Netbook has been very slow again, possible virus?

Closed
bcn101 Posts 113 Registration date Friday November 9, 2012 Status Member Last seen July 28, 2014 - Apr 7, 2014 at 04:37 PM
2011N2 Posts 13352 Registration date Saturday January 29, 2011 Status Security contributor Last seen December 24, 2016 - May 17, 2014 at 08:29 AM
Hello,






Hi. Again, for some unfortunate reasons my netbook is working very slow for the hundredth time. When I open my browser (chrome) it is like taking forever to load the page.

Skype also cannot survive for longer conversations and even youtube, screen will freeze and a squeeking annoying noise will follow.

Please do help me.

Thanks :/
Related:

23 responses

2011N2 Posts 13352 Registration date Saturday January 29, 2011 Status Security contributor Last seen December 24, 2016 39
Apr 11, 2014 at 09:37 AM
Hi,

1. Close all applications

2. Select and copy all lines which are into this link : https://dl.dropboxusercontent.com/u/32869654/For%20bcn101.txt

3. ZHP Diag created a short cut on your desktop called ZHP Fix, launch ZHP Fix (For Windows 7 click right to run as admin. Answer yes if you get an enquiry as to weither you want to run it or not

4. Click on the the Import button and the lines will automatically paste themselves.

5. Click on the Go button to clean

6. Confirm by clicking OK

7. ZHP Fix will ask if you wish to empty the bin, click on your choice...it may take time

8. A report will appear on your desktop and on C:\ZHP\ZHPFix[R1].txt which you can copy and paste in your reply.

Gabriel.
1
bcn101 Posts 113 Registration date Friday November 9, 2012 Status Member Last seen July 28, 2014
Apr 11, 2014 at 03:29 PM
Hi Gabriel,

Please see the log below:

Rapport de ZHPFix 2014.4.7.2 par Nicolas Coolman, Update du 07/04/2014
Fichier d'export Registre :
Run by Usuario at 4/11/2014 9:24:33 PM
High Elevated Privileges : OK
Windows 7 Starter Edition, 32-bit Service Pack 1 (Build 7601)

Recycle Bin emptied (14mn AMs)
Prefetcher emptied

========== Memory modules ==========
REMOVES Reboot: Memory Module: C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
REMOVES: Memory Module: C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

========== Registry keys ==========
REMOVES: [HKLM\SOFTWARE\Classes\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
REMOVES: [HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}]
REMOVES: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}

========== Registry values ==========
REMOVES RunValue: Adobe Reader Speed Launcher
REMOVES: Toolbar: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
REMOVES: Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F}

========== Elements of the registry data ==========
REMOVES: R1 Search Page =

========== Folders ==========
No folders empty CLSID Local user
Deletes temporary Windows (12)

========== Files ==========
REMOVES Flash Cookies (0) (0 octets)
Deletes temporary Windows (29) (11,470,398 octets)

========== System restore ==========
The system successfully created restore point


========== Summary ==========
2 : Memory modules
3 : Registry keys
3 : Registry values
1 : Elements of the registry data
2 : Folders
2 : Files
1 : System restore


End of clean in 02mn AMs

========== Path to file report ==========
C:\Users\Usuario\AppData\Roaming\ZHP\ZHPFix[R1].txt - 1/25/2014 6:47:07 PM [1632]
C:\Users\Usuario\AppData\Roaming\ZHP\ZHPFix[R2].txt - 4/11/2014 9:24:53 PM [1753]
0
2011N2 Posts 13352 Registration date Saturday January 29, 2011 Status Security contributor Last seen December 24, 2016 39
Apr 8, 2014 at 04:36 PM
Hello :)

To help you and prescribe the remedy, I must make a diagnostic and to do so, I require a log.

1. Open this link and download ZHPDiag2 :

https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html

(Don't be alarmed is the site is in French, it sometimes happens, the tool will take your system language and allow the download if you get a warning message.)

2. Save the file on your Desktop.

3. Double click on ZHPDiag.exe and follow the installation instructions.

(For Vista and Win 7 users, click right to ensure you execute with admin right)

The tool creates three icons ZHPDiag, MRB, and ZHPFix (If necessary,we will use ZHPFix after log analysis).

4. Double click on the short cut ZHPDiag on your Destktop.

5. If you need to change the language, click on the little house, (bottom right) and change to English

6. Click on the "Full options"

Wait for the tool to finished (maybe a long time)

7. Close ZHPDiag.

8. To transmit the report, click on this link :

https://authentification.site

9. Search the directory where you installed ZHPDiag (usually C:\desktop\zhpdiag.txt).

10. Select the file ZHPDiag.txt.

11. Click on "upload »

12. Copy the URL and post it here.

Gabriel.
0
Hi Gabriel,

Here's the link :

http://speedy.sh/Fa2se/ZHPScan.txt
0
2011N2 Posts 13352 Registration date Saturday January 29, 2011 Status Security contributor Last seen December 24, 2016 39
Apr 10, 2014 at 04:26 PM
Hi,

You have posted ZHPScan, but I need ZHPDiag report (ZHPDiag.txt on your desktop).

Gabriel.
0
oh sorry....

http://speedy.sh/4tfhf/ZHPDiag.txt
0

Didn't find the answer you are looking for?

Ask a question
2011N2 Posts 13352 Registration date Saturday January 29, 2011 Status Security contributor Last seen December 24, 2016 39
Apr 11, 2014 at 07:56 AM
Hello,

No problem.

Can you run it again by clicking on Full options please ?

Gabriel.
0
bcn101 Posts 113 Registration date Friday November 9, 2012 Status Member Last seen July 28, 2014
Apr 11, 2014 at 08:08 AM
http://speedy.sh/4tfhf/ZHPDiag.txt
0
2011N2 Posts 13352 Registration date Saturday January 29, 2011 Status Security contributor Last seen December 24, 2016 39
Apr 11, 2014 at 05:06 PM
Hello,

Good.

Is your computer always slow ?

Gabriel.
0
bcn101 Posts 113 Registration date Friday November 9, 2012 Status Member Last seen July 28, 2014
Apr 11, 2014 at 05:40 PM
In principle yes. Did you find any problems?
0
2011N2 Posts 13352 Registration date Saturday January 29, 2011 Status Security contributor Last seen December 24, 2016 39
Apr 12, 2014 at 05:45 AM
Hello,

Nothing special, juste some rests of infections.

Run again ZHPDiag and send the report please.

Gabriel.
0
bcn101 Posts 113 Registration date Friday November 9, 2012 Status Member Last seen July 28, 2014
Apr 12, 2014 at 06:38 AM
Hi Gabriel,

The log is the ff.


~ Report of ZHPDiag v2014.4.9.16 - Nicolas Coolman (4/9/2014)
~ Launched by Usuario (4/12/2014 11:55:17 AM)
~ Web site address : https://nicolascoolman.webs.com/
~ Free support forums for disinfection : https://nicolascoolman.webs.com/
~ Translated by
~ Version State :
~ White List : Deactivate by user
~ Elevation of privilege : OK
~ User Account Control : Activate by user


---\\ Internet browsers
MSIE: Internet Explorer v11.0.9600.16659
MFIE: Mozilla Firefox 26.0
GCIE: Google Chrome v34.0.1847.116 (Defaut)

---\\ Windows product information
~ Langage: Anglais
Windows 7 Starter, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System protection software
avast! Free Antivirus v8.0.1504.0
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W7

---\\ System optimization software
CCleaner v4.08 =>.Piriform Ltd

---\\ Sharing software PeerToPeer

---\\ Surveillance software
Adobe Flash Player 12 Plugin
Adobe Reader 9.5.5 MUI
Java 7 Update 51

---\\ Information on the system
~ Processor: x86 Family 6 Model 28 Stepping 2, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1013.9 MB (8% free)
System Restore: Activé (Enable)
System drive C: has 82 GB (61%) free of 133 GB

---\\ Connection to the system mode
~ Computer Name: USUARIO-PC
~ User Name: Usuario
~ All Users Names: Usuario, Invitado, Administrador,
~ Unselected Option: None
Logged in as Administrator

---\\ Environment variables
~ System Unit : C:\
~ %AppZHP% : C:\Users\Usuario\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Usuario\AppData\Roaming\
~ %Desktop% : C:\Users\Usuario\Desktop\
~ %Favorites% : C:\Users\Usuario\Favorites\
~ %LocalAppData% : C:\Users\Usuario\AppData\Local\
~ %StartMenu% : C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeration of the disk units
C: Hard drive, Flash drive, Thumb drive (Free 82 Go of 133 Go)
D: Hard drive, Flash drive, Thumb drive (Free 3 Go of 4 Go)



---\\ State of the Windows Security Center
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 47 Scanned in 00mn AMs



---\\ Search Generic System Files
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorador de Windows.) (.2/25/2011 - 6:30:54 AM.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicación de inicio de Windows.) (.7/14/2009 - 2:14:45 AM.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.AAFEAB4FC9D70253F8C7E353E879E8A2] - (.Microsoft Corporation - Extensiones de Internet para Win32.) (.3/1/2014 - 3:32:16 AM.) -- C:\Windows\System32\wininet.dll [1820160]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Aplicación de inicio de sesión de Windows.) (.11/20/2010 - 1:17:54 PM.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioteca de licencias de software.) (.11/20/2010 - 1:21:24 PM.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.F81BB7E487EDCEAB630A7EE66CF23913] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.9/14/2013 - 1:48:58 AM.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.7/14/2009 - 2:26:15 AM.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.7/14/2009 - 12:11:15 AM.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/20/2010 - 9:38:10 AM.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.11/20/2010 - 9:42:32 AM.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/20/2010 - 10:59:29 AM.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Controlador de puerto de i8042.) (.7/14/2009 - 12:11:24 AM.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.7/14/2009 - 12:54:29 AM.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.4/27/2011 - 3:17:22 AM.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.11/20/2010 - 9:39:44 AM.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - Controlador del sistema de archivos NTFS.) (.1/24/2014 - 3:18:22 AM.) -- C:\Windows\system32\Drivers\ntfs.sys [1212352]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Controlador de puerto paralelo.) (.7/14/2009 - 12:45:35 AM.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.7/14/2009 - 12:54:34 AM.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.7/14/2009 - 12:53:41 AM.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.11/20/2010 - 9:39:17 AM.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Controlador de instantánea de volumen.) (.11/20/2010 - 1:30:16 PM.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 02mn AMs



---\\ Hidden files state (Hidden/Total)
~ Mes images (My Pictures) : 1/150
~ Mes Videos (My Videos) : 1/4
~ Mes Favoris (My Favorites) : 1/34
~ Mes Documents (My Documents) : 2/8138
~ Mon Bureau (My Desktop) : 1/21
~ Menu demarrer (Programs) : 1/29
~ Hidden Files: Scanned in 33mn AMs



---\\ Process running
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.2912]
[MD5.4C4D8DE31E840EC339A43FA3C24BE611] - (.Insyde Software Corp. - Sync Data.) -- C:\Program Files\Acer\Android Manager\iSync.exe [393320] [PID.3524]
[MD5.68239842340DDFF8993DFD9127553EDA] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [141848] [PID.3600]
[MD5.004763BDF8E48244DBB9FDFDE3065EBC] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [173592] [PID.3616]
[MD5.CD1102E5D340216138C7F56FA8D26998] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [150552] [PID.3668]
[MD5.043D3570D9177818FE3B57C6228AA5A9] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968] [PID.3680]
[MD5.D9C51528488EA0D98D3C4D02ABD16759] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [252952] [PID.3708]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336] [PID.3736]
[MD5.32CC79AB32BEFE25566A7AA27BC33BD1] - (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\Kies.exe [1564992] [PID.3832]
[MD5.6CB3E72B0D37A2AEFD22BEF916A297B3] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe [1264984] [PID.3852] =>P2P.BitTorrent
[MD5.214D0BA83F53D48AC6C9738798F5EBE5] - (.No owner - Viber.) -- C:\Users\Usuario\AppData\Local\Viber\Viber.exe [936456] [PID.3928]
[MD5.131E6FE09470F057000B0CC01C14D8B7] - (.Acer Incorporated - Acer VCM.) -- C:\Program Files\Acer\Acer VCM\AcerVCM.exe [708608] [PID.4012]
[MD5.2EBBBFC120593C683796092F2DDA0EFC] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [841032] [PID.3256]
[MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\system32\DllHost.exe [7168] [PID.4640]
[MD5.F4651164AA1330735ADEA50AD0A326F2] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8208896] [PID.1404]
~ Processes Running: Scanned in 10mn AMs



---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2)
C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Store v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)

---\\ Google Chrome Extension Folder
G2 - EXT: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [Google Wallet]

~ Google Lines Browser: 11 Scanned in 05mn AMs



---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\9roayojh.default\prefs.js
M3 - MFPP: Plugins - [Usuario] -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\9roayojh.default\searchplugins\yahoo.xml
M3 - MFPP: Plugins - [Usuario] -- C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\9roayojh.default\searchplugins\yahoo_ff.xml
M0 - MFSP: prefs.js [Usuario - 9roayojh.default] https://es.search.yahoo.com/
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll =>.Google Inc
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.51.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.51.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.51.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.30214.0.) -- c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.1.3] - (.VideoLAN - VLC media player Web Plugin 2.1.3.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.5.5".) -- C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (.Skype Limited - Facebook Video Calling Plugin.) -- C:\Users\Usuario\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
~ Firefox Browser: 13 Scanned in 11mn AMs



---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://es.search.yahoo.com/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Skype Limited - Facebook Video Calling Plugin.) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 14 Scanned in 00mn AMs



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn AMs



---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\Userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn AMs



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn AMs
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (...) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (.not file.) =>Toolbar.Google
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll
~ BHO: 10 Scanned in 01mn AMs



---\\ Other User Links (O4)
O4 - GS\Desktop [Public]: Acer Accessorios.lnk . (...) -- C:\Program Files\Acer Accessory Store\StartUrl.exe
O4 - GS\Desktop [Public]: Acer Configuration Manager for Android(TM).lnk . (.Macrovision Corporation - InstallShield.) -- C:\Windows\Installer\{523281E5-91DD-49F5-9D85-954148F7596A}\AndroidManager.exe_EDE5AF10CF5B4DA1B61C039E5CAD3FA5.exe
O4 - GS\Desktop [Public]: Acer GameZone Console.lnk . (.Oberon Media - Acer GameZone Console.) -- C:\Program Files\Acer GameZone\GameConsole\Acer Game Console.exe
O4 - GS\Desktop [Public]: Acer Registration.lnk . (.Acer Incorporated - Global Registration.) -- C:\Program Files\Acer\Registration\GREG.exe
O4 - GS\Desktop [Public]: Adobe Reader 9.lnk . (.Adobe Systems Incorporated - Adobe Reader 9.5.) -- C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
O4 - GS\Desktop [Public]: avast! Free Antivirus.lnk . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - GS\Desktop [Public]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: LibreOffice 4.0.lnk . (.The Document Foundation - LibreOffice.) -- C:\Program Files\LibreOffice 4.0\program\soffice.exe
O4 - GS\Desktop [Public]: Lightroom 5.3.lnk . (.Adobe Systems - Adobe Photoshop Lightroom.) -- C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.3\lightroom.exe =>.Adobe Systems Incorporated
O4 - GS\Desktop [Public]: LINE.lnk . (.NHN Japan - LINE.) -- C:\Program Files\Naver\LINE\Line.exe
O4 - GS\Desktop [Public]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
O4 - GS\Desktop [Public]: Microsoft Office - 60 Day Trial.lnk . (.Digital River Inc. - Microsoft Office Suite Activation Assistant.) -- C:\Program Files\Microsoft Office Suite Activation Assistant\OAA.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: MyDefrag.lnk . (.J.C. Kessels - MyDefrag Script Interpreter.) -- C:\Program Files\MyDefrag v4.2.3\MyDefrag.exe
O4 - GS\Desktop [Public]: OpenOffice 4.0.1.lnk . (.Apache Software Foundation - OpenOffice 4.0.1.) -- C:\Program Files\OpenOffice 4\program\soffice.exe
O4 - GS\Desktop [Public]: Samsung Kies (Lite).lnk . (...) -- C:\Program Files\Samsung\Kies\KiesAgent.exe
O4 - GS\Desktop [Public]: Samsung Kies.lnk . (...) -- C:\Program Files\Samsung\Kies\KiesAgent.exe
O4 - GS\Desktop [Public]: Skype.lnk . (...) -- C:\Windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe
O4 - GS\Desktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player 2.1.3.) -- C:\Program Files\VideoLAN\VLC\vlc.exe =>.VideoLAN
O4 - GS\Program [Public]: Adobe Photoshop Lightroom 5.3.lnk . (.Adobe Systems - Adobe Photoshop Lightroom.) -- C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.3\lightroom.exe =>.Adobe Systems Incorporated
O4 - GS\Program [Public]: Adobe Reader 9.lnk . (...) -- C:\Windows\Installer\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\SC_Reader.ico
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Selector de tareas de Microsoft Works.lnk . (.Microsoft® Corporation - Microsoft® Works.) -- C:\Program Files\Microsoft Works\MSWorks.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Sidebar.lnk . (.Microsoft Corporation - Gadgets de escritorio de Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - GS\Program [Public]: Visor de Microsoft Office PowerPoint 2007.lnk . (...) -- c:\Windows\Installer\{95120000-00AF-0C0A-0000-0000000FF1CE}\ppvwicon.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Anytime Upgrade.lnk . (.Microsoft Corporation - Interfaz de usuario de Windows Anytime Upgr.) -- C:\Windows\system32\WindowsAnytimeUpgradeUI.exe
O4 - GS\Program [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Reproductor de Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Movie Maker 2.6.lnk . (.Microsoft Corporation - Windows Movie Maker.) -- C:\Windows\Installer\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}\MOVIEMK.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: XPS Viewer.lnk . (.Microsoft Corporation - Visor de XPS.) -- C:\Windows\system32\xpsrchvw.exe
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculadora de Windows.) -- C:\Windows\system32\calc.exe
O4 - GS\Accessories [Public]: displayswitch.lnk . (.Microsoft Corporation - Conmutador de pantalla.) -- C:\Windows\system32\displayswitch.exe
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) -- C:\Windows\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Conexión a Escritorio remoto.) -- C:\Windows\system32\mstsc.exe
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Grabadora de sonidos de Windows.) -- C:\Windows\system32\SoundRecorder.exe
O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) -- C:\Windows\System32\mobsync.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Introducción.) -- C:\Windows\system32\OobeFldr.dll
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Aplicación WordPad de Windows.) -- C:\Program Files\Windows NT\Accessories\wordpad.exe
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Mapa de caracteres.) -- C:\Windows\system32\charmap.exe
O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Desfragmentador de disco de Microsoft®.) -- C:\Windows\system32\dfrgui.exe
O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Administrador de liberación de espacio en d.) -- C:\Windows\system32\cleanmgr.exe
O4 - GS\SystemTools [Public]: Resource Monitor.lnk . (.Microsoft Corporation - Monitor de rendimiento y recursos.) -- C:\Windows\system32\perfmon.exe
O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - Información del sistema.) -- C:\Windows\system32\msinfo32.exe
O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Restaurar sistema de Microsoft® Windows.) -- C:\Windows\system32\rstrui.exe
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) -- C:\Windows\system32\taskschd.msc
O4 - GS\SystemTools [Public]: Windows Easy Transfer Reports.lnk . (.Microsoft Corporation - Aplicación posterior a la migración de Wind.) -- C:\Windows\system32\migwiz\postmig.exe
O4 - GS\SystemTools [Public]: Windows Easy Transfer.lnk . (.Microsoft Corporation - Aplicación Windows Easy Transfer.) -- C:\Windows\system32\migwiz\migwiz.exe
O4 - GS\QuickLaunch [Usuario]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Usuario]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [Usuario]: Samsung Kies (Lite).lnk . (...) -- C:\Program Files\Samsung\Kies\KiesAgent.exe
O4 - GS\QuickLaunch [Usuario]: Viber.lnk . (...) -- C:\Users\Usuario\AppData\Local\Viber\Viber.exe
O4 - GS\QuickLaunch [Usuario]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\TaskBar [Usuario]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Usuario]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Usuario]: Welcome Center.lnk . (.Acer Incorporated - Welcome Center.) -- C:\Program Files\Acer\Welcome Center\OEMWelcomeCenter.exe
O4 - GS\TaskBar [Usuario]: Windows Explorer.lnk . (.Microsoft Corporation - Explorador de Windows.) -- C:\Windows\explorer.exe
O4 - GS\TaskBar [Usuario]: Windows Media Player.lnk . (.Microsoft Corporation - Reproductor de Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O4 - GS\Program [Usuario]: Badoo Desktop.lnk . (.Badoo - Badoo Desktop.) -- C:\ProgramData\Badoo\Badoo desktop\1.6.58.1220\Badoo.desktop.exe
O4 - GS\Program [Usuario]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [Usuario]: Viber.lnk . (...) -- C:\Users\Usuario\AppData\Local\Viber\Viber.exe
O4 - GS\Accessories [Usuario]: Command Prompt.lnk . (.Microsoft Corporation - Procesador de comandos de Windows.) -- C:\Windows\system32\cmd.exe
O4 - GS\Accessories [Usuario]: Notepad.lnk . (.Microsoft Corporation - Bloc de notas.) -- C:\Windows\system32\notepad.exe
O4 - GS\Accessories [Usuario]: Run.lnk - Orphan key
O4 - GS\Accessories [Usuario]: Windows Explorer.lnk . (.Microsoft Corporation - Explorador de Windows.) -- C:\Windows\explorer.exe
O4 - GS\SystemTools [Usuario]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Usuario]: Private Character Editor.lnk . (.Microsoft Corporation - Editor de caracteres privados.) -- C:\Windows\system32\eudcedit.exe
O4 - GS\SendTo [Usuario]: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - GS\Desktop [Usuario]: Eusing Free Registry Cleaner.lnk . (...) -- C:\Program Files\Eusing Free Registry Cleaner\Regcleaner.exe
O4 - GS\Desktop [Usuario]: Malwarebytes Anti-Malware - CHIP Downloader.lnk . (...) -- C:\Users\Usuario\AppData\Local\Temp\OCS\ocs_v71a.exe (.not file.)
O4 - GS\Desktop [Usuario]: Viber.lnk . (...) -- C:\Users\Usuario\AppData\Local\Viber\Viber.exe
O4 - GS\Desktop [Usuario]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files\ZHPDiag\ZHPhep.exe =>.Nicolas Coolman
O4 - GS\Desktop [Usuario]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files\ZHPDiag\ZHPFix\ZHPhep.exe =>.Nicolas Coolman
O4 - GS\Desktop [Usuario]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\QuickLaunch [Invitado]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Invitado]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Invitado]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Invitado]: Windows Explorer.lnk . (.Microsoft Corporation - Explorador de Windows.) -- C:\Windows\explorer.exe
O4 - GS\TaskBar [Invitado]: Windows Media Player.lnk . (.Microsoft Corporation - Reproductor de Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O4 - GS\Program [Invitado]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Accessories [Invitado]: Command Prompt.lnk . (.Microsoft Corporation - Procesador de comandos de Windows.) -- C:\Windows\system32\cmd.exe
O4 - GS\Accessories [Invitado]: Notepad.lnk . (.Microsoft Corporation - Bloc de notas.) -- C:\Windows\system32\notepad.exe
O4 - GS\Accessories [Invitado]: Run.lnk - Orphan key
O4 - GS\Accessories [Invitado]: Windows Explorer.lnk . (.Microsoft Corporation - Explorador de Windows.) -- C:\Windows\explorer.exe
O4 - GS\SystemTools [Invitado]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Invitado]: Private Character Editor.lnk . (.Microsoft Corporation - Editor de caracteres privados.) -- C:\Windows\system32\eudcedit.exe
~ Global Startup: 87 Scanned in 17mn AMs



---\\ Auto loading programs from Registry and folders (O4)
O4 - GS\Startup [Public]: Acer VCM.lnk . (.Acer Incorporated - Acer VCM.) -- C:\Program Files\Acer\Acer VCM\AcerVCM.exe
O4 - HKLM\..\Run: [iSyncData] . (.Insyde Software Corp. - Sync Data.) -- C:\Program Files\Acer\Android Manager\iSync.exe
O4 - HKLM\..\Run: [AndroidManager] . (.No owner - Acer Configuration Manager for Android(TM) lau.) -- C:\Program Files\Acer\Android Manager\AML.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKCU\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\Kies.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKCU\..\Run: [Viber] . (.No owner - Viber.) -- C:\Users\Usuario\AppData\Local\Viber\Viber.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets de escritorio de Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets de escritorio de Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3095367477-2772566876-4048981669-1000\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\Kies.exe
O4 - HKUS\S-1-5-21-3095367477-2772566876-4048981669-1000\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKUS\S-1-5-21-3095367477-2772566876-4048981669-1000\..\Run: [Viber] . (.No owner - Viber.) -- C:\Users\Usuario\AppData\Local\Viber\Viber.exe
O4 - HKUS\S-1-5-21-3095367477-2772566876-4048981669-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
~ Application: Scanned in 00mn AMs



---\\ IE Options icon not visible in Control Panel (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn AMs



---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} -- Orphan key
O9 - Extra button: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn AMs



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Proveedor de correcciones de compatibilidad (shim) de nomenclaturas de co.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Proveedor de espacio de nombres PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Proveedor de espacio de nombres PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Proveedor de servicios de Microsoft Windows Sockets 2.0.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 8 Scanned in 00mn AMs



---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{A2EB0EA9-8DE6-42FA-AFDC-5F755FD70A3C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{E1D1366E-035D-4E53-81A1-B77285C9AC87}: DhcpNameServer = 168.95.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{E1D1366E-035D-4E53-81A1-B77285C9AC87}: DhcpDomain = ACERGAIA
O17 - HKLM\System\CS1\Services\Tcpip\..\{A2EB0EA9-8DE6-42FA-AFDC-5F755FD70A3C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{E1D1366E-035D-4E53-81A1-B77285C9AC87}: DhcpNameServer = 168.95.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{E1D1366E-035D-4E53-81A1-B77285C9AC87}: DhcpDomain = ACERGAIA
O17 - HKLM\System\CS2\Services\Tcpip\..\{A2EB0EA9-8DE6-42FA-AFDC-5F755FD70A3C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{E1D1366E-035D-4E53-81A1-B77285C9AC87}: DhcpNameServer = 168.95.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{E1D1366E-035D-4E53-81A1-B77285C9AC87}: DhcpDomain = ACERGAIA
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn AMs



---\\ Extra protocols (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn AMs



---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn AMs



---\\ ShellServiceObjectDelayLoad (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn AMs



---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Acer ePower Service (ePowerSvc) . (.Acer Incorporated - ePowerSvc.) - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: GRegService (Greg_Service) . (.Acer Incorporated - Global Registration Service.) - C:\Program Files\Acer\Registration\GregHSRW.exe
O23 - Service: Servicio Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: MyWinLocker Service (MWLService) . (.Egis Technology Inc. - MyWinLocker Service.) - C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe
O23 - Service: Raw Socket Service (RS_Service) . (.Acer Incorporated - Raw Socket Service.) - C:\Program Files\Acer\Acer VCM\RS_Service.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Updater Service (Updater Service) . (.Acer - Acer Update Service.) - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
~ Services: 11 Scanned in 28mn AMs



---\\ Windows Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn AMs



---\\ BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn AMs



---\\ Task Planned Automatically (039)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job [838]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3095367477-2772566876-4048981669-1000Core.job [914]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3095367477-2772566876-4048981669-1000UA.job [936]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1084]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1088]
[MD5.9D96B0D5855FD1B98023B3EEC9F06786] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [257928]
[MD5.BB288E01BA25B0E7A07327526D63CA9D] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [251784]
[MD5.BD9F34DE12E1D8547BBE1E12A7F9F245] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [4324120] =>.Piriform Ltd
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-3095367477-2772566876-4048981669-1000Core] (.Facebook Inc..) -- C:\Users\Usuario\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-3095367477-2772566876-4048981669-1000UA] (.Facebook Inc..) -- C:\Users\Usuario\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [135664]
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [135664]
[MD5.C155A13687144076286989EF078112C2] [APT] [{5F284C92-8EE5-45CA-A185-1F5FAB1A4B7F}] (.Nicolas Coolman.) -- C:\Program Files\ZHPDiag\ZHPFix\ZHPhep.exe [1917440]
[MD5.2EBBBFC120593C683796092F2DDA0EFC] [APT] [{5FB19221-67F4-4998-ACED-C93326A81589}] (.Google Inc..) -- c:\program files\google\chrome\application\chrome.exe [841032]
[MD5.2EBBBFC120593C683796092F2DDA0EFC] [APT] [{82856C0D-56E9-443C-B402-5DA274177C2E}] (.Google Inc..) -- c:\program files\google\chrome\application\chrome.exe [841032]
[MD5.2EBBBFC120593C683796092F2DDA0EFC] [APT] [{9D2AE00B-3B94-4D53-ADAE-4D2B9FE9B68B}] (.Google Inc..) -- c:\program files\google\chrome\application\chrome.exe [841032]
[MD5.2EBBBFC120593C683796092F2DDA0EFC] [APT] [{B297125F-9A24-4943-99BD-F0FFA6791F9B}] (.Google Inc..) -- c:\program files\google\chrome\application\chrome.exe [841032]
[MD5.2EBBBFC120593C683796092F2DDA0EFC] [APT] [{CA9036BC-D3E4-47F1-8EB5-E0613293E0FF}] (.Google Inc..) -- c:\program files\google\chrome\application\chrome.exe [841032]
[MD5.2EBBBFC120593C683796092F2DDA0EFC] [APT] [{CA9A74E1-920D-42CC-8BC5-3F15AEA2258B}] (.Google Inc..) -- c:\program files\google\chrome\application\chrome.exe [841032]
[MD5.00000000000000000000000000000000] [APT] [{E06624D9-AC5E-489B-9C12-149F91D490A9}] (...) -- C:\Users\Usuario\Downloads\64bit_Win7_Win8_Win81_R273.exe (.not file.) [0]
[MD5.2EBBBFC120593C683796092F2DDA0EFC] [APT] [{E1110B55-19E4-4775-9317-A791D9C4D325}] (.Google Inc..) -- c:\program files\google\chrome\application\chrome.exe [841032]
[MD5.7F59E4F51DA9C9C6B29B881D8DD92400] [APT] [Burn Notification] (.Acer.) -- C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [675840]
~ Scheduled Task: 25 Scanned in 13mn AMs



---\\ ActiveSetup Installed Components (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Recursos del Reproductor de Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API de temas de Windows.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Internet Explorer - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Procesador de comandos de Windows.) -- C:\Windows\system32\cmd.exe
O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extensión del shell para FTP de Microsoft Internet Explorer.) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Recursos del Reproductor de Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - Archivo DLL común del shell de Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilidad de inicialización por usuario de IE.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe
~ Active Setup: 11 Scanned in 00mn AMs



---\\ Drivers launched at startup (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\Drivers\aswrdr2.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (mwlPSDFilter) . (.Egis Technology Inc. - PSD Filter Driver.) - C:\Windows\System32\DRIVERS\mwlPSDFilter.sys
O41 - Driver: (mwlPSDNServ) . (.Egis Technology Inc. - MyWinLocker PSD Named Pipe Driver.) - C:\Windows\System32\DRIVERS\mwlPSDNServ.sys
O41 - Driver: (mwlPSDVDisk) . (.Egis Technology Inc. - MyWinLocker PSD Virtual Disk Driver.) - C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Programador de paquetes QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Controlador del subsistema de almacenamient.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Drivers: 72 Scanned in 04mn AMs



---\\ Software installed (O42)
O42 - Logiciel: Acer Crystal Eye webcam - (.Nombre de su organización.) [HKLM] -- {51F026FA-5146-4232-A8BA-1364740BD053}
O42 - Logiciel: Acer GameZone Console - (.Oberon Media, Inc..) [HKLM] -- {8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1
O42 - Logiciel: Acer Registration - (.Acer Incorporated.) [HKLM] -- Acer Registration
O42 - Logiciel: Acer ScreenSaver - (.Acer.) [HKLM] -- Acer Screensaver
O42 - Logiciel: Acer System Information - (.Acer.) [HKLM] -- {72199E33-4F2A-4B7F-8E25-95DDDD50A678}
O42 - Logiciel: Acer Updater - (.Acer Incorporated.) [HKLM] -- {EE171732-BEB4-4576-887D-CB62727F01CA}
O42 - Logiciel: Acer VCM - (.Acer Incorporated.) [HKLM] -- {047F790A-7A2A-4B6A-AD02-38092BA63DAC}
O42 - Logiciel: Acer ePower Management - (.Acer Incorporated.) [HKLM] -- {3DB0448D-AD82-4923-B305-D001E521A964}
O42 - Logiciel: Acer eRecovery Management - (.Acer Incorporated.) [HKLM] -- {7F811A54-5A09-4579-90E1-C93498E230D9}
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -- {287ECFA4-719A-2143-A09B-D6A12DE54E40}
O42 - Logiciel: Adobe Flash Player 12 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Photoshop Lightroom 5.3 - (.Adobe Systems Incorporated.) [HKLM] -- {6F86810F-BE5B-4FB1-BA5A-EFD8F65F5EE4} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Reader 9.5.5 MUI - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-FFFF-7B44-A91000000001}
O42 - Logiciel: Alice Greenfingers - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}
O42 - Logiciel: Amazonia - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}
O42 - Logiciel: AndroidInstaller - (.Nombre de su organización.) [HKLM] -- InstallShield_{523281E5-91DD-49F5-9D85-954148F7596A}
O42 - Logiciel: Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549}
O42 - Logiciel: Badoo Desktop - (.Badoo.) [HKLM] -- {D0AF8BD9-79A6-45D6-8B71-25281B1300A7}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner =>.Piriform Ltd
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Dairy Dash - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}
O42 - Logiciel: Dream Day First Home - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}
O42 - Logiciel: Eusing Free Registry Cleaner - (.Eusing Software.) [HKLM] -- Eusing Free Registry Cleaner
O42 - Logiciel: Facebook Video Calling 2.0.0.447 - (.Skype Limited.) [HKLM] -- {8DF41A9F-FE13-43E8-A003-5F9B55A011EE}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Drive - (.Google, Inc..) [HKLM] -- {E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}
O42 - Logiciel: Google Earth Plug-in - (.Google.) [HKLM] -- {4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E} =>.Google Inc
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C} =>Toolbar.Google
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Identity Card - (.Acer Incorporated.) [HKLM] -- Identity Card
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI
O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: Java 7 Update 51 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217045FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: LINE - (.NHN Japan.) [HKLM] -- LINE
O42 - Logiciel: Launch Manager - (.Acer Inc..) [HKLM] -- LManager
O42 - Logiciel: LibreOffice 4.0 Help Pack (Catalan) - (.The Document Foundation.) [HKLM] -- {9F58D3F1-8438-4734-ABD2-BB65B1DFC467}
O42 - Logiciel: LibreOffice 4.0.4.2 - (.The Document Foundation.) [HKLM] -- {FE88323B-9F0E-4596-8F56-37757C6918E9}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Merriam Websters Spell Jam - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {38BB21D5-B0D1-41DA-A0B0-1EFB5EF4AAC2}
O42 - Logiciel: Mozilla Firefox 26.0 (x86 en-US) - (.Mozilla.) [HKLM] -- Mozilla Firefox 26.0 (x86 en-US)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: MyDefrag v4.2.3 - (.J.C. Kessels.) [HKLM] -- MyDefrag v4.2.3_is1
O42 - Logiciel: MyWinLocker - (.Egis Technology Inc..) [HKLM] -- {68301905-2DEA-41CE-A4D4-E8B443B099BA}
O42 - Logiciel: OpenOffice 4.0.1 - (.Apache Software Foundation.) [HKLM] -- {52F63384-0FE8-41F5-B9C1-3331BE2E74F1}
O42 - Logiciel: Paquete de compatibilidad para 2007 Office system - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {96AE7E41-E34E-47D0-AC07-1091A8127911}
O42 - Logiciel: SAMSUNG USB Driver for Mobile Phones - (.SAMSUNG Electronics Co., Ltd..) [HKLM] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44}
O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM] -- InstallShield_{758C8301-2696-4855-AF45-534B1200980A}
O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM] -- {758C8301-2696-4855-AF45-534B1200980A}
O42 - Logiciel: Skype(TM) 6.14 - (.Skype Technologies S.A..) [HKLM] -- {7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}
O42 - Logiciel: Star Defender 4 - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114803710}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: VLC media player 2.1.3 - (.VideoLAN.) [HKLM] -- VLC media player =>.VideoLAN
O42 - Logiciel: Viber - (.Viber Media Inc.) [HKCU] -- Viber
O42 - Logiciel: Welcome Center - (.Acer Incorporated.) [HKLM] -- Acer Welcome Center
O42 - Logiciel: WinRAR 4.20 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: avast! Free Antivirus v8.0.1504.0 - (.AVAST Software.) [HKLM] -- avast
O42 - Logiciel: eBay Worldwide - (.OEM.) [HKLM] -- {AAF89271-2594-468D-B578-96B2E30C41C4} =>Toolbar.eBay
O42 - Logiciel: eSobi v2 - (.esobi Inc..) [HKLM] -- InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU] -- uTorrent =>P2P.BitTorrent
~ Logic: 26 Scanned in 01mn AMs



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Acer]
[HKCU\Software\Adobe Lightroom]
[HKCU\Software\Adobe]
[HKCU\Software\AlterGeo]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\MarkAny]
[HKCU\Software\AppDataLow]
[HKCU\Software\ArcSoft]
[HKCU\Software\Avast Software]
[HKCU\Software\Badoo]
[HKCU\Software\BitTorrent] =>P2P.BitTorrent
[HKCU\Software\Bitberry Software]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Facebook]
[HKCU\Software\GNU]
[HKCU\Software\Goobzo] =>PUP.Goobzo
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\Insyde Software]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Licenses]
[HKCU\Software\Ligos]
[HKCU\Software\Macromedia]
[HKCU\Software\Magical Jelly Bean Software]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\MyDefrag]
[HKCU\Software\NCH Software]
[HKCU\Software\NCH Swift Sound]
[HKCU\Software\Naver]
[HKCU\Software\Netscape]
[HKCU\Software\Northcode Inc]
[HKCU\Software\OCS]
[HKCU\Software\ODBC]
[HKCU\Software\OEM]
[HKCU\Software\Oberon Media]
[HKCU\Software\OpenOffice]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\QtProject]
[HKCU\Software\Realtek]
[HKCU\Software\Samsung]
[HKCU\Software\SkypeRS]
[HKCU\Software\Skype]
[HKCU\Software\The Document Foundation]
[HKCU\Software\TikGames]
[HKCU\Software\Trolltech]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\ZebHelpProcess Helper]
[HKLM\Software\ATI Technologies]
[HKLM\Software\AVAST Software]
[HKLM\Software\Acer Incorporated]
[HKLM\Software\Acer]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\America Online]
[HKLM\Software\Belarc]
[HKLM\Software\BlueStacks]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Compal]
[HKLM\Software\DCE]
[HKLM\Software\Digital River]
[HKLM\Software\EgisTec Egis Software Update]
[HKLM\Software\EgisTec]
[HKLM\Software\Google]
[HKLM\Software\IM Providers]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Insyde Software]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\LibreOffice]
[HKLM\Software\Licenses]
[HKLM\Software\Logitech]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\McAfeeInstaller]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NCH Software]
[HKLM\Software\NCH Swift Sound]
[HKLM\Software\Naver]
[HKLM\Software\ODBC]
[HKLM\Software\OEM]
[HKLM\Software\Oberon Media]
[HKLM\Software\OemSetup]
[HKLM\Software\OpenOffice]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SAMSUNG]
[HKLM\Software\Skype]
[HKLM\Software\Synaptics]
[HKLM\Software\The Document Foundation]
[HKLM\Software\VideoLAN]
[HKLM\Software\Volatile]
[HKLM\Software\WinRAR]
[HKLM\Software\Wow6432Node]
[HKLM\Software\mozilla.org]
~ Key Software: 202 Scanned in 02mn AMs



---\\ Contents of the Common Files folders (O43)
O43 - CFD: 4/17/2013 - 11:37:56 AM - [78.498] ----D C:\Program Files\Acer
O43 - CFD: 3/16/2013 - 1:16:09 PM - [0.233] ----D C:\Program Files\Acer Accessory Store
O43 - CFD: 3/16/2013 - 1:20:07 PM - [0.922] ----D C:\Program Files\Acer Crystal Eye webcam
O43 - CFD: 5/29/2013 - 9:14:53 PM - [686.539] ----D C:\Program Files\Acer GameZone
O43 - CFD: 2/23/2014 - 1:14:38 PM - [1575.763] ----D C:\Program Files\Adobe
O43 - CFD: 3/16/2013 - 1:15:11 PM - [0] -SH-D C:\Program Files\Archivos comunes
O43 - CFD: 5/17/2013 - 1:15:28 AM - [588.745] ----D C:\Program Files\AVAST Software
O43 - CFD: 1/10/2014 - 11:59:55 PM - [6.377] ----D C:\Program Files\CCleaner =>.Piriform Ltd
O43 - CFD: 3/13/2014 - 11:28:16 PM - [349.199] ----D C:\Program Files\Common Files
O43 - CFD: 1/19/2014 - 5:39:07 PM - [0.293] ----D C:\Program Files\DriverTurbo
O43 - CFD: 5/1/2013 - 4:00:20 AM - [3.997] ----D C:\Program Files\DVD Maker
O43 - CFD: 8/14/2009 - 11:14:46 AM - [44.512] ----D C:\Program Files\EgisTec
O43 - CFD: 8/14/2009 - 11:14:53 AM - [1.605] ----D C:\Program Files\EgisTec Egis Software Update
O43 - CFD: 8/14/2009 - 11:24:40 AM - [20.905] ----D C:\Program Files\eSobi
O43 - CFD: 8/12/2013 - 11:04:35 PM - [2.655] ----D C:\Program Files\Eusing Free Registry Cleaner
O43 - CFD: 12/14/2013 - 10:32:21 AM - [620.428] ----
0
2011N2 Posts 13352 Registration date Saturday January 29, 2011 Status Security contributor Last seen December 24, 2016 39
Apr 12, 2014 at 02:00 PM
Hello,

Can you send it on SpeedyShare and paste the link please ? Because it is too long for the forum.

Gabriel.
0
bcn101 Posts 113 Registration date Friday November 9, 2012 Status Member Last seen July 28, 2014
Apr 12, 2014 at 04:07 PM
http://speedy.sh/SE2yg/ZHPScan.txt
0
2011N2 Posts 13352 Registration date Saturday January 29, 2011 Status Security contributor Last seen December 24, 2016 39
Apr 12, 2014 at 04:30 PM
Hi,

You posted ZHPScan : I require ZHPDiag.txt which is on your desktop.

Thanks,

Gabriel.
0
bcn101 Posts 113 Registration date Friday November 9, 2012 Status Member Last seen July 28, 2014
Apr 14, 2014 at 02:48 PM
http://speedy.sh/d78J4/ZHPFixReport.txt
0
2011N2 Posts 13352 Registration date Saturday January 29, 2011 Status Security contributor Last seen December 24, 2016 39
Apr 15, 2014 at 09:17 AM
Hello,

No. ^^

This time, you have posted ZHPFixReport. You don't find ZHPDiag.txt ?

Gabriel.
0
bcn101 Posts 113 Registration date Friday November 9, 2012 Status Member Last seen July 28, 2014
Apr 15, 2014 at 02:41 PM
http://speedy.sh/d7xF4/ZHPDiag.txt


still slow, things didn't change.
0
2011N2 Posts 13352 Registration date Saturday January 29, 2011 Status Security contributor Last seen December 24, 2016 39
Apr 15, 2014 at 04:26 PM
Hello,

OK, run agan ZHPFix as the last time but with this lines :

Script ZHPFix
[HKCU\Software\Goobzo]
O61 - LFC: 4/10/2014 - 12:01:22 PM ---A- . (...) -- C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\3QRL7CVN\pdk.theplatform.com\pdk\swf\akamaiHD.swf\HDCore.sol [42]
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS
HKLM\SOFTWARE\Microsoft\Tracing\DefaultTabSearch_RASAPI32
HKLM\SOFTWARE\Microsoft\Tracing\DefaultTabSearch_RASMANCS
[HKCU\Software\Goobzo]
O43 - CFD: 4/10/2013 - 1:47:44 PM - [0] ----D C:\ProgramData\Yahoo! Companion
O90 - PUC: "17298FAA4952D8645B87692B3EC0144C" . (.eBay Worldwide.) -- c:\Windows\Installer\{AAF89271-2594-468D-B578-96B2E30C41C4}\_6FEFF9B68218417F98F549.exe



Gabriel.
0
Hi, sorry for the late reply. It is not letting me when I click the GO button.
0
2011N2 Posts 13352 Registration date Saturday January 29, 2011 Status Security contributor Last seen December 24, 2016 39
Apr 28, 2014 at 06:36 AM
Hello,

What is the problem exactly ?
What happens when you click on Go ? Before, you have copied the lines ?

Gabriel.
0
bcn101 Posts 113 Registration date Friday November 9, 2012 Status Member Last seen July 28, 2014
Apr 29, 2014 at 04:03 PM
It's okay now.
Please see the log below:

Rapport de ZHPFix 2014.4.7.2 par Nicolas Coolman, Update du 07/04/2014
Fichier d'export Registre :
Run by Usuario at 4/29/2014 10:02:08 PM
High Elevated Privileges : OK
Windows 7 Starter Edition, 32-bit Service Pack 1 (Build 7601)

Recycle Bin emptied (06mn AMs)

========== Registry keys ==========
REMOVES: HKCU\Software\Goobzo
REMOVES: HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32
REMOVES: HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS
REMOVES: HKLM\SOFTWARE\Microsoft\Tracing\DefaultTabSearch_RASAPI32
REMOVES: HKLM\SOFTWARE\Microsoft\Tracing\DefaultTabSearch_RASMANCS
REMOVES: [HKLM\Software\Classes\Installer\Products\\17298FAA4952D8645B87692B3EC0144C]
REMOVES: [HKLM\Software\Classes\Installer\Features\17298FAA4952D8645B87692B3EC0144C]

========== Folders ==========
REMOVES: C:\ProgramData\Yahoo! Companion

========== Files ==========
REMOVES Reboot: c:\users\usuario\appdata\local\google\chrome\user data\default\pepper data\shockwave flash\writableroot\#sharedobjects\3qrl7cvn\pdk.theplatform.com


========== Summary ==========
7 : Registry keys
1 : Folders
1 : Files


End of clean in 12mn AMs

========== Path to file report ==========
C:\Users\Usuario\AppData\Roaming\ZHP\ZHPFix[R1].txt - 1/25/2014 6:47:07 PM [1632]
C:\Users\Usuario\AppData\Roaming\ZHP\ZHPFix[R2].txt - 4/11/2014 8:24:53 PM [1836]
C:\Users\Usuario\AppData\Roaming\ZHP\ZHPFix[R3].txt - 4/29/2014 10:02:15 PM [1366]
0
2011N2 Posts 13352 Registration date Saturday January 29, 2011 Status Security contributor Last seen December 24, 2016 39
Apr 30, 2014 at 04:53 PM
Hello,

Yes it's good.

Is the computer always slow ?

Gabriel.
0
bcn101 Posts 113 Registration date Friday November 9, 2012 Status Member Last seen July 28, 2014
Apr 30, 2014 at 04:59 PM
Unfortunately yes :(
0
2011N2 Posts 13352 Registration date Saturday January 29, 2011 Status Security contributor Last seen December 24, 2016 39
Apr 30, 2014 at 05:03 PM
It becomes slow suddenly ?

Run again ZHPDiag and host the report.

Gabriel.
0
bcn101 Posts 113 Registration date Friday November 9, 2012 Status Member Last seen July 28, 2014
Apr 30, 2014 at 06:39 PM
HI,

Here you go : http://speedy.sh/NyMEr/ZHPDiag.txt
0
2011N2 Posts 13352 Registration date Saturday January 29, 2011 Status Security contributor Last seen December 24, 2016 39
May 2, 2014 at 09:13 AM
Hello,

OK and so, it becomes slow suddeny ?

Gabriel.
0
bcn101 Posts 113 Registration date Friday November 9, 2012 Status Member Last seen July 28, 2014
May 5, 2014 at 03:22 AM
Yes, especially when opening the browser.
0
2011N2 Posts 13352 Registration date Saturday January 29, 2011 Status Security contributor Last seen December 24, 2016 39
May 5, 2014 at 05:08 PM
Hello,

- Download MBAM by clicking " Free Download Version".
- Save it on your desktop.
- Double- click the downloaded file to launch the installation process (if the firewall asks for permission to connect to Malwarebytes, accept)
- Once the software is installed and running, go to the "Review " tab.
- Select Review "Custom" and then click Check Now.
- Select all drives and all exam options (including search rootkits).
- Ensure that Process as malicious detections is selected for PUP and PUM.
- Click Start exam.
- If an update is shown click Update Now and then wait for the review
- Once the review is completed , make sure that the action Quarantine is selected for all elements detected.
- Click Apply actions. If asked to restart the PC, do it.
- In the Review tab, click Export Log = > text file (txt). Otherwise, go to the history tab and Application logs.
- Paste the report.

Gabriel.
0
bcn101 Posts 113 Registration date Friday November 9, 2012 Status Member Last seen July 28, 2014
May 5, 2014 at 05:17 PM
Alrytie :)
0
bcn101 Posts 113 Registration date Friday November 9, 2012 Status Member Last seen July 28, 2014
May 6, 2014 at 02:53 PM
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 5/6/2014
Scan Time: 12:43:13 AM
Logfile: mam.txt
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.03.04.09
Rootkit Database: v2014.02.20.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Usuario

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 251984
Time Elapsed: 32 min, 36 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 3
PUP.Optional.YouTubeAccelerator.A, HKLM\SOFTWARE\WOW6432NODE\GOOBZO\YouTube Accelerator, Quarantined, [3613df20e9910e2883d9edd3d1329f61],
PUP.Optional.YouTubeAccelerator.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\GOOBZO\YouTube Accelerator, Quarantined, [0e3bbc43106a0b2bd58805bbb3501be5],
PUP.Optional.AmazonTB.A, HKU\S-1-5-21-3095367477-2772566876-4048981669-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\ALEXA INTERNET\ALEXA9\Amazon, Quarantined, [4bfe639c5e1c3cfaa3cce9c810f33ec2],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 2
PUP.Optional.SearchProtection.A, C:\Users\Usuario\AppData\Roaming\ZHP\Quarantine\utte601.tmp.exe.VIR, Quarantined, [a3a6f20d5a2058de386ff428a26218e8],
PUP.Optional.BundleInstaller.A, C:\Users\Usuario\Downloads\vlc media player setup.exe, Quarantined, [3b0eca35c6b46ec8a3dbdd9dcc35d927],

Physical Sectors: 0
(No malicious items detected)


(end)
0
PC Jacker Posts 31 Registration date Saturday October 12, 2013 Status Member Last seen May 8, 2014 1
May 5, 2014 at 08:30 PM
Try these ways :

1) Reset your browser settings
2) Clean junk files in browser and your system
3) scan for malicious plugin
4) check whether your system is infected by virus "Sality" with this program
https://drive.google.com/file/d/0B6XLM9Q2pQfnUFpBZzU5VU1EODQ/edit?usp=sharing Don't worry, it won't delete any files. just fix them
5) check your RAM and CPU status through Task Manager
6) Final way. Reinstall your browser.
0
bcn101 Posts 113 Registration date Friday November 9, 2012 Status Member Last seen July 28, 2014
May 6, 2014 at 02:57 PM
Hi PC Jacker, thanks but you're talking too technical for my level. Sorry :(
0
2011N2 Posts 13352 Registration date Saturday January 29, 2011 Status Security contributor Last seen December 24, 2016 39
May 7, 2014 at 04:42 AM
Hello,

Do you really think that the computer is infected by Sality ?^^

Gabriel.
0
bcn101 Posts 113 Registration date Friday November 9, 2012 Status Member Last seen July 28, 2014
May 8, 2014 at 03:08 PM
i don't even know what sality is :/
0
PC Jacker Posts 31 Registration date Saturday October 12, 2013 Status Member Last seen May 8, 2014 1
May 8, 2014 at 09:32 PM
sality is virus which attacks system of your computer. That virus has bugged mine and some laptop of my friends. it's took high cpu usage which can make your computer so slow.
sorry if i was talk too technical.
0
PC Jacker Posts 31 Registration date Saturday October 12, 2013 Status Member Last seen May 8, 2014 1
May 8, 2014 at 09:36 PM
Let me make this simple. Download CCleaner, clean all junk files on your netbook.
0
2011N2 Posts 13352 Registration date Saturday January 29, 2011 Status Security contributor Last seen December 24, 2016 39
May 7, 2014 at 04:43 AM
Hi,

bcn101, it is all the computer that is slow or only the browsers and Skype ?

Gabriel.
0
bcn101 Posts 113 Registration date Friday November 9, 2012 Status Member Last seen July 28, 2014
May 8, 2014 at 03:08 PM
Everything is slow. I have defragged it before but no luck :/
0
2011N2 Posts 13352 Registration date Saturday January 29, 2011 Status Security contributor Last seen December 24, 2016 39
May 8, 2014 at 03:51 PM
Hello,

Have you tried to restore your computer at a date where there was no problem ?

Gabriel.
0
bcn101 Posts 113 Registration date Friday November 9, 2012 Status Member Last seen July 28, 2014
May 9, 2014 at 11:47 PM
yes, been there done that. :(
0
2011N2 Posts 13352 Registration date Saturday January 29, 2011 Status Security contributor Last seen December 24, 2016 39
May 10, 2014 at 08:49 AM
And any amelioration ?
0
bcn101 Posts 113 Registration date Friday November 9, 2012 Status Member Last seen July 28, 2014
May 12, 2014 at 03:34 PM
uhm....what's that?
0
2011N2 Posts 13352 Registration date Saturday January 29, 2011 Status Security contributor Last seen December 24, 2016 39
May 12, 2014 at 04:57 PM
Is the computer always slow, after the restauration ?
0
bcn101 Posts 113 Registration date Friday November 9, 2012 Status Member Last seen July 28, 2014
May 12, 2014 at 05:11 PM
yes :/
0
2011N2 Posts 13352 Registration date Saturday January 29, 2011 Status Security contributor Last seen December 24, 2016 39
May 12, 2014 at 05:17 PM
0
bcn101 Posts 113 Registration date Friday November 9, 2012 Status Member Last seen July 28, 2014
May 12, 2014 at 06:25 PM
I already had used Ccleaner. Perhaps I'll try the optimizer. I am ust wondering because whenever I play videos it is always crap, even just listening to spotify sucks. Maybe the best thing is to throw this netbook away and buy a new one :/
0
2011N2 Posts 13352 Registration date Saturday January 29, 2011 Status Security contributor Last seen December 24, 2016 39
May 13, 2014 at 01:36 PM
Hello,

Can you do a speedtest please ? https://www.speedtest.net/
Post the results.

Gabriel.
0
bcn101 Posts 113 Registration date Friday November 9, 2012 Status Member Last seen July 28, 2014
May 15, 2014 at 02:14 AM
Hi,

Ping - 207 ms
Download Speed - 0.42 mbps
Upload Speed - 0.14 mbps

:(
0
  • 1
  • 2