:55:36.318
Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2013-10-30 19:00:54.254
Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2013-10-30 18:59:16.474
Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2013-10-29 20:00:39.775
Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2013-10-29 19:58:49.700
Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2013-10-23 22:34:03.407
Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2013-10-15 01:27:28.121
Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2013-10-15 00:46:51.913
Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2013-10-15 00:21:10.848
Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2013-10-15 00:20:44.803
Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.


==================== Memory info ===========================

Percentage of memory in use: 41%
Total physical RAM: 8094.36 MB
Available physical RAM: 4720.13 MB
Total Pagefile: 16186.89 MB
Available Pagefile: 12845.72 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:919.22 GB) (Free:3.36 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 932 GB) (Disk ID: 9F766629)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=12 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=919 GB) - (Type=07 NTFS)

==================== End Of Log ============================
  • 0

#4
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello dragues,

Please download ComboFix from this location:

Link

* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools.

  • Double click on ComboFix.exe & follow the prompts.
  • If you have an older Operating System you may be asked whether you want to install the Recovery Console. Click yes and follow any prompts.
  • Your desktop may go blank. This is normal.
  • ComboFix may appear to be doing nothing for quite long periods, this is normal, just leave it to do it's job.
  • ComboFix may reboot your machine. This is normal too.

**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**

When finished, it will produce a log for you. Please include the C:\ComboFix.txt in your next reply.
  • 0

#5
dragues

dragues

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts
Hi, thank you again. Here is the log:

ComboFix 13-11-01.03 - dragues 01/11/2013 16:34:13.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.52.3082.18.8094.5766 [GMT -6:00]
Running from: c:\users\dragues\Desktop\ComboFix.exe
AV: McAfee Anti-Virus y Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
SP: McAfee Anti-Virus y Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\juegos
c:\juegos\Prince of Persia 2\BIRD.DAT
c:\juegos\Prince of Persia 2\CAVERNS.DAT
c:\juegos\Prince of Persia 2\CONFIG.DAT
c:\juegos\Prince of Persia 2\DESERT.DAT
c:\juegos\Prince of Persia 2\DIGI.DRV
c:\juegos\Prince of Persia 2\DIGISND.DAT
c:\juegos\Prince of Persia 2\FINAL.DAT
c:\juegos\Prince of Persia 2\FLAME.DAT
c:\juegos\Prince of Persia 2\FRAGSND.DAT
c:\juegos\Prince of Persia 2\GUARD.DAT
c:\juegos\Prince of Persia 2\HEAD.DAT
c:\juegos\Prince of Persia 2\IBMSND.DAT
c:\juegos\Prince of Persia 2\JINNEE.DAT
c:\juegos\Prince of Persia 2\KID.DAT
c:\juegos\Prince of Persia 2\MIDI.DRV
c:\juegos\Prince of Persia 2\MIDISND.DAT
c:\juegos\Prince of Persia 2\NIS.DAT
c:\juegos\Prince of Persia 2\NIS3VC.DAT
c:\juegos\Prince of Persia 2\NISDIGI.DAT
c:\juegos\Prince of Persia 2\NISIBM.DAT
c:\juegos\Prince of Persia 2\NISMIDI.DAT
c:\juegos\Prince of Persia 2\NISTANDY.DAT
c:\juegos\Prince of Persia 2\PRESETS.DEF
c:\juegos\Prince of Persia 2\PRINCE.DAT
c:\juegos\Prince of Persia 2\PRINCE.EXE
c:\juegos\Prince of Persia 2\PRINCE.ICO
c:\juegos\Prince of Persia 2\PRINCE.OPT
c:\juegos\Prince of Persia 2\readTHIS.txt
c:\juegos\Prince of Persia 2\ROOFTOPS.DAT
c:\juegos\Prince of Persia 2\RUINS.DAT
c:\juegos\Prince of Persia 2\SEQUENCE.DAT
c:\juegos\Prince of Persia 2\SETUP.CFG
c:\juegos\Prince of Persia 2\SETUP.DAT
c:\juegos\Prince of Persia 2\SETUP.EXE
c:\juegos\Prince of Persia 2\SKELETON.DAT
c:\juegos\Prince of Persia 2\SNDDRVRS\DDISNEY.DRV
c:\juegos\Prince of Persia 2\SNDDRVRS\DMVISION.DRV
c:\juegos\Prince of Persia 2\SNDDRVRS\DPS1.DRV
c:\juegos\Prince of Persia 2\SNDDRVRS\DSB_PRO.DRV
c:\juegos\Prince of Persia 2\SNDDRVRS\DSBLAST.DRV
c:\juegos\Prince of Persia 2\SNDDRVRS\DTANDY.DRV
c:\juegos\Prince of Persia 2\SNDDRVRS\MADLIB.DRV
c:\juegos\Prince of Persia 2\SNDDRVRS\MCMS101.DRV
c:\juegos\Prince of Persia 2\SNDDRVRS\MMPU401.DRV
c:\juegos\Prince of Persia 2\SNDDRVRS\MMVISION.DRV
c:\juegos\Prince of Persia 2\SNDDRVRS\MPS1.DRV
c:\juegos\Prince of Persia 2\SNDDRVRS\MSB_PRO.DRV
c:\juegos\Prince of Persia 2\SNDDRVRS\MSBLAST.DRV
c:\juegos\Prince of Persia 2\SNDDRVRS\MTANDY.DRV
c:\juegos\Prince of Persia 2\SNDDRVRS\PRESET32.DEF
c:\juegos\Prince of Persia 2\SNDDRVRS\PRESET33.DEF
c:\juegos\Prince of Persia 2\SNDDRVRS\PRESET40.DEF
c:\juegos\Prince of Persia 2\SNDDRVRS\PRESET41.DEF
c:\juegos\Prince of Persia 2\TANDYSND.DAT
c:\juegos\Prince of Persia 2\TEMPLE.DAT
c:\juegos\Prince of Persia 2\TRANS.DAT
c:\juegos\Prince of Persia\CDUNGEON.DAT
c:\juegos\Prince of Persia\CPALACE.DAT
c:\juegos\Prince of Persia\DESKTOPD.CFG
c:\juegos\Prince of Persia\DIGISND1.DAT
c:\juegos\Prince of Persia\DIGISND2.DAT
c:\juegos\Prince of Persia\DIGISND3.DAT
c:\juegos\Prince of Persia\EDUNGEON.DAT
c:\juegos\Prince of Persia\EPALACE.DAT
c:\juegos\Prince of Persia\FAT.DAT
c:\juegos\Prince of Persia\GUARD.DAT
c:\juegos\Prince of Persia\GUARD1.DAT
c:\juegos\Prince of Persia\GUARD2.DAT
c:\juegos\Prince of Persia\IBM_SND1.DAT
c:\juegos\Prince of Persia\IBM_SND2.DAT
c:\juegos\Prince of Persia\INSTALL.PDM
c:\juegos\Prince of Persia\KID.DAT
c:\juegos\Prince of Persia\LEVELS.DAT
c:\juegos\Prince of Persia\MIDISND1.DAT
c:\juegos\Prince of Persia\MIDISND2.DAT
c:\juegos\Prince of Persia\POPCHT.DAT
c:\juegos\Prince of Persia\PRINCE.DAT
c:\juegos\Prince of Persia\PRINCE.EXE
c:\juegos\Prince of Persia\PRINCE.SAV
c:\juegos\Prince of Persia\PV.DAT
c:\juegos\Prince of Persia\SHADOW.DAT
c:\juegos\Prince of Persia\SKEL.DAT
c:\juegos\Prince of Persia\TITLE.DAT
c:\juegos\Prince of Persia\VDUNGEON.DAT
c:\juegos\Prince of Persia\VIZIER.DAT
c:\juegos\Prince of Persia\VPALACE.DAT
c:\progra~2\COMMON~1\{F0A37~1
c:\progra~2\COMMON~1\{F0A37~1\Setup.exe
c:\programdata\Roaming
c:\windows\RPSETUP.EXE.LOG
.
.
((((((((((((((((((((((((( Files Created from 2013-10-01 to 2013-11-01 )))))))))))))))))))))))))))))))
.
.
2013-11-01 22:42 . 2013-11-01 22:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-01 16:51 . 2013-11-01 16:51 -------- d-----w- C:\FRST
2013-10-30 02:59 . 2013-10-30 03:01 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-30 02:59 . 2013-10-30 03:01 -------- d-----w- c:\program files\iTunes
2013-10-30 02:59 . 2013-10-30 03:01 -------- d-----w- c:\program files (x86)\iTunes
2013-10-30 02:59 . 2013-10-30 02:59 -------- d-----w- c:\program files\iPod
2013-10-21 01:20 . 2013-10-21 01:43 -------- d-----w- c:\programdata\HitmanPro
2013-10-21 00:47 . 2013-11-01 22:26 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-10-21 00:35 . 2013-10-21 00:35 -------- d-----w- c:\windows\ERUNT
2013-10-21 00:11 . 2013-10-21 01:45 -------- d-----w- C:\AdwCleaner
2013-10-19 18:22 . 2013-09-23 18:49 197704 ----a-w- c:\windows\system32\drivers\HipShieldK.sys
2013-10-13 05:42 . 2013-10-13 05:42 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2013-10-09 09:36 . 2013-10-09 09:39 -------- d-----w- c:\windows\rescache
2013-10-09 06:43 . 2013-07-04 12:50 633856 ----a-w- c:\windows\system32\comctl32.dll
2013-10-09 06:42 . 2013-08-28 01:12 461312 ----a-w- c:\windows\system32\scavengeui.dll
2013-10-09 06:42 . 2013-09-04 01:37 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-10-09 06:42 . 2013-09-04 01:37 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-10-09 06:42 . 2013-09-04 01:37 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-10-09 06:42 . 2013-09-04 01:37 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-10-09 06:42 . 2013-09-04 01:37 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-10-09 06:42 . 2013-09-04 01:37 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-10-09 06:42 . 2013-09-04 01:37 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-10-06 00:10 . 2013-10-06 00:19 -------- d-----w- c:\users\dragues\VIDEO_TS
2013-10-06 00:10 . 2013-10-06 00:10 -------- d-----w- c:\users\dragues\AUDIO_TS
2013-10-05 23:41 . 2013-10-05 23:41 -------- d-----w- c:\programdata\xml_param
2013-10-05 23:40 . 2013-10-05 23:40 -------- d-----w- c:\users\dragues\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2013-10-05 23:39 . 2013-10-05 23:39 -------- d-----w- c:\users\dragues\AppData\Local\Wondershare
2013-10-05 23:39 . 2013-10-05 23:39 -------- d-----w- c:\program files\Common Files\Wondershare
2013-10-05 23:39 . 2013-10-05 23:42 -------- d-----w- c:\programdata\Wondershare Video Converter Ultimate
2013-10-05 23:39 . 2013-10-20 20:22 -------- d-----w- c:\program files (x86)\Wondershare
2013-10-05 23:15 . 2013-10-05 23:15 -------- d-----w- c:\program files (x86)\XSUBMuxer
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-01 16:42 . 2012-08-19 05:27 17920 ----a-w- c:\windows\system32\rpcnetp.exe
2013-11-01 16:42 . 2012-08-16 23:32 69792 ----a-w- c:\windows\SysWow64\rpcnet.dll
2013-10-09 08:09 . 2012-08-16 05:18 80541720 ----a-w- c:\windows\system32\MRT.exe
2013-10-09 04:56 . 2012-07-29 13:30 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-09 04:56 . 2012-07-29 13:30 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-25 01:29 . 2011-03-13 16:20 70112 ----a-w- c:\windows\system32\drivers\cfwids.sys
2013-09-25 01:25 . 2011-03-13 16:20 343568 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
2013-09-25 01:25 . 2012-07-29 14:11 182752 ----a-w- c:\windows\system32\mfevtps.exe
2013-09-25 01:22 . 2011-03-13 16:20 781312 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2013-09-25 01:21 . 2011-03-13 16:20 519192 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2013-09-25 01:20 . 2011-03-13 16:20 310224 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2013-09-25 01:19 . 2011-03-13 16:20 179664 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2013-09-20 14:38 . 2013-09-20 14:38 10856 ----a-w- c:\windows\system32\drivers\mfeclnrk.sys
2013-09-20 14:38 . 2013-09-20 14:38 95984 ----a-w- c:\windows\system32\drivers\mfencrk.sys
2013-09-20 14:37 . 2013-09-20 14:37 390552 ----a-w- c:\windows\system32\drivers\mfencbdc.sys
2013-08-29 01:48 . 2013-10-09 06:43 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-08-05 02:25 . 2013-09-11 03:46 155584 ----a-w- c:\windows\system32\drivers\ataport.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-12-08 07:00 220632 ----a-w- c:\users\dragues\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-12-08 07:00 220632 ----a-w- c:\users\dragues\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-12-08 07:00 220632 ----a-w- c:\users\dragues\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\dragues\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\dragues\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\dragues\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-09-24 537512]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"mcpltui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-09-24 537512]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-10-23 152392]
.
c:\users\dragues\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\dragues\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-24 27776968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AMPPALP;Protocolo Intel® Centrino® Wireless Bluetooth® + High Speed;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys;c:\windows\SYSNATIVE\drivers\HipShieldK.sys [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 IntcDAud;Sonido Intel® para pantallas;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 McAWFwk;McAfee Activation Service;c:\progra~1\mcafee\msc\mcawfwk.exe;c:\progra~1\mcafee\msc\mcawfwk.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe;c:\program files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [x]
R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys;c:\windows\SYSNATIVE\DRIVERS\mfencrk.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [x]
S0 iusb3hcs;Controlador del conmutador de la controladora de host Intel® USB 3.0;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys;c:\windows\SYSNATIVE\DRIVERS\NBVol.sys [x]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys;c:\windows\SYSNATIVE\DRIVERS\NBVolUp.sys [x]
S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2012/08/11 00:55];c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl;c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [x]
S2 CxUtilSvc;CxUtilSvc;c:\program files\Conexant\SA3\CxUtilSvc.exe;c:\program files\Conexant\SA3\CxUtilSvc.exe [x]
S2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [x]
S2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe [x]
S2 HomeNetSvc;McAfee Home Network;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 McAPExe;McAfee AP Service;c:\program files\McAfee\MSC\McAPExe.exe;c:\program files\McAfee\MSC\McAPExe.exe [x]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [x]
S2 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [x]
S2 mfecore;McAfee Anti-Malware Core;c:\program files\Common Files\McAfee\AMCore\mcshield.exe;c:\program files\Common Files\McAfee\AMCore\mcshield.exe [x]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]
S2 ntk_PowerDVD;ntk_PowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [x]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 AMPPAL;Adaptador virtual Intel® Centrino® Wireless Bluetooth® + High Speed;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
S3 ETD;Dell Touchpad;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
S3 iusb3hub;Controlador del concentrador Intel® USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Controlador de la controladora de host Intel® USB 3.0 eXtensible;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys;c:\windows\SYSNATIVE\DRIVERS\iwdbus.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]
S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys;c:\windows\SYSNATIVE\DRIVERS\mfencbdc.sys [x]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTSUVSTOR.sys;c:\windows\SYSNATIVE\Drivers\RTSUVSTOR.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-11-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-29 04:56]
.
2013-10-31 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3623957610-3708665639-4114120845-1001Core.job
- c:\users\dragues\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-11 01:23]
.
2013-11-01 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3623957610-3708665639-4114120845-1001UA.job
- c:\users\dragues\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-11 01:23]
.
2013-10-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3623957610-3708665639-4114120845-1001Core.job
- c:\users\dragues\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-25 21:35]
.
2013-11-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3623957610-3708665639-4114120845-1001UA.job
- c:\users\dragues\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-25 21:35]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-12-08 07:00 244696 ----a-w- c:\users\dragues\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-12-08 07:00 244696 ----a-w- c:\users\dragues\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-12-08 07:00 244696 ----a-w- c:\users\dragues\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\dragues\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\dragues\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\dragues\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\dragues\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2012-03-15 178960]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2012-05-15 11406608]
"SmartAudio"="c:\program files\CONEXANT\SA3\SACpl.exe" [2012-02-21 1654400]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-14 172144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-14 399984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-14 441968]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;<local>
IE: &Enviar a OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Descargar con Mipony - file://c:\program files (x86)\MiPony\Browser\IEContext.htm
IE: E&xportar a Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
Trusted Zone: dell.com
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\dragues\AppData\Roaming\Mozilla\Firefox\Profiles\tdtexgid.default\
FF - ExtSQL: 2013-09-04 19:17; [email protected]; c:\users\dragues\AppData\Roaming\Mozilla\Firefox\Profiles\tdtexgid.default\extensions\[email protected]
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{db131c55-60c8-4adc-84dc-9e76ab06e2dc} - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-Wondershare Helper Compact.exe - c:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
AddRemove-dBpoweramp Music Converter - c:\windows\system32\SpoonUninstall.exe
AddRemove-{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} - c:\program files (x86)\Intel\Intel® Processor Graphics\Uninstall\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-11-01 16:45:39
ComboFix-quarantined-files.txt 2013-11-01 22:45
.
Pre-Run: 1,529,151,488 bytes libres
Post-Run: 5,145,554,944 bytes libres
.
- - End Of File - - 090E50A876AC85500FCF911C6D38AECF
  • 0

#6
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello dragues,

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right click JRT.exe and "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

  • 0

#7
dragues

dragues

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts
Thank you. Here is the log:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows 7 Home Premium x64
Ran by dragues on 01/11/2013 at 17:49:46.89
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\dragues\AppData\Roaming\mozilla\firefox\profiles\tdtexgid.default\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01/11/2013 at 17:56:38.30
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

#8
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

Drive C: | 919.22 Gb Total Space | 0.95 Gb Free Space | 0.10% Space Free | Partition Type: NTFS


Your OTL log shows your System Drive as only having 0.10% space free.

You have less then 5% of your drive free.

You are in danger of messing up the Master File Table of your computer. It is risky running the tools we are using at this low level of free space.

Under 15% free is less than optimum.

I suggest you uninstall any old programs and back up and remove any data you don't need.

After that

Please download Security Check by screen317 from here .

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Finally in this post

  • Close all windows and open OTL again.
  • Click Run Scan and let the program run uninterrupted
  • It will produce a log for you. Post the log here.
So when you return please post
  • checkup.txt
  • OTL.txt

  • 0

#9
dragues

dragues

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts
Sorry for the delay. I have money issues and just bought some DVDs to make a backup and delete files from my computer. Brb in a few hours. Thank you.
  • 0

#10
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP