cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPDiag v2015.7.14.89 Por Nicolas Coolman (2015/07/14)
~ Iniciado por khalid (Administrator) (2015/07/14 18:25:56)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Estado de la versión: Version OK
~ Mode: Scanner
~ Reporte: C:\Users\khalid\Desktop\ZHPDiag.txt
~ Reporte: C:\Users\khalid\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Inicio del sistema: Normal (Normal boot)
~ Windows 7, 32-bit Service Pack 1 (Build 7601)

---\\ Navegadores de Internet (2) - 0s
GCIE: Google Chrome v43.0.2357.134
MSIE: Internet Explorer v11.0.9600.17843

---\\ Información de producto de Windows (3) - 64s
~ Windows Server License Manager Script : OK
System - VBScript Engine not found
Windows Activation Technologies : OK

---\\ Software del sistema de protección (Superfluo) (1) - 2s
McAfee Security Scan Plus v3.8.150.1

---\\ Software de optimización de sistema (1) - 3s
CCleaner v5.07

---\\ Software de vigilancia (1) - 3s
Adobe Flash Player 17 NPAPI

---\\ Información sobre el sistema (6) - 0s
~ Operating System: x86 Family 6 Model 28 Stepping 2, GenuineIntel
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
~ Total physical RAM (KB): 1039672
~ System Restore: Activé (Enable)
~ System drive C: has 45 GB free of 80 GB

---\\ Conexión para el modo del sistema (3) - 0s
~ Computer Name: KHALID-PC
~ User Name: khalid
~ Logged in as Administrator

---\\ Enumeración de las unidades de disco (3) - 0s
~ Drive C: has 45 GB free of 80 GB (System)
~ Drive D: has 69 GB free of 71 GB
~ Drive Z: has 0 GB free of 0 GB

---\\ Búsqueda particular de ficheros genéricos (23) - 2s
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorador de Windows.) () -- C:\Windows\Explorer.exe [2616320]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (.Microsoft Corporation - Proceso host de Windows (Rundll32).) () -- C:\Windows\System32\rundll32.exe [44544]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicación de inicio de Windows.) () -- C:\Windows\System32\Wininit.exe [96256]
[MD5.E4EB138060BAE0DBAB1A3B71A3141FE7] - (.Microsoft Corporation - Extensiones de Internet para Win32.) () -- C:\Windows\System32\wininet.dll [1950720]
[MD5.52449FD429D6053B78AE564DEF303870] - (.Microsoft Corporation - Aplicación de inicio de sesión de Windows.) () -- C:\Windows\System32\Winlogon.exe [304128]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioteca de licencias de software.) () -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.D0B388DA1D111A34366E04EB4A5DD156] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Controlador de puerto de i8042.) () -- C:\Windows\System32\drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\Windows\System32\drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [187904]
[MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - Controlador del sistema de archivos NTFS.) () -- C:\Windows\System32\drivers\ntfs.sys [1212352]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Controlador de puerto paralelo.) () -- C:\Windows\System32\drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\Windows\System32\drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) () -- C:\Windows\System32\drivers\smb.sys [71168]
[MD5.7FE680A3DFA421C4A8E4879AE4C5AAB0] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Controlador de instantánea de volumen.) () -- C:\Windows\System32\drivers\volsnap.sys [245632]

---\\ Proceso puesto en marcha (14) - 7s
[MD5.9927E906D7997D22E67E476710127070] - (.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\MaConfigAgent.exe [2117448] [PID.1688]
[MD5.2FA536882DDAB801A9440EB208725770] - (.Motorola Mobility LLC - MotoHelper Service.) -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528] [PID.1752]
[MD5.BD73B430A25D9B1F3257D5157B82D3BC] - (.(C) ???????????????????? - PP??????.) -- C:\Program Files\PP??2.0\adevicehelpersvr.exe [118496] [PID.1944]
[MD5.EA735BF6DF13A857A83C99BF27A422AD] - (.Motorola - ForwardDemon.) -- C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657] [PID.1968]
[MD5.C33C818E4893BCB27C67B04D8ED8222A] - (.???????????? - PP??????.) -- C:\Program Files\PP??2.0\adevicehelpermon.exe [247008] [PID.800]
[MD5.BE0AFA9112B26F183053EA236342CA81] - (.Motorola Mobility LLC - MotoHelperAgent.) -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe [964912] [PID.136]
[MD5.17321240BA77D366C9B5760C5F0DCC2D] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\khalid\AppData\Roaming\uTorrent\uTorrent.exe [1994592] [PID.2304]
[MD5.1077B0B08BE74D76EB0254AE32845600] - (.Copyright (C) 2014 - .) -- C:\Program Files\WajIEn\wajam.exe [1652736] [PID.3444] =>PUP.Optional.Wajam
[MD5.1077B0B08BE74D76EB0254AE32845600] - (.Copyright (C) 2014 - .) -- C:\Program Files\WajIEn\wajam.exe [1652736] [PID.3832] =>PUP.Optional.Wajam
[MD5.194520F5B0398A0AF61C8C80B7A7C926] - (.???????????? - PP??.) -- C:\Program Files\PP??2.0\ihelper.exe [9798400] [PID.3968]
[MD5.9DA54265103BBC023E4F48A124034DC5] - (.???????????? - ihelper croe 32.) -- C:\Program Files\PP??2.0\ihelperCore32.exe [388864] [PID.2316]
[MD5.1977BC357EFCA8B9B8C262B5F855FC9D] - (. - Setup/Uninstall.) -- C:\Program Files\ASP\unins000.exe [1190696] [PID.6092]
[MD5.1977BC357EFCA8B9B8C262B5F855FC9D] - (. - Setup/Uninstall.) -- C:\Users\khalid\AppData\Local\Temp\_iu14D2N.tmp [1190696] [PID.3992]
[MD5.86FF422B6A870E74D1E9850197E1A111] - (.Copyright © 2014 - .) -- C:\Program Files\ASP\ASPUninstall.exe [543528] [PID.1556]

---\\ Google Chrome, Arranque, Búsqueda, Extensiones (Start,Search,Plugins) (G0,G1,G2) (19) - 3s
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.mystartsearch.com/ =>PUP.Optional.StartSearch
G2 - GCE: Extension [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [bfbckhhmjfnmedpakkaaflpnmkamdppf] Fotor Photo Editor
G2 - GCE: Extension [User Data\Default] [bjllfbamooiddmnhbaocdnnfgllmimkb] WhhitueOffeersApp
G2 - GCE: Extension [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [cnjfgbikbkcmickdalamlmpmkhmbollm] Symbaloo Bookmarker 0.5.0
G2 - GCE: Extension [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [dpiecafonfminhngabegejbligdagjfc] Bookmarks Tagger
G2 - GCE: Extension [User Data\Default] [eodhmnkhmnkmimhckfpkgmbmcgjkaddo] GIMP on rollApp
G2 - GCE: Extension [User Data\Default] [ghmngbmfdgknokcefmkbjlcjabdklnlk] Magisto - Magical Video Editor
G2 - GCE: Extension [User Data\Default] [gpmlkknmhomikheehibdnedjampadffh] My Search
G2 - GCE: Extension [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module
G2 - GCE: Extension [User Data\Default] [lpekolbadenjphaaapbgdienjjpgbali] FB Dislike
G2 - GCE: Extension [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [occpjibghkbopohbefbejkklnfdkdmok] piZap Photo Editor
G2 - GCE: Extension [User Data\Default] [ocifcklkibdehekfnmflempfgjhbedch] Adblock Pro
G2 - GCE: Extension [User Data\Default] [okgjbfikepgflmlelgfgecmgjnmnmnnb] Google Chrome manifest =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.

---\\ Mozilla Firefox, Plugins (enchufe), Arranque, Búsqueda, Extensiones (Mozilla Firefox, Plugins,Start,Search,Extensions) (P2,M0,M1,M2,M3) (2) - 0s
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\NPSWF32_17_0_0_191.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Apple Inc..) -- C:\Program Files\iTunes\khalid\Mozilla Plugins\npitunes.dll

---\\ Internet Explorer, Arranque, Búsqueda, URLSearchHook (R0,R1,R3,R4) (10) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://websearch.hotsearches.info/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://websearch.hotsearches.info/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/ =>PUP.Optional.StartSearch
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/ =>PUP.Optional.StartSearch
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/ =>PUP.Optional.StartSearch
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/ =>PUP.Optional.StartSearch
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer

---\\ Internet Explorer, Gestión de proxy (R5) (4) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 192.168.*.*;*.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Líneas de análisis F0, F1, F2, F3 - IniFiles, Auto loading programs (3) - 1s
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe (.Microsoft Corporation.)

---\\ Edirección del fichero Hosts (Hosts file redirection) (O1) (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (21)

---\\ Objetos del ayudante del navegador (O2) (5) - 1s
O2 - BHO: CutThePPriCe - {04FBEF6D-7A87-4F36-9A6D-05AE906DC73F} . (...) -- C:\Program Files\CutThePPriCe\YLu5PzIXLPj1K2.dll
O2 - BHO: CuaTThhEPorricce - {350DE78C-7140-4566-B048-92BE9DAC4D4F} . (...) -- C:\Program Files\CuaTThhEPorricce\tNjMLAvid9eAOf.dll
O2 - BHO: CUtThePrrIceu - {9DD69493-B523-4D25-A0CC-AF13C058F209} . (...) -- C:\Program Files\CUtThePrrIceu\dGFWAlkX7rZoI8.dll
O2 - BHO: bestadblocker - {A3AE6A71-E2A1-437F-9330-996CD13788BC} . (...) -- C:\Program Files\bestadblocker\ebxe430lAttdNt.dll =>PUP.Optional.Adblocker
O2 - BHO: CutThePrice - {A947F602-6261-4455-87E8-6C5143071EA7} . (...) -- C:\Program Files\CutThePrice\yKj9yLRUs1OlLQ.dll

---\\ Programas de cargamento automáticamente del registro (O4) (24) - 5s
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] . (.Wondershare - Wondershare Studio.) -- C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\khalid\iTunesHelper.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [iCloudServices] . (.Apple Inc. - iCloud.) -- C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\khalid\AppData\Roaming\uTorrent\uTorrent.exe
O4 - HKCU\..\Run: [iFunBox Price Watch] . (.i-Funbox.com - App Search & Manager for iOS devices.) -- C:\Program Files\iFunbox 2014\iFunBox2014.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_17_0_0_191_ActiveX.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\spreview.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\spreview.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-3194307891-3944698544-3468991264-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-3194307891-3944698544-3468991264-1000\..\Run: [iCloudServices] . (.Apple Inc. - iCloud.) -- C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKUS\S-1-5-21-3194307891-3944698544-3468991264-1000\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\khalid\AppData\Roaming\uTorrent\uTorrent.exe
O4 - HKUS\S-1-5-21-3194307891-3944698544-3468991264-1000\..\Run: [iFunBox Price Watch] . (.i-Funbox.com - App Search & Manager for iOS devices.) -- C:\Program Files\iFunbox 2014\iFunBox2014.exe
O4 - HKUS\S-1-5-21-3194307891-3944698544-3468991264-1000\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe
O4 - HKUS\S-1-5-21-3194307891-3944698544-3468991264-1000\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_17_0_0_191_ActiveX.exe

---\\ Atajos de teclado globales Startup (O4G) (1) - 5s
O4 - GS\CommonDesktop [Public]: Advanced System~Protector.lnk . (.Copyright - ASP.) C:\Program Files\ASP\AdvancedSystemProtector.exe =>PUP.Optional.AdvancedSystemProtector

---\\ Modificación Dominio/Direcciones (Lop.com/Domain Hijackers) (O17) (6) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.48.225.130 200.48.225.146
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 200.48.225.130 200.48.225.146
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 200.48.225.130 200.48.225.146
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 172.20.10.1

---\\ Lista de los servicios NT no desactivados (Non Microsoft non disabled Windows XP/NT/2000 Services) (O23) (9) - 3s
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ???? Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Ma-Config Agent (MaConfigAgent) . (.CybelSoft - Service de détection matériel.) - C:\Program Files\ma-config.com\MaConfigAgent.exe
O23 - Service: Motorola Device Manager Service (Motorola Device Manager) . (.Motorola Mobility LLC - MotoHelper Service.) - C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
O23 - Service: PP Assistant Service (PP Assistant Service) . (.(C) ???????????????????? - PP??????.) - C:\Program Files\PP??2.0\adevicehelpersvr.exe
O23 - Service: PST Service (PST Service) . (.Motorola - ForwardDemon.) - C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe
O23 - Service: Swanky Listen (Swanky Listen) . (...) - C:\Program Files\Swanky Listen\Swanky Listen.exe
O23 - Service: WajIEn Monitor (WajIEn Monitor) . (.Copyright (C) 2014 - .) - C:\Program Files\WajIEn\wajam.exe =>PUP.Optional.Wajam

---\\ Tareas programadas en modo automático (O39) (17) - 3s
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [838]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\Bidaily Synchronize Task[pr].job [388] =>PUP.Optional.BidailySync
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1020]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1024]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\Newsful.job [442]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\ShotKeeper.job [356]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [3776]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\Advanced System~Protector [3664] =>PUP.Optional.AdvancedSystemProtector
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\Advanced System~Protector_startup [3064] =>PUP.Optional.AdvancedSystemProtector
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\Apple Diagnostics [3412]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\CCleanerSkipUAC [2794]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [3768]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [4020]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\Motorola Device Manager Initial Update [3284]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\Motorola Device Manager Update [3476]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\Newsful [3356]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\ShotKeeper [3270]

---\\ Software instalado (O42) (44) - 26s
O42 - Logiciel: Advanced-System Protector - (.Advanced System Protector.) [HKLM] -- 00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~9338DF9D_is1 =>PUP.Optional.AdvancedSystemProtector
O42 - Logiciel: Adobe Flash Player 17 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 17 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI
O42 - Logiciel: iFunBox 2014 (v3.1.562.425), iFunbox DevTeam - (...) [HKLM] -- iFunBox 2014_is1
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM] -- McAfee Security Scan
O42 - Logiciel: PDF Editor 4 - (...) [HKLM] -- PDF Editor 4
O42 - Logiciel: Photoshop CS5 Extended 12.0 - (...) [HKLM] -- Photoshop CS5 Extended 12.0
O42 - Logiciel: PP??2.0 Win? - (.????????????.) [HKLM] -- PP??2.0 Win?
O42 - Logiciel: Wajam - (.Wajam.) [HKLM] -- WajIEn =>PUP.Optional.Wajam
O42 - Logiciel: WinRAR 5.21 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Wondershare Video Converter Platinum(Build 5.2.3.2) - (.Wondershare Software.) [HKLM] -- Wondershare Video Converter Platinum_is1
O42 - Logiciel: YouWave for Android - (...) [HKLM] -- YouWave
O42 - Logiciel: Readon TV Movie Radio Player 7.5.0.0 - (.Readon Technology.) [HKLM] -- {03840E8D-A75E-4C49-ADFC-09A867C7F943}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {0BE9E708-5DC0-4963-9CFD-0AA519090E79}
O42 - Logiciel: MSXML 4.0 SP3 Parser - (.Microsoft Corporation.) [HKLM] -- {196467F1-C11F-4F76-858B-5812ADC83B94}
O42 - Logiciel: Galería de fotos - (.Microsoft Corporation.) [HKLM] -- {198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}
O42 - Logiciel: MSXML 4.0 SP3 Parser (KB2758694) - (.Microsoft Corporation.) [HKLM] -- {1D95BA90-F4F8-47EC-A882-441C99D30C1E}
O42 - Logiciel: Motorola Device Manager - (.Motorola Mobility.) [HKLM] -- {28DB8373-C1BB-444F-A427-A55585A12ED7}
O42 - Logiciel: WhhitueOffeersApp - (...) [HKLM] -- {355FE5A0-F76C-0FCB-3575-FAD0CBA4A5F3}
O42 - Logiciel: bestadblocker - (...) [HKLM] -- {4820778D-AB0D-6D18-C316-52A6A0E1D507} =>PUP.Optional.BestADBlocker
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {538227C6-C74B-4A74-99E1-2C0B4F9DA5E1}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: QuickTime 7 - (.Apple Inc..) [HKLM] -- {627FFC10-CE0A-497F-BA2B-208CAC638010}
O42 - Logiciel: CutThePrice - (...) [HKLM] -- {69DD731C-D0B8-13F5-790C-C7208867ECC4}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {79155F2B-9895-49D7-8612-D92580E0DE5B}
O42 - Logiciel: ??? ??????? Apple? (32 ??) - (.Apple Inc..) [HKLM] -- {7FE25256-B7C1-480D-B736-10A67A833AEA}
O42 - Logiciel: FB Dislike - (...) [HKLM] -- {88E96402-3BBD-02D9-0A36-6FB806AEE04E}
O42 - Logiciel: Motorola Device Software Update - (.Motorola Mobility.) [HKLM] -- {894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
O42 - Logiciel: iCloud - (.Apple Inc..) [HKLM] -- {9A07AB4F-6B53-43E9-B7FC-7892E8C26BE3}
O42 - Logiciel: Ma-Config.com - (.Cybelsoft.) [HKLM] -- {9EEA0173-126F-4371-93EC-B072E0167688}
O42 - Logiciel: CuaTThhEPorricce - (...) [HKLM] -- {A2C98B47-B5F4-94AA-281D-4135416774CF}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Adblock Pro - (...) [HKLM] -- {AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {CE1F04C7-79BC-4219-BE6A-BA490224D4B5}
O42 - Logiciel: Oracle VM VirtualBox 4.3.12_ZZZZ - (.Oracle Corporation.) [HKLM] -- {D90E08B8-E7BB-4D29-8249-8670D4CC24BD}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Microsoft OneDrive - (.Microsoft Corporation.) [HKCU] -- OneDriveSetup.exe
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU] -- uTorrent

---\\ HKCU & HKLM Software Keys (70) - 26s
HKLM\SOFTWARE\Adobe
HKLM\SOFTWARE\Apple Computer, Inc.
HKLM\SOFTWARE\Apple Inc.
HKLM\SOFTWARE\ATI Technologies
HKLM\SOFTWARE\BlueStacks
HKLM\SOFTWARE\cybelsoft
HKLM\SOFTWARE\CyberLink
HKLM\SOFTWARE\d05b49a9-8011-d6b3-bb0e-6ab939391a7c =>PUP.Optional.CrossRider
HKLM\SOFTWARE\GEAR Software
HKLM\SOFTWARE\Google
HKLM\SOFTWARE\Intel
HKLM\SOFTWARE\KasperskyLab
HKLM\SOFTWARE\Lake
HKLM\SOFTWARE\LogMeInRescueCallingCard
HKLM\SOFTWARE\Macromedia
HKLM\SOFTWARE\Macrovision
HKLM\SOFTWARE\McAfee.com
HKLM\SOFTWARE\Motorola
HKLM\SOFTWARE\Motorola Mobility
HKLM\SOFTWARE\Mozilla
HKLM\SOFTWARE\MozillaPlugins
HKLM\SOFTWARE\mystartsearchSoftware =>PUP.Optional.StartSearch
HKLM\SOFTWARE\ODBC
HKLM\SOFTWARE\Oracle
HKLM\SOFTWARE\Piriform
HKLM\SOFTWARE\Reg
HKLM\SOFTWARE\RegisteredApplications
HKLM\SOFTWARE\Sonic
HKLM\SOFTWARE\Systweak =>PUP.Optional.Systweak
HKLM\SOFTWARE\TechSmith
HKLM\SOFTWARE\Uniblue =>PUP.Optional.UniblueSystem
HKLM\SOFTWARE\updated_list
HKLM\SOFTWARE\WajIEn =>PUP.Optional.Wajam
HKLM\SOFTWARE\WinRAR
HKLM\SOFTWARE\Wondershare
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc.
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\CyberLink
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\ihelper
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\Lake
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\LogMeInRescueCallingCard
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\Magicbit
HKCU\SOFTWARE\MainConcept
HKCU\SOFTWARE\MainConcept (Consumer)
HKCU\SOFTWARE\MCAFEE
HKCU\SOFTWARE\MetaGeek, LLC
HKCU\SOFTWARE\Motorola
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\PDFEdit
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\Reg
HKCU\SOFTWARE\systweak =>PUP.Optional.Systweak
HKCU\SOFTWARE\TechSmith
HKCU\SOFTWARE\Teiron
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\WajIEnhance =>PUP.Optional.Wajam
HKCU\SOFTWARE\WebApp
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\YouWave_Android
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software

---\\ Contenido de las carpetas de programas, archivos de programa, ProgramData, AppData (O43) (200) - 37s
O43 - CFD: 2015/07/12 19:54:07 - [] D -- C:\Program Files\Adblock Pro
O43 - CFD: 2015/04/03 17:57:50 - [] D -- C:\Program Files\Apple Software Update
O43 - CFD: 2015/03/09 05:42:35 - [0] SHD -- C:\Program Files\Archivos comunes
O43 - CFD: 2015/07/12 21:47:30 - [] D -- C:\Program Files\ASP
O43 - CFD: 2015/07/12 19:52:13 - [] D -- C:\Program Files\bestadblocker =>PUP.Optional.Adblocker
O43 - CFD: 2015/07/13 01:32:16 - [] D -- C:\Program Files\Bonjour
O43 - CFD: 2015/07/12 10:07:50 - [] D -- C:\Program Files\CCleaner
O43 - CFD: 2015/07/12 10:50:21 - [] D -- C:\Program Files\Common Files
O43 - CFD: 2015/07/12 21:16:21 - [] D -- C:\Program Files\CuaTThhEPorricce
O43 - CFD: 2015/07/12 19:51:44 - [] D -- C:\Program Files\CutThePPriCe
O43 - CFD: 2015/07/12 19:40:35 - [] D -- C:\Program Files\CutThePrice
O43 - CFD: 2015/07/12 20:15:12 - [] D -- C:\Program Files\CUtThePrrIceu
O43 - CFD: 2015/05/11 17:32:55 - [] D -- C:\Program Files\CyberLink
O43 - CFD: 2015/06/07 18:36:43 - [] D -- C:\Program Files\Droid4Xext
O43 - CFD: 2015/03/13 03:58:32 - [] D -- C:\Program Files\DVD Maker
O43 - CFD: 2015/07/05 15:41:53 - [] D -- C:\Program Files\FB Dislike
O43 - CFD: 2015/03/09 18:19:30 - [] D -- C:\Program Files\Google
O43 - CFD: 2015/07/05 11:59:29 - [] D -- C:\Program Files\iFunbox 2014
O43 - CFD: 2015/05/11 17:35:07 - [] HD -- C:\Program Files\InstallShield Installation Information
O43 - CFD: 2015/06/11 15:57:22 - [] D -- C:\Program Files\Internet Explorer
O43 - CFD: 2015/07/13 01:35:31 - [] D -- C:\Program Files\iPod
O43 - CFD: 2015/07/13 01:35:28 - [] D -- C:\Program Files\iTunes
O43 - CFD: 2015/03/15 15:16:40 - [] D -- C:\Program Files\ma-config.com
O43 - CFD: 2015/04/12 20:13:31 - [] D -- C:\Program Files\McAfee Security Scan
O43 - CFD: 2009/07/14 04:08:23 - [] D -- C:\Program Files\Microsoft Games
O43 - CFD: 2015/05/31 10:32:04 - [] D -- C:\Program Files\Microsoft OneDrive
O43 - CFD: 2015/05/31 10:44:38 - [] D -- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 2015/03/14 20:08:43 - [] D -- C:\Program Files\Microsoft.NET
O43 - CFD: 2015/07/12 19:22:28 - [] D -- C:\Program Files\Motorola
O43 - CFD: 2015/04/03 18:34:51 - [] D -- C:\Program Files\Motorola Mobility
O43 - CFD: 2009/07/13 23:52:30 - [] D -- C:\Program Files\MSBuild
O43 - CFD: 2015/04/03 18:33:57 - [] D -- C:\Program Files\MSXML 4.0
O43 - CFD: 2015/05/11 19:28:07 - [] D -- C:\Program Files\NortonInstaller
O43 - CFD: 2015/04/05 22:55:44 - [] D -- C:\Program Files\NSIS Uninstall Information
O43 - CFD: 2015/06/07 18:29:42 - [] D -- C:\Program Files\Oracle
O43 - CFD: 2015/04/10 20:15:55 - [] D -- C:\Program Files\PDF Editor 4
O43 - CFD: 2015/04/24 23:25:39 - [] D -- C:\Program Files\Photoshop CS5 Extended
O43 - CFD: 2015/07/02 20:18:49 - [] D -- C:\Program Files\PP??2.0
O43 - CFD: 2015/07/12 19:40:10 - [] D -- C:\Program Files\PriceMinus =>PUP.Optional.Multiplug
O43 - CFD: 2015/07/02 20:41:36 - [] D -- C:\Program Files\QuickTime
O43 - CFD: 2015/04/12 15:53:56 - [] D -- C:\Program Files\Readon Technology
O43 - CFD: 2009/07/13 23:52:30 - [] D -- C:\Program Files\Reference Assemblies
O43 - CFD: 2015/07/12 20:17:53 - [0] D -- C:\Program Files\StatFoobar
O43 - CFD: 2015/07/09 09:37:13 - [] D -- C:\Program Files\Swanky Listen
O43 - CFD: 2015/07/12 21:18:26 - [0] D -- C:\Program Files\SystemVigor
O43 - CFD: 2009/07/13 23:53:23 - [0] HD -- C:\Program Files\Uninstall Information
O43 - CFD: 2015/07/12 19:47:11 - [] D -- C:\Program Files\WajIEn =>PUP.Optional.Wajam
O43 - CFD: 2015/07/07 06:23:05 - [] D -- C:\Program Files\WhhitueOffeersApp
O43 - CFD: 2015/03/22 02:13:52 - [] D -- C:\Program Files\Windows Defender
O43 - CFD: 2015/05/14 22:48:27 - [] D -- C:\Program Files\Windows Journal
O43 - CFD: 2015/05/31 10:45:49 - [] D -- C:\Program Files\Windows Live
O43 - CFD: 2015/03/13 03:58:32 - [] D -- C:\Program Files\Windows Mail
O43 - CFD: 2015/06/11 15:57:17 - [] D -- C:\Program Files\Windows Media Player
O43 - CFD: 2015/03/09 05:42:35 - [] D -- C:\Program Files\Windows NT
O43 - CFD: 2015/03/13 03:58:31 - [] D -- C:\Program Files\Windows Photo Viewer
O43 - CFD: 2015/03/13 03:58:31 - [] D -- C:\Program Files\Windows Portable Devices
O43 - CFD: 2015/03/13 03:58:32 - [] D -- C:\Program Files\Windows Sidebar
O43 - CFD: 2015/04/05 22:47:35 - [] D -- C:\Program Files\WinRAR
O43 - CFD: 2015/05/01 21:07:10 - [] D -- C:\Program Files\Wondershare
O43 - CFD: 2015/04/16 23:20:09 - [] D -- C:\Program Files\YouWave_Android
O43 - CFD: 2015/03/09 01:38:30 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/03/09 01:38:42 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/07/12 21:47:30 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System~Protector =>PUP.Optional.AdvancedSystemProtector
O43 - CFD: 2015/07/12 10:07:47 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 2015/03/09 01:38:42 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2015/03/09 18:19:21 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2015/07/02 20:26:43 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
O43 - CFD: 2015/07/05 11:59:29 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iFunBox 2014
O43 - CFD: 2015/07/13 01:37:03 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
O43 - CFD: 2015/03/15 15:16:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ma-config.com
O43 - CFD: 2009/07/13 23:42:30 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/04/12 20:13:45 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
O43 - CFD: 2015/04/03 18:34:25 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Device Manager
O43 - CFD: 2015/04/10 20:15:44 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Editor 4.5
O43 - CFD: 2015/06/08 21:58:08 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PP??2.0
O43 - CFD: 2015/07/02 20:41:05 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
O43 - CFD: 2015/04/12 20:13:31 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2009/07/14 04:07:35 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2015/07/12 19:47:12 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajIEn =>PUP.Optional.Wajam
O43 - CFD: 2015/05/31 10:45:51 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
O43 - CFD: 2015/04/05 22:47:46 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2015/05/01 21:07:48 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
O43 - CFD: 2015/07/12 21:16:21 - [] D -- C:\ProgramData\12684371022318003970
O43 - CFD: 2015/04/24 23:26:06 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2015/04/03 17:57:34 - [] D -- C:\ProgramData\Apple
O43 - CFD: 2015/04/03 18:03:07 - [] D -- C:\ProgramData\Apple Computer
O43 - CFD: 2009/07/13 23:53:55 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2015/07/13 01:36:46 - [] D -- C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
O43 - CFD: 2015/04/13 23:59:08 - [] D -- C:\ProgramData\BlueStacks
O43 - CFD: 2015/07/12 10:13:55 - [0] D -- C:\ProgramData\BlueStacksSetup
O43 - CFD: 2015/05/11 17:31:03 - [0] D -- C:\ProgramData\CLSK
O43 - CFD: 2015/05/11 17:34:18 - [] D -- C:\ProgramData\CyberLink
O43 - CFD: 2015/03/09 05:42:35 - [0] SHD -- C:\ProgramData\Datos de programa
O43 - CFD: 2009/07/13 23:53:55 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2015/03/09 05:42:35 - [0] SHD -- C:\ProgramData\Documentos
O43 - CFD: 2009/07/13 23:53:55 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2015/03/09 05:42:35 - [0] SHD -- C:\ProgramData\Escritorio
O43 - CFD: 2009/07/13 23:53:55 - [0] SHD -- C:\ProgramData\Favorites
O43 - CFD: 2015/03/09 05:42:35 - [0] SHD -- C:\ProgramData\Favoritos
O43 - CFD: 2015/05/11 16:30:12 - [] D -- C:\ProgramData\FLEXnet
O43 - CFD: 2015/07/12 20:13:33 - [] D -- C:\ProgramData\fpbclcjeekdaeghlndhfjfjompgdhkkc
O43 - CFD: 2015/06/20 21:36:40 - [] D -- C:\ProgramData\gfbcfaihkhejgpdjgdffpnlhnkaogcbg
O43 - CFD: 2015/07/12 19:38:29 - [] D -- C:\ProgramData\gkfmfjojkepiipekjaenlbkadnflnkoi
O43 - CFD: 2015/04/05 22:50:35 - [] D -- C:\ProgramData\install_clap
O43 - CFD: 2015/07/12 10:26:26 - [] D -- C:\ProgramData\Kaspersky Lab
O43 - CFD: 2015/07/12 19:50:01 - [] D -- C:\ProgramData\kikdljmlhfaaimbfeadnikggacmhlmgh
O43 - CFD: 2015/07/04 22:04:58 - [] D -- C:\ProgramData\klhpfgmggnlgmobgppbnmbmiahpimmck
O43 - CFD: 2015/03/15 15:16:23 - [] D -- C:\ProgramData\ma-config.com
O43 - CFD: 2015/04/12 16:06:16 - [] D -- C:\ProgramData\McAfee
O43 - CFD: 2015/04/12 20:13:37 - [] D -- C:\ProgramData\McAfee Security Scan
O43 - CFD: 2015/03/09 05:42:35 - [0] SHD -- C:\ProgramData\Menú Inicio
O43 - CFD: 2015/06/02 23:56:58 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2015/05/31 10:30:49 - [] D -- C:\ProgramData\Microsoft OneDrive
O43 - CFD: 2015/04/03 18:37:19 - [] D -- C:\ProgramData\Motorola
O43 - CFD: 2015/07/12 21:14:41 - [] D -- C:\ProgramData\nllpgbabmamocildkmijpnmmdnfnnbdd
O43 - CFD: 2015/05/11 18:07:15 - [] D -- C:\ProgramData\Norton
O43 - CFD: 2015/05/11 17:48:38 - [] D -- C:\ProgramData\NortonInstaller
O43 - CFD: 2015/03/09 17:57:23 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 2015/04/05 22:56:05 - [] D -- C:\ProgramData\PDVD
O43 - CFD: 2015/03/09 05:42:35 - [0] SHD -- C:\ProgramData\Plantillas
O43 - CFD: 2015/04/24 23:26:16 - [] D -- C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 2009/07/13 23:53:55 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2015/05/11 17:35:13 - [] D -- C:\ProgramData\SUPPORTDIR
O43 - CFD: 2015/07/12 21:47:28 - [] D -- C:\ProgramData\Systweak =>PUP.Optional.Systweak
O43 - CFD: 2015/05/11 17:19:50 - [] D -- C:\ProgramData\TechSmith
O43 - CFD: 2015/04/05 22:54:48 - [] D -- C:\ProgramData\Temp
O43 - CFD: 2009/07/13 23:53:55 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2015/05/01 21:29:28 - [0] D -- C:\ProgramData\xml_param
O43 - CFD: 2015/05/20 22:38:02 - [] D -- C:\ProgramData\{2b05835c-9386-65e6-2b05-5835c9380d72}
O43 - CFD: 2015/07/05 15:49:35 - [] D -- C:\ProgramData\{40ec9abe-f898-765e-40ec-c9abef896afb}
O43 - CFD: 2015/07/12 19:36:33 - [] D -- C:\ProgramData\{9004326f-cb5a-5c53-9004-4326fcb5c9bf}
O43 - CFD: 2015/07/05 15:35:24 - [] D -- C:\ProgramData\{b84b58a8-9045-294a-b84b-b58a890462a2}
O43 - CFD: 2015/04/24 23:26:06 - [] D -- C:\Program Files\Common Files\Adobe
O43 - CFD: 2015/07/13 01:35:29 - [] D -- C:\Program Files\Common Files\Apple
O43 - CFD: 2015/05/31 10:40:20 - [] D -- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 2015/04/03 18:32:27 - [] D -- C:\Program Files\Common Files\Motorola Shared
O43 - CFD: 2015/04/03 18:34:24 - [] D -- C:\Program Files\Common Files\MSSoap
O43 - CFD: 2015/03/09 18:00:16 - [] D -- C:\Program Files\Common Files\Nikon
O43 - CFD: 2009/07/13 21:37:05 - [] D -- C:\Program Files\Common Files\Services
O43 - CFD: 2009/07/13 21:37:05 - [] D -- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 2015/03/22 14:29:41 - [] D -- C:\Program Files\Common Files\System
O43 - CFD: 2015/05/31 10:28:01 - [] D -- C:\Program Files\Common Files\Windows Live
O43 - CFD: 2015/05/01 21:08:05 - [] D -- C:\Program Files\Common Files\Wondershare
O43 - CFD: 2015/04/24 23:26:53 - [] D -- C:\Users\khalid\AppData\Roaming\Adobe
O43 - CFD: 2015/06/08 21:58:12 - [] D -- C:\Users\khalid\AppData\Roaming\ahelper
O43 - CFD: 2015/07/13 02:30:16 - [] D -- C:\Users\khalid\AppData\Roaming\Apple Computer
O43 - CFD: 2015/04/10 20:16:17 - [] D -- C:\Users\khalid\AppData\Roaming\CAD-KAS
O43 - CFD: 2015/05/01 21:31:31 - [] D -- C:\Users\khalid\AppData\Roaming\CyberLink
O43 - CFD: 2015/06/07 18:18:52 - [] D -- C:\Users\khalid\AppData\Roaming\HaiYuInst
O43 - CFD: 2015/03/09 05:43:12 - [] D -- C:\Users\khalid\AppData\Roaming\Identities
O43 - CFD: 2015/07/05 11:59:33 - [] D -- C:\Users\khalid\AppData\Roaming\iFunBox.NXGen
O43 - CFD: 2015/04/12 16:13:46 - [] D -- C:\Users\khalid\AppData\Roaming\Macromedia
O43 - CFD: 2009/07/14 04:07:35 - [0] D -- C:\Users\khalid\AppData\Roaming\Media Center Programs
O43 - CFD: 2015/05/31 10:49:54 - [] SD -- C:\Users\khalid\AppData\Roaming\Microsoft
O43 - CFD: 2015/04/03 18:30:35 - [] D -- C:\Users\khalid\AppData\Roaming\Motorola
O43 - CFD: 2015/04/03 18:35:02 - [] D -- C:\Users\khalid\AppData\Roaming\Motorola Mobility
O43 - CFD: 2015/03/15 10:48:20 - [] D -- C:\Users\khalid\AppData\Roaming\OpenCandy =>PUP.Optional.OpenCandy
O43 - CFD: 2015/07/02 22:16:22 - [] D -- C:\Users\khalid\AppData\Roaming\RHEng =>PUP.Optional.Conduit
O43 - CFD: 2015/07/12 19:46:21 - [0] D -- C:\Users\khalid\AppData\Roaming\SendSpace
O43 - CFD: 2015/07/13 01:37:34 - [] D -- C:\Users\khalid\AppData\Roaming\Systweak =>PUP.Optional.Systweak
O43 - CFD: 2015/06/28 11:18:08 - [] D -- C:\Users\khalid\AppData\Roaming\TaiG
O43 - CFD: 2015/06/22 14:26:22 - [] D -- C:\Users\khalid\AppData\Roaming\Teiron
O43 - CFD: 2015/07/05 11:21:12 - [] D -- C:\Users\khalid\AppData\Roaming\ThinkSky
O43 - CFD: 2015/07/14 18:28:13 - [] D -- C:\Users\khalid\AppData\Roaming\uTorrent
O43 - CFD: 2015/04/05 22:48:49 - [] D -- C:\Users\khalid\AppData\Roaming\WinRAR
O43 - CFD: 2015/05/01 21:08:41 - [] D -- C:\Users\khalid\AppData\Roaming\Wondershare Video Converter Platinum
O43 - CFD: 2015/07/14 18:27:33 - [] D -- C:\Users\khalid\AppData\Roaming\ZHP
O43 - CFD: 2015/05/24 13:33:02 - [] D -- C:\Users\khalid\AppData\Local\Adobe
O43 - CFD: 2015/04/03 17:58:09 - [] D -- C:\Users\khalid\AppData\Local\Apple
O43 - CFD: 2015/07/12 23:12:57 - [] D -- C:\Users\khalid\AppData\Local\Apple Computer
O43 - CFD: 2015/07/13 00:41:37 - [] D -- C:\Users\khalid\AppData\Local\Apple Inc
O43 - CFD: 2015/03/09 05:42:53 - [0] SHD -- C:\Users\khalid\AppData\Local\Archivos temporales de Internet
O43 - CFD: 2015/07/14 17:50:25 - [0] D -- C:\Users\khalid\AppData\Local\CrashDumps
O43 - CFD: 2015/05/01 19:04:17 - [] D -- C:\Users\khalid\AppData\Local\Cyberlink
O43 - CFD: 2015/03/09 05:42:53 - [0] SHD -- C:\Users\khalid\AppData\Local\Datos de programa
O43 - CFD: 2015/06/17 18:47:50 - [] D -- C:\Users\khalid\AppData\Local\Diagnostics
O43 - CFD: 2015/06/16 21:46:29 - [0] SHD -- C:\Users\khalid\AppData\Local\EmieBrowserModeList
O43 - CFD: 2015/06/16 21:46:28 - [0] SHD -- C:\Users\khalid\AppData\Local\EmieSiteList
O43 - CFD: 2015/06/16 21:46:29 - [0] SHD -- C:\Users\khalid\AppData\Local\EmieUserList
O43 - CFD: 2015/03/09 18:21:20 - [] D -- C:\Users\khalid\AppData\Local\Google
O43 - CFD: 2015/03/09 05:42:53 - [0] SHD -- C:\Users\khalid\AppData\Local\Historial
O43 - CFD: 2015/06/30 21:51:24 - [] D -- C:\Users\khalid\AppData\Local\MetaGeek,_LLC
O43 - CFD: 2015/06/17 18:47:40 - [] D -- C:\Users\khalid\AppData\Local\Microsoft
O43 - CFD: 2015/03/09 17:42:28 - [] D -- C:\Users\khalid\AppData\Local\Power2Go
O43 - CFD: 2015/03/15 10:46:14 - [] D -- C:\Users\khalid\AppData\Local\Programs
O43 - CFD: 2015/04/12 15:54:31 - [] D -- C:\Users\khalid\AppData\Local\Readon_Technology
O43 - CFD: 2015/05/01 18:50:44 - [] D -- C:\Users\khalid\AppData\Local\TechSmith
O43 - CFD: 2015/07/14 18:26:03 - [] D -- C:\Users\khalid\AppData\Local\Temp
O43 - CFD: 2015/04/03 18:54:30 - [] D -- C:\Users\khalid\AppData\Local\VirtualStore
O43 - CFD: 2015/06/12 22:14:32 - [] D -- C:\Users\khalid\AppData\Local\Windows Live
O43 - CFD: 2015/05/01 21:08:12 - [] D -- C:\Users\khalid\AppData\Local\Wondershare
O43 - CFD: 2009/07/13 23:42:04 - [] RD -- C:\Users\khalid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/03/21 20:13:16 - [] RD -- C:\Users\khalid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/07/02 21:36:05 - [] D -- C:\Users\khalid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome
O43 - CFD: 2015/07/02 21:34:14 - [] D -- C:\Users\khalid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2009/07/13 23:37:42 - [] RD -- C:\Users\khalid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/04/10 20:15:41 - [0] D -- C:\Users\khalid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Editor 4.5
O43 - CFD: 2015/03/21 20:13:11 - [] RD -- C:\Users\khalid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2015/04/05 22:47:43 - [] D -- C:\Users\khalid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2015/04/16 23:20:10 - [] D -- C:\Users\khalid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YouWave_Android

---\\ Lista de controladores del sistema (SDL) (O58) (64) - 78s
O58 - SDL:2009/07/13 20:26:15 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [422976]
O58 - SDL:2009/07/13 20:26:17 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [297552]
O58 - SDL:2009/07/13 20:26:15 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\drivers\adpu320.sys [146512]
O58 - SDL:2009/07/13 20:26:15 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [14400]
O58 - SDL:2011/03/11 00:38:37 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [80256]
O58 - SDL:2009/07/13 20:26:15 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [159312]
O58 - SDL:2011/03/11 00:38:37 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [22400]
O58 - SDL:2009/07/13 20:26:15 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [76368]
O58 - SDL:2009/07/13 20:26:15 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [86608]
O58 - SDL:2009/07/13 17:02:49 A . (.Broadcom Corporation - Controlador unificado Broadcom NetXtreme Gi.) -- C:\Windows\System32\drivers\b57nd60x.sys [229888]
O58 - SDL:2009/07/13 17:02:48 A . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless dr.) -- C:\Windows\System32\drivers\BCMWL6.SYS [1131008]
O58 - SDL:2009/07/13 17:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [13568]
O58 - SDL:2009/07/13 17:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [5248]
O58 - SDL:2009/07/13 19:57:25 A . (.Brother Industries Ltd. - Controlador I/F serie de Brother (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [272128]
O58 - SDL:2009/07/13 17:53:32 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [62336]
O58 - SDL:2009/07/13 17:53:33 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [12160]
O58 - SDL:2009/07/13 17:53:33 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [11904]
O58 - SDL:2009/07/13 17:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbdx.sys [430080]
O58 - SDL:2009/07/13 20:26:21 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [15952]
O58 - SDL:2009/07/13 20:20:28 A . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\drivers\djsvs.sys [70720]
O58 - SDL:2009/07/13 20:20:28 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [453712]
O58 - SDL:2009/07/13 17:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbdx.sys [3100160]
O58 - SDL:2012/10/03 16:14:58 A . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys [26840]
O58 - SDL:2009/07/13 17:54:14 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [26624]
O58 - SDL:2009/07/13 20:20:28 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [67152]
O58 - SDL:2011/03/11 00:38:51 A . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\drivers\iaStorV.sys [332160]
O58 - SDL:2009/09/23 19:18:14 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd32.sys [4808192]
O58 - SDL:2009/07/13 20:20:36 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [41040]
O58 - SDL:2009/07/13 17:02:47 A . (.Atheros Communications, Inc. - Atheros L1c PCI-E Gigabit Ethernet Controll.) -- C:\Windows\System32\drivers\L1C62x86.sys [50688]
O58 - SDL:2009/07/13 20:20:36 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [95824]
O58 - SDL:2009/07/13 20:20:37 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [89168]
O58 - SDL:2009/07/13 20:20:36 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [54864]
O58 - SDL:2009/07/13 20:20:36 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [96848]
O58 - SDL:2009/07/13 20:20:36 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [30800]
O58 - SDL:2009/07/13 20:20:36 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [235584]
O58 - SDL:2014/08/15 22:13:34 A . (.Apple Inc. - Apple Mobile Device Ethernet.) -- C:\Windows\System32\drivers\netaapl.sys [18944]
O58 - SDL:2009/07/13 20:20:44 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [44624]
O58 - SDL:2011/03/11 00:39:00 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [117120]
O58 - SDL:2011/03/11 00:39:00 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [143744]
O58 - SDL:2009/07/13 20:19:04 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1383488]
O58 - SDL:2009/07/13 20:19:04 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [106064]
O58 - SDL:2009/07/13 15:50:20 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [20480]
O58 - SDL:2009/07/13 20:19:04 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [40016]
O58 - SDL:2009/07/13 20:19:04 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [77888]
O58 - SDL:2009/07/13 20:19:04 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [21072]
O58 - SDL:2015/06/10 23:08:36 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\drivers\usbaapl.sys [45056]
O58 - SDL:2014/05/16 15:25:48 A . (.Oracle Corporation - VirtualBox Support Driver.) -- C:\Windows\System32\drivers\VBoxDrv.sys [204064]
O58 - SDL:2009/07/13 20:19:10 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [16976]
O58 - SDL:2009/07/13 20:19:11 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [141904]
O58 - SDL:2009/07/13 16:40:41 A . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:2009/07/13 16:40:44 A . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:2009/07/13 16:40:40 A . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:2009/07/13 16:40:43 A . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:2009/07/13 16:40:43 A . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:2009/07/13 16:40:23 A . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:2009/07/13 16:40:31 A . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:2009/07/13 16:40:35 A . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:2009/07/13 16:40:39 A . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:2009/07/13 16:40:27 A . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:2009/07/13 16:40:11 A . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:2009/07/13 16:40:15 A . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:2009/07/13 16:40:17 A . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:2009/07/13 16:40:19 A . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:2009/07/13 16:40:13 A . (...) -- C:\Windows\System32\NTIO804.SYS [34672]

---\\ Últimos archivos modificados o creados (usuario) (O61) (3) - 71s
O61 - LFC: 2015/07/14 17:51:38 A . (..) -- C:\Users\khalid\AppData\Roaming\appdataFr25.bin [24]
O61 - LFC: 2015/07/14 18:12:43 A . (..) -- C:\Users\khalid\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849]
O61 - LFC: 2015/07/13 10:14:22 A . (..) -- C:\Users\khalid\AppData\Local\Google\Chrome\User Data\PepperFlash\18.0.0.209\pepflashplayer.dll [16307888]

---\\ Asociaciones Shell desove (O67) (9) - 1s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Editor del Registro.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S

---\\ Internet menú Inicio (SMI) (O68) (8) - 2s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.ex http://www.mystartsearch.com/ =>PUP.Optional.StartSearch
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilidad de inicialización por usuario de I.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilidad de inicialización por usuario de I.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilidad de inicialización por usuario de I.) -- C:\Windows\System32\ie4uinit.exe

---\\ La búsqueda infección en navegadores de internet (OSE) (O69) (3) - 1s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (mystartsearch) - http://www.mystartsearch.com/ =>PUP.Optional.StartSearch
O69 - SBI: SearchScopes [HKCU] {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} - (WebSearch) - http://websearch.hotsearches.info/

---\\ Enumera el inicio del servicio Svchost (SSS) (O83) (33) - 5s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Servicio de experiencia con aplicaciones.) -- C:\Windows\System32\aelupsvc.dll [62464]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Servicio de propagación de certificados de.) -- C:\Windows\System32\certprop.dll [67584]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Servicio de propagación de certificados de.) -- C:\Windows\System32\certprop.dll [67584]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Archivo DLL del servicio Servidor.) -- C:\Windows\System32\srvsvc.dll [168960]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Cliente de directiva de grupo.) -- C:\Windows\System32\gpsvc.dll [593408]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extensión IKE.) -- C:\Windows\System32\IKEEXT.DLL [679424]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Servicio de Audio de Windows.) -- C:\Windows\System32\audiosrv.dll [475136]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Administrador de marcado automático de acce.) -- C:\Windows\System32\rasauto.dll [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Administrador de conexión de acceso remoto.) -- C:\Windows\System32\rasmans.dll [286208]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Administrador de interfaces dinámico.) -- C:\Windows\System32\mprdim.dll [75264]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Servicio de notificación de eventos de sist.) -- C:\Windows\System32\Sens.dll [49664]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componentes de ayuda para Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [300544]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Servidor de telefonía de Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [242176]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Administrador de conexiones remotas del ser.) -- C:\Windows\System32\termsrv.dll [523776]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agente de Windows Update.) -- C:\Windows\System32\wuaueng.dll [2020864]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Servicio de transferencia inteligente en se.) -- C:\Windows\System32\qmgr.dll [585728]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Archivo DLL de servicios shell de Windows.) -- C:\Windows\System32\shsvcs.dll [328192]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Servicio que ofrece conectividad IPv6 en un.) -- C:\Windows\System32\iphlpsvc.dll [499712]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de servicio de inicio de sesión secunda.) -- C:\Windows\System32\seclogon.dll [21504]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Servicio de información de aplicaciones.) -- C:\Windows\System32\appinfo.dll [47104]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Servicio de detección iSCSI.) -- C:\Windows\System32\iscsiexe.dll [114688]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Servicio Programador de aplicaciones multim.) -- C:\Windows\System32\mmcss.dll [49664]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Informes de problemas y soluciones.) -- C:\Windows\System32\wercplsupport.dll [61440]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Servicio EAPHost de Microsoft.) -- C:\Windows\System32\eapsvc.dll [98304]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [164864]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Servicio programador de tareas.) -- C:\Windows\System32\schedsvc.dll [750592]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Servicio de administración de claves.) -- C:\Windows\System32\KMSVC.DLL [71168]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Servicio Configuración de Escritorio remoto.) -- C:\Windows\System32\SessEnv.dll [113664]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [168960]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Archivo DLL de servicio de explorador del e.) -- C:\Windows\System32\browser.dll [102912]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL del servicio de temas del shell de Wind.) -- C:\Windows\System32\themeservice.dll [37376]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Servicio BDE.) -- C:\Windows\System32\bdesvc.dll [76800]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Servicio de instalación de software.) -- C:\Windows\System32\appmgmts.dll [149504]

---\\ Lista de excepciones en el firewall (FirewallRules) (O87) (19) - 6s
O87 - FAEL: "{AE011075-B5D3-4B54-8D5C-525C11173C73}" [In-None-P6-TRUE] .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\MaConfigAgent.exe
O87 - FAEL: "{C928F437-10C7-4ED4-A262-40E83EF6B753}" [In-None-P17-TRUE] .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\MaConfigAgent.exe
O87 - FAEL: "{56D8CDF4-9EF9-4CF8-9504-93231886D54F}" [In-None-P6-TRUE] .(...) -- C:\Program Files\Oracle\VirtualBox\vboxheadless.exe
O87 - FAEL: "TCP Query User{605991C4-4A12-43FC-B42F-A018B3DC274B}C:\program files\pp??2.0\adevicehelpermon.exe" [In-None-P6-TRUE] .(.???????????? - PP??????.) -- C:\program files\pp??2.0\adevicehelpermon.exe
O87 - FAEL: "UDP Query User{7F324945-B67F-40EB-B6C4-DD6913AB57AE}C:\program files\pp??2.0\adevicehelpermon.exe" [In-None-P17-TRUE] .(.???????????? - PP??????.) -- C:\program files\pp??2.0\adevicehelpermon.exe
O87 - FAEL: "TCP Query User{99F24776-489E-4FC8-A911-AE7A0CF25E3E}C:\program files\pp??2.0\ihelper.exe" [In-None-P6-TRUE] .(.???????????? - PP??.) -- C:\program files\pp??2.0\ihelper.exe
O87 - FAEL: "UDP Query User{FB9F8B49-3875-47AA-BC65-953D7413E1C5}C:\program files\pp??2.0\ihelper.exe" [In-None-P17-TRUE] .(.???????????? - PP??.) -- C:\program files\pp??2.0\ihelper.exe
O87 - FAEL: "TCP Query User{4574D0EB-3B60-4284-AFB3-53F34D5AA14D}C:\program files\pp??2.0\adevicehelpermon.exe" [In-None-P6-TRUE] .(.???????????? - PP??????.) -- C:\program files\pp??2.0\adevicehelpermon.exe
O87 - FAEL: "UDP Query User{7EE77847-00FD-46D3-B90A-9B9F961835B2}C:\program files\pp??2.0\adevicehelpermon.exe" [In-None-P17-TRUE] .(.???????????? - PP??????.) -- C:\program files\pp??2.0\adevicehelpermon.exe
O87 - FAEL: "TCP Query User{2D83FE0F-4FB6-4E55-98DB-60465F6545FE}D:\downloads\pp????\ppghost\ppghost.exe" [In-None-P6-TRUE] .(.???????????? - PP????.) -- D:\downloads\pp????\ppghost\ppghost.exe
O87 - FAEL: "UDP Query User{92B6F72D-8E98-4FC5-A3BB-059E5E766E80}D:\downloads\pp????\ppghost\ppghost.exe" [In-None-P17-TRUE] .(.???????????? - PP????.) -- D:\downloads\pp????\ppghost\ppghost.exe
O87 - FAEL: "{662982CF-A647-4659-B9F2-DDF375593FDF}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\khalid\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{10A94042-EB8D-4478-A556-EA3527FE0AD9}" [Out-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\khalid\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{579A1D9B-B01A-43EA-83E6-E795BDC5A1E0}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\khalid\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{3A02569D-3821-4F5A-8968-2B532B4E441D}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\khalid\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{FCFD6EC2-6062-4082-9650-69B5ED4C4810}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\khalid\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{54925562-0EAE-4CD8-B4E3-2996FA58EFAE}" [Out-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\khalid\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "TCP Query User{93C79FD2-5D04-4D8D-A871-ABB35A45474A}C:\program files\pp??2.0\ihelper.exe" [In-None-P6-TRUE] .(.???????????? - PP??.) -- C:\program files\pp??2.0\ihelper.exe
O87 - FAEL: "UDP Query User{ADCC58D2-3A9E-41B3-9135-69C17F1E0935}C:\program files\pp??2.0\ihelper.exe" [In-None-P17-TRUE] .(.???????????? - PP??.) -- C:\program files\pp??2.0\ihelper.exe

---\\ Condiciones generales de servicios no Microsoft (GSR) (SR = correr, SS = parado) (13) - 60s
SS - Demand [2015/07/09 00:43:59] [ 268464] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - Auto [2015/05/29 18:51:26] [ 60744] Apple Mobile Device (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - Auto [2011/08/30 23:05:02] [ 390504] Bonjour Service (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - Auto [2015/07/14 18:10:05] [ 144200] ???? Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - Demand [2015/07/14 18:10:05] [ 144200] ???? Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SR - Demand [2015/04/07 00:29:36] [ 540968] ???? iPod (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - Auto [2014/10/15 16:26:12] [ 2117448] Ma-Config Agent (MaConfigAgent) . (.CybelSoft.) - C:\Program Files\ma-config.com\MaConfigAgent.exe
SS - Demand [2014/04/09 08:12:50] [ 235696] McAfee Security Scan Component Host Service (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
SR - Auto [2014/04/08 09:56:40] [ 137528] Motorola Device Manager Service (Motorola Device Manager) . (.Motorola Mobility LLC.) - C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
SR - Auto [2014/08/14 00:52:34] [ 118496] PP Assistant Service (PP Assistant Service) . (.(C) ????????????????????.) - C:\Program Files\PP??2.0\adevicehelpersvr.exe
SR - Auto [2011/09/02 16:06:38] [ 65657] PST Service (PST Service) . (.Motorola.) - C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe
SS - Auto [2015/07/09 09:36:15] [ 8015996] Swanky Listen (Swanky Listen) . (...) - C:\Program Files\Swanky Listen\Swanky Listen.exe
SR - Auto [2015/07/10 10:49:52] [ 1652736] WajIEn Monitor (WajIEn Monitor) . (.Copyright (C) 2014.) - C:\Program Files\WajIEn\wajam.exe

---\\ Escaneo adicional (O88) (26) - 0s
C:\Program Files\WajIEn\wajam.exe =>PUP.Optional.Wajam
C:\Program Files\bestadblocker\ebxe430lAttdNt.dll =>PUP.Optional.Adblocker
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3AE6A71-E2A1-437F-9330-996CD13788BC} =>PUP.Optional.Adblocker
HKLM\SYSTEM\CurrentControlSet\Services\WajIEn Monitor =>PUP.Optional.Wajam
C:\Windows\Tasks\Bidaily Synchronize Task[pr].job =>PUP.Optional.BidailySync
C:\Windows\System32\Tasks\Advanced System~Protector =>PUP.Optional.AdvancedSystemProtector
C:\Windows\System32\Tasks\Advanced System~Protector_startup =>PUP.Optional.AdvancedSystemProtector
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~9338DF9D_is1 =>PUP.Optional.AdvancedSystemProtector
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIEn =>PUP.Optional.Wajam
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507} =>PUP.Optional.BestADBlocker
HKLM\SOFTWARE\mystartsearchSoftware =>PUP.Optional.StartSearch
HKLM\SOFTWARE\Systweak =>PUP.Optional.Systweak
HKLM\SOFTWARE\Uniblue =>PUP.Optional.UniblueSystem
HKLM\SOFTWARE\WajIEn =>PUP.Optional.Wajam
HKCU\SOFTWARE\systweak =>PUP.Optional.Systweak
HKCU\SOFTWARE\WajIEnhance =>PUP.Optional.Wajam
C:\Program Files\bestadblocker =>PUP.Optional.Adblocker
C:\Program Files\PriceMinus =>PUP.Optional.Multiplug
C:\Program Files\WajIEn =>PUP.Optional.Wajam
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System~Protector =>PUP.Optional.AdvancedSystemProtector
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajIEn =>PUP.Optional.Wajam
C:\ProgramData\Systweak =>PUP.Optional.Systweak
C:\Users\khalid\AppData\Roaming\OpenCandy =>PUP.Optional.OpenCandy
C:\Users\khalid\AppData\Roaming\RHEng =>PUP.Optional.Conduit
C:\Users\khalid\AppData\Roaming\Systweak =>PUP.Optional.Systweak
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\Open\command [Bad: C:\Program Files\Internet Explorer\iexplore.ex http://www.mystartsearch.com/] =>PUP.Optional.StartSearch

---\\ Resumen de elementos en su estación de trabajo (11) - 0s
http://www.nicolascoolman.fr/pup-wajam/ =>PUP.Optional.Wajam
http://www.nicolascoolman.fr/pup-startsearch/ =>PUP.Optional.StartSearch
http://www.nicolascoolman.fr/blog =>PUP.Optional.Adblocker
http://www.nicolascoolman.fr/pup-advancedsystemprotector/ =>PUP.Optional.AdvancedSystemProtector
http://www.nicolascoolman.fr/blog =>PUP.Optional.BidailySync
http://www.nicolascoolman.fr/blog =>PUP.Optional.BestADBlocker
http://www.nicolascoolman.fr/pup-systweak/ =>PUP.Optional.Systweak
http://www.nicolascoolman.fr/blog =>PUP.Optional.UniblueSystem
http://www.nicolascoolman.fr/pup-mutiplug/ =>PUP.Optional.Multiplug
http://www.nicolascoolman.fr/adware-opencandy/ =>PUP.Optional.OpenCandy
http://www.nicolascoolman.fr/toolbar-conduit/ =>PUP.Optional.Conduit

~ End of the scan, 21810 items in 402 seconds (696)(0)()

Publicité


Signaler le contenu de ce document

Publicité