Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

i lose the focus of all windows

Started by mickMonch , Aug 27 2014 09:42 PM
conhost.exe

  • Please log in to reply

#1
mickMonch
Posted 27 August 2014 - 09:42 PM

mickMonch

    New Member

  • Member
  • Pip
  • 1 posts
Hi:
 
I have problem with my computer, a fix with a log of yours http://www.geekstogo...ly-more-adware/
 
i eliminete sw-booster thank for it, but now, i had a other problem
 
Attached File  OTL.Txt   134.68KB   101 downloads
 
 
 
 
sorry for my english and thanks for the support
 
 
 


OTL logfile created on: 27/08/2014 09:28:17 p.m. - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Miguel Monge\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17239)
Locale: 0000080a | Country: México | Language: ESM | Date Format: dd/MM/yyyy
 
15.96 Gb Total Physical Memory | 12.36 Gb Available Physical Memory | 77.41% Memory free
31.92 Gb Paging File | 28.02 Gb Available in Paging File | 87.77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298.09 Gb Total Space | 105.79 Gb Free Space | 35.49% Space Free | Partition Type: NTFS
Drive D: | 2047.90 Gb Total Space | 990.93 Gb Free Space | 48.39% Space Free | Partition Type: NTFS
Drive G: | 746.51 Gb Total Space | 622.39 Gb Free Space | 83.37% Space Free | Partition Type: NTFS
 
Computer Name: W7-DESKTOP | User Name: Miguel Monge | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/08/26 21:02:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Miguel Monge\Desktop\OTL.exe
PRC - [2014/08/26 16:23:30 | 003,600,216 | ---- | M] (Electronic Arts) -- C:\Program Files (x86)\Origin\Origin.exe
PRC - [2014/08/19 16:16:33 | 000,852,808 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/08/15 12:47:50 | 036,414,752 | ---- | M] (Dropbox, Inc.) -- C:\Users\Miguel Monge\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2014/08/06 03:34:34 | 013,246,272 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
PRC - [2014/08/06 03:34:34 | 005,052,224 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2014/08/06 03:21:00 | 000,229,696 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
PRC - [2014/07/28 18:58:37 | 001,178,168 | ---- | M] (Spotify Ltd) -- C:\Users\Miguel Monge\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2014/07/25 07:51:18 | 002,403,104 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014/07/25 07:51:13 | 001,720,608 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014/07/18 11:04:55 | 003,835,392 | ---- | M] (Mega Limited) -- C:\Users\Miguel Monge\AppData\Local\MegaSync\MEGAsync.exe
PRC - [2014/07/17 17:21:48 | 000,333,008 | ---- | M] (Unified Intents AB) -- C:\Program Files (x86)\Unified Remote\RemoteServer.exe
PRC - [2014/07/14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2014/07/14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2014/07/02 11:44:41 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014/06/13 01:33:02 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013/12/21 00:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/09/12 12:06:22 | 001,337,752 | ---- | M] (ESET) -- C:\Archivos de programa\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2012/09/12 01:32:32 | 004,679,672 | ---- | M] (Almico Software (www.almico.com)) -- C:\Program Files (x86)\SpeedFan\speedfan.exe
PRC - [2012/04/26 06:33:16 | 002,743,104 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
PRC - [2012/01/27 03:40:44 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2011/12/16 12:30:40 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2011/12/16 12:30:38 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2011/12/16 11:02:56 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
PRC - [2011/11/29 20:04:56 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/11/29 20:04:54 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2011/06/30 20:12:24 | 000,395,560 | ---- | M] (Seagate) -- C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe
PRC - [2011/06/30 20:11:14 | 002,671,168 | ---- | M] () -- C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/08/27 20:45:46 | 000,043,008 | ---- | M] () -- c:\users\miguel~1\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpn4gjpz.dll
MOD - [2014/08/27 20:44:22 | 000,192,512 | ---- | M] () -- C:\Users\MIGUEL~1\AppData\Local\Temp\sfamcc00001.dll
MOD - [2014/08/27 20:44:21 | 000,158,720 | ---- | M] () -- C:\Users\MIGUEL~1\AppData\Local\Temp\sfareca00001.dll
MOD - [2014/08/26 16:23:29 | 000,962,560 | ---- | M] () -- C:\Program Files (x86)\Origin\platforms\qwindows.dll
MOD - [2014/08/26 16:23:28 | 000,302,592 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qtiff.dll
MOD - [2014/08/26 16:23:28 | 000,261,632 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qmng.dll
MOD - [2014/08/26 16:23:28 | 000,217,088 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
MOD - [2014/08/26 16:23:28 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qico.dll
MOD - [2014/08/26 16:23:28 | 000,024,064 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qgif.dll
MOD - [2014/08/26 16:23:28 | 000,019,968 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qtga.dll
MOD - [2014/08/26 16:23:28 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
MOD - [2014/08/19 16:16:31 | 000,331,592 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.94\ppGoogleNaClPluginChrome.dll
MOD - [2014/08/19 16:16:29 | 008,577,864 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.94\pdf.dll
MOD - [2014/08/19 16:16:25 | 001,098,056 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.94\libglesv2.dll
MOD - [2014/08/19 16:16:24 | 000,174,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.94\libegl.dll
MOD - [2014/08/19 16:16:23 | 001,660,232 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.94\ffmpegsumo.dll
MOD - [2014/08/15 12:46:08 | 003,610,624 | ---- | M] () -- C:\Users\Miguel Monge\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2014/08/13 07:02:50 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\4d2ee13655653e64c6b91238e6b351df\System.Runtime.Remoting.ni.dll
MOD - [2014/08/13 07:02:36 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\434e3a5de2f98ed740aac2b24c6d0890\System.Windows.Forms.ni.dll
MOD - [2014/08/13 07:02:32 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\bce52f0521c930a2e305badb3ea07128\System.Drawing.ni.dll
MOD - [2014/08/13 07:02:30 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b9cba29019ece3ac3e39440616de880c\System.Xml.ni.dll
MOD - [2014/08/13 07:02:28 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce5e2af0775efc3c91ba62d5d26fb39\System.Configuration.ni.dll
MOD - [2014/08/13 07:02:22 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4aa535ef604745958a236cfbbbbf6297\WindowsBase.ni.dll
MOD - [2014/08/13 07:02:16 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\2ee90c95adb50b0e75b814fcb9d87f8e\System.ni.dll
MOD - [2014/08/13 07:02:11 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\f8be9e33457f57805b4068f90099e428\mscorlib.ni.dll
MOD - [2014/05/01 08:15:20 | 000,463,360 | ---- | M] () -- C:\Users\Miguel Monge\AppData\Local\MEGAsync\ShellExtX32.dll
MOD - [2014/03/02 10:35:48 | 019,693,056 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\24bf0c88c0465485f4b842df043b3f45\System.ServiceModel.ni.dll
MOD - [2014/03/02 09:43:27 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll
MOD - [2014/03/02 09:43:25 | 007,409,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\6bbed231aec6fd82547e09474da0b2f9\System.Data.ni.dll
MOD - [2014/03/02 09:43:23 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll
MOD - [2014/03/02 09:43:21 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.Core.ni.dll
MOD - [2014/03/02 09:43:21 | 002,825,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll
MOD - [2014/03/02 09:43:20 | 007,662,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll
MOD - [2014/03/02 09:43:18 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll
MOD - [2014/03/02 09:43:17 | 010,060,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll
MOD - [2014/03/02 09:43:14 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2013/09/05 01:14:10 | 004,300,456 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
MOD - [2013/08/23 13:01:44 | 025,100,288 | ---- | M] () -- C:\Users\Miguel Monge\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013/07/08 06:49:47 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_es_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2011/06/30 20:11:14 | 002,671,168 | ---- | M] () -- C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe
MOD - [2011/06/30 20:11:04 | 000,071,008 | ---- | M] () -- C:\Program Files (x86)\Seagate\DiscWizard\Common\rpc_client.dll
MOD - [2010/11/12 18:33:59 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_es_b77a5c561934e089\mscorlib.resources.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/07/25 07:00:25 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/06/27 20:45:13 | 000,076,152 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
SRV:64bit: - [2012/01/10 08:09:50 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV:64bit: - [2010/04/06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009/07/13 19:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014/08/23 17:39:34 | 000,804,312 | ---- | M] (MMSOFT Design Ltd.) [Auto | Running] -- C:\Archivos de programa\Pulseway\PCMonitorSrv.exe -- (PC Monitor)
SRV - [2014/08/06 03:34:34 | 005,052,224 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2014/07/25 07:51:13 | 001,720,608 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014/07/25 07:51:10 | 018,956,064 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Archivos de programa\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV - [2014/07/17 19:39:21 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/07/14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014/07/14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2014/07/08 17:24:25 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/07/02 11:44:41 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014/06/13 01:33:02 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2014/05/29 11:36:52 | 000,543,424 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/03/20 16:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/12/21 00:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/12 12:06:22 | 001,337,752 | ---- | M] (ESET) [Auto | Running] -- C:\Archivos de programa\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/07/17 15:14:44 | 002,292,480 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2011/12/16 12:30:40 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/12/16 12:30:38 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011/12/16 11:02:56 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2011/12/08 16:38:24 | 000,607,456 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Archivos de programa\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV - [2011/11/29 20:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/08/30 16:55:54 | 000,160,256 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2011/06/30 20:12:38 | 001,191,832 | ---- | M] (Seagate) [Auto | Running] -- C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe -- (SgtSch2Svc)
SRV - [2011/05/17 18:48:40 | 000,025,832 | ---- | M] () [On_Demand | Stopped] -- D:\Origins Games\Dragon Age Origins Ultimate Edition\\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2010/01/09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Archivos de programa\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Pulseway\PCMonitorSrv.sys -- (WinRing0_1_2_0)
DRV:64bit: - [2014/03/31 10:42:44 | 000,040,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013/12/27 09:32:04 | 000,971,360 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2013/12/27 09:31:39 | 000,210,016 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vididr.sys -- (vididr)
DRV:64bit: - [2013/12/27 09:31:29 | 000,141,920 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsflt53.sys -- (vidsflt53)
DRV:64bit: - [2013/12/27 09:31:27 | 000,275,552 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2013/12/18 18:16:44 | 000,140,560 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2013/11/28 07:38:18 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013/10/01 20:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/09/17 15:17:38 | 000,239,320 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2013/09/17 15:17:38 | 000,168,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2013/09/17 15:17:38 | 000,157,432 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2013/08/20 07:02:12 | 000,204,568 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2013/08/20 07:02:12 | 000,103,576 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013/02/11 22:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2013/02/05 22:06:06 | 000,057,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2013/01/02 19:31:20 | 000,301,256 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xhcdrv.sys -- (xhcdrv)
DRV:64bit: - [2013/01/02 19:31:18 | 000,231,112 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ViaHub3.sys -- (VUSB3HUB)
DRV:64bit: - [2012/12/14 02:42:22 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/09/28 15:30:37 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/08/23 08:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/07/17 19:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/27 03:39:33 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/01/27 03:39:33 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/01/27 03:39:33 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012/01/10 08:09:44 | 002,184,816 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2011/12/06 04:23:10 | 000,331,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011/11/29 19:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/11/02 10:48:26 | 000,021,616 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2011/08/11 16:54:16 | 000,104,560 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2011/08/08 23:42:36 | 000,315,696 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mvs91xx.sys -- (mvs91xx)
DRV:64bit: - [2011/05/18 09:08:32 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/03 12:29:00 | 001,105,000 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192Ce.sys -- (RTL8192Ce)
DRV:64bit: - [2010/11/20 07:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 04:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007/05/14 17:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV - [2014/07/25 07:51:10 | 000,020,256 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Archivos de programa\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV - [2014/01/31 10:33:30 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv)
DRV - [2014/01/31 10:31:53 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2014/01/31 10:31:45 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2013/07/17 18:28:12 | 000,015,176 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\EVGA Precision X\RTCore64.sys -- (RTCore64)
DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://prodigy.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es-MX
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 04 F7 73 3C C0 13 CE 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...=SPLBR1&pc=SPLH
IE - HKCU\..\SearchScopes\{22781FC2-8AA1-4818-BB1B-AF1F6FC31531}: "URL" = https://www.google.c...q={searchTerms}
IE - HKCU\..\SearchScopes\{92B01A5F-7B0F-48a7-929C-AA83E3EB5C6B}: "URL" = http://mx.search.yah...evm&type=IEBDSV
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.3: C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.3.2: C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.4.0: C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Miguel Monge\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Miguel Monge\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Miguel Monge\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD [2014/08/10 18:54:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 31.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 31.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014/08/10 18:54:24 | 000,000,000 | ---D | M]
 
[2012/09/29 23:40:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Miguel Monge\AppData\Roaming\mozilla\Extensions
[2014/08/27 21:16:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
 
========== Chrome  ==========
 
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - homepage: http://www.google.com/
CHR - plugin: Error reading preferences file
CHR - Extension: Script Blocker for Chromeâ„¢ = C:\Users\Miguel Monge\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchmnmjneadkakfihibdbepehaflop\3.0_0\
CHR - Extension: Presentaciones de Google = C:\Users\Miguel Monge\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.8_0\
CHR - Extension: Angry Birds = C:\Users\Miguel Monge\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Google Docs = C:\Users\Miguel Monge\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Google Drive = C:\Users\Miguel Monge\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Tablon de Notas Web = C:\Users\Miguel Monge\AppData\Local\Google\Chrome\User Data\Default\Extensions\apgackkfllmckgkbdfmbfodpinmnnpab\1.2.0_0\
CHR - Extension: TekPassword (ext) a password generator = C:\Users\Miguel Monge\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdefpaibajppiomahfnnlijddoiaijgm\1.0.14_0\
CHR - Extension: Web Developer = C:\Users\Miguel Monge\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm\0.4.6_0\
CHR - Extension: YouTube = C:\Users\Miguel Monge\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Firebug Lite for Google Chromeâ„¢ = C:\Users\Miguel Monge\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench\1.4.0.11967_0\
CHR - Extension: Adblock Plus = C:\Users\Miguel Monge\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.3_0\
CHR - Extension: Búsqueda de Google = C:\Users\Miguel Monge\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Calendar = C:\Users\Miguel Monge\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: ¿Qué cocino hoy? = C:\Users\Miguel Monge\AppData\Local\Google\Chrome\User Data\Default\Extensions\enadeelnincmhhilgbiphjbjnnagnhmh\1.3.5.1_0\
CHR - Extension: Hojas de cálculo de Google = C:\Users\Miguel Monge\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.0_0\
CHR - Extension: JustEdit = C:\Users\Miguel Monge\AppData\Local\Google\Chrome\User Data\Default\Extensions\fljmfnpmbdjgfchcdcjcfadgciaioddm\1.4_0\
CHR - Extension: AdBlock = C:\Users\Miguel Monge\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.13_0\
CHR - Extension: Tablon de Notas = C:\Users\Miguel Monge\AppData\Local\Google\Chrome\User Data\Default\Extensions\goficmpcgcnombioohjcgdhbaloknabb\6.0.4.10_0\
CHR - Extension: Alpine Crocodile Children's Books = C:\Users\Miguel Monge\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpoodhffejkmofghgbkjkghagiicdgmo\1.0.3_0\
CHR - Extension: Dropbox = C:\Users\Miguel Monge\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl\3.0.8_0\
CHR - Extension: Black Wood = C:\Users\Miguel Monge\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlfigpljkonjldfhkfgbbmibfbcggnhj\1_0\
CHR - Extension: Evernote Web = C:\Users\Miguel Monge\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.8_0\
CHR - Extension: Skype Click to Call = C:\Users\Miguel Monge\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.3.16540.9015_0\
CHR - Extension: Google Maps = C:\Users\Miguel Monge\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\
CHR - Extension: Google Mail Checker = C:\Users\Miguel Monge\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: DevTools Autosave = C:\Users\Miguel Monge\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlejngncgiocofkcbnnpaieapabmanfl\1.2.3_0\
CHR - Extension: Google Wallet = C:\Users\Miguel Monge\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Memo Notepad = C:\Users\Miguel Monge\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmoihkoninaoanjobiiknmgenhpaecec\0.1.36_0\
CHR - Extension: draw.io = C:\Users\Miguel Monge\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlkggianjhjenigcpigpjehhpplldkc\3.0.1.0_0\
CHR - Extension: Outlook.com = C:\Users\Miguel Monge\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge\1.0.2_0\
CHR - Extension: Gmail = C:\Users\Miguel Monge\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Archivos de programa\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" File not found
O4:64bit: - HKLM..\Run: [PC Monitor Operations] C:\Program Files\Pulseway\pcmontask.exe (MMSOFT Design Ltd.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Servicio de Seagate Scheduler2 ] C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe (Seagate)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [VIAxHCUtl] C:\VIA_XHCI\usb3Monitor.exe File not found
O4 - HKLM..\Run: [DiscWizardMonitor.exe] C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe ()
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKCU..\Run: [DAEMON Tools Pro Agent] C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
O4 - HKCU..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
O4 - HKCU..\Run: [Google Update] "C:\Users\Miguel Monge\AppData\Local\Google\Update\GoogleUpdate.exe" /c File not found
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_206868919C5E21B7731557CCB6515F4F] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Miguel Monge\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKCU..\Run: [Unified Remote v2] C:\Program Files (x86)\Unified Remote\RemoteServer.exe (Unified Intents AB)
O4 - Startup: C:\Users\Miguel Monge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Miguel Monge\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Miguel Monge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk = C:\Users\Miguel Monge\AppData\Local\MegaSync\MEGAsync.exe (Mega Limited)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
O9:64bit: - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O16:64bit: - DPF: {3234EB1E-733E-4E6A-A8AB-EBB6287E5A7E} http://content.syste...l64_4.5.9.0.cab (SysInfo Class)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_38)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_38)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_38)
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} http://download.giga...bject/Dldrv.ocx (Dldrv2 Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{88C3649F-504C-4F23-A905-8827A29C7421}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BB3978E4-F9FC-4E29-A968-61A5AB5C5006}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{32273eae-fbb3-11e1-bb5a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{32273eae-fbb3-11e1-bb5a-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Run.exe
O33 - MountPoints2\{9e25f36b-53c8-11e2-94b6-84771428dea9}\Shell - "" = AutoRun
O33 - MountPoints2\{9e25f36b-53c8-11e2-94b6-84771428dea9}\Shell\AutoRun\command - "" = E:\LGAutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/08/27 21:28:08 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Miguel Monge\Desktop\OTL.exe
[2014/08/27 21:19:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/08/27 21:18:27 | 000,000,000 | ---D | C] -- C:\Users\Miguel Monge\AppData\Local\Apps
[2014/08/27 06:53:00 | 000,000,000 | ---D | C] -- C:\Users\Miguel Monge\Documents\Kinder UAS
[2014/08/26 23:25:22 | 000,000,000 | R--D | C] -- C:\Users\Miguel Monge\Documents\Scanned Documents
[2014/08/26 23:25:22 | 000,000,000 | ---D | C] -- C:\Users\Miguel Monge\Documents\Fax
[2014/08/26 21:42:05 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/08/26 21:41:35 | 001,016,261 | ---- | C] (Thisisu) -- C:\Users\Miguel Monge\Desktop\JRT.exe
[2014/08/26 20:56:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hewlett-Packard
[2014/08/26 20:56:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Visan
[2014/08/26 20:56:52 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Photo Creations
[2014/08/26 20:56:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP Photo Creations
[2014/08/26 20:56:48 | 000,000,000 | ---D | C] -- C:\Users\Miguel Monge\AppData\Roaming\HpUpdate
[2014/08/26 20:56:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2014/08/26 20:56:29 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2014/08/26 20:56:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
[2014/08/26 20:53:25 | 000,000,000 | ---D | C] -- C:\Users\Miguel Monge\AppData\Local\HP
[2014/08/26 20:26:49 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2014/08/26 17:00:37 | 000,000,000 | ---D | C] -- C:\ProgramData\priceechoP
[2014/08/26 16:58:35 | 000,000,000 | ---D | C] -- C:\Users\Miguel Monge\AppData\Roaming\SkypEmoticons
[2014/08/26 16:56:55 | 000,000,000 | ---D | C] -- C:\Users\Miguel Monge\AppData\Roaming\EZDownloader
[2014/08/26 16:54:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Trusted Publisher
[2014/08/26 16:54:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Adblocker
[2014/08/26 16:53:47 | 000,000,000 | ---D | C] -- C:\ProgramData\prIcecahoope
[2014/08/26 16:53:32 | 000,000,000 | ---D | C] -- C:\Users\Miguel Monge\AppData\Local\Comodo
[2014/08/26 16:53:32 | 000,000,000 | ---D | C] -- C:\Users\Miguel Monge\AppData\Local\Chromatic Browser
[2014/08/26 16:53:32 | 000,000,000 | ---D | C] -- C:\ProgramData\29f3996ed1750aa6
[2014/08/16 09:23:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/08/14 16:32:19 | 000,000,000 | ---D | C] -- C:\Users\Miguel Monge\AppData\Local\Blizzard Entertainment
[2014/08/14 16:32:03 | 000,000,000 | ---D | C] -- C:\Users\Miguel Monge\AppData\Roaming\Battle.net
[2014/08/14 16:32:03 | 000,000,000 | ---D | C] -- C:\Users\Miguel Monge\AppData\Local\Battle.net
[2014/08/14 16:31:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
[2014/08/14 16:31:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battle.net
[2014/08/12 17:06:22 | 000,000,000 | ---D | C] -- C:\Users\Miguel Monge\AppData\Roaming\TeamViewer
[2014/08/12 17:06:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2014/08/11 17:52:01 | 000,000,000 | ---D | C] -- C:\Program Files\Pulseway
[2014/08/11 17:39:15 | 000,000,000 | ---D | C] -- C:\Users\Miguel Monge\AppData\Roaming\Unified Remote
[2014/08/11 17:39:08 | 000,000,000 | ---D | C] -- C:\Users\Miguel Monge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unified Remote
[2014/08/11 17:39:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Unified Remote
[2014/08/10 18:54:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2014/08/10 18:54:22 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2014/08/04 19:00:56 | 000,000,000 | ---D | C] -- C:\Users\Miguel Monge\AppData\Roaming\Thunderbird
[2014/08/04 19:00:56 | 000,000,000 | ---D | C] -- C:\Users\Miguel Monge\AppData\Local\Thunderbird
[2014/08/04 19:00:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2014/08/03 10:40:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/08/01 23:13:52 | 000,000,000 | ---D | C] -- C:\Users\Miguel Monge\AppData\Roaming\Sublime Text 2
[2014/08/01 23:13:47 | 000,000,000 | ---D | C] -- C:\Program Files\Sublime Text 2
[2014/08/01 23:02:39 | 000,000,000 | ---D | C] -- C:\Users\Miguel Monge\Desktop\Registro - RNM_files
[2 C:\Users\Miguel Monge\Desktop\*.tmp files -> C:\Users\Miguel Monge\Desktop\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/08/27 21:26:00 | 000,001,074 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2983116945-2380431871-4556668-1000UA1cf8dc0a20e08cb.job
[2014/08/27 21:24:00 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/08/27 21:23:12 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf9032d39b56b.job
[2014/08/27 21:23:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf9032d11e186.job
[2014/08/27 21:19:30 | 000,002,249 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/08/27 20:53:00 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2983116945-2380431871-4556668-1003UA.job
[2014/08/27 20:44:46 | 000,001,952 | ---- | M] () -- C:\Users\Miguel Monge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Supervisar alertas de tinta - HP Deskjet 1510 series.lnk
[2014/08/27 20:44:10 | 000,000,486 | ---- | M] () -- C:\Windows\tasks\SDMsgUpdate (TE).job
[2014/08/27 20:44:09 | 000,000,494 | ---- | M] () -- C:\Windows\tasks\SDMsgUpdate (Local).job
[2014/08/27 20:43:50 | 000,417,640 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/08/27 20:43:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/08/27 20:43:35 | 4263,538,686 | -HS- | M] () -- C:\hiberfil.sys
[2014/08/27 07:02:30 | 000,046,066 | ---- | M] () -- C:\Users\Miguel Monge\Documents\CURP Diego Monge imprimir.pdf
[2014/08/27 06:45:34 | 000,021,200 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/08/27 06:45:34 | 000,021,200 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/08/26 21:26:59 | 001,016,261 | ---- | M] (Thisisu) -- C:\Users\Miguel Monge\Desktop\JRT.exe
[2014/08/26 21:02:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Miguel Monge\Desktop\OTL.exe
[2014/08/26 20:56:53 | 000,001,987 | ---- | M] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk
[2014/08/26 20:56:41 | 000,002,212 | ---- | M] () -- C:\Users\Public\Desktop\HP Deskjet 1510 series.lnk
[2014/08/26 20:56:41 | 000,001,159 | ---- | M] () -- C:\Users\Public\Desktop\Comprar consumibles - HP Deskjet 1510 series.lnk
[2014/08/26 20:56:26 | 000,000,057 | ---- | M] () -- C:\ProgramData\Ament.ini
[2014/08/26 20:26:00 | 000,001,022 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2983116945-2380431871-4556668-1000Core1cf4a3a9f7c25bd.job
[2014/08/26 17:01:55 | 000,000,418 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014/08/24 15:53:00 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2983116945-2380431871-4556668-1003Core.job
[2014/08/23 23:07:49 | 000,007,754 | ---- | M] () -- C:\Users\Miguel Monge\Documents\The.Legend.of.Korra.(2012).S03E12-Enter.the.Void-aRGENTeaM-52711.zip
[2014/08/23 21:56:48 | 161,659,272 | ---- | M] () -- C:\Users\Miguel Monge\Documents\TRISTEZAEN.LALLUVIA.part2.rar
[2014/08/23 21:44:40 | 163,577,856 | ---- | M] () -- C:\Users\Miguel Monge\Documents\TRISTEZAEN.LALLUVIA.part1.rar
[2014/08/23 21:18:37 | 001,678,290 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/08/23 21:18:37 | 000,747,736 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
[2014/08/23 21:18:37 | 000,654,270 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/08/23 21:18:37 | 000,159,208 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
[2014/08/23 21:18:37 | 000,122,142 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/08/23 10:08:02 | 184,549,376 | ---- | M] () -- C:\Users\Miguel Monge\Documents\snk-oad3-480.part1.rar
[2014/08/23 10:07:59 | 174,726,666 | ---- | M] () -- C:\Users\Miguel Monge\Documents\snk-oad3-480.part2.rar
[2014/08/20 17:23:35 | 000,215,416 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014/08/20 15:31:54 | 000,215,416 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2014/08/19 22:38:15 | 000,025,676 | ---- | M] () -- C:\Users\Miguel Monge\Desktop\person-of-interest-third-season_english-869361.zip
[2014/08/17 23:10:39 | 005,429,494 | ---- | M] () -- C:\Users\Miguel Monge\Desktop\Documentos.rar
[2014/08/16 08:57:30 | 000,001,058 | ---- | M] () -- C:\Users\Miguel Monge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/08/10 23:06:35 | 1024,286,309 | ---- | M] () -- C:\Users\Miguel Monge\Desktop\LVIA.HMBRGS.2.HD.543GF521BGR.www.peliculasputlocker.net.rar
[2014/08/04 19:00:09 | 000,002,082 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2014/08/01 23:34:41 | 000,006,129 | ---- | M] () -- C:\Users\Miguel Monge\Desktop\Registro - RNM.htm
[2 C:\Users\Miguel Monge\Desktop\*.tmp files -> C:\Users\Miguel Monge\Desktop\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/08/27 21:19:30 | 000,002,249 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/08/27 07:02:30 | 000,046,066 | ---- | C] () -- C:\Users\Miguel Monge\Documents\CURP Diego Monge imprimir.pdf
[2014/08/26 20:58:12 | 000,001,952 | ---- | C] () -- C:\Users\Miguel Monge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Supervisar alertas de tinta - HP Deskjet 1510 series.lnk
[2014/08/26 20:56:53 | 000,001,987 | ---- | C] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk
[2014/08/26 20:56:41 | 000,002,212 | ---- | C] () -- C:\Users\Public\Desktop\HP Deskjet 1510 series.lnk
[2014/08/26 20:56:41 | 000,001,159 | ---- | C] () -- C:\Users\Public\Desktop\Comprar consumibles - HP Deskjet 1510 series.lnk
[2014/08/26 20:56:26 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2014/08/26 16:53:32 | 000,000,418 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/08/23 23:07:49 | 000,007,754 | ---- | C] () -- C:\Users\Miguel Monge\Documents\The.Legend.of.Korra.(2012).S03E12-Enter.the.Void-aRGENTeaM-52711.zip
[2014/08/23 21:56:46 | 161,659,272 | ---- | C] () -- C:\Users\Miguel Monge\Documents\TRISTEZAEN.LALLUVIA.part2.rar
[2014/08/23 21:44:39 | 163,577,856 | ---- | C] () -- C:\Users\Miguel Monge\Documents\TRISTEZAEN.LALLUVIA.part1.rar
[2014/08/23 10:08:02 | 184,549,376 | ---- | C] () -- C:\Users\Miguel Monge\Documents\snk-oad3-480.part1.rar
[2014/08/23 10:07:59 | 174,726,666 | ---- | C] () -- C:\Users\Miguel Monge\Documents\snk-oad3-480.part2.rar
[2014/08/19 22:38:15 | 000,025,676 | ---- | C] () -- C:\Users\Miguel Monge\Desktop\person-of-interest-third-season_english-869361.zip
[2014/08/17 23:08:01 | 005,429,494 | ---- | C] () -- C:\Users\Miguel Monge\Desktop\Documentos.rar
[2014/08/12 17:06:20 | 000,001,170 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
[2014/08/11 17:52:02 | 000,003,005 | ---- | C] () -- C:\Users\Miguel Monge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pulseway Manager.lnk
[2014/08/10 23:06:12 | 1024,286,309 | ---- | C] () -- C:\Users\Miguel Monge\Desktop\LVIA.HMBRGS.2.HD.543GF521BGR.www.peliculasputlocker.net.rar
[2014/08/04 19:00:09 | 000,002,094 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
[2014/08/04 19:00:09 | 000,002,082 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2014/08/01 23:13:47 | 000,000,822 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sublime Text 2.lnk
[2014/08/01 23:02:39 | 000,006,129 | ---- | C] () -- C:\Users\Miguel Monge\Desktop\Registro - RNM.htm
[2013/09/13 22:47:56 | 001,651,940 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/06/20 18:47:16 | 000,000,156 | ---- | C] () -- C:\Users\Miguel Monge\.appletviewer
[2013/06/18 22:40:06 | 000,000,600 | ---- | C] () -- C:\Users\Miguel Monge\AppData\Local\PUTTY.RND
[2013/06/02 12:42:13 | 026,958,969 | ---- | C] () -- C:\Users\Miguel Monge\TAEGUK SA YANG (4).wmv
[2013/06/02 12:40:14 | 015,174,523 | ---- | C] () -- C:\Users\Miguel Monge\TAEGUK SA YANG (4).mp4
[2013/06/02 12:37:56 | 000,006,017 | ---- | C] () -- C:\Users\Miguel Monge\TAEGUK SA YANG (4).wlmp
[2013/06/01 14:44:36 | 000,001,261 | ---- | C] () -- C:\Users\Miguel Monge\AppData\Local\recently-used.xbel
[2013/01/01 08:53:13 | 000,215,416 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013/01/01 08:53:12 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/12/31 23:02:44 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2012/12/31 23:02:44 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2012/12/14 02:42:30 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/12/14 02:42:24 | 000,754,652 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012/12/14 02:42:24 | 000,598,384 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012/10/11 15:28:39 | 000,005,720 | ---- | C] () -- C:\Users\Miguel Monge\CreditCardBalance.pdf
[2012/09/28 13:45:06 | 000,247,296 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll
[2012/09/16 12:11:06 | 000,007,616 | ---- | C] () -- C:\Users\Miguel Monge\AppData\Local\Resmon.ResmonCfg
[2012/09/11 03:27:48 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2012/09/10 20:59:21 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
 
========== ZeroAccess Check ==========
 
[2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/06/24 20:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/24 19:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 06:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/08/14 16:36:06 | 000,000,000 | ---D | M] -- C:\Users\Miguel Monge\AppData\Roaming\Battle.net
[2014/03/26 00:07:37 | 000,000,000 | ---D | M] -- C:\Users\Miguel Monge\AppData\Roaming\Bitcoin
[2012/09/28 15:48:59 | 000,000,000 | ---D | M] -- C:\Users\Miguel Monge\AppData\Roaming\DAEMON Tools Pro
[2014/08/27 20:46:06 | 000,000,000 | ---D | M] -- C:\Users\Miguel Monge\AppData\Roaming\Dropbox
[2014/08/26 16:56:55 | 000,000,000 | ---D | M] -- C:\Users\Miguel Monge\AppData\Roaming\EZDownloader
[2014/01/03 19:13:41 | 000,000,000 | ---D | M] -- C:\Users\Miguel Monge\AppData\Roaming\Litecoin
[2013/08/07 16:07:50 | 000,000,000 | ---D | M] -- C:\Users\Miguel Monge\AppData\Roaming\MegaDesktop
[2013/08/07 16:05:40 | 000,000,000 | ---D | M] -- C:\Users\Miguel Monge\AppData\Roaming\megadesktop.com
[2013/08/07 16:11:02 | 000,000,000 | ---D | M] -- C:\Users\Miguel Monge\AppData\Roaming\MegaSync
[2014/03/30 19:15:35 | 000,000,000 | ---D | M] -- C:\Users\Miguel Monge\AppData\Roaming\MPC-HC
[2013/09/07 21:19:33 | 000,000,000 | ---D | M] -- C:\Users\Miguel Monge\AppData\Roaming\Nokia
[2013/09/07 21:19:33 | 000,000,000 | ---D | M] -- C:\Users\Miguel Monge\AppData\Roaming\Nokia Suite
[2014/02/28 21:48:38 | 000,000,000 | ---D | M] -- C:\Users\Miguel Monge\AppData\Roaming\Origin
[2012/12/27 19:08:47 | 000,000,000 | ---D | M] -- C:\Users\Miguel Monge\AppData\Roaming\PC Suite
[2014/01/01 20:22:12 | 000,000,000 | ---D | M] -- C:\Users\Miguel Monge\AppData\Roaming\poclbm
[2012/11/04 12:56:11 | 000,000,000 | ---D | M] -- C:\Users\Miguel Monge\AppData\Roaming\Rovio
[2013/12/27 10:05:27 | 000,000,000 | ---D | M] -- C:\Users\Miguel Monge\AppData\Roaming\Seagate
[2013/12/05 23:11:08 | 000,000,000 | ---D | M] -- C:\Users\Miguel Monge\AppData\Roaming\SmartDraw
[2012/12/06 15:11:04 | 000,000,000 | ---D | M] -- C:\Users\Miguel Monge\AppData\Roaming\Splashtop
[2014/08/03 09:15:54 | 000,000,000 | ---D | M] -- C:\Users\Miguel Monge\AppData\Roaming\Spotify
[2014/08/01 23:13:52 | 000,000,000 | ---D | M] -- C:\Users\Miguel Monge\AppData\Roaming\Sublime Text 2
[2014/08/12 17:06:22 | 000,000,000 | ---D | M] -- C:\Users\Miguel Monge\AppData\Roaming\TeamViewer
[2014/08/04 19:00:56 | 000,000,000 | ---D | M] -- C:\Users\Miguel Monge\AppData\Roaming\Thunderbird
[2013/02/02 21:08:01 | 000,000,000 | ---D | M] -- C:\Users\Miguel Monge\AppData\Roaming\TS3Client
[2013/02/02 21:03:09 | 000,000,000 | ---D | M] -- C:\Users\Miguel Monge\AppData\Roaming\ts3overlay
[2013/02/02 21:03:17 | 000,000,000 | ---D | M] -- C:\Users\Miguel Monge\AppData\Roaming\ts3overlay_hook_win64
[2014/08/11 17:39:19 | 000,000,000 | ---D | M] -- C:\Users\Miguel Monge\AppData\Roaming\Unified Remote
[2014/06/02 21:52:24 | 000,000,000 | ---D | M] -- C:\Users\Miguel Monge\AppData\Roaming\Unity
[2014/08/24 22:01:21 | 000,000,000 | ---D | M] -- C:\Users\Miguel Monge\AppData\Roaming\uTorrent
[2013/06/02 13:24:05 | 000,000,000 | ---D | M] -- C:\Users\Miguel Monge\AppData\Roaming\WinFF
 
========== Purity Check ==========
 
 
 
< End of report >
 

Edited by mickMonch, 27 August 2014 - 09:43 PM.

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics


Also tagged with one or more of these keywords: conhost.exe

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP