cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPDiag v2015.6.30.77 by Nicolas Coolman (2015\06\30)
~ Run by Usuario (Administrator) (2015/06/30 15:20:40)
~ Site : http://www.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Scanner
~ Report : C:\Users\Usuario\Desktop\ZHPDiag.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 7, 32-bit Service Pack 1 (Build 7601)

---\\ Información de producto de Windows (4) - 3s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK (Auto)
Windows Activation Technologies : OK

---\\ Información sobre el sistema (6) - 0s
~ Operating System: x86 Family 6 Model 15 Stepping 13, GenuineIntel
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
~ Total physical RAM (KB): 1832112
~ System Restore: Activé (Enable)
~ System drive C: has 101 GB free of 152 GB

---\\ Conexión para el modo del sistema (3) - 0s
~ Computer Name: USUARIO-PC
~ User Name: Usuario
~ Logged in as Administrator

---\\ Enumeración de las unidades de disco (1) - 0s
~ Drive C: has 101 GB free of 152 GB (System)

---\\ Estado de la Windows Security Center (14) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

---\\ Búsqueda particular de ficheros genéricos (23) - 1s
[MD5.40D777B7A95E00593EB1568C68514493] - (.Microsoft Corporation - Explorador de Windows.) () -- C:\Windows\Explorer.exe [2616320]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (.Microsoft Corporation - Proceso host de Windows (Rundll32).) () -- C:\Windows\System32\rundll32.exe [44544]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicación de inicio de Windows.) () -- C:\Windows\System32\Wininit.exe [96256]
[MD5.7FA3A810F383588D46220967DE8B64FF] - (.Microsoft Corporation - Extensiones de Internet para Win32.) () -- C:\Windows\System32\wininet.dll [1129472]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Aplicación de inicio de sesión de Windows.) () -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioteca de licencias de software.) () -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.9EBBBA55060F786F0FCAA3893BFA2806] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Controlador de puerto de i8042.) () -- C:\Windows\System32\drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\Windows\System32\drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [187904]
[MD5.33C3093D09017CFE2E219F2472BFF6EB] - (.Microsoft Corporation - Controlador del sistema de archivos NTFS.) () -- C:\Windows\System32\drivers\ntfs.sys [1211264]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Controlador de puerto paralelo.) () -- C:\Windows\System32\drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\Windows\System32\drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) () -- C:\Windows\System32\drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Controlador de instantánea de volumen.) () -- C:\Windows\System32\drivers\volsnap.sys [245632]

---\\ Proceso puesto en marcha (9) - 1s
[MD5.9BA25748A52AE945B973BA87E0D07BDB] - (.Tencent - ????-??????.) -- C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCRTP.exe [297608] [PID.792] =>Adware.TencentAddressBar
[MD5.7682CACF67B92FECEE4EF637EA12A47C] - (...) -- C:\Program Files\TP-LINK\QSS\HwBtnSvc.exe [16384] [PID.108]
[MD5.73466FBEB982515FE5494DF14848E7E5] - (.Copyright (C) 2007 - HwBtnDetector MFC Application.) -- C:\Program Files\TP-LINK\QSS\HwBtnDetector.exe [28672] [PID.380]
[MD5.F4C083E290BCBC8DA05C6E2C7F8053B9] - (.Ralink Technology, Corp. - RalinkRegistryWriter.) -- C:\Program Files\Ralink\Common\RaRegistry.exe [372736] [PID.1704]
[MD5.F4C86A166E918889DDE053E523E49E54] - (.Tencent - ????.) -- C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCTray.exe [355296] [PID.2332] =>Adware.TencentAddressBar
[MD5.8636DD8FA240184BC609D94883276113] - (.TP-LINK TECHNOLOGIES CO., LTD. - Tray Utility for QSS for Wireless.) -- C:\Program Files\TP-LINK\QSS\jswtrayutil.exe [36949] [PID.2340]
[MD5.8904DD33184C1DBFD114046D12A4E61A] - (.Ralink Technology, Corp. - Ralink Wireless LAN Card Utility.) -- C:\Program Files\Ralink\Common\RaUI.exe [12660072] [PID.2504]
[MD5.0EC0B1E581562C94EBC63D80DA4A1A24] - (.Tencent - ????-????.) -- C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QMDL.exe [207200] [PID.20216] =>Adware.TencentAddressBar
[MD5.16E27465FC02E6974704FD2187E92144] - (.Tencent - ????????.) -- C:\program files\common files\Tencent\qqdownload\130\tencentdl.exe [1097272] [PID.18516] =>Adware.TencentAddressBar

---\\ Google Chrome, Arranque, Búsqueda, Extensiones (Start,Search,Plugins) (G0,G1,G2) (9) - 0s
G2 - GCE: Extension [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module
G2 - GCE: Extension [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.

---\\ Mozilla Firefox, Plugins (enchufe), Arranque, Búsqueda, Extensiones (Mozilla Firefox, Plugins,Start,Search,Extensions) (P2,M0,M1,M2,M3) (3) - 1s
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\NPSWF32_17_0_0_188.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.4] - (.VideoLAN.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.1.1] - (.VideoLAN.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll

---\\ Internet Explorer, Arranque, Búsqueda, URLSearchHook (R0,R1,R3,R4) (15) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/ =>Hijacker.Browser
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/ =>Hijacker.Browser
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://www.google.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = http://www.google.com/
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2

---\\ Internet Explorer, Gestión de proxy (R5) (4) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Líneas de análisis F0, F1, F2, F3 - IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe (.Microsoft Corporation.)

---\\ Edirección del fichero Hosts (Hosts file redirection) (O1) (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (0)

---\\ Objetos del ayudante del navegador (O2) (1) - 0s
O2 - BHO: QPMIEHelper - {50F4150A-48B2-417A-BE4C-C83F580FB904} (Orphean)

---\\ Programas de cargamento automáticamente del registro (O4) (2) - 1s
O4 - HKLM\..\Run: [ QQPCTray] . (.Tencent - ????.) -- C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCTray.exe =>Adware.TencentAddressBar
O4 - HKLM\..\Run: [jswtrayutil] . (.TP-LINK TECHNOLOGIES CO., LTD. - Tray Utility for QSS for Wireless.) -- C:\Program Files\TP-LINK\QSS\jswtrayutil.exe

---\\ Modificación Dominio/Direcciones (Lop.com/Domain Hijackers) (O17) (3) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 87.216.1.65 87.216.1.66
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 87.216.1.65 87.216.1.66
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 87.216.1.65 87.216.1.66

---\\ Lista de los servicios NT no desactivados (Non Microsoft non disabled Windows XP/NT/2000 Services) (O23) (5) - 1s
O23 - Service: JSW Hardware Button Service (JSWHwBtn) . (...) - C:\Program Files\TP-LINK\QSS\HwBtnSvc.exe
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: QQPCMgr RTP Service (QQPCRTP) . (.Tencent - ????-??????.) - C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCRTP.exe =>Adware.TencentAddressBar
O23 - Service: RalinkRegistryWriter (RalinkRegistryWriter) . (.Ralink Technology, Corp. - RalinkRegistryWriter.) - C:\Program Files\Ralink\Common\RaRegistry.exe

---\\ Tareas programadas en modo automático (O39) (7) - 0s
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [838]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1539507423-729811589-3848484628-1000Core.job [1066]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [3776]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\CCleanerSkipUAC [2776]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1539507423-729811589-3848484628-1000Core [3696]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380} [3310]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{084B8019-C2D9-48AD-A54E-91F36466C750} [3166]

---\\ Software instalado (O42) (16) - 5s
O42 - Logiciel: Adobe Flash Player 17 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 17 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI
O42 - Logiciel: aTube Catcher - (.DsNET Corp.) [HKLM] -- aTube Catcher
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Malwarebytes Anti-Malware versión 2.1.6.1022 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: VLC media player 2.1.1 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: WinRAR 4.20 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Ralink RT2870 Wireless LAN Card - (.Ralink.) [HKLM] -- {28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}
O42 - Logiciel: Cisco LEAP Module - (.Cisco Systems, Inc..) [HKLM] -- {51C7AD07-C3F6-4635-8E8A-231306D810FE}
O42 - Logiciel: Cisco EAP-FAST Module - (.Cisco Systems, Inc..) [HKLM] -- {64BF0187-F3D2-498B-99EA-163AF9AE6EC9}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: QSS Installation Program - (.Atheros.) [HKLM] -- {9BF57E8E-AE20-41C7-8BDC-88E5BDEA659F}
O42 - Logiciel: WinZip 17.0 - (.WinZip Computing, S.L. .) [HKLM] -- {CD95F661-A5C4-44F5-A6AA-ECDD91C240D6}
O42 - Logiciel: Cisco PEAP Module - (.Cisco Systems, Inc..) [HKLM] -- {ED5776D5-59B4-46B7-AF81-5F2D94D7C640}
O42 - Logiciel: EMSC - (.Compal Electronics, Inc..) [HKLM] -- {FEF06E73-A519-4510-8CF3-B66041B91D8A}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome

---\\ HKCU & HKLM Software Keys (64) - 5s
HKLM\SOFTWARE\AdsFix
HKLM\SOFTWARE\AdwCleaner
HKLM\SOFTWARE\Agere
HKLM\SOFTWARE\Atheros
HKLM\SOFTWARE\ATI Technologies
HKLM\SOFTWARE\aTube Catcher
HKLM\SOFTWARE\Baidu
HKLM\SOFTWARE\CBSTEST
HKLM\SOFTWARE\COMPAL
HKLM\SOFTWARE\Google
HKLM\SOFTWARE\InstallShield
HKLM\SOFTWARE\Intel
HKLM\SOFTWARE\LSI
HKLM\SOFTWARE\Macromedia
HKLM\SOFTWARE\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\MaxPower
HKLM\SOFTWARE\McAfee.com
HKLM\SOFTWARE\MimarSinan
HKLM\SOFTWARE\mozilla
HKLM\SOFTWARE\MozillaPlugins
HKLM\SOFTWARE\Nico Mak Computing
HKLM\SOFTWARE\NLOmniture
HKLM\SOFTWARE\ODBC
HKLM\SOFTWARE\Panda Security
HKLM\SOFTWARE\Panda Software
HKLM\SOFTWARE\Piriform
HKLM\SOFTWARE\Ralink
HKLM\SOFTWARE\RegisteredApplications
HKLM\SOFTWARE\rising
HKLM\SOFTWARE\Skype
HKLM\SOFTWARE\Sonic
HKLM\SOFTWARE\Swearware
HKLM\SOFTWARE\Symantec
HKLM\SOFTWARE\Sysinternals
HKLM\SOFTWARE\Tencent =>Adware.TencentAddressBar
HKLM\SOFTWARE\VideoLAN
HKLM\SOFTWARE\WinRAR
HKCU\SOFTWARE\AdsFix
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Atheros
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\f
HKCU\SOFTWARE\Facebook
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\MCAFEE
HKCU\SOFTWARE\mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Nico Mak Computing
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\Skype-BackupBySkypePortable
HKCU\SOFTWARE\SkypeRS
HKCU\SOFTWARE\Sysinternals
HKCU\SOFTWARE\Tencent =>Adware.TencentAddressBar
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\VB and VBA Program Settings
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\WinZip Computing
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software

---\\ Contenido de las carpetas de programas, archivos de pro (135) - 6s
O43 - CFD: 2012/11/26 - 20:51:44 - [0] SHD -- C:\Program Files\Archivos comunes
O43 - CFD: 2015/05/30 - 14:29:39 - [] D -- C:\Program Files\ASIO4ALL v2
O43 - CFD: 2012/11/27 - 17:54:58 - [] D -- C:\Program Files\CCleaner
O43 - CFD: 2015/03/13 - 00:40:13 - [] D -- C:\Program Files\Cisco
O43 - CFD: 2015/06/28 - 23:32:44 - [] D -- C:\Program Files\Common Files
O43 - CFD: 2012/12/12 - 23:47:15 - [] D -- C:\Program Files\DsNET Corp
O43 - CFD: 2015/05/22 - 03:26:00 - [] D -- C:\Program Files\DSPRobotics
O43 - CFD: 2010/11/21 - 02:38:48 - [] D -- C:\Program Files\DVD Maker
O43 - CFD: 2015/05/22 - 03:26:19 - [] D -- C:\Program Files\Image-Line
O43 - CFD: 2015/06/28 - 14:00:54 - [] HD -- C:\Program Files\InstallShield Installation Information
O43 - CFD: 2015/06/28 - 12:26:31 - [] D -- C:\Program Files\Internet Explorer
O43 - CFD: 2015/05/21 - 16:14:08 - [] D -- C:\Program Files\Malwarebytes Anti-Malware
O43 - CFD: 2010/11/21 - 02:38:46 - [] D -- C:\Program Files\Microsoft Games
O43 - CFD: 2012/12/16 - 19:32:11 - [] D -- C:\Program Files\Microsoft Silverlight
O43 - CFD: 2012/12/01 - 00:43:46 - [] D -- C:\Program Files\Microsoft.NET
O43 - CFD: 2012/12/04 - 22:04:31 - [] D -- C:\Program Files\Mozilla Firefox
O43 - CFD: 2009/07/14 - 06:52:30 - [] D -- C:\Program Files\MSBuild
O43 - CFD: 2015/03/13 - 00:39:42 - [] D -- C:\Program Files\Ralink
O43 - CFD: 2009/07/14 - 06:52:30 - [] D -- C:\Program Files\Reference Assemblies
O43 - CFD: 2015/06/28 - 13:07:06 - [] D -- C:\Program Files\Rising
O43 - CFD: 2015/06/16 - 20:06:27 - [] D -- C:\Program Files\Rs
O43 - CFD: 2015/06/16 - 20:02:39 - [] D -- C:\Program Files\Tencent =>Adware.TencentAddressBar
O43 - CFD: 2015/06/28 - 14:00:54 - [] D -- C:\Program Files\TP-LINK
O43 - CFD: 2015/03/25 - 22:49:43 - [0] D -- C:\Program Files\TroubleFix
O43 - CFD: 2015/06/28 - 23:24:58 - [] D -- C:\Program Files\Uniblue =>PUP.UniblueSystem
O43 - CFD: 2009/07/14 - 06:53:23 - [0] HD -- C:\Program Files\Uninstall Information
O43 - CFD: 2012/12/16 - 19:43:31 - [] D -- C:\Program Files\VideoLAN
O43 - CFD: 2015/06/28 - 23:25:05 - [] D -- C:\Program Files\Vittalia =>PUP.Vittalia
O43 - CFD: 2010/11/21 - 02:29:59 - [] D -- C:\Program Files\Windows Defender
O43 - CFD: 2012/12/14 - 02:21:53 - [] D -- C:\Program Files\Windows Journal
O43 - CFD: 2010/11/21 - 02:29:59 - [] D -- C:\Program Files\Windows Mail
O43 - CFD: 2010/11/21 - 02:29:59 - [] D -- C:\Program Files\Windows Media Player
O43 - CFD: 2012/11/26 - 20:51:44 - [] D -- C:\Program Files\Windows NT
O43 - CFD: 2010/11/21 - 02:29:59 - [] D -- C:\Program Files\Windows Photo Viewer
O43 - CFD: 2010/11/20 - 23:33:48 - [] D -- C:\Program Files\Windows Portable Devices
O43 - CFD: 2010/11/21 - 02:29:59 - [] D -- C:\Program Files\Windows Sidebar
O43 - CFD: 2013/01/10 - 18:46:24 - [] D -- C:\Program Files\WinRAR
O43 - CFD: 2012/12/14 - 00:00:52 - [] D -- C:\Program Files\WinZip
O43 - CFD: 2012/11/26 - 20:48:38 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2012/11/26 - 20:48:45 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2012/12/12 - 23:47:20 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
O43 - CFD: 2012/11/27 - 17:54:57 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 2012/11/26 - 20:48:40 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2009/07/14 - 06:42:30 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/05/21 - 16:14:08 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 2012/12/16 - 19:32:13 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 2015/03/13 - 00:41:07 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ralink Wireless
O43 - CFD: 2015/06/21 - 20:10:27 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rs
O43 - CFD: 2015/06/20 - 18:47:00 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2010/11/21 - 02:38:39 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2015/06/28 - 14:00:58 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
O43 - CFD: 2015/06/28 - 23:24:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue =>PUP.UniblueSystem
O43 - CFD: 2014/01/23 - 15:43:37 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 2013/01/10 - 18:46:43 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2012/12/14 - 00:00:58 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
O43 - CFD: 2012/12/15 - 21:32:39 - [0] D -- C:\ProgramData\Adobe
O43 - CFD: 2009/07/14 - 06:53:55 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2015/06/28 - 14:01:03 - [] D -- C:\ProgramData\Atheros
O43 - CFD: 2015/06/28 - 23:22:59 - [] D -- C:\ProgramData\Babylon =>PUP.Babylon
O43 - CFD: 2015/06/28 - 23:22:59 - [] D -- C:\ProgramData\BrowserProtect =>Hijacker.Eazel
O43 - CFD: 2012/11/26 - 20:51:43 - [0] SHD -- C:\ProgramData\Datos de programa
O43 - CFD: 2009/07/14 - 06:53:55 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2012/11/26 - 20:51:43 - [0] SHD -- C:\ProgramData\Documentos
O43 - CFD: 2009/07/14 - 06:53:55 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2012/11/26 - 20:51:43 - [0] SHD -- C:\ProgramData\Escritorio
O43 - CFD: 2009/07/14 - 06:53:55 - [0] SHD -- C:\ProgramData\Favorites
O43 - CFD: 2012/11/26 - 20:51:43 - [0] SHD -- C:\ProgramData\Favoritos
O43 - CFD: 2014/10/16 - 16:13:30 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 2014/06/12 - 23:09:18 - [] D -- C:\ProgramData\McAfee
O43 - CFD: 2012/11/26 - 20:51:43 - [0] SHD -- C:\ProgramData\Menú Inicio
O43 - CFD: 2013/01/11 - 13:49:00 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2015/06/20 - 18:43:58 - [0] D -- C:\ProgramData\Norton
O43 - CFD: 2012/11/26 - 20:51:43 - [0] SHD -- C:\ProgramData\Plantillas
O43 - CFD: 2015/03/13 - 01:04:20 - [] D -- C:\ProgramData\Ralink
O43 - CFD: 2015/03/13 - 00:40:15 - [] D -- C:\ProgramData\Ralink Driver
O43 - CFD: 2015/06/16 - 19:59:58 - [] D -- C:\ProgramData\Rising
O43 - CFD: 2015/06/28 - 12:33:01 - [] D -- C:\ProgramData\RogueKiller
O43 - CFD: 2009/07/14 - 06:53:55 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2012/12/03 - 14:33:04 - [] D -- C:\ProgramData\Symantec
O43 - CFD: 2009/07/14 - 06:53:55 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2015/06/28 - 23:32:34 - [] D -- C:\ProgramData\Tencent =>Adware.TencentAddressBar
O43 - CFD: 2015/06/28 - 23:31:25 - [0] D -- C:\ProgramData\TXQMPC
O43 - CFD: 2015/06/28 - 23:23:02 - [] D -- C:\ProgramData\Uniblue =>PUP.UniblueSystem
O43 - CFD: 2012/11/26 - 21:16:18 - [] D -- C:\ProgramData\Vista32
O43 - CFD: 2012/11/26 - 21:16:18 - [] D -- C:\ProgramData\Vista64
O43 - CFD: 2012/11/26 - 21:20:43 - [] D -- C:\ProgramData\Win732
O43 - CFD: 2012/11/26 - 21:16:18 - [] D -- C:\ProgramData\Win764
O43 - CFD: 2012/12/16 - 19:38:57 - [] D -- C:\ProgramData\Windows Genuine Advantage
O43 - CFD: 2012/12/14 - 00:02:53 - [] D -- C:\ProgramData\WinZip
O43 - CFD: 2012/11/26 - 21:16:18 - [] D -- C:\ProgramData\XP32
O43 - CFD: 2012/11/26 - 21:15:39 - [] D -- C:\Program Files\Common Files\InstallShield
O43 - CFD: 2015/03/20 - 13:28:12 - [] D -- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 2009/07/14 - 04:37:05 - [] D -- C:\Program Files\Common Files\Services
O43 - CFD: 2009/07/14 - 04:37:05 - [] D -- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 2013/06/10 - 00:34:24 - [0] D -- C:\Program Files\Common Files\Symantec Shared
O43 - CFD: 2012/12/14 - 02:21:56 - [] D -- C:\Program Files\Common Files\System
O43 - CFD: 2015/06/28 - 23:54:10 - [] D -- C:\Program Files\Common Files\Tencent =>Adware.TencentAddressBar
O43 - CFD: 2012/11/26 - 21:03:54 - [] D -- C:\Users\Usuario\AppData\Roaming\Adobe
O43 - CFD: 2015/06/21 - 19:12:46 - [0] D -- C:\Users\Usuario\AppData\Roaming\Easeware
O43 - CFD: 2015/05/22 - 03:26:00 - [] D -- C:\Users\Usuario\AppData\Roaming\FlowStone
O43 - CFD: 2012/11/26 - 20:52:26 - [] D -- C:\Users\Usuario\AppData\Roaming\Identities
O43 - CFD: 2015/03/13 - 00:36:24 - [] D -- C:\Users\Usuario\AppData\Roaming\InstallShield
O43 - CFD: 2012/11/26 - 21:03:54 - [] D -- C:\Users\Usuario\AppData\Roaming\Macromedia
O43 - CFD: 2010/11/21 - 02:38:39 - [0] D -- C:\Users\Usuario\AppData\Roaming\Media Center Programs
O43 - CFD: 2015/06/28 - 13:12:10 - [] SD -- C:\Users\Usuario\AppData\Roaming\Microsoft
O43 - CFD: 2015/04/20 - 00:41:09 - [] D -- C:\Users\Usuario\AppData\Roaming\Skype
O43 - CFD: 2014/03/06 - 19:50:14 - [0] D -- C:\Users\Usuario\AppData\Roaming\SkypePM
O43 - CFD: 2012/12/05 - 22:13:46 - [0] D -- C:\Users\Usuario\AppData\Roaming\SkypePM-BackupBySkypePortable
O43 - CFD: 2015/06/28 - 23:32:33 - [] D -- C:\Users\Usuario\AppData\Roaming\Tencent =>Adware.TencentAddressBar
O43 - CFD: 2014/08/01 - 01:38:10 - [] D -- C:\Users\Usuario\AppData\Roaming\vlc
O43 - CFD: 2013/04/25 - 17:06:51 - [] D -- C:\Users\Usuario\AppData\Roaming\WinRAR
O43 - CFD: 2012/12/14 - 00:11:22 - [] D -- C:\Users\Usuario\AppData\Roaming\WinZip
O43 - CFD: 2015/06/30 - 15:20:50 - [] D -- C:\Users\Usuario\AppData\Roaming\ZHP
O43 - CFD: 2015/04/20 - 00:02:36 - [0] D -- C:\Users\Usuario\AppData\Local\Adobe
O43 - CFD: 2012/11/26 - 20:51:59 - [0] SHD -- C:\Users\Usuario\AppData\Local\Archivos temporales de Internet
O43 - CFD: 2012/12/04 - 22:03:55 - [] D -- C:\Users\Usuario\AppData\Local\Ares
O43 - CFD: 2012/11/26 - 20:51:59 - [0] SHD -- C:\Users\Usuario\AppData\Local\Datos de programa
O43 - CFD: 2012/11/27 - 13:47:05 - [0] D -- C:\Users\Usuario\AppData\Local\Deployment
O43 - CFD: 2015/06/19 - 16:42:15 - [] D -- C:\Users\Usuario\AppData\Local\Diagnostics
O43 - CFD: 2015/06/29 - 19:06:18 - [] D -- C:\Users\Usuario\AppData\Local\Facebook
O43 - CFD: 2012/11/27 - 13:48:17 - [] D -- C:\Users\Usuario\AppData\Local\Google
O43 - CFD: 2012/11/26 - 20:51:59 - [0] SHD -- C:\Users\Usuario\AppData\Local\Historial
O43 - CFD: 2015/04/20 - 00:40:36 - [] D -- C:\Users\Usuario\AppData\Local\Microsoft
O43 - CFD: 2014/10/16 - 16:13:10 - [] D -- C:\Users\Usuario\AppData\Local\Programs
O43 - CFD: 2014/03/07 - 20:49:39 - [] D -- C:\Users\Usuario\AppData\Local\Skype
O43 - CFD: 2015/06/30 - 15:20:42 - [] D -- C:\Users\Usuario\AppData\Local\temp
O43 - CFD: 2012/12/04 - 23:29:49 - [0] D -- C:\Users\Usuario\AppData\Local\uTorrent
O43 - CFD: 2015/06/16 - 20:05:21 - [] D -- C:\Users\Usuario\AppData\Local\VirtualStore
O43 - CFD: 2014/10/16 - 21:02:00 - [] D -- C:\Users\Usuario\AppData\Local\WinZip
O43 - CFD: 2009/07/14 - 06:42:04 - [] RD -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/06/16 - 20:12:38 - [] RD -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/05/30 - 14:29:43 - [] D -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2009/07/14 - 06:37:42 - [] RD -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/06/16 - 20:12:38 - [] RD -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2013/01/10 - 18:46:24 - [] D -- C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

---\\ Lista de controladores del sistema (SDL) (O58) (80) - 10s
O58 - SDL:2009/07/14 03:26:15 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [422976]
O58 - SDL:2009/07/14 03:26:17 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [297552]
O58 - SDL:2009/07/14 03:26:15 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\drivers\adpu320.sys [146512]
O58 - SDL:2009/07/14 00:13:48 A . (.LSI Corp - SoftModem Device Driver.) -- C:\Windows\System32\drivers\AGRSM.sys [1035776]
O58 - SDL:2009/07/14 03:26:15 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [14400]
O58 - SDL:2010/11/20 23:29:03 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [80256]
O58 - SDL:2009/07/14 03:26:15 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [159312]
O58 - SDL:2010/11/20 23:29:03 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [22400]
O58 - SDL:2009/07/14 03:26:15 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [76368]
O58 - SDL:2009/07/14 03:26:15 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [86608]
O58 - SDL:2009/07/14 00:02:49 A . (.Broadcom Corporation - Controlador unificado Broadcom NetXtreme Gi.) -- C:\Windows\System32\drivers\b57nd60x.sys [229888]
O58 - SDL:2009/07/14 00:02:48 A . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless dr.) -- C:\Windows\System32\drivers\BCMWL6.SYS [1131008]
O58 - SDL:2009/07/14 00:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [13568]
O58 - SDL:2009/07/14 00:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [5248]
O58 - SDL:2009/07/14 02:57:25 A . (.Brother Industries Ltd. - Controlador I/F serie de Brother (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [272128]
O58 - SDL:2009/07/14 00:53:32 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [62336]
O58 - SDL:2009/07/14 00:53:33 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [12160]
O58 - SDL:2009/07/14 00:53:33 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [11904]
O58 - SDL:2009/07/14 00:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbdx.sys [430080]
O58 - SDL:2009/07/14 03:26:21 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [15952]
O58 - SDL:2009/07/14 03:20:28 A . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\drivers\djsvs.sys [70720]
O58 - SDL:2009/07/14 03:20:28 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [453712]
O58 - SDL:2009/06/26 16:43:42 A . (.Windows (R) Win 7 DDK provider - Embedded System Control.) -- C:\Windows\System32\drivers\EMSC.sys [13680]
O58 - SDL:2009/07/14 00:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbdx.sys [3100160]
O58 - SDL:2009/07/14 00:54:14 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [26624]
O58 - SDL:2009/07/14 03:20:28 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [67152]
O58 - SDL:2010/11/20 23:29:03 A . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\drivers\iaStorV.sys [332160]
O58 - SDL:2009/07/14 03:20:36 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [41040]
O58 - SDL:2008/04/28 16:59:18 A . (.Atheros Communications, Inc. - Atheros Security NDIS 6.0 Filter Driver.) -- C:\Windows\System32\drivers\jswpslwf.sys [20384]
O58 - SDL:2009/07/14 03:20:36 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [95824]
O58 - SDL:2009/07/14 03:20:37 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [89168]
O58 - SDL:2009/07/14 03:20:36 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [54864]
O58 - SDL:2009/07/14 03:20:36 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [96848]
O58 - SDL:2015/04/14 09:37:42 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [23256]
O58 - SDL:2015/04/14 09:37:44 A . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\drivers\mbamchameleon.sys [92888]
O58 - SDL:2015/06/28 23:55:15 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [119512]
O58 - SDL:2009/07/14 03:20:36 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [30800]
O58 - SDL:2009/07/14 03:20:36 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [235584]
O58 - SDL:2015/04/14 09:37:54 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\drivers\mwac.sys [51928]
O58 - SDL:2012/04/17 11:31:10 A . (.Ralink Technology Corp. - Ralink 802.11n Wireless Adapter Driver.) -- C:\Windows\System32\drivers\netr28u.sys [1317952]
O58 - SDL:2009/07/14 03:20:44 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [44624]
O58 - SDL:2010/11/20 23:29:03 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [117120]
O58 - SDL:2010/11/20 23:29:03 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [143744]
O58 - SDL:2014/05/28 09:37:30 N . (.Beijing Rising Information Technology Co., Ltd. - protectreg.sys.) -- C:\Windows\System32\drivers\protreg.sys [24120]
O58 - SDL:2013/04/29 09:17:34 A . (.Panda Security, S.L. - Panda Kernel Memory Access Driver (x86).) -- C:\Windows\System32\drivers\PSKMAD.sys [47632]
O58 - SDL:2009/07/14 03:19:04 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1383488]
O58 - SDL:2009/07/14 03:19:04 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [106064]
O58 - SDL:2009/07/13 22:50:20 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [20480]
O58 - SDL:2009/07/14 01:45:33 A . (.Brother Industries Ltd. - Controlador I/F serie de Brother (WDM).) -- C:\Windows\System32\drivers\serial.sys [83456]
O58 - SDL:2009/07/14 00:02:53 A . (.Silicon Integrated Systems Corp. - NDIS 6.0 Miniport Driver for SiS191/SiS190.) -- C:\Windows\System32\drivers\SiSGB6.sys [48128]
O58 - SDL:2009/07/14 03:19:04 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [40016]
O58 - SDL:2009/07/14 03:19:04 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [77888]
O58 - SDL:2009/07/14 03:19:04 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [21072]
O58 - SDL:2015/06/16 20:03:25 A . (.Tencent - ????-TAO????????.) -- C:\Windows\System32\drivers\TAOAccelerator.sys [77016] =>Adware.TencentAddressBar
O58 - SDL:2015/06/16 20:03:26 A . (.Tencent Technology(Shenzhen) Company Limited - TAOKernel.) -- C:\Windows\System32\drivers\TAOKernel.sys [138552]
O58 - SDL:2015/06/16 20:03:26 N . (.???? - ????-????.) -- C:\Windows\System32\drivers\TFsFlt.sys [150072]
O58 - SDL:2015/06/28 19:12:29 A . (...) -- C:\Windows\System32\drivers\TrueSight.sys [35064]
O58 - SDL:2015/06/28 23:55:07 A . (.Tencent - Tencent TS888 (??????????).) -- C:\Windows\System32\drivers\TS888.sys [30392] =>Adware.TencentAddressBar
O58 - SDL:2015/06/16 20:03:26 N . (.Tencent - Tencent TSDefense Boot (??????????).) -- C:\Windows\System32\drivers\TSDefenseBt.sys [14008] =>Adware.TencentAddressBar
O58 - SDL:2015/06/16 20:03:26 N . (.???? - ????-????.) -- C:\Windows\System32\drivers\TsFltMgr.sys [124792]
O58 - SDL:2009/07/14 03:19:10 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [16976]
O58 - SDL:2009/07/14 03:19:11 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [141904]
O58 - SDL:2008/02/22 16:16:08 A . (.Printing Communications Assoc., Inc. (PCAUSA) - PCAUSA NDIS 5.0 SPR Protocol Driver.) -- C:\Windows\System32\drivers\ZDPSp50.sys [24360]
O58 - SDL:2008/02/22 16:16:14 A . (.Printing Communications Assoc., Inc. (PCAUSA) - PCAUSA NDIS 5.0 SPR Protocol Driver (AMD64).) -- C:\Windows\System32\drivers\ZDPSp50a64.sys [38440]
O58 - SDL:2009/07/13 23:40:41 A . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:2009/07/13 23:40:44 A . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:2009/07/13 23:40:40 A . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:2009/07/13 23:40:43 A . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:2009/07/13 23:40:43 A . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:2009/07/13 23:40:23 A . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:2009/07/13 23:40:31 A . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:2009/07/13 23:40:35 A . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:2009/07/13 23:40:39 A . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:2009/07/13 23:40:27 A . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:2009/07/13 23:40:11 A . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:2009/07/13 23:40:15 A . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:2009/07/13 23:40:17 A . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:2009/07/13 23:40:19 A . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:2009/07/13 23:40:13 A . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
O58 - SDL:2015/06/16 20:03:26 A . (.???? - ????-TSSK Driver.) -- C:\Windows\System32\TSSK.sys [67896]

---\\ Últimos archivos modificados o creados (usuario) (O61) (54) - 21s
O61 - LFC: 2015/06/29 00:28:15 A . (.Bleeping Computer, LLC.) -- C:\Users\Usuario\Downloads\iExplore.exe [1943800]
O61 - LFC: 2015/06/29 00:28:15 A . (.Bleeping Computer, LLC.) -- C:\Users\Usuario\Downloads\rkill.com [1943800]
O61 - LFC: 2015/06/29 00:32:08 A . (.Bleeping Computer, LLC.) -- C:\Users\Usuario\Downloads\rkill.exe [1943800]
O61 - LFC: 2015/06/28 12:24:00 A . (..) -- C:\Users\Usuario\Downloads\RogueKiller (1).exe [17679608]
O61 - LFC: 2015/06/28 12:41:14 A . (..) -- C:\Users\Usuario\Downloads\RogueKiller (2).exe [17679608]
O61 - LFC: 2015/06/28 13:15:16 A . (..) -- C:\Users\Usuario\Downloads\RogueKiller (3).exe [17679608]
O61 - LFC: 2015/06/28 13:22:55 A . (..) -- C:\Users\Usuario\Downloads\RogueKiller (4).exe [17679608]
O61 - LFC: 2015/06/28 12:23:32 A . (..) -- C:\Users\Usuario\Downloads\RogueKiller.exe [17679608]
O61 - LFC: 2015/06/28 13:20:42 A . (..) -- C:\Users\Usuario\Downloads\RogueKillerX64.exe [21471480]
O61 - LFC: 2015/06/28 14:55:11 R . (.Swearware.) -- C:\Users\Usuario\Desktop\ComboFix.exe [5630589]
O61 - LFC: 2015/06/28 13:22:55 A . (..) -- C:\Users\Usuario\Desktop\RogueKiller (4).exe [17679608]
O61 - LFC: 2015/06/28 23:52:25 A . (.The ICU Project.) -- C:\Users\Usuario\AppData\Roaming\Tencent\QQPhoneManager\Components\Webkit3.1\icudt.dll [4154936] =>Adware.TencentAddressBar
O61 - LFC: 2015/06/28 23:52:26 A . (.Copyright (C) 2013 The Chromium Embedded Framework Au.) -- C:\Users\Usuario\AppData\Roaming\Tencent\QQPhoneManager\Components\Webkit3.1\libcef3.dll [29811712] =>Adware.TencentAddressBar
O61 - LFC: 2015/06/28 23:38:07 A . (.Tencent.) -- C:\Users\Usuario\AppData\Roaming\Tencent\QQPCMgr\qmdr\dr.dll [76168] =>Adware.TencentAddressBar
O61 - LFC: 2015/06/28 23:35:10 A . (.????.) -- C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\AdbCmdServer.dll [201784] =>Adware.TencentAddressBar
O61 - LFC: 2015/06/28 23:35:10 A . (.????.) -- C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\AndroidDaemon.exe [29240] =>Adware.TencentAddressBar
O61 - LFC: 2015/06/28 23:35:10 A . (.????.) -- C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\AndroidDevice.dll [367672] =>Adware.TencentAddressBar
O61 - LFC: 2015/06/28 23:35:10 A . (.????.) -- C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\AndroidServer.exe [229432] =>Adware.TencentAddressBar
O61 - LFC: 2015/06/28 23:35:10 A . (.????.) -- C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\AndroidServerUp.exe [212024] =>Adware.TencentAddressBar
O61 - LFC: 2015/06/28 23:35:10 A . (.Tencent.) -- C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\arkFS.dll [76344] =>Adware.TencentAddressBar
O61 - LFC: 2015/06/28 23:35:10 A . (.Tencent.) -- C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\arkGraphic.dll [355384] =>Adware.TencentAddressBar
O61 - LFC: 2015/06/28 23:35:10 A . (.Tencent.) -- C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\arkImage.dll [56888] =>Adware.TencentAddressBar
O61 - LFC: 2015/06/28 23:35:10 A . (.Tencent.) -- C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\arkIOStub.dll [16440] =>Adware.TencentAddressBar
O61 - LFC: 2015/06/28 23:35:10 A . (.Tencent.) -- C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\AsyncTask.dll [86072] =>Adware.TencentAddressBar
O61 - LFC: 2015/06/28 23:35:10 A . (.????.) -- C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\bugreport.exe [270392] =>Adware.TencentAddressBar
O61 - LFC: 2015/06/28 23:35:10 A . (.Tencent.) -- C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\Common.dll [1948728] =>Adware.TencentAddressBar
O61 - LFC: 2015/06/28 23:35:10 A . (.????.) -- C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\ConnectManager.dll [442936] =>Adware.TencentAddressBar
O61 - LFC: 2015/06/28 23:35:10 A . (.????.) -- C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\ConnectUI.dll [382008] =>Adware.TencentAddressBar
O61 - LFC: 2015/06/28 23:35:10 A . (.????.) -- C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\Daemon.dll [102456] =>Adware.TencentAddressBar
O61 - LFC: 2015/06/28 23:35:10 A . (.????.) -- C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\DaemonProxy.dll [36408] =>Adware.TencentAddressBar
O61 - LFC: 2015/06/28 23:35:10 A . (.????.) -- C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\DriverTools.exe [114744] =>Adware.TencentAddressBar
O61 - LFC: 2015/06/28 23:35:10 A . (.????.) -- C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\DriverToolsX64.exe [134200] =>Adware.TencentAddressBar
O61 - LFC: 2015/06/28 23:35:10 A . (.Tencent.) -- C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\GF.dll [2334776] =>Adware.TencentAddressBar
O61 - LFC: 2015/06/28 23:35:10 A . (..) -- C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\libexpatw.dll [129592] =>Adware.TencentAddressBar
O61 - LFC: 2015/06/28 23:35:10 A . (.Tencent.) -- C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\libimagequant.dll [52792] =>Adware.TencentAddressBar
O61 - LFC: 2015/06/28 23:35:10 A . (..) -- C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\libjpegturbo.dll [279608] =>Adware.TencentAddressBar
O61 - LFC: 2015/06/28 23:35:10 A . (..) -- C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\libpng.dll [128568] =>Adware.TencentAddressBar
O61 - LFC: 2015/06/28 23:35:10 A . (..) -- C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\libtcmalloc.dll [177720] =>Adware.TencentAddressBar
O61 - LFC: 2015/06/28 23:35:10 A . (..) -- C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\Log4cplus.dll [295992] =>Adware.TencentAddressBar
O61 - LFC: 2015/06/28 23:35:10 A . (..) -- C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\lua.dll [157752] =>Adware.TencentAddressBar
O61 - LFC: 2015/06/28 23:35:10 A . (..) -- C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\mdb.exe [20024] =>Adware.TencentAddressBar
O61 - LFC: 2015/06/28 23:35:10 A . (.????.) -- C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\NetHub.dll [311352] =>Adware.TencentAddressBar
O61 - LFC: 2015/06/28 23:35:10 A . (.????.) -- C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\QQPMIpc.dll [80952] =>Adware.TencentAddressBar
O61 - LFC: 2015/06/28 23:35:10 A . (.TODO: .) -- C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\RubikEngine.dll [1038392] =>Adware.TencentAddressBar
O61 - LFC: 2015/06/28 23:35:10 A . (.????.) -- C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\SdkClient.dll [608312] =>Adware.TencentAddressBar
O61 - LFC: 2015/06/28 23:35:10 A . (..) -- C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\sqlite.dll [448568] =>Adware.TencentAddressBar
O61 - LFC: 2015/06/28 23:35:10 A . (.????.) -- C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\tadb.exe [621624] =>Adware.TencentAddressBar
O61 - LFC: 2015/06/28 23:35:10 A . (.????.) -- C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\TADInstaller.dll [207928] =>Adware.TencentAddressBar
O61 - LFC: 2015/06/28 23:35:10 A . (.Tencent.) -- C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\tinyxml.dll [93752] =>Adware.TencentAddressBar
O61 - LFC: 2015/06/28 23:35:10 A . (.Tencent.) -- C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\xGraphic32.dll [132152] =>Adware.TencentAddressBar
O61 - LFC: 2015/06/28 23:35:10 A . (..) -- C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\zlib.dll [75320] =>Adware.TencentAddressBar
O61 - LFC: 2015/06/22 17:20:00 A . (..) -- C:\Users\Usuario\AppData\Local\Google\Update\Install\{FDEC9704-34DF-40E4-BB4E-86EF95D24D03}\43.0.2357.130_43.0.2357.124_chrome_updater.exe [1063504]
O61 - LFC: 2015/06/22 17:20:00 A . (..) -- C:\Users\Usuario\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\43.0.2357.130\43.0.2357.130_43.0.2357.124_chrome_updater.exe [1063504]
O61 - LFC: 2015/06/30 15:16:25 A . (..) -- C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849]

---\\ Asociaciones Shell desove (O67) (11) - 0s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Inicio del complemento Visor de eventos.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Editor del Registro.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

---\\ Internet menú Inicio (SMI) (O68) (8) - 0s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Usuario\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Users\Usuario\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilidad de inicialización por usuario de I.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Users\Usuario\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilidad de inicialización por usuario de I.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Users\Usuario\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilidad de inicialización por usuario de I.) -- C:\Windows\System32\ie4uinit.exe

---\\ La búsqueda infección en navegadores de internet (OSE) (1) - 1s
O69 - SBI: SearchScopes [HKCU] {5CE25775-92B7-477d-9603-852F0B34D8B0} [DefaultScope] - (????) - http://www.sogou.com/

---\\ Lista de excepciones en el firewall (FirewallRules) (O8 (29) - 3s
O87 - FAEL: "{39725223-1526-454F-A2B6-6E7C5C85B69F}" [In-None-P17-TRUE] .(.Tencent - ????????.) -- C:\program files\common files\tencent\qqdownload\130\tencentdl.exe =>Adware.TencentAddressBar
O87 - FAEL: "{4701F98E-27A0-4D38-AA3A-54C10E664713}" [In-None-P17-TRUE] .(...) -- C:\program files\common files\tencent\qqdownload\130\bugreport_xf.exe =>Adware.TencentAddressBar
O87 - FAEL: "{6749594E-1C41-4BBC-9186-24603063D45B}" [In-None-P17-TRUE] .(.Tencent - ????-????.) -- C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCmgrInstallGuide.exe =>Adware.TencentAddressBar
O87 - FAEL: "{C3DD2E71-92B3-4662-BDD7-1E039282C417}" [In-None-P17-TRUE] .(.Tencent - ????.) -- C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCTray.exe =>Adware.TencentAddressBar
O87 - FAEL: "{7577F9A2-0A18-4255-8977-A591BB1CC3B1}" [In-None-P17-TRUE] .(.Tencent - ????.) -- C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCMgr.exe =>Adware.TencentAddressBar
O87 - FAEL: "{2B7CDAA4-A223-439E-952F-EE2BB67C9717}" [In-None-P17-TRUE] .(.Tencent - ????-??????.) -- C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCRTP.exe =>Adware.TencentAddressBar
O87 - FAEL: "{3E1C8EB1-1C23-456D-9A7D-78CD58C5995A}" [In-None-P17-TRUE] .(.Tencent - ????-????.) -- C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QMDL.exe =>Adware.TencentAddressBar
O87 - FAEL: "{473610EC-391A-4B52-BA0F-5331FB8A9F70}" [In-None-P17-TRUE] .(.Tencent - ????-??????.) -- C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCFileOpen.exe =>Adware.TencentAddressBar
O87 - FAEL: "{0D931EB3-D75F-42C5-A373-5D720ACABEAB}" [In-None-P17-TRUE] .(.Tencent - ????-????.) -- C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCLeakScan.exe =>Adware.TencentAddressBar
O87 - FAEL: "{AFC0B0DF-4680-4CB8-8CEA-AEEFA3456D50}" [In-None-P17-TRUE] .(.Tencent - ????-????.) -- C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPConfig.exe =>Adware.TencentAddressBar
O87 - FAEL: "{773C9D55-740C-424F-B6DF-7AE83DBAED38}" [In-None-P17-TRUE] .(.Tencent - ????.) -- C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCSoftMgr.exe =>Adware.TencentAddressBar
O87 - FAEL: "{0B800B5B-ADD4-48D3-A3E2-42D9A0106A1B}" [In-None-P17-TRUE] .(.Tencent - ????-??????.) -- C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\plugins\QMNetMon\QQPCNetFlow.exe =>Adware.TencentAddressBar
O87 - FAEL: "{CD65328B-8D5D-46AC-8EBC-794C49B15EF8}" [In-None-P17-TRUE] .(.Tencent - ????-????.) -- C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCBTU.exe =>Adware.TencentAddressBar
O87 - FAEL: "{0717AD2A-E652-4307-B883-D36B42A1134C}" [In-None-P17-TRUE] .(.Tencent - ????.) -- C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCClinic.exe =>Adware.TencentAddressBar
O87 - FAEL: "{7736EA29-A11E-43AC-999D-25038DE7E01A}" [In-None-P17-TRUE] .(.Copyright (C) 2012 - ????-????.) -- C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCLaunch.exe =>Adware.TencentAddressBar
O87 - FAEL: "{39418F55-61B3-4AE0-A5F3-0B83BAF17395}" [In-None-P17-TRUE] .(.Tencent - ????-?????.) -- C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QMUpdate\QQPCMgrUpdate.exe =>Adware.TencentAddressBar
O87 - FAEL: "{213F3355-7FDC-4F66-99B9-E6DA2D51402F}" [In-None-P17-TRUE] .(.Copyright (C) 2012 - ????-????.) -- C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCSoftGame.exe =>Adware.TencentAddressBar
O87 - FAEL: "{D361AFFE-5140-47D2-8FBA-63478623BB97}" [In-None-P17-TRUE] .(.Tencent - ????-????.) -- C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCSysOptimize.exe =>Adware.TencentAddressBar
O87 - FAEL: "{B6774203-D1E5-4D38-818A-B937983E4B1D}" [In-None-P17-TRUE] .(.Tencent - ????-??.) -- C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCUpdateAVLib.exe =>Adware.TencentAddressBar
O87 - FAEL: "{E3C9FFD7-7AE4-464C-9B01-AC7383863E9D}" [In-None-P17-TRUE] .(.Tencent - ????-???.) -- C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQRepair.exe =>Adware.TencentAddressBar
O87 - FAEL: "{A619AB8D-7EAC-43CB-A397-1ACFC59550DC}" [In-None-P17-TRUE] .(.Tencent - ????-????.) -- C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\Uninst.exe =>Adware.TencentAddressBar
O87 - FAEL: "{38C23E97-D6CE-4983-AAEB-D5DFA0F3917B}" [In-None-P17-TRUE] .(.Tencent - ????-????.) -- C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCPatch.exe =>Adware.TencentAddressBar
O87 - FAEL: "{3D9F33A1-DE17-486F-B3DA-524C25D296A5}" [In-None-P17-TRUE] .(.Tencent - ????-?????????.) -- C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\TpkUpdate.exe =>Adware.TencentAddressBar
O87 - FAEL: "{A87980DC-3696-46D3-A45E-2A12632D07EB}" [In-None-P17-TRUE] .(.Tencent - ????-?????.) -- C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QMRouterMgr.exe =>Adware.TencentAddressBar
O87 - FAEL: "{5B2D983E-0074-46A3-B0BE-B1A953F923F5}" [In-None-P17-TRUE] .(.Tencent - ????-???.) -- C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QMAccountProtection.exe =>Adware.TencentAddressBar
O87 - FAEL: "{37D74F8C-4992-4631-8126-2D3EF7151D06}" [In-None-P17-TRUE] .(.Tencent - ????????.) -- C:\program files\common files\tencent\qqdownload\130\tencentdl.exe =>Adware.TencentAddressBar
O87 - FAEL: "{F8A84FA0-7145-4210-A14D-6361B0E7812C}" [In-None-P17-TRUE] .(...) -- C:\program files\common files\tencent\qqdownload\130\bugreport_xf.exe =>Adware.TencentAddressBar
O87 - FAEL: "{9D5A2CA3-6394-417A-ABCF-BDCE23742B40}" [In-None-P17-TRUE] .(.Tencent - ????????.) -- C:\program files\common files\tencent\qqdownload\130\tencentdl.exe =>Adware.TencentAddressBar
O87 - FAEL: "{8A11026A-5BDD-4471-BA5E-857BBEB79B29}" [In-None-P17-TRUE] .(...) -- C:\program files\common files\tencent\qqdownload\130\bugreport_xf.exe =>Adware.TencentAddressBar

---\\ Search Tracing Registry Key (O100) (2) - 1s
HKLM\SOFTWARE\Microsoft\Tracing\tencentdl_RASAPI32 =>Adware.TencentAddressBar
HKLM\SOFTWARE\Microsoft\Tracing\tencentdl_RASMANCS =>Adware.TencentAddressBar

---\\ Escaneo adicional (O88) (83) - 0s
C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCRTP.exe =>Adware.TencentAddressBar
C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCTray.exe =>Adware.TencentAddressBar
C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QMDL.exe =>Adware.TencentAddressBar
C:\program files\common files\Tencent\qqdownload\130\tencentdl.exe =>Adware.TencentAddressBar
HKLM\SYSTEM\CurrentControlSet\Services\QQPCRTP =>Adware.TencentAddressBar
HKLM\SOFTWARE\Tencent =>Adware.TencentAddressBar
HKCU\SOFTWARE\Tencent =>Adware.TencentAddressBar
C:\Program Files\Tencent =>Adware.TencentAddressBar
C:\Program Files\Uniblue =>PUP.UniblueSystem
C:\Program Files\Vittalia =>PUP.Vittalia
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue =>PUP.UniblueSystem
C:\ProgramData\Babylon =>PUP.Babylon
C:\ProgramData\BrowserProtect =>Hijacker.Eazel
C:\ProgramData\Tencent =>Adware.TencentAddressBar
C:\ProgramData\Uniblue =>PUP.UniblueSystem
C:\Program Files\Common Files\Tencent =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent =>Adware.TencentAddressBar
C:\Windows\System32\drivers\TAOAccelerator.sys =>Adware.TencentAddressBar
C:\Windows\System32\drivers\TS888.sys =>Adware.TencentAddressBar
C:\Windows\System32\drivers\TSDefenseBt.sys =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent\QQPhoneManager\Components\Webkit3.1\icudt.dll =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent\QQPhoneManager\Components\Webkit3.1\libcef3.dll =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent\QQPCMgr\qmdr\dr.dll =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\AdbCmdServer.dll =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\AndroidDaemon.exe =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\AndroidDevice.dll =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\AndroidServer.exe =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\AndroidServerUp.exe =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\arkFS.dll =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\arkGraphic.dll =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\arkImage.dll =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\arkIOStub.dll =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\AsyncTask.dll =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\bugreport.exe =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\Common.dll =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\ConnectManager.dll =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\ConnectUI.dll =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\Daemon.dll =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\DaemonProxy.dll =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\DriverTools.exe =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\DriverToolsX64.exe =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\GF.dll =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\libexpatw.dll =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\libimagequant.dll =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\libjpegturbo.dll =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\libpng.dll =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\libtcmalloc.dll =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\Log4cplus.dll =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\lua.dll =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\mdb.exe =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\NetHub.dll =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\QQPMIpc.dll =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\RubikEngine.dll =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\SdkClient.dll =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\sqlite.dll =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\tadb.exe =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\TADInstaller.dll =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\tinyxml.dll =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\xGraphic32.dll =>Adware.TencentAddressBar
C:\Users\Usuario\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\zlib.dll =>Adware.TencentAddressBar
C:\program files\common files\tencent\qqdownload\130\bugreport_xf.exe =>Adware.TencentAddressBar
C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCmgrInstallGuide.exe =>Adware.TencentAddressBar
C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCMgr.exe =>Adware.TencentAddressBar
C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCFileOpen.exe =>Adware.TencentAddressBar
C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCLeakScan.exe =>Adware.TencentAddressBar
C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPConfig.exe =>Adware.TencentAddressBar
C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCSoftMgr.exe =>Adware.TencentAddressBar
C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\plugins\QMNetMon\QQPCNetFlow.exe =>Adware.TencentAddressBar
C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCBTU.exe =>Adware.TencentAddressBar
C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCClinic.exe =>Adware.TencentAddressBar
C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCLaunch.exe =>Adware.TencentAddressBar
C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QMUpdate\QQPCMgrUpdate.exe =>Adware.TencentAddressBar
C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCSoftGame.exe =>Adware.TencentAddressBar
C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCSysOptimize.exe =>Adware.TencentAddressBar
C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCUpdateAVLib.exe =>Adware.TencentAddressBar
C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQRepair.exe =>Adware.TencentAddressBar
C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\Uninst.exe =>Adware.TencentAddressBar
C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCPatch.exe =>Adware.TencentAddressBar
C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\TpkUpdate.exe =>Adware.TencentAddressBar
C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QMRouterMgr.exe =>Adware.TencentAddressBar
C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QMAccountProtection.exe =>Adware.TencentAddressBar
HKLM\SOFTWARE\Microsoft\Tracing\tencentdl_RASAPI32 =>Adware.TencentAddressBar
HKLM\SOFTWARE\Microsoft\Tracing\tencentdl_RASMANCS =>Adware.TencentAddressBar

---\\ Resumen de detecciones en su estación de trabajo (6) - 0s
http://www.nicolascoolman.fr/adware-tencentaddressbar/ =>Adware.TencentAddressBar
http://www.nicolascoolman.fr/hijacker-browsers/ =>Hijacker.Browser
http://www.nicolascoolman.fr/blog =>PUP.UniblueSystem
http://www.nicolascoolman.fr/pup-vittalia/ =>PUP.Vittalia
http://www.nicolascoolman.fr/pup-babylon/ =>PUP.Babylon
http://www.nicolascoolman.fr/hijacker-eazel/ =>Hijacker.Eazel

~ End of the scan, 16091 items in 58 seconds (632)(0)()

Publicité


Signaler le contenu de ce document

Publicité