| Aureliana | 02.04.2016 11:00 |
MPC/Istartsurf probleme
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Andrea (administrator) on ANDREA (02-04-2016 11:52:30)
Running from C:\Users\Andrea\Desktop
Loaded Profiles: Andrea (Available Profiles: Andrea & Administrador)
Platform: Windows 10 Home Version 1511 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(VoipConnect) C:\Program Files (x86)\VoipConnect.com\VoipConnect\voipconnect.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicator.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13261456 2012-12-10] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3946184 2015-09-30] (Synaptics Incorporated)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25577864 2016-03-12] (Dropbox, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1489487905-805253939-2442927746-1001\...\Run: [VoipConnect] => C:\Program Files (x86)\VoipConnect.com\VoipConnect\voipconnect.exe [36547168 2016-02-25] (VoipConnect)
HKU\S-1-5-21-1489487905-805253939-2442927746-1001\...\Run: [HP Officejet 4620 series (NET)] => C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1489487905-805253939-2442927746-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-1489487905-805253939-2442927746-1001\...\RunOnce: [Uninstall C:\Users\Andrea\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Andrea\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
HKU\S-1-5-21-1489487905-805253939-2442927746-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{e61b1166-0199-4f0e-bbc8-227c419a320d}: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{ef271cdd-60fd-4a3f-a444-db799fd386f1}: [DhcpNameServer] 80.58.61.250 80.58.61.254
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1489487905-805253939-2442927746-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-04-01] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-04-01] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-01] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-01] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-01] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-01] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\s4qugcnh.default-1458546297499
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_197.dll [2016-03-23] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll [2016-03-23] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-04-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-21] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-02-26] (Adobe Systems Inc.)
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-16] [not signed]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Profile: C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Presentaciones de Google) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-04]
CHR Extension: (Google Docs) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-04]
CHR Extension: (Google Drive) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-04]
CHR Extension: (YouTube) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-04]
CHR Extension: (Búsqueda de Google) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-04]
CHR Extension: (Hojas de cálculo de Google) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-04]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-22]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-04]
CHR Extension: (Gmail) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-04]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2823920 2016-03-20] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-11-04] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-11-04] (Dropbox, Inc.)
S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [203296 2016-03-19] (Microsoft Corporation) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-09-30] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4342936 2015-12-04] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
S3 DSI_SiUSBXp_3_1; C:\Windows\system32\drivers\DSI_SiUSBXp_3_1.sys [16384 2007-09-06] (Silicon Laboratories)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-12-05] ()
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [42184 2015-09-30] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-09-30] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [54424 2015-07-29] (Toshiba Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-01 09:16 - 2016-04-01 09:16 - 00017454 _____ C:\Users\Andrea\Downloads\F 17750.pdf
2016-03-31 15:38 - 2016-03-31 15:38 - 00004249 _____ C:\Users\Andrea\Downloads\SEGUROS_SOCIALES-31032016153850.pdf
2016-03-31 15:37 - 2016-03-31 15:37 - 00004246 _____ C:\Users\Andrea\Downloads\SEGUROS_SOCIALES-31032016153734.pdf
2016-03-31 15:27 - 2016-03-31 15:27 - 00342442 _____ C:\Users\Andrea\Downloads\Zahlungsbeleg 5117080.pdf
2016-03-31 15:05 - 2016-03-31 15:05 - 00234095 _____ C:\Users\Andrea\Downloads\doc05725920160314135641.pdf
2016-03-31 15:04 - 2016-03-31 15:04 - 00230441 _____ C:\Users\Andrea\Downloads\doc05490620160208130039.pdf
2016-03-31 15:03 - 2016-03-31 15:03 - 00228649 _____ C:\Users\Andrea\Downloads\doc05307820160112161638(1).pdf
2016-03-31 15:01 - 2016-03-31 15:02 - 00117119 _____ C:\Users\Andrea\Downloads\Rrecipt_567453557717757013.pdf
2016-03-31 15:00 - 2016-03-31 15:00 - 00117118 _____ C:\Users\Andrea\Downloads\Rrecipt_567453557614844863.pdf
2016-03-31 14:58 - 2016-03-31 14:58 - 00117119 _____ C:\Users\Andrea\Downloads\Rrecipt_567453557508221389.pdf
2016-03-30 20:11 - 2016-03-30 20:11 - 00008342 _____ C:\Users\Andrea\Downloads\VJDKYEAH92K73492.pdf
2016-03-30 20:11 - 2016-03-30 20:11 - 00008342 _____ C:\Users\Andrea\Downloads\VJDKYEAH92K73492(1).pdf
2016-03-29 13:53 - 2016-03-29 13:53 - 00024258 _____ C:\Users\Andrea\Downloads\Transferencia_en_euros_desde_la_cuenta_ES80_2038_9230_2960_0009_6054(3).pdf
2016-03-29 08:51 - 2016-03-29 08:53 - 02870984 _____ (ESET) C:\Users\Andrea\Desktop\esetsmartinstaller_deu.exe
2016-03-29 08:47 - 2016-04-01 16:56 - 00092528 _____ C:\Users\Andrea\Desktop\SystemLook.txt
2016-03-28 10:58 - 2016-03-28 10:58 - 00654497 _____ C:\Users\Andrea\Desktop\Ryanair itineraio Mallorca.htm
2016-03-28 10:58 - 2016-03-28 10:58 - 00000000 ____D C:\Users\Andrea\Desktop\Ryanair itineraio Mallorca_files
2016-03-28 10:21 - 2016-03-28 10:21 - 00165376 _____ C:\Users\Andrea\Downloads\SystemLook_x64.exe
2016-03-28 10:21 - 2016-03-28 10:21 - 00139264 _____ C:\Users\Andrea\Desktop\SystemLook.exe
2016-03-28 10:19 - 2016-03-28 10:19 - 00165376 _____ C:\Users\Andrea\Desktop\SystemLook_x64.exe
2016-03-27 21:09 - 2016-03-27 21:10 - 00035240 _____ C:\Users\Andrea\Desktop\Addition.txt
2016-03-27 21:08 - 2016-04-02 11:53 - 00015012 _____ C:\Users\Andrea\Desktop\FRST.txt
2016-03-27 20:54 - 2016-03-27 21:03 - 00000000 ____D C:\ProgramData\HitmanPro
2016-03-27 20:51 - 2016-03-27 20:54 - 11441744 _____ (SurfRight B.V.) C:\Users\Andrea\Desktop\HitmanPro_x64.exe
2016-03-27 15:45 - 2016-03-27 15:45 - 00000000 ____D C:\Program Files (x86)\ESET
2016-03-27 15:37 - 2016-03-27 15:39 - 00001698 _____ C:\Users\Andrea\Desktop\Fixlog.txt
2016-03-24 19:22 - 2016-03-24 19:22 - 00000641 _____ C:\Users\Andrea\Desktop\JRT.txt
2016-03-24 19:19 - 2016-03-24 19:20 - 01610352 _____ (Malwarebytes) C:\Users\Andrea\Desktop\JRT.exe
2016-03-24 19:17 - 2016-03-24 19:17 - 00002448 _____ C:\Users\Andrea\Desktop\AdwCleaner[C3].txt
2016-03-24 19:01 - 2016-03-24 19:06 - 01530368 _____ C:\Users\Andrea\Desktop\AdwCleaner_5.105(1).exe
2016-03-24 16:12 - 2016-03-24 16:12 - 00040121 _____ C:\Users\Andrea\Desktop\mbam.txt
2016-03-24 15:56 - 2016-03-24 15:56 - 00040129 _____ C:\Users\Andrea\Desktop\Malwarebytes.txt
2016-03-24 15:25 - 2016-03-24 16:07 - 00001182 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-03-24 15:25 - 2016-03-24 15:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-03-24 15:25 - 2016-03-24 15:25 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-03-24 15:25 - 2016-03-10 15:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-03-24 15:25 - 2016-03-10 15:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-03-24 15:25 - 2016-03-10 15:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-03-24 15:14 - 2016-03-24 15:16 - 22851472 _____ (Malwarebytes ) C:\Users\Andrea\Desktop\mbam-setup-2.2.1.1043.exe
2016-03-24 09:49 - 2016-03-24 09:50 - 00032720 _____ C:\Users\Andrea\Downloads\Addition.txt
2016-03-24 09:47 - 2016-04-02 11:52 - 00000000 ____D C:\FRST
2016-03-24 09:47 - 2016-03-24 09:50 - 00066266 _____ C:\Users\Andrea\Downloads\FRST.txt
2016-03-24 09:47 - 2016-03-24 09:47 - 02374144 _____ (Farbar) C:\Users\Andrea\Desktop\FRST64.exe
2016-03-24 09:46 - 2016-03-24 09:46 - 01725440 _____ (Farbar) C:\Users\Andrea\Downloads\FRST.exe
2016-03-22 21:46 - 2016-03-24 16:08 - 00001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-03-22 21:46 - 2016-03-24 16:07 - 00001227 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-03-22 21:46 - 2016-03-22 21:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-22 21:46 - 2016-03-22 21:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-03-22 21:45 - 2016-03-22 21:45 - 00242232 _____ C:\Users\Andrea\Downloads\Firefox Setup Stub 45.0.1.exe
2016-03-22 21:45 - 2016-03-22 21:45 - 00242232 _____ C:\Users\Andrea\Downloads\Firefox Setup Stub 45.0.1 (2).exe
2016-03-22 21:45 - 2016-03-22 21:45 - 00242232 _____ C:\Users\Andrea\Downloads\Firefox Setup Stub 45.0.1 (1).exe
2016-03-22 21:33 - 2016-03-23 21:44 - 00000000 ____D C:\Users\Andrea\AppData\Roaming\Avira
2016-03-22 21:31 - 2016-03-23 21:51 - 00000000 ____D C:\ProgramData\Avira
2016-03-22 21:29 - 2016-03-22 21:30 - 165283560 _____ C:\Users\Andrea\Downloads\avira_free_antivirus_1516de.exe
2016-03-22 21:28 - 2016-03-22 21:28 - 01530368 _____ C:\Users\Andrea\Downloads\adwcleaner_5.105 (2).exe
2016-03-22 21:23 - 2016-03-22 21:23 - 01530368 _____ C:\Users\Andrea\Downloads\adwcleaner_5.105 (1).exe
2016-03-22 21:21 - 2016-03-22 21:21 - 04733568 _____ (Avira Operations GmbH & Co. KG) C:\Users\Andrea\Downloads\avira_de_av_56f1953721285__adw.exe
2016-03-22 21:21 - 2016-03-22 21:21 - 04733568 _____ (Avira Operations GmbH & Co. KG) C:\Users\Andrea\Downloads\avira_de_av_56f1953721285__adw (1).exe
2016-03-22 21:19 - 2016-03-22 21:19 - 04733568 _____ (Avira Operations GmbH & Co. KG) C:\Users\Andrea\Downloads\avira_de_av_56f1953721285__ws (1).exe
2016-03-22 21:18 - 2016-03-22 21:18 - 04733568 _____ (Avira Operations GmbH & Co. KG) C:\Users\Andrea\Downloads\avira_de_av_56f1953721285__ws.exe
2016-03-22 21:08 - 2016-03-24 19:14 - 00000000 ____D C:\AdwCleaner
2016-03-22 21:07 - 2016-03-22 21:08 - 01530368 _____ C:\Users\Andrea\Downloads\adwcleaner_5.105.exe
2016-03-22 21:01 - 2016-03-22 21:14 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-03-22 20:59 - 2016-03-22 21:16 - 00000000 ____D C:\WINDOWS\pss
2016-03-21 09:20 - 2016-03-21 09:20 - 00987728 _____ (Google Inc.) C:\Users\Andrea\Downloads\ChromeSetup.exe
2016-03-20 21:56 - 2016-03-20 21:56 - 00000000 ____D C:\Users\Andrea\AppData\Roaming\MCorp
2016-03-19 10:04 - 2016-03-19 10:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-03-14 10:37 - 2016-03-18 09:48 - 00037782 _____ C:\Users\Andrea\Desktop\Copia de Agenda_KW11 2016.xlsx
2016-03-09 08:54 - 2016-03-01 07:31 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-03-09 08:54 - 2016-03-01 07:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-03-09 08:54 - 2016-02-24 11:52 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-03-09 08:54 - 2016-02-24 11:51 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-03-09 08:54 - 2016-02-24 11:48 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-03-09 08:54 - 2016-02-24 11:34 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-03-09 08:54 - 2016-02-24 11:28 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-03-09 08:54 - 2016-02-24 11:15 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-03-09 08:54 - 2016-02-24 10:58 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-03-09 08:54 - 2016-02-24 10:51 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-03-09 08:54 - 2016-02-24 10:50 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-03-09 08:54 - 2016-02-24 10:46 - 06607080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-03-09 08:54 - 2016-02-24 10:43 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-03-09 08:54 - 2016-02-24 10:39 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-03-09 08:54 - 2016-02-24 10:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-03-09 08:54 - 2016-02-24 10:14 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-09 08:54 - 2016-02-24 10:11 - 01997152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-03-09 08:54 - 2016-02-24 10:11 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-03-09 08:54 - 2016-02-24 10:11 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-03-09 08:54 - 2016-02-24 10:11 - 00652392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-03-09 08:54 - 2016-02-24 10:11 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-03-09 08:54 - 2016-02-24 10:11 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-03-09 08:54 - 2016-02-24 10:10 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-03-09 08:54 - 2016-02-24 10:10 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-03-09 08:54 - 2016-02-24 10:09 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-03-09 08:54 - 2016-02-24 10:06 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-03-09 08:54 - 2016-02-24 09:59 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-03-09 08:54 - 2016-02-24 09:38 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-03-09 08:54 - 2016-02-24 09:35 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-03-09 08:54 - 2016-02-24 09:35 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-03-09 08:54 - 2016-02-24 09:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-03-09 08:54 - 2016-02-24 09:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-03-09 08:54 - 2016-02-24 09:20 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-03-09 08:54 - 2016-02-24 09:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-03-09 08:54 - 2016-02-24 09:15 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-03-09 08:54 - 2016-02-24 09:12 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-03-09 08:54 - 2016-02-24 09:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-03-09 08:54 - 2016-02-24 09:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-03-09 08:54 - 2016-02-24 08:59 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-03-09 08:54 - 2016-02-24 08:59 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-03-09 08:54 - 2016-02-24 08:55 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-03-09 08:54 - 2016-02-24 08:55 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-03-09 08:54 - 2016-02-24 08:49 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-03-09 08:54 - 2016-02-24 08:44 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-03-09 08:54 - 2016-02-24 08:44 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-03-09 08:54 - 2016-02-24 08:43 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-03-09 08:54 - 2016-02-24 08:43 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-03-09 08:54 - 2016-02-24 08:41 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-03-09 08:54 - 2016-02-24 08:41 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-03-09 08:54 - 2016-02-24 08:40 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-03-09 08:54 - 2016-02-24 08:39 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-03-09 08:54 - 2016-02-24 08:36 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-03-09 08:54 - 2016-02-24 08:34 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-03-09 08:54 - 2016-02-24 08:34 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-03-09 08:54 - 2016-02-24 08:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-03-09 08:54 - 2016-02-24 08:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-03-09 08:54 - 2016-02-24 08:28 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-03-09 08:54 - 2016-02-24 08:25 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-03-09 08:54 - 2016-02-24 08:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-03-09 08:54 - 2016-02-24 08:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-03-09 08:54 - 2016-02-24 08:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-03-09 08:54 - 2016-02-24 08:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-03-09 08:54 - 2016-02-24 08:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-03-09 08:54 - 2016-02-24 08:11 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-03-09 08:54 - 2016-02-24 08:09 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-03-09 08:54 - 2016-02-24 08:09 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-03-09 08:54 - 2016-02-24 08:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-03-09 08:54 - 2016-02-24 08:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-03-09 08:54 - 2016-02-24 08:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-03-09 08:54 - 2016-02-24 08:07 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-03-09 08:54 - 2016-02-24 08:07 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-03-09 08:54 - 2016-02-24 08:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-03-09 08:54 - 2016-02-24 08:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-03-09 08:54 - 2016-02-24 08:01 - 01831936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-09 08:54 - 2016-02-24 08:00 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-03-09 08:54 - 2016-02-24 08:00 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-03-09 08:54 - 2016-02-24 07:57 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-09 08:54 - 2016-02-24 07:55 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-09 08:54 - 2016-02-24 07:34 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-03-09 08:54 - 2016-02-24 07:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-03-09 08:54 - 2016-02-24 07:20 - 22376960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-03-09 08:54 - 2016-02-24 07:18 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-03-09 08:54 - 2016-02-24 07:12 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-03-09 08:54 - 2016-02-24 07:12 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-03-09 08:54 - 2016-02-24 07:10 - 24600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-03-09 08:54 - 2016-02-24 07:09 - 06972416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-09 08:54 - 2016-02-24 07:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-03-09 08:54 - 2016-02-24 07:03 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-09 08:54 - 2016-02-24 06:59 - 05661696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-03-09 08:54 - 2016-02-24 06:55 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-03-09 08:53 - 2016-02-24 11:47 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-03-09 08:53 - 2016-02-24 11:40 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-03-09 08:53 - 2016-02-24 10:54 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-03-09 08:53 - 2016-02-24 10:39 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-03-09 08:53 - 2016-02-24 10:09 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-03-09 08:53 - 2016-02-24 09:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-03-09 08:53 - 2016-02-24 09:39 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-03-09 08:53 - 2016-02-24 09:38 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-03-09 08:53 - 2016-02-24 09:37 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-03-09 08:53 - 2016-02-24 09:36 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-03-09 08:53 - 2016-02-24 09:35 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-03-09 08:53 - 2016-02-24 09:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-03-09 08:53 - 2016-02-24 09:31 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-03-09 08:53 - 2016-02-24 09:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-03-09 08:53 - 2016-02-24 09:28 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-03-09 08:53 - 2016-02-24 09:23 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-03-09 08:53 - 2016-02-24 09:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-03-09 08:53 - 2016-02-24 09:23 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-03-09 08:53 - 2016-02-24 09:22 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-03-09 08:53 - 2016-02-24 09:20 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-03-09 08:53 - 2016-02-24 09:19 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-03-09 08:53 - 2016-02-24 09:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-03-09 08:53 - 2016-02-24 09:14 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-03-09 08:53 - 2016-02-24 09:13 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-03-09 08:53 - 2016-02-24 09:12 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-03-09 08:53 - 2016-02-24 09:10 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-03-09 08:53 - 2016-02-24 09:09 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-03-09 08:53 - 2016-02-24 09:09 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-03-09 08:53 - 2016-02-24 09:07 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-03-09 08:53 - 2016-02-24 09:05 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-03-09 08:53 - 2016-02-24 09:03 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-03-09 08:53 - 2016-02-24 09:01 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-03-09 08:53 - 2016-02-24 09:01 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-03-09 08:53 - 2016-02-24 09:00 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-03-09 08:53 - 2016-02-24 08:59 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-03-09 08:53 - 2016-02-24 08:58 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-03-09 08:53 - 2016-02-24 08:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-03-09 08:53 - 2016-02-24 08:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-03-09 08:53 - 2016-02-24 08:54 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-03-09 08:53 - 2016-02-24 08:54 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-03-09 08:53 - 2016-02-24 08:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-03-09 08:53 - 2016-02-24 08:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-03-09 08:53 - 2016-02-24 08:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-03-09 08:53 - 2016-02-24 08:52 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-03-09 08:53 - 2016-02-24 08:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-03-09 08:53 - 2016-02-24 08:51 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-03-09 08:53 - 2016-02-24 08:47 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-03-09 08:53 - 2016-02-24 08:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-03-09 08:53 - 2016-02-24 08:44 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-03-09 08:53 - 2016-02-24 08:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-03-09 08:53 - 2016-02-24 08:42 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-03-09 08:53 - 2016-02-24 08:42 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-03-09 08:53 - 2016-02-24 08:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-03-09 08:53 - 2016-02-24 08:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-03-09 08:53 - 2016-02-24 08:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-03-09 08:53 - 2016-02-24 08:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-03-09 08:53 - 2016-02-24 08:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-03-09 08:53 - 2016-02-24 08:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-03-09 08:53 - 2016-02-24 08:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-03-09 08:53 - 2016-02-24 08:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-03-09 08:53 - 2016-02-24 08:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-03-09 08:53 - 2016-02-24 08:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2016-03-09 08:53 - 2016-02-24 08:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-03-09 08:53 - 2016-02-24 08:18 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-03-09 08:53 - 2016-02-24 08:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-03-09 08:53 - 2016-02-24 07:43 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-03-03 10:54 - 2016-03-03 10:54 - 00008336 _____ C:\Users\Andrea\Downloads\VJ42ZH8XHD2Z6627.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-02 11:46 - 2015-11-03 20:33 - 00000000 ____D C:\Users\Andrea\AppData\Roaming\Skype
2016-04-02 11:25 - 2015-11-03 21:22 - 00001114 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-02 11:12 - 2015-11-04 19:50 - 00000000 ____D C:\Users\Andrea\AppData\Local\Dropbox
2016-04-02 11:12 - 2013-03-24 10:02 - 00000000 ___RD C:\Users\Andrea\Dropbox
2016-04-02 11:11 - 2015-11-04 19:50 - 00001002 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-04-02 11:11 - 2015-11-03 21:22 - 00001110 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-02 11:02 - 2015-11-16 09:35 - 00000838 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-04-02 10:55 - 2015-12-04 19:41 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-02 10:54 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-04-02 10:06 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-04-02 10:04 - 2015-11-03 20:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-04-02 09:55 - 2015-11-04 19:50 - 00001006 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-04-02 09:51 - 2015-11-03 12:17 - 00004202 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{24812E67-5053-453B-B71C-FB55481A7AE2}
2016-04-02 09:50 - 2015-11-03 12:02 - 01849776 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-02 09:50 - 2015-10-30 20:59 - 00821782 _____ C:\WINDOWS\system32\perfh00A.dat
2016-04-02 09:50 - 2015-10-30 20:59 - 00161374 _____ C:\WINDOWS\system32\perfc00A.dat
2016-04-02 09:50 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-02 09:50 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-04-01 08:05 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-31 15:29 - 2015-11-09 10:40 - 00000000 ____D C:\Users\Andrea\AppData\Local\CutePDF Writer
2016-03-31 15:07 - 2015-11-03 12:01 - 00000000 ____D C:\Users\Andrea\AppData\Local\Packages
2016-03-31 08:26 - 2015-11-03 21:22 - 00002281 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-31 08:26 - 2015-11-03 21:22 - 00002269 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-29 10:14 - 2013-04-10 21:17 - 00000000 ____D C:\Users\Andrea\AppData\LocalLow\Temp
2016-03-26 10:53 - 2015-11-11 15:34 - 00000000 ____D C:\Users\Andrea\Documents\SCAN
2016-03-24 19:14 - 2015-11-15 12:51 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-03-24 16:10 - 2015-12-05 10:27 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-03-24 16:08 - 2015-12-07 09:19 - 00002496 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-03-24 16:08 - 2015-12-04 19:34 - 00001552 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-03-24 16:08 - 2015-11-04 20:46 - 00000968 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registro de I.R.I.S. OCR.lnk
2016-03-24 16:08 - 2015-11-03 20:51 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-03-24 16:08 - 2015-11-03 20:16 - 00002542 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-03-24 16:08 - 2015-11-03 20:16 - 00002523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-03-24 16:08 - 2015-11-03 20:16 - 00002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-03-24 16:08 - 2015-11-03 20:16 - 00002494 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-03-24 16:08 - 2015-11-03 20:16 - 00002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-03-24 16:08 - 2015-11-03 20:16 - 00002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-03-24 16:07 - 2016-03-01 09:07 - 00000775 _____ C:\Users\Andrea\Desktop\Imágenes - Acceso directo.lnk
2016-03-24 16:07 - 2016-02-17 20:22 - 00002642 _____ C:\Users\Public\Desktop\Skype.lnk
2016-03-24 16:07 - 2015-12-05 20:37 - 00001150 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-03-24 16:07 - 2015-11-06 11:03 - 00001311 _____ C:\Users\Andrea\Desktop\VoipConnect.lnk
2016-03-24 16:07 - 2015-11-04 20:46 - 00002282 _____ C:\Users\Public\Desktop\HP Officejet 4620 series.lnk
2016-03-24 16:07 - 2015-11-04 20:46 - 00001261 _____ C:\Users\Public\Desktop\Comprar consumibles - HP Officejet 4620 series.lnk
2016-03-24 16:07 - 2015-11-04 19:57 - 00001298 _____ C:\Users\Andrea\Desktop\Dropbox.lnk
2016-03-24 16:07 - 2015-11-03 20:51 - 00002135 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-03-24 16:07 - 2015-11-03 12:11 - 00002409 _____ C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-03-24 10:28 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-23 21:51 - 2015-12-04 19:25 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-22 21:33 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-03-22 21:14 - 2015-11-03 21:17 - 00000000 ____D C:\ProgramData\AVAST Software
2016-03-22 20:51 - 2015-12-04 19:29 - 00000000 ____D C:\Users\Andrea
2016-03-22 19:59 - 2015-11-03 20:51 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-03-21 09:45 - 2015-11-15 13:58 - 00000000 ____D C:\Users\Andrea\Desktop\Datos antiguos de Firefox
2016-03-21 09:20 - 2015-11-03 21:22 - 00004172 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-03-21 09:20 - 2015-11-03 21:22 - 00003940 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-03-20 23:10 - 2015-12-05 20:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-03-20 22:25 - 2016-01-18 09:45 - 00000000 ____D C:\Program Files (x86)\WideLine
2016-03-20 22:11 - 2016-02-16 20:09 - 00000000 ____D C:\Users\Andrea\AppData\Local\ElevatedDiagnostics
2016-03-19 10:04 - 2015-11-04 19:50 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-03-15 08:46 - 2015-11-03 21:19 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-03-15 08:44 - 2015-06-04 08:45 - 00000000 __RDO C:\Users\Andrea\OneDrive
2016-03-10 17:29 - 2015-12-04 19:19 - 00330200 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-09 21:09 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-09 21:09 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-09 21:09 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-09 21:09 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-09 10:17 - 2015-11-03 19:43 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-03-09 10:13 - 2015-11-03 19:43 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-03-08 09:12 - 2015-10-30 09:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-03-08 09:12 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-04 20:49 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-03-03 08:37 - 2015-09-10 07:28 - 00000000 __RHD C:\Users\Public\AccountPictures
==================== Files in the root of some directories =======
2015-11-04 20:46 - 2015-11-04 20:46 - 0000057 _____ () C:\ProgramData\Ament.ini
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-04-02 11:06
==================== End of FRST.txt ============================
--- --- ---
[CODE]Additional
FRST Logfile: Code:
scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Andrea (2016-04-02 11:53:43)
Running from C:\Users\Andrea\Desktop
Windows 10 Home Version 1511 (X64) (2015-12-04 17:47:10)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-1489487905-805253939-2442927746-500 - Administrator - Disabled) => C:\Users\Administrator
Andrea (S-1-5-21-1489487905-805253939-2442927746-1001 - Administrator - Enabled) => C:\Users\Andrea
DefaultAccount (S-1-5-21-1489487905-805253939-2442927746-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1489487905-805253939-2442927746-1003 - Limited - Enabled)
Invitado (S-1-5-21-1489487905-805253939-2442927746-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.197 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
CutePDF Writer 2.8 (HKLM\...\CutePDF Writer Installation) (Version: - )
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.16.1 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.37 - Dropbox, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
HP Officejet 4620 series Ayuda (HKLM-x32\...\{36D47790-7562-4A7F-B933-600A700B2D40}) (Version: 6.0.0 - Hewlett Packard)
HP Officejet 4620 series Estudio para la mejora del producto (HKLM\...\{3ADC3E59-CC72-409E-8FB4-692E40C76B32}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 4620 series Software básico del dispositivo (HKLM\...\{CFA8A322-2D7F-4425-A251-F42BAF0A52D1}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office 365 - es-es (HKLM\...\O365HomePremRetail - es-es) (Version: 16.0.6741.2021 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mozilla Firefox 45.0.1 (x86 es-ES) (HKLM-x32\...\Mozilla Firefox 45.0.1 (x86 es-ES)) (Version: 45.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6701.1013 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6701.1013 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6701.1013 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6794 - Realtek Semiconductor Corp.)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.16.3 - Synaptics Incorporated)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1489487905-805253939-2442927746-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Andrea\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0845ABDF-F6EF-4B23-8B21-FA1CFA3D8C94} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-04] (Google Inc.)
Task: {09B08361-B7F3-4046-B47A-A47FD4CB2279} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-03-20] (Microsoft Corporation)
Task: {2A17B0BB-5A36-4512-A5CB-535766790163} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-23] (Adobe Systems Incorporated)
Task: {2D7C9F36-57F4-4902-9DEE-AE6F4DAE2AFA} - System32\Tasks\HPCustParticipation HP Officejet 4620 series => C:\Program Files\HP\HP Officejet 4620 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {2F835778-D4E4-454A-AD0B-3B81D71C26DD} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-11-04] (Dropbox, Inc.)
Task: {671CEBE7-1E62-469F-B289-FFE040E9C692} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {700D1614-1481-461E-BBE7-B298BFAEC365} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-11-04] (Dropbox, Inc.)
Task: {75AADD5E-6FA2-42EB-8E9F-A821A6513C9B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-03-20] (Microsoft Corporation)
Task: {A1DCBB96-1F07-4D44-AD5A-5B9420DD5DBE} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {A7E4AE1F-F0C1-4CBE-BB85-74DE68B51E18} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-04] (Google Inc.)
Task: {BAF516FE-FCA5-4EF9-AE07-B6973A0D70CF} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-04-01] (Microsoft Corporation)
Task: {FDA06C4A-0EF9-4AE1-AA74-331E557B2F19} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-03-09] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-11-03 21:15 - 2009-11-05 08:40 - 00085504 _____ () C:\WINDOWS\System32\cpwmon64.dll
2016-03-02 09:09 - 2016-02-23 13:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-02 09:09 - 2016-02-23 13:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-01-22 13:21 - 2016-01-22 13:21 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-18 09:14 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-03-02 09:08 - 2016-02-23 10:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-13 08:54 - 2016-01-05 03:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-13 08:54 - 2016-01-05 03:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-28 20:30 - 2016-01-16 07:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-28 20:30 - 2016-01-16 07:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-01-22 13:21 - 2016-01-22 13:21 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-22 13:21 - 2016-01-22 13:21 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-01-11 11:36 - 2016-01-11 11:36 - 00932032 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2015-12-13 09:57 - 2016-02-23 20:19 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-03-19 10:03 - 2016-02-23 20:20 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-03-19 10:03 - 2016-02-23 20:19 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2015-12-13 09:57 - 2016-02-23 20:19 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2015-12-13 09:57 - 2016-02-23 20:19 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2015-12-13 09:57 - 2016-03-12 02:18 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2015-12-13 09:57 - 2016-02-23 20:21 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-03-19 10:03 - 2016-02-23 20:19 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2015-12-13 09:57 - 2016-03-12 02:18 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2015-12-13 09:57 - 2016-02-23 20:19 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-03-19 10:03 - 2016-03-12 02:18 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2015-12-13 09:57 - 2016-02-23 20:20 - 00112592 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-03-19 10:03 - 2016-03-12 02:18 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-03-19 10:03 - 2016-03-12 02:18 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2015-12-13 09:57 - 2016-03-12 02:18 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-13 09:57 - 2016-03-12 02:18 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-03-19 10:03 - 2016-03-12 02:18 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-03-19 10:03 - 2016-02-23 20:21 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2015-12-13 09:57 - 2016-02-23 20:21 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2015-12-13 09:57 - 2016-02-23 20:21 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2015-12-13 09:57 - 2016-02-23 20:21 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-02-11 14:03 - 2016-03-12 02:18 - 00021832 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2015-12-13 09:57 - 2016-02-23 20:21 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2015-12-13 09:57 - 2016-02-23 20:21 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2015-12-13 09:57 - 2016-02-23 20:21 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2015-12-13 09:57 - 2016-02-23 20:21 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2015-12-13 09:57 - 2016-02-23 20:21 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2015-12-13 09:57 - 2016-02-23 20:21 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-03-19 10:03 - 2016-03-12 02:18 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2015-12-13 09:57 - 2016-02-23 20:21 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2015-12-13 09:57 - 2016-02-23 20:21 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-03-19 10:03 - 2016-03-12 02:18 - 00117056 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-03-19 10:03 - 2016-03-12 02:18 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-03-19 10:03 - 2016-02-23 20:21 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-03-19 10:03 - 2016-03-12 02:18 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2016-03-19 10:03 - 2016-02-13 02:24 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2015-12-13 09:57 - 2016-03-12 02:18 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-13 09:57 - 2016-02-23 20:19 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2016-03-19 10:03 - 2016-02-23 20:19 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-03-19 10:03 - 2016-02-23 20:20 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
2016-03-19 10:03 - 2016-03-12 02:18 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-02-11 14:03 - 2016-03-12 02:18 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-11 14:03 - 2016-03-12 02:18 - 00021824 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32._winffi_kernel32.pyd
2016-02-11 14:03 - 2016-03-12 02:18 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-02-11 14:03 - 2016-03-12 02:18 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-03-19 10:03 - 2016-03-12 02:18 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2015-12-13 09:57 - 2016-02-23 20:21 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-02-11 14:03 - 2016-03-12 02:18 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-03-19 10:03 - 2016-03-12 02:18 - 00084792 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-03-19 10:03 - 2016-03-12 02:18 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2015-12-13 09:57 - 2016-02-23 20:20 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-03-19 10:03 - 2016-03-12 02:18 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-03-19 10:03 - 2016-03-12 02:18 - 01971504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-03-19 10:03 - 2016-03-12 02:18 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-03-19 10:03 - 2016-03-12 02:18 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-03-19 10:03 - 2016-03-12 02:18 - 00223544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-03-19 10:03 - 2016-03-12 02:18 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-03-19 10:03 - 2016-03-12 02:18 - 00158008 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-03-19 10:03 - 2016-03-12 02:18 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-03-19 10:03 - 2016-02-23 20:23 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2016-03-19 10:03 - 2016-02-23 20:23 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2015-12-13 09:57 - 2016-03-12 02:18 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-03-19 10:03 - 2016-03-12 02:18 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-03-19 10:03 - 2016-03-12 02:18 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2015-11-04 19:52 - 2016-02-23 20:25 - 00697304 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Andrea\Desktop\Andrea Redefin:com.dropbox.attributes [168]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-11-03 11:21 - 2015-11-03 11:18 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1489487905-805253939-2442927746-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 80.58.61.250 - 80.58.61.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{E3C1E0C2-5851-4968-AC07-36149B1DEE3C}C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe] => (Allow) C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe
FirewallRules: [TCP Query User{D8961C48-783C-446E-836A-FF895F138F58}C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe] => (Allow) C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe
FirewallRules: [{466581F5-1E0E-416D-984C-529683392D97}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{EBF26AA6-4DBA-4492-94DF-E95446D9BB1B}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{0472D5A3-6D5B-4801-B56B-773D3263D1DC}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\Bin\DeviceSetup.exe
FirewallRules: [{4F859EED-6E7C-42C0-8144-7C56049217B9}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\bin\SendAFax.exe
FirewallRules: [{C312F809-C131-404A-BED8-3BA550631B11}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\bin\DigitalWizards.exe
FirewallRules: [{2A44E12A-57F7-4C9B-8436-5E956AAF26FC}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\bin\FaxApplications.exe
FirewallRules: [{0216F656-736C-47DA-BADF-194C89E72323}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{2C5E4983-A932-4842-B20C-3D42DEBC52EF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{749F59A6-F8E0-4EE5-B0EE-E3E3B7D5613D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{73D47067-AB77-4D7D-B4F7-F5BC915F2082}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{FFBA7A4E-4A57-48AC-9138-550202E1ACCA}C:\users\andrea\downloads\anydesk.exe] => (Allow) C:\users\andrea\downloads\anydesk.exe
FirewallRules: [UDP Query User{5B56362D-1CF0-4BBC-896C-133001B6E9AB}C:\users\andrea\downloads\anydesk.exe] => (Allow) C:\users\andrea\downloads\anydesk.exe
FirewallRules: [{B10E15D3-5994-450C-9C56-149538EC2033}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{F2D683A7-88A5-4324-88CA-5CA0C5370A2F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
20-03-2016 22:14:40 Punto de control programado
24-03-2016 10:25:53 Windows Update
24-03-2016 19:20:27 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/02/2016 10:48:31 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ANDREA)
Description: No se pudo activar la aplicación Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge debido al error: -2144927141. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.
Error: (04/01/2016 03:06:06 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418220
Error: (04/01/2016 07:58:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AcroRd32.exe, versión: 15.10.20056.36345, marca de tiempo: 0x56741546
Nombre del módulo con errores: AcroRd32.dll, versión: 15.10.20060.43353, marca de tiempo: 0x56d0a666
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00663c4a
Identificador del proceso con errores: 0x47c4
Hora de inicio de la aplicación con errores: 0xAcroRd32.exe0
Ruta de acceso de la aplicación con errores: AcroRd32.exe1
Ruta de acceso del módulo con errores: AcroRd32.exe2
Identificador del informe: AcroRd32.exe3
Nombre completo del paquete con errores: AcroRd32.exe4
Identificador de aplicación relativa del paquete con errores: AcroRd32.exe5
Error: (03/31/2016 03:06:05 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418220
Error: (03/31/2016 08:44:04 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ANDREA)
Description: No se pudo activar la aplicación Microsoft.Windows.Photos_8wekyb3d8bbwe!App debido al error: -2147023170. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.
Error: (03/30/2016 03:06:06 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418220
Error: (03/30/2016 02:41:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ANDREA)
Description: No se pudo activar la aplicación Microsoft.Windows.Photos_8wekyb3d8bbwe!App debido al error: -2147023170. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.
Error: (03/29/2016 07:11:01 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418220
Error: (03/29/2016 08:53:33 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Error en el archivo de manifiesto o directiva "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" en la línea C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Error: (03/29/2016 08:53:01 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Error en el archivo de manifiesto o directiva "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" en la línea C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
System errors:
=============
Error: (04/02/2016 10:55:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio RtkAudioService no pudo iniciarse debido al siguiente error:
%%2
Error: (04/02/2016 10:55:14 AM) (Source: BTHUSB) (EventID: 5) (User: )
Description: El controlador Bluetooth esperaba un evento HCI con un tamaño determinado pero no lo recibió.
Error: (04/02/2016 10:54:22 AM) (Source: DCOM) (EventID: 10010) (User: ANDREA)
Description: {0002DF02-0000-0000-C000-000000000046}
Error: (04/02/2016 10:54:17 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Acceso a datos de usuarios_6f83712 terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 10000 milisegundos: Reiniciar el servicio.
Error: (04/02/2016 10:54:17 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Almacenamiento de datos de usuarios_6f83712 terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 10000 milisegundos: Reiniciar el servicio.
Error: (04/02/2016 10:54:17 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Datos de contactos_6f83712 terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 10000 milisegundos: Reiniciar el servicio.
Error: (04/02/2016 10:54:17 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Sincronizar host_6f83712 terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 10000 milisegundos: Reiniciar el servicio.
Error: (04/02/2016 10:54:17 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: específico de la aplicaciónLocalActivación{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (con LRPC)No disponibleNo disponible
Error: (04/02/2016 10:52:00 AM) (Source: DCOM) (EventID: 10016) (User: ANDREA)
Description: específico de la aplicaciónLocalActivación{9E175B6D-F52A-11D8-B9A5-505054503030}{9E175B9C-F52A-11D8-B9A5-505054503030}AndreaAndreaS-1-5-21-1489487905-805253939-2442927746-1001LocalHost (con LRPC)Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbweS-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194
Error: (04/02/2016 10:52:00 AM) (Source: DCOM) (EventID: 10016) (User: ANDREA)
Description: específico de la aplicaciónLocalActivación{9E175B6D-F52A-11D8-B9A5-505054503030}{9E175B9C-F52A-11D8-B9A5-505054503030}AndreaAndreaS-1-5-21-1489487905-805253939-2442927746-1001LocalHost (con LRPC)Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbweS-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194-4256926629-1688279915-2739229046-3928706915
CodeIntegrity:
===================================
Date: 2016-04-02 10:52:00.197
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll that did not meet the Store signing level requirements.
Date: 2016-04-02 10:52:00.197
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll that did not meet the Store signing level requirements.
Date: 2016-04-02 10:46:31.860
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll that did not meet the Store signing level requirements.
Date: 2016-04-02 10:46:31.859
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll that did not meet the Store signing level requirements.
Date: 2016-04-02 10:05:45.111
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-29 08:38:13.508
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-24 18:03:21.291
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-20 21:01:44.406
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll that did not meet the Store signing level requirements.
Date: 2016-03-14 12:07:24.856
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-12 15:38:55.554
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 61%
Total physical RAM: 4047.22 MB
Available physical RAM: 1556.26 MB
Total Virtual: 6479.22 MB
Available Virtual: 3684.99 MB
==================== Drives ================================
Drive c: (TI30982400B) (Fixed) (Total:455.24 GB) (Free:388.47 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================
--- --- --- Code:
Users shortcut scan result (x64) Version:05-03-2016 01
Ran by Andrea (2016-04-02 11:54:44)
Running from C:\Users\Andrea\Desktop
Boot Mode: Normal
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Administrator\Links\Desktop.lnk -> C:\Users\Andrea\Desktop ()
Shortcut: C:\Users\Administrator\Links\Downloads.lnk -> C:\Users\Andrea\Downloads ()
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\01 - File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\03 - Documents.lnk -> C:\Users\Andrea\Documents ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\04 - Downloads.lnk -> C:\Users\Andrea\Downloads ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\05 - Music.lnk -> C:\Users\Andrea\Music ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\06 - Pictures.lnk -> C:\Users\Andrea\Pictures ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\07 - Videos.lnk -> C:\Users\Andrea\Videos ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\10 - UserProfile.lnk -> C:\Users\Andrea ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\MSACCESS.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}\SC_Reader.ico (Flexera Software LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Devices Flow.lnk -> C:\Windows\DevicesFlow\DevicesFlow.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk -> C:\Windows\MiracastView\MiracastView.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTE.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk -> C:\Windows\PrintDialog\PrintDialog.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\MSPUB.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registro de I.R.I.S. OCR.lnk -> C:\Program Files (x86)\HP\IrisOCR_12.3.4.0\regipe.exe (I.R.I.S. Image Recognition Integarted Systems)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VoipConnect\VoipConnect im Internet.lnk -> C:\Program Files (x86)\VoipConnect.com\VoipConnect\VoipConnect.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VoipConnect\VoipConnect.lnk -> C:\Program Files (x86)\VoipConnect.com\VoipConnect\VoipConnect.exe (VoipConnect)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files (x86)\VideoLAN\VLC\Documentation.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware entfernen.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware Notifications.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Actualización de HP.lnk -> C:\Program Files (x86)\HP\HP Software Update\hpwucli.exe (Hewlett-Packard)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Officejet 4620 series\HP Officejet 4620 series.lnk -> C:\Program Files\HP\HP Officejet 4620 series\Bin\HP Officejet 4620 series.exe (Hewlett-Packard Co.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office 2016\Centro de carga de Office 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office 2016\Preferencias de idioma de Office 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\SETLANG.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CutePDF\PDF Writer\Readme.lnk -> C:\Program Files (x86)\Acro Software\CutePDF Writer\README.HTM ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center\AMD Catalyst Control Center.lnk -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Advanced Micro Devices Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation)
Shortcut: C:\Users\Andrea\OneDrive.old\Documentos\Manual Toshiba Portatil.lnk -> C:\Program Files (x86)\TOSHIBA\Manuals\TREXLauncher.exe (No File)
Shortcut: C:\Users\Andrea\Links\Desktop.lnk -> C:\Users\Andrea\Desktop ()
Shortcut: C:\Users\Andrea\Links\Downloads.lnk -> C:\Users\Andrea\Downloads ()
Shortcut: C:\Users\Andrea\Links\Dropbox.lnk -> C:\Users\Andrea\Dropbox ()
Shortcut: C:\Users\Andrea\Dropbox\Dropbox.lnk -> C:\Users\Andrea\Dropbox ()
Shortcut: C:\Users\Andrea\Dropbox\Verl. Alicante 04.11.15\CARU9650480\2015-11-04 10.18.49 - Acceso directo.lnk -> C:\Users\Andrea\Dropbox\Kamera-Uploads\2015-11-04 10.18.49.jpg (No File)
Shortcut: C:\Users\Andrea\Dropbox\Bewerbung\Verknüpfung mit Borrador Renta 2011.lnk -> C:\Users\Andrea\Documents\Dropbox\Public\Borrador Renta 2011.pdf (No File)
Shortcut: C:\Users\Andrea\Dropbox\Bewerbung\WinRAR.lnk -> C:\Program Files (x86)\WinRAR\WinRAR.exe (No File)
Shortcut: C:\Users\Andrea\Dropbox\Andrea Listen\Kontakte Sami, speziell Gines.lnk -> C:\Users\aseggern\Documents\Listen\Kontakte Sami, speziell Gines.xlsx (No File)
Shortcut: C:\Users\Andrea\Desktop\Dropbox.lnk -> C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.)
Shortcut: C:\Users\Andrea\Desktop\Imágenes - Acceso directo.lnk -> C:\Users\Andrea\Pictures ()
Shortcut: C:\Users\Andrea\Desktop\VoipConnect.lnk -> C:\Program Files (x86)\VoipConnect.com\VoipConnect\VoipConnect.exe (VoipConnect)
Shortcut: C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Andrea\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\SendTo\Dropbox.lnk -> C:\Users\Andrea\Dropbox ()
Shortcut: C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\SendTo\Transferencia de archivos Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\Andrea\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Andrea\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation)
Shortcut: C:\Users\Andrea\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Office Click-to-Run Client.lnk -> C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation)
Shortcut: C:\Users\Andrea\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Andrea\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Andrea\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Andrea\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Andrea\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Andrea\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Andrea\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Andrea\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Andrea\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Acrobat Reader DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Public\Desktop\Comprar consumibles - HP Officejet 4620 series.lnk -> C:\Program Files\HP\HP Officejet 4620 series\Bin\hpqDTSS.exe (Hewlett-Packard Co.)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\HP Officejet 4620 series.lnk -> C:\Program Files\HP\HP Officejet 4620 series\Bin\HP Officejet 4620 series.exe (Hewlett-Packard Co.)
Shortcut: C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\Skype.lnk -> C:\Windows\Installer\{FC965A47-4839-40CA-B618-18F486F042C6}\SkypeIcon.exe ()
Shortcut: C:\Users\Public\Desktop\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN)
ShortcutWithArgument: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\SendTo\Destinatario de fax.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> -sta {C90FB8CA-3295-4462-A721-2935E83694BA}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Reset VLC media player preferences and cache files.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk -> C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center\Help.lnk -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.exe (Advanced Micro Devices Inc.) -> Start Help -help
ShortcutWithArgument: C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\SendTo\Destinatario de fax.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto:
ShortcutWithArgument: C:\Users\Andrea\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Andrea\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Andrea\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Andrea\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Andrea\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Andrea\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Andrea\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Andrea\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Andrea\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Andrea\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
InternetURL: C:\Users\Administrator\Favorites\amazon.url -> hxxp://www.amazon.com/gp/bit/homepage?tagbase=taiseu
InternetURL: C:\Users\Administrator\Favorites\Bing.url -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\Administrator\Favorites\eBay.url -> file:///C:/Program%20Files%20(x86)/eBay/DesktopShortcut/redirect-fav.html
InternetURL: C:\Users\Administrator\Favorites\Toshiba Partners.url -> hxxp://eu.computers.toshiba-europe.com/innovation/generic/partners-country-selector?campaign=IE
InternetURL: C:\Users\Administrator\Favorites\Toshiba Portal.url -> hxxp://www.toshiba.eu/eu/Countries/Toshiba-EMEA/
InternetURL: C:\Users\Administrator\Favorites\Toshiba Services.url -> hxxp://services.toshibaplaces.com/?campaign=Win8_IE
InternetURL: C:\Users\Administrator\Favorites\Toshiba Support Community.url -> hxxp://forums.computers.toshiba-europe.com/forums/index.jspa
InternetURL: C:\Users\Administrator\Favorites\Toshiba Support.url -> hxxp://pc-support.toshiba-europe.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox Website.URL -> 0
InternetURL: C:\Users\Andrea\Favorites\amazon.url -> hxxp://www.amazon.com/gp/bit/homepage?tagbase=taiseu
InternetURL: C:\Users\Andrea\Favorites\Bing.url -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\Andrea\Favorites\eBay.url -> file:///C:/Program%20Files%20(x86)/eBay/DesktopShortcut/redirect-fav.html
InternetURL: C:\Users\Andrea\Favorites\Toshiba Partners.url -> hxxp://eu.computers.toshiba-europe.com/innovation/generic/partners-country-selector?campaign=IE
InternetURL: C:\Users\Andrea\Favorites\Toshiba Portal.url -> hxxp://www.toshiba.eu/eu/Countries/Toshiba-EMEA/
InternetURL: C:\Users\Andrea\Favorites\Toshiba Services.url -> hxxp://services.toshibaplaces.com/?campaign=Win8_IE
InternetURL: C:\Users\Andrea\Favorites\Toshiba Support Community.url -> hxxp://forums.computers.toshiba-europe.com/forums/index.jspa
InternetURL: C:\Users\Andrea\Favorites\Toshiba Support.url -> hxxp://pc-support.toshiba-europe.com/
InternetURL: C:\Users\Andrea\Dropbox\Diverses 09.03.16\gofeminin dom.url -> hxxp://m.gofeminin.de/album/879489/dom-dev-21961377.html
==================== End of Shortcut.txt =============================
Guten Morgen Matthias,
hier die FRST Ergebnisse. Ich habe auch das zurücksetzen von Edge gemacht und jetzt erscheint die MPC Seite nicht mehr :-)
Viele Grüsse
Andrea |
