Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 7 Firewall: Error Code 0x6D9


  • This topic is locked This topic is locked
26 replies to this topic

#1 tazmania99

tazmania99

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:30 AM

Posted 28 June 2014 - 09:23 PM

Hi!!!

My english is very very basic, but i hope you understanding and help me....... sorry for the errors :thumbup2:

I got this error no remember why (2 year ago)...., and i tried everything to fix it, nothing works ...

Looking in google found this topic in the forum that is similar to my problem: http://www.bleepingcomputer.com/forums/t/509884/windows-firewall-error-code-0x6d9/

And reading that i see the problem was solved, ....................... I do the same??

 

 



BC AdBot (Login to Remove)

 


#2 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:10:30 AM

Posted 01 July 2014 - 11:43 PM

Hello! Welcome to BleepingComputer Forums! :welcome:
My name is Georgi and and I will be helping you with your computer problems.

Before we begin, please note the following:

  • I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The logs can take some time to research, so please be patient with me.
  • Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  • Instructions that I give are for your system only!
  • Please do not run any tools until requested ! The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
  • Please perform all steps in the order received. If you can't understand something don't hesitate to ask.
  • Again I would like to remind you to make no further changes to your computer unless I direct you to do so. I will not help you if you do not follow my instructions.

 

 

Please download the latest version of Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

 

Regards,

Georgi


cXfZ4wS.png


#3 tazmania99

tazmania99
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:30 AM

Posted 04 July 2014 - 09:15 AM

Hi!!

Thanks for the help Georgi.

Don't worry, patience is my second name....

-------------------------------------------------------------------------------------------------------------------------

FRST.txt:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-07-2014
Ran by VICTOR HUGO PATSI (administrator) on VICTOR on 04-07-2014 10:08:16
Running from C:\Users\VICTOR HUGO PATSI\Desktop
Platform: Windows 7 Home Premium (X64) OS Language: Español (España, internacional)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\stacsv64.exe
(Hewlett-Packard) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIFBB.EXE
() C:\Program Files (x86)\KWorld Multimedia\HyperMediaCenter\DTVR\Scheduled.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Computer, Inc.) C:\Program Files (x86)\QuickTime\qttask.exe
() C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_214_ActiveX.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1815848 2009-07-14] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [450048 2009-07-21] (IDT, Inc.)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610872 2009-07-21] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Java\jre6\bin\jusched.exe [171520 2009-08-09] (Sun Microsystems, Inc.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2710856 2009-11-01] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-03] (CANON INC.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [516928 2013-02-15] (Acronis)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPCam_Menu] => c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\qttask.exe [282624 2006-09-01] (Apple Computer, Inc.)
HKLM-x32\...\Run: [Corel File Shell Monitor] => C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe [16712 2009-06-22] ()
HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [320056 2009-06-24] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [581480 2009-05-12] (Symantec Corporation)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-02-16] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2008-10-13] (CyberLink Corp.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [673616 2009-04-07] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [WinampAgent] => "C:\Program Files (x86)\Winamp\winampa.exe"
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [69632 2004-04-13] (InstallShield Software Corporation)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [273544 2011-06-27] (RealNetworks, Inc.)
HKLM-x32\...\Run: [HDD Regenerator] => "C:\Program Files (x86)\HDD Regenerator\Shell.exe" /1
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6365920 2013-03-27] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1103424 2013-01-10] (Acronis)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [815888 2014-02-18] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\.DEFAULT\...\Policies\system: [WallpaperStyle] 2
HKU\S-1-5-21-2417842332-3562377342-529798385-1000\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1668664 2009-07-15] (Hewlett-Packard)
HKU\S-1-5-21-2417842332-3562377342-529798385-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-06-17] (Hewlett-Packard Company)
HKU\S-1-5-21-2417842332-3562377342-529798385-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2008-01-22] (Nero AG)
HKU\S-1-5-21-2417842332-3562377342-529798385-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [196608 2004-04-17] (InstallShield Software Corporation)
HKU\S-1-5-21-2417842332-3562377342-529798385-1000\...\Run: [EPSON TX115 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFBB.EXE [223232 2008-09-26] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2417842332-3562377342-529798385-1000\...\Run: [Center Agent] => C:\Program Files (x86)\KWorld Multimedia\HyperMediaCenter\DTVR\Scheduled.exe [1435648 2007-07-12] ()
HKU\S-1-5-21-2417842332-3562377342-529798385-1000\...\Run: [NetLimiter] => C:\Program Files\NetLimiter 3\NLClientApp.exe /tray
HKU\S-1-5-21-2417842332-3562377342-529798385-1000\...\Run: [SearchProtection] => "C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Search Protection\SearchProtection.EXE" /autostart
HKU\S-1-5-21-2417842332-3562377342-529798385-1000\...\Policies\system: [WallpaperStyle] 2
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update ESET's license.lnk
ShortcutTarget: Update ESET's license.lnk -> C:\Program Files (x86)\ESET\MiNODLogin\MiNODLogin.exe (No File)
ShellIconOverlayIdentifiers: AcronisSyncError -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: AcronisSyncInProgress -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: AcronisSyncOk -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/#!/home.php?sk=lf
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.facebook.com/#!/home.php?sk=lf
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {BEC2075C-8E0A-4EB6-8D5D-A840665B39C9} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {BEC2075C-8E0A-4EB6-8D5D-A840665B39C9} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKCU - DefaultScope {1710F97F-F7BD-4B44-BAEE-31ED4C9C2DBE} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=443898&p={searchTerms}
SearchScopes: HKCU - {1710F97F-F7BD-4B44-BAEE-31ED4C9C2DBE} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=443898&p={searchTerms}
SearchScopes: HKCU - {BEC2075C-8E0A-4EB6-8D5D-A840665B39C9} URL =
SearchScopes: HKCU - {C644396F-60F2-459C-BB4B-7321EB4CD7CC} URL = http://websearch.ask.com/redirect?client=ie&tb=ATU2&o=14670&src=crm&q={searchTerms}&locale=en_ES&apn_ptnrs=T8&apn_dtid=YYYYYYYYBO&apn_uid=99e1d478-768d-42b4-b150-73a790bbfd9d&apn_sauid=7BC1C5CA-1CDC-4A6F-8F76-964A29588EC9
SearchScopes: HKCU - {CC778948-1EA5-4599-AE7A-9807D211DCF4} URL =
BHO: GoPhoto.it V9.0 - {11111111-1111-1111-1111-110311401168} - C:\Program Files (x86)\GoPhoto.it V9.0\GoPhoto.it V9.0-bho64.dll (installdaddy)
BHO: Torntv V9.0 - {11111111-1111-1111-1111-110511131190} - C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-bho64.dll (installdaddy)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: GoPhoto.it V9.0 - {11111111-1111-1111-1111-110311401168} - C:\Program Files (x86)\GoPhoto.it V9.0\GoPhoto.it V9.0-bho.dll (installdaddy)
BHO-x32: Torntv V9.0 - {11111111-1111-1111-1111-110511131190} - C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-bho.dll (installdaddy)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll No File
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Media Buzz - {94e9d9cf-27ef-4c8c-8474-f0db13974e6c} - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode7412\ie\MediaBuzzV1mode7412.dll ()
BHO-x32: hpBHO Class - {ABD3B5E1-B268-407B-A150-2641DAB8D898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll (AOL Products)
BHO-x32: Skype Plug-In - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll (Microsoft Corp.)
Toolbar: HKCU - No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} -  No File
DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 127.0.0.1 validation.sls.microsoft.com
Tcpip\Parameters: [DhcpNameServer] 200.0.0.1
Tcpip\..\Interfaces\{1EE849A1-A4D4-4728-AA34-F73FBADE191A}: [NameServer]200.105.128.40,200.105.128.41
Tcpip\..\Interfaces\{C5013BDC-5B96-4D68-9005-62D2BA4B7BD5}: [NameServer]200.73.96.146 200.73.96.162

FireFox:
========
FF ProfilePath: C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224
FF Homepage: hxxp://www.google.com.bo/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @raidcall.com/RCplugin - C:\Users\VICTOR HUGO PATSI\AppData\LocalLow\raidcall\plugins\webplugin.dll (Raidcall)
FF Plugin-x32: @raidcall.en/RCplugin - C:\Users\VICTOR HUGO PATSI\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @real.com/nppl3260;version=12.0.1.647 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=12.0.1.647 - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=12.0.1.652 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll No File
FF Plugin-x32: @real.com/nprphtml5videoshim;version=12.0.1.652 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
FF Plugin-x32: @real.com/nprpjplug;version=12.0.1.647 - c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Extension: GoPhoto.it V9.0 - C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\Extensions\2ea36bf1-0877-4aaa-882c-ff78f7d9d95c@dfb1672d-116a-4eb4-8be0-44786bd1d3dd.com [2014-06-28]
FF Extension: Torntv V9.0 - C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com [2014-06-25]
FF Extension: Flash Video Downloader - Full HD Download - C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\Extensions\artur.dubovoy@gmail.com [2014-05-15]
FF Extension: Adblock Plus - C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-26]
FF Extension: Skype extension - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-06-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-06-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-06-11]
FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2014-06-11]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009-08-09]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaBuzzV1mode7412.net] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode7412\ff
FF Extension: Media Buzz - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode7412\ff [2014-04-25]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009-08-09]
FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\VICTOR HUGO PATSI\AppData\Roaming\IDM\idmmzcc5

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR DefaultSearchURL: http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}&src={referrer:source?}
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (npFreeCoder plugin) - C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\edhilgpnlmgniclikjhefmadegchepcg\2.1.9_0\plugins/npFreeCoder.dll No File
CHR Plugin: (registryAccess) - C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaapoomnboffjcgcebabolakmhbblbk\7.15.4.0_0\background/registryAccess.dll No File
CHR Plugin: (AVG Internet Security) - C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\plugins/avgnpss.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll No File
CHR Plugin: (QuickTime Plug-in 7.1.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Computer, Inc.)
CHR Plugin: (QuickTime Plug-in 7.1.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Computer, Inc.)
CHR Plugin: (QuickTime Plug-in 7.1.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Computer, Inc.)
CHR Plugin: (QuickTime Plug-in 7.1.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Computer, Inc.)
CHR Plugin: (QuickTime Plug-in 7.1.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Computer, Inc.)
CHR Plugin: (QuickTime Plug-in 7.1.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Computer, Inc.)
CHR Plugin: (QuickTime Plug-in 7.1.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Computer, Inc.)
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Java™ Platform SE 7 U9) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll No File
CHR Plugin: (Raidcall plugin) - C:\Users\VICTOR HUGO PATSI\AppData\LocalLow\raidcall\plugins\webplugin.dll (Raidcall)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.70.11) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Windows Activation Technologies) - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\2.0.31005.0\npctrl.dll No File
CHR Plugin: (RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
CHR Extension: (Adblock Plus) - C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-26]
CHR Extension: (Google Wallet) - C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKLM-x32\...\Chrome\Extension: [aaaapoomnboffjcgcebabolakmhbblbk] - C:\Users\VICTOR HUGO PATSI\AppData\Local\APN\GoogleCRXs\aaaapoomnboffjcgcebabolakmhbblbk_7.15.4.0.crx [2013-08-22]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2013-08-22]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-04-15]
CHR HKLM-x32\...\Chrome\Extension: [opbelockddbfndgkkpdllgdhmpjeldmd] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode7412\ch\MediaBuzzV1mode7412.crx [2014-04-24]

==================== Services (Whitelisted) =================

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-02-18] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-02-18] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [766736 2014-02-18] (BlueStack Systems, Inc.)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-06-12] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-06-12] (globalUpdate) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29178224 2007-02-10] (Microsoft Corporation)
S2 MySQL; C:\Program Files\MySQL\MySQL Server 5.0\my.ini [9252 2013-02-25] () [File not signed]
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [275752 2008-01-22] (Nero AG)
R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-01-21] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe [240128 2009-07-21] (IDT, Inc.)
S2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [X]
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [X]
S2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [X]

==================== Drivers (Whitelisted) ====================

R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [49952 2014-03-20] (AVG Technologies)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122128 2014-02-18] (BlueStack Systems)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [246224 2009-12-07] (Huawei Technologies Co., Ltd.)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [54984 2014-03-19] (AnchorFree Inc.)
S2 io.sys; C:\Windows\SysWOW64\drivers\io.sys [5152 2013-01-21] () [File not signed]
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2009-02-10] (EZB Systems, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
R2 NPF; C:\Windows\SysWOW64\drivers\npf.sys [50704 2010-03-22] (CACE Technologies, Inc.)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [113704 2008-10-21] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [19496 2008-10-21] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [152616 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [133160 2008-10-21] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [34856 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [128552 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [145960 2008-10-21] (MCCI Corporation)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-03-19] (Anchorfree Inc.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2013-12-23] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2013-12-23] (Acronis)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2013-12-23] (Acronis International GmbH)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2009-07-24] (CyberLink Corp.)
S3 NLNdisMP; system32\DRIVERS\nlndis.sys [X]
S3 NLNdisPT; system32\DRIVERS\nlndis.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-04 09:55 - 2014-07-04 10:08 - 00035432 _____ () C:\Users\VICTOR HUGO PATSI\Desktop\FRST.txt
2014-07-04 09:55 - 2014-07-04 09:55 - 02083840 _____ (Farbar) C:\Users\VICTOR HUGO PATSI\Desktop\FRST64.exe
2014-07-04 09:12 - 2014-07-04 09:12 - 00000000 ___RD () C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9
2014-06-30 19:03 - 2014-07-01 02:03 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\Desktop\compartir
2014-06-30 12:19 - 2009-09-10 02:28 - 00311808 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-06-30 12:19 - 2009-09-10 01:52 - 00257024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-06-30 12:17 - 2014-06-30 12:17 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-06-30 12:17 - 2014-06-30 12:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-06-30 12:12 - 2014-06-30 12:14 - 00445448 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2014-06-30 11:58 - 2014-06-30 12:07 - 00444840 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-06-30 11:48 - 2014-06-30 11:48 - 17857536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 12356608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 10890240 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 09711104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-06-30 11:48 - 2014-06-30 11:48 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-06-30 11:48 - 2014-06-30 11:48 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-30 11:48 - 2014-06-30 11:48 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-30 11:48 - 2014-06-30 11:48 - 02338816 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 02148352 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-30 11:48 - 2014-06-30 11:48 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-30 11:48 - 2014-06-30 11:48 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 01348608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 01106432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-06-30 11:48 - 2014-06-30 11:48 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-06-30 11:48 - 2014-06-30 11:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-06-30 11:48 - 2014-06-30 11:48 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-06-30 11:48 - 2014-06-30 11:48 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-06-30 11:33 - 2014-06-30 11:33 - 00000000 ____D () C:\Windows\SQLTools9_KB960089_ENU
2014-06-30 11:28 - 2014-06-30 11:28 - 00000000 ____D () C:\Windows\SQL9_KB960089_ENU
2014-06-30 11:23 - 2012-12-16 12:52 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-06-30 11:23 - 2012-12-16 10:40 - 00367616 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-06-30 11:23 - 2012-12-16 10:25 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-06-30 11:23 - 2012-12-16 10:25 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-06-30 11:23 - 2009-10-19 10:46 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-06-30 11:23 - 2009-10-19 10:10 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-06-30 11:18 - 2014-06-30 11:18 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-06-30 11:18 - 2014-06-30 11:18 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-06-30 09:40 - 2012-03-01 02:54 - 00022896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-06-30 09:40 - 2012-03-01 02:40 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-06-30 09:40 - 2012-03-01 02:35 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-06-30 09:40 - 2012-03-01 01:45 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-06-30 09:40 - 2012-03-01 01:40 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2014-06-29 11:10 - 2012-11-09 01:34 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-06-29 11:10 - 2012-11-09 00:49 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-06-29 11:10 - 2012-03-03 02:29 - 01837568 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-06-29 11:10 - 2012-03-03 02:29 - 01541120 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-06-29 11:10 - 2012-03-03 02:29 - 00902656 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-06-29 11:10 - 2012-03-03 02:29 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-06-29 11:10 - 2012-03-03 02:29 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-06-29 11:10 - 2012-03-03 01:40 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-06-29 11:10 - 2012-03-03 01:40 - 01074176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-06-29 11:10 - 2012-03-03 01:40 - 00739840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-06-29 11:10 - 2012-03-03 01:40 - 00218624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-06-29 11:10 - 2012-03-03 01:40 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-06-29 11:10 - 2011-06-15 05:58 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2014-06-29 11:10 - 2011-06-15 05:58 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2014-06-29 11:10 - 2011-06-15 05:58 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2014-06-29 11:10 - 2011-06-15 05:58 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2014-06-29 11:10 - 2011-06-15 05:04 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2014-06-29 11:10 - 2011-06-15 05:04 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2014-06-29 11:10 - 2011-06-15 05:04 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2014-06-29 11:10 - 2011-06-15 05:04 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2014-06-29 11:10 - 2011-06-15 05:04 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2014-06-29 11:10 - 2011-04-26 22:57 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-06-29 11:10 - 2010-03-05 03:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2014-06-29 11:10 - 2010-03-05 03:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2014-06-29 11:09 - 2013-02-12 11:42 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-06-29 11:09 - 2013-02-12 11:37 - 03138048 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-06-29 11:09 - 2013-02-12 11:31 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-06-29 11:09 - 2013-02-12 11:13 - 02691072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-06-29 11:09 - 2013-02-12 11:07 - 00131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-06-29 11:09 - 2013-02-12 09:59 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-06-29 11:09 - 2011-04-09 02:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-06-29 11:09 - 2011-04-09 01:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-06-29 11:08 - 2012-11-09 01:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-06-29 11:08 - 2012-11-09 00:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-06-29 11:08 - 2010-12-23 02:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2014-06-29 11:08 - 2010-12-23 02:07 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2014-06-29 11:08 - 2010-12-23 02:02 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-06-29 11:08 - 2010-12-23 01:28 - 00850432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2014-06-29 11:08 - 2010-12-23 01:28 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2014-06-29 11:08 - 2010-12-23 01:24 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2014-06-29 11:08 - 2010-08-26 01:27 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2014-06-29 11:08 - 2010-08-26 00:39 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2014-06-29 11:05 - 2013-02-28 23:32 - 03150848 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-06-29 11:05 - 2011-11-17 03:12 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-06-29 11:05 - 2011-11-17 01:39 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2014-06-29 11:05 - 2011-10-26 01:22 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-06-29 11:05 - 2011-10-26 01:22 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-06-29 11:05 - 2011-10-26 00:28 - 01328640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-06-29 11:05 - 2011-10-26 00:28 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-06-29 11:05 - 2011-07-08 22:44 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-06-29 11:05 - 2011-05-03 22:51 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-06-29 11:05 - 2011-05-03 22:51 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-06-29 11:05 - 2010-11-02 01:18 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2014-06-29 11:05 - 2010-11-02 01:17 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2014-06-29 11:05 - 2010-11-02 01:17 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2014-06-29 11:05 - 2010-11-02 01:16 - 01114624 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-06-29 11:05 - 2010-11-02 01:10 - 00464384 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2014-06-29 11:05 - 2010-11-02 01:10 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2014-06-29 11:05 - 2010-11-02 00:40 - 00496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2014-06-29 11:05 - 2010-11-02 00:40 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2014-06-29 11:05 - 2010-11-02 00:34 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2014-06-29 11:05 - 2010-11-02 00:34 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2014-06-29 11:05 - 2010-06-29 01:39 - 02085376 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2014-06-29 11:05 - 2010-06-29 01:02 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2014-06-29 11:05 - 2010-05-05 03:37 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2014-06-29 11:05 - 2010-05-05 02:46 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2014-06-29 11:04 - 2009-09-03 03:36 - 01975296 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2014-06-29 11:04 - 2009-09-03 03:04 - 01320960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2014-06-29 11:02 - 2013-04-12 10:36 - 01653096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-06-29 11:01 - 2013-02-12 10:02 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-06-29 11:01 - 2012-06-09 01:30 - 14165504 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-06-29 11:01 - 2012-06-09 00:46 - 12868608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-06-29 11:01 - 2012-06-02 01:38 - 00152432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-06-29 11:01 - 2012-06-02 01:38 - 00095088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-06-29 11:01 - 2012-06-02 01:37 - 00459216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-06-29 11:01 - 2012-06-02 01:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-06-29 11:01 - 2012-06-02 00:48 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-06-29 11:01 - 2012-06-02 00:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-06-29 11:01 - 2012-06-02 00:42 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-06-29 11:01 - 2012-04-26 01:34 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-06-29 11:01 - 2012-04-26 01:34 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-06-29 11:01 - 2012-04-26 01:28 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-06-29 11:01 - 2011-11-17 03:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-06-29 11:01 - 2011-11-17 03:11 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-06-29 11:01 - 2011-11-17 03:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-06-29 11:01 - 2011-11-17 03:08 - 01446912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-06-29 11:01 - 2011-11-17 03:05 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-06-29 11:01 - 2011-03-11 02:19 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2014-06-29 11:01 - 2011-03-11 02:19 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2014-06-29 11:01 - 2011-03-11 01:40 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2014-06-29 11:01 - 2011-03-11 01:40 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2014-06-29 11:01 - 2010-08-21 02:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-06-29 11:01 - 2010-08-21 01:33 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-06-29 11:01 - 2010-06-19 02:53 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll
2014-06-29 11:01 - 2010-06-19 02:23 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtutils.dll
2014-06-29 11:01 - 2009-10-31 02:34 - 02870272 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-06-29 11:01 - 2009-10-31 01:45 - 02614272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-06-29 11:01 - 2009-10-28 02:24 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-06-29 11:00 - 2012-11-02 01:30 - 02001408 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-29 11:00 - 2012-11-02 01:30 - 01880064 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-29 11:00 - 2012-11-02 00:50 - 01388544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-29 11:00 - 2012-11-02 00:50 - 01236992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-29 11:00 - 2011-03-03 02:17 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-06-29 11:00 - 2011-03-03 02:17 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-06-29 11:00 - 2011-03-03 02:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-06-29 11:00 - 2011-03-03 01:29 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-06-29 11:00 - 2011-03-03 01:27 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2014-06-29 11:00 - 2010-08-21 02:29 - 00558592 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-06-29 11:00 - 2010-07-29 02:30 - 00082944 _____ (Radius Inc.) C:\Windows\SysWOW64\iccvid.dll
2014-06-29 10:59 - 2013-01-04 01:37 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-06-29 10:59 - 2013-01-04 01:37 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-06-29 10:59 - 2013-01-04 01:37 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-06-29 10:59 - 2013-01-04 01:36 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-06-29 10:59 - 2013-01-04 01:33 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-06-29 10:59 - 2013-01-04 01:30 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-06-29 10:59 - 2013-01-04 01:30 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-06-29 10:59 - 2013-01-04 01:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:27 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:27 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:26 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:26 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:26 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:51 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-06-29 10:59 - 2013-01-04 00:51 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-06-29 10:59 - 2013-01-04 00:51 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-06-29 10:59 - 2013-01-03 23:19 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-06-29 10:59 - 2013-01-03 22:48 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-06-29 10:59 - 2013-01-03 22:48 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-06-29 10:59 - 2013-01-03 22:48 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-06-29 10:59 - 2013-01-03 22:48 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-06-29 10:59 - 2013-01-03 22:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-06-29 10:59 - 2013-01-03 22:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-06-29 10:59 - 2013-01-03 22:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-06-29 10:59 - 2013-01-03 22:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-06-29 10:59 - 2012-11-20 01:55 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-06-29 10:59 - 2012-11-20 01:10 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-06-29 10:59 - 2012-11-02 01:27 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-06-29 10:59 - 2012-11-02 00:48 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2014-06-29 10:59 - 2012-09-06 13:38 - 00295792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-06-29 10:59 - 2012-08-24 14:05 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-06-29 10:59 - 2012-08-24 13:10 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-06-29 10:59 - 2011-04-28 23:13 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-06-29 10:59 - 2011-04-28 23:12 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-06-29 10:59 - 2011-04-28 23:12 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-06-29 10:59 - 2010-08-21 02:38 - 01024512 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-06-29 10:59 - 2010-08-21 01:36 - 00738816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2014-06-29 10:59 - 2009-12-19 05:50 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\tsbyuv.dll
2014-06-29 10:59 - 2009-12-19 05:47 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\msvidc32.dll
2014-06-29 10:59 - 2009-12-19 05:47 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msyuv.dll
2014-06-29 10:59 - 2009-12-19 05:47 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\msrle32.dll
2014-06-29 10:59 - 2009-12-19 05:46 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\iyuv_32.dll
2014-06-29 10:59 - 2009-12-19 05:02 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\avifil32.dll
2014-06-29 10:59 - 2009-12-19 05:02 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mciavi32.dll
2014-06-29 10:59 - 2009-12-19 05:02 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iyuv_32.dll
2014-06-29 10:59 - 2009-12-19 05:02 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvidc32.dll
2014-06-29 10:59 - 2009-12-19 05:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msyuv.dll
2014-06-29 10:59 - 2009-12-19 05:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrle32.dll
2014-06-29 10:59 - 2009-12-19 05:02 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsbyuv.dll
2014-06-29 10:58 - 2013-01-04 01:41 - 01893224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-29 10:58 - 2013-01-04 01:40 - 00287576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-29 10:58 - 2012-04-27 23:50 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-06-29 10:58 - 2011-08-17 01:32 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-06-29 10:58 - 2011-08-17 01:27 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2014-06-29 10:58 - 2011-08-17 01:27 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-06-29 10:58 - 2011-08-17 01:27 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2014-06-29 10:58 - 2011-08-17 01:27 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2014-06-29 10:58 - 2011-08-17 00:26 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2014-06-29 10:58 - 2011-08-17 00:22 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2014-06-29 10:58 - 2011-08-17 00:22 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2014-06-29 10:58 - 2011-08-17 00:22 - 00072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2014-06-29 10:58 - 2011-08-17 00:22 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2014-06-29 10:57 - 2012-03-17 03:55 - 00075632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-06-29 10:57 - 2011-12-27 23:59 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-06-29 10:56 - 2012-08-10 20:53 - 00714752 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-06-29 10:56 - 2012-08-10 19:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-06-29 10:44 - 2012-09-25 18:39 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-06-29 10:44 - 2012-09-25 17:55 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-06-29 10:44 - 2011-02-05 08:41 - 00640896 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-06-29 10:44 - 2011-02-05 08:41 - 00556928 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-06-29 10:44 - 2011-02-05 08:41 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2014-06-29 10:44 - 2011-02-05 08:41 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2014-06-29 10:44 - 2011-02-05 08:41 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2014-06-29 10:44 - 2011-02-05 08:39 - 00603976 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-06-29 10:44 - 2011-02-05 08:39 - 00518160 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-06-29 10:44 - 2010-08-31 00:32 - 00954752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40.dll
2014-06-29 10:44 - 2010-08-31 00:32 - 00954288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40u.dll
2014-06-29 10:42 - 2012-07-04 18:04 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-06-29 10:42 - 2012-07-04 18:01 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-06-29 10:42 - 2012-07-04 18:01 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-06-29 10:42 - 2012-07-04 17:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2014-06-29 10:42 - 2012-07-04 17:23 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2014-06-29 10:42 - 2012-05-14 01:20 - 00956416 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-06-29 10:42 - 2011-12-16 04:42 - 00634368 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-06-29 10:42 - 2011-12-16 03:59 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2014-06-29 10:42 - 2011-08-27 01:40 - 00861184 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-06-29 10:42 - 2011-08-27 01:40 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-06-29 10:42 - 2011-08-27 00:43 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-06-29 10:42 - 2011-08-27 00:43 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2014-06-29 10:42 - 2011-05-24 07:21 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-06-29 10:42 - 2011-05-24 06:34 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2014-06-29 10:42 - 2011-05-24 06:34 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2014-06-29 10:42 - 2011-05-24 06:34 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2014-06-29 10:42 - 2011-05-24 06:32 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-06-29 10:42 - 2011-05-03 01:21 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-06-29 10:42 - 2011-05-03 00:50 - 00740864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-06-29 10:42 - 2011-02-23 01:15 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-06-29 10:42 - 2011-02-12 02:14 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2014-06-29 10:42 - 2010-12-18 02:08 - 01097216 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-06-29 10:42 - 2010-12-18 01:26 - 01034240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-06-29 10:42 - 2010-10-16 01:23 - 00112000 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-06-29 10:42 - 2010-09-01 01:21 - 14627840 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-06-29 10:42 - 2010-09-01 01:12 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-06-29 10:42 - 2010-09-01 00:29 - 11406848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-06-29 10:42 - 2010-09-01 00:23 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-06-29 10:42 - 2009-08-29 03:50 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\msasn1.dll
2014-06-29 10:42 - 2009-08-29 02:57 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msasn1.dll
2014-06-29 10:41 - 2013-03-19 02:19 - 05497688 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-06-29 10:41 - 2013-03-19 01:54 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-06-29 10:41 - 2013-03-19 01:06 - 03958120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-06-29 10:41 - 2013-03-19 01:06 - 03902312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-06-29 10:41 - 2013-03-19 00:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-06-29 10:41 - 2013-03-18 23:19 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-06-29 10:41 - 2011-10-15 02:25 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-06-29 10:41 - 2011-10-15 01:48 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2014-06-29 10:40 - 2010-10-16 01:17 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
2014-06-29 10:40 - 2010-10-16 00:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbc32.dll
2014-06-29 10:39 - 2011-11-17 03:14 - 01739160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-06-29 10:39 - 2011-11-17 01:41 - 01292592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-06-29 10:39 - 2010-08-27 02:14 - 00236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-06-29 10:39 - 2010-08-27 01:46 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2014-06-29 09:35 - 2012-06-02 01:25 - 01462784 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-06-29 09:35 - 2012-06-02 01:25 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-06-29 09:35 - 2012-06-02 01:25 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-06-29 09:35 - 2012-06-02 00:45 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-06-29 09:35 - 2012-06-02 00:45 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-06-29 09:35 - 2012-06-02 00:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-06-29 09:34 - 2011-11-19 11:07 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-06-29 09:34 - 2011-11-19 10:06 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-06-29 09:08 - 2012-02-15 02:27 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-06-29 09:08 - 2012-02-15 01:44 - 00826368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2014-06-29 09:08 - 2012-02-15 00:46 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-06-29 09:08 - 2010-01-09 03:19 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll
2014-06-29 09:08 - 2010-01-09 02:52 - 00132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cabview.dll
2014-06-28 21:59 - 2014-06-28 22:30 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\Desktop\Nueva carpeta (3)
2014-06-28 21:58 - 2014-07-04 10:08 - 00000000 ____D () C:\FRST
2014-06-28 21:06 - 2014-06-28 21:06 - 00002154 _____ () C:\Windows\epplauncher.mif
2014-06-28 20:56 - 2012-06-02 18:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-06-28 20:56 - 2012-06-02 18:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-06-28 20:56 - 2012-06-02 18:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-06-28 20:56 - 2012-06-02 18:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-06-28 20:56 - 2012-06-02 18:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-06-28 20:56 - 2012-06-02 18:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-06-28 20:56 - 2012-06-02 18:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-06-28 20:56 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-06-28 20:56 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-06-28 20:55 - 2014-06-28 20:55 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-06-28 20:55 - 2014-06-28 20:55 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-06-28 20:54 - 2014-06-28 20:55 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-06-28 20:54 - 2010-04-09 07:06 - 00374664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-06-28 20:28 - 2014-06-28 20:30 - 13829304 _____ (Microsoft Corporation) C:\Users\VICTOR HUGO PATSI\Desktop\mseinstall.exe
2014-06-28 20:21 - 2014-06-28 20:21 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\AppData\Local\Avg2014
2014-06-28 20:15 - 2014-06-28 20:15 - 00000000 ____D () C:\Windows\SysWOW64\Drivers\AVG
2014-06-28 20:14 - 2014-06-28 20:14 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\AppData\Roaming\TuneUp Software
2014-06-28 19:01 - 2014-06-28 19:01 - 00001043 _____ () C:\Users\VICTOR HUGO PATSI\Desktop\StarCraft II.lnk
2014-06-28 18:24 - 2014-06-28 19:03 - 00000000 ____D () C:\Program Files (x86)\StarCraft II-HoS
2014-06-26 18:44 - 2014-06-26 18:44 - 00274736 _____ () C:\Windows\Minidump\062614-39031-01.dmp
2014-06-26 10:26 - 2014-06-28 19:24 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\Documents\StarCraft II
2014-06-26 10:26 - 2014-06-26 10:55 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-06-26 10:26 - 2014-06-26 10:55 - 00000000 ____D () C:\Program Files (x86)\StarCraft II
2014-06-26 10:26 - 2014-06-26 10:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2014-06-26 10:20 - 2014-06-26 10:20 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\Desktop\StarCraft II
2014-06-25 00:35 - 2014-06-26 03:15 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\Desktop\Star2
2014-06-16 02:33 - 2014-06-18 19:33 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\Desktop\18 X Girls - Argentina
2014-06-12 20:03 - 2014-07-04 09:11 - 00001560 _____ () C:\Windows\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-1.job
2014-06-12 20:03 - 2014-07-04 09:11 - 00001476 _____ () C:\Windows\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-5.job
2014-06-12 20:03 - 2014-06-12 20:03 - 00004590 _____ () C:\Windows\System32\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-1
2014-06-12 20:03 - 2014-06-12 20:03 - 00004506 _____ () C:\Windows\System32\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-5
2014-06-12 20:02 - 2014-07-04 10:07 - 00001494 _____ () C:\Windows\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-7.job
2014-06-12 20:02 - 2014-07-04 09:11 - 00003832 _____ () C:\Windows\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-11.job
2014-06-12 20:02 - 2014-07-04 09:11 - 00002234 _____ () C:\Windows\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-4.job
2014-06-12 20:02 - 2014-07-04 09:11 - 00001562 _____ () C:\Windows\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-6.job
2014-06-12 20:02 - 2014-06-12 20:03 - 00000000 ____D () C:\Program Files (x86)\GoPhoto.it V9.0
2014-06-12 20:02 - 2014-06-12 20:02 - 00006862 _____ () C:\Windows\System32\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-11
2014-06-12 20:02 - 2014-06-12 20:02 - 00005264 _____ () C:\Windows\System32\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-4
2014-06-12 20:02 - 2014-06-12 20:02 - 00004592 _____ () C:\Windows\System32\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-6
2014-06-12 20:02 - 2014-06-12 20:02 - 00004522 _____ () C:\Windows\System32\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-7
2014-06-12 19:58 - 2014-07-04 09:11 - 00001506 _____ () C:\Windows\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-1.job
2014-06-12 19:58 - 2014-07-04 09:11 - 00001434 _____ () C:\Windows\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-5.job
2014-06-12 19:58 - 2014-06-12 19:58 - 00004536 _____ () C:\Windows\System32\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-1
2014-06-12 19:58 - 2014-06-12 19:58 - 00004464 _____ () C:\Windows\System32\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-5
2014-06-12 19:57 - 2014-07-04 10:02 - 00001440 _____ () C:\Windows\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-7.job
2014-06-12 19:57 - 2014-07-04 09:11 - 00003820 _____ () C:\Windows\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-11.job
2014-06-12 19:57 - 2014-07-04 09:11 - 00002328 _____ () C:\Windows\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-4.job
2014-06-12 19:57 - 2014-07-04 09:11 - 00001504 _____ () C:\Windows\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-6.job
2014-06-12 19:57 - 2014-07-04 09:11 - 00000964 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-06-12 19:57 - 2014-07-02 21:00 - 00000968 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-06-12 19:57 - 2014-06-12 20:02 - 00003966 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-06-12 19:57 - 2014-06-12 20:02 - 00003712 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-06-12 19:57 - 2014-06-12 19:58 - 00000000 ____D () C:\Program Files (x86)\Torntv V9.0
2014-06-12 19:57 - 2014-06-12 19:57 - 00006850 _____ () C:\Windows\System32\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-11
2014-06-12 19:57 - 2014-06-12 19:57 - 00005358 _____ () C:\Windows\System32\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-4
2014-06-12 19:57 - 2014-06-12 19:57 - 00004534 _____ () C:\Windows\System32\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-6
2014-06-12 19:57 - 2014-06-12 19:57 - 00004468 _____ () C:\Windows\System32\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-7
2014-06-12 19:57 - 2014-06-12 19:57 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\AppData\Local\globalUpdate
2014-06-12 19:57 - 2014-06-12 19:57 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-06-12 15:33 - 2014-06-12 15:33 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\AppData\Local\Adobe
2014-06-11 14:25 - 2014-06-11 14:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-07-04 10:08 - 2014-07-04 09:55 - 00035432 _____ () C:\Users\VICTOR HUGO PATSI\Desktop\FRST.txt
2014-07-04 10:08 - 2014-06-28 21:58 - 00000000 ____D () C:\FRST
2014-07-04 10:07 - 2014-06-12 20:02 - 00001494 _____ () C:\Windows\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-7.job
2014-07-04 10:07 - 2009-11-26 08:47 - 01755563 _____ () C:\Windows\WindowsUpdate.log
2014-07-04 10:02 - 2014-06-12 19:57 - 00001440 _____ () C:\Windows\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-7.job
2014-07-04 09:55 - 2014-07-04 09:55 - 02083840 _____ (Farbar) C:\Users\VICTOR HUGO PATSI\Desktop\FRST64.exe
2014-07-04 09:49 - 2012-05-20 22:52 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-04 09:33 - 2013-09-12 09:17 - 00000838 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-04 09:21 - 2009-07-14 00:45 - 00023024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-04 09:21 - 2009-07-14 00:45 - 00023024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-04 09:18 - 2010-03-13 15:55 - 00762754 _____ () C:\Windows\setupact.log
2014-07-04 09:12 - 2014-07-04 09:12 - 00000000 ___RD () C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9
2014-07-04 09:11 - 2014-06-12 20:03 - 00001560 _____ () C:\Windows\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-1.job
2014-07-04 09:11 - 2014-06-12 20:03 - 00001476 _____ () C:\Windows\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-5.job
2014-07-04 09:11 - 2014-06-12 20:02 - 00003832 _____ () C:\Windows\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-11.job
2014-07-04 09:11 - 2014-06-12 20:02 - 00002234 _____ () C:\Windows\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-4.job
2014-07-04 09:11 - 2014-06-12 20:02 - 00001562 _____ () C:\Windows\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-6.job
2014-07-04 09:11 - 2014-06-12 19:58 - 00001506 _____ () C:\Windows\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-1.job
2014-07-04 09:11 - 2014-06-12 19:58 - 00001434 _____ () C:\Windows\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-5.job
2014-07-04 09:11 - 2014-06-12 19:57 - 00003820 _____ () C:\Windows\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-11.job
2014-07-04 09:11 - 2014-06-12 19:57 - 00002328 _____ () C:\Windows\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-4.job
2014-07-04 09:11 - 2014-06-12 19:57 - 00001504 _____ () C:\Windows\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-6.job
2014-07-04 09:11 - 2014-06-12 19:57 - 00000964 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-07-04 09:11 - 2013-06-08 02:22 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
2014-07-04 09:11 - 2013-05-31 15:55 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-07-04 09:11 - 2012-05-20 22:52 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-04 09:11 - 2009-07-14 01:08 - 00032536 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-04 09:11 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-02 21:00 - 2014-06-12 19:57 - 00000968 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-07-01 02:03 - 2014-06-30 19:03 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\Desktop\compartir
2014-06-30 20:27 - 2010-03-14 16:50 - 00000000 ____D () C:\DISCOS
2014-06-30 13:23 - 2010-03-13 14:52 - 00001393 _____ () C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-06-30 13:23 - 2010-03-13 14:52 - 00001387 _____ () C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-30 13:20 - 2009-07-14 00:45 - 00374904 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-30 13:17 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-06-30 13:17 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-06-30 13:15 - 2010-03-22 14:19 - 00133292 _____ () C:\Windows\PFRO.log
2014-06-30 12:23 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-06-30 12:17 - 2014-06-30 12:17 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-06-30 12:17 - 2014-06-30 12:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-06-30 12:17 - 2011-06-07 08:56 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-30 12:17 - 2011-06-06 23:42 - 00000000 ____D () C:\ProgramData\Skype
2014-06-30 12:14 - 2014-06-30 12:12 - 00445448 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2014-06-30 12:07 - 2014-06-30 11:58 - 00444840 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-06-30 11:50 - 2012-03-29 23:46 - 00007314 _____ () C:\Windows\IE9_main.log
2014-06-30 11:48 - 2014-06-30 11:48 - 17857536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 12356608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 10890240 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 09711104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-06-30 11:48 - 2014-06-30 11:48 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-06-30 11:48 - 2014-06-30 11:48 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-30 11:48 - 2014-06-30 11:48 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-30 11:48 - 2014-06-30 11:48 - 02338816 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 02148352 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-30 11:48 - 2014-06-30 11:48 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-30 11:48 - 2014-06-30 11:48 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 01348608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 01106432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-06-30 11:48 - 2014-06-30 11:48 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-06-30 11:48 - 2014-06-30 11:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-06-30 11:48 - 2014-06-30 11:48 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-06-30 11:48 - 2014-06-30 11:48 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-06-30 11:36 - 2009-08-09 03:44 - 00001107 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works Task Launcher.lnk
2014-06-30 11:36 - 2009-08-09 03:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
2014-06-30 11:36 - 2009-08-09 03:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-06-30 11:33 - 2014-06-30 11:33 - 00000000 ____D () C:\Windows\SQLTools9_KB960089_ENU
2014-06-30 11:33 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2014-06-30 11:28 - 2014-06-30 11:28 - 00000000 ____D () C:\Windows\SQL9_KB960089_ENU
2014-06-30 11:18 - 2014-06-30 11:18 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-06-30 11:18 - 2014-06-30 11:18 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-06-30 11:18 - 2011-12-13 10:08 - 00000039 _____ () C:\Windows\vbaddin.ini
2014-06-30 11:18 - 2010-03-13 15:11 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-30 09:44 - 2009-07-13 22:34 - 00000478 _____ () C:\Windows\win.ini
2014-06-30 09:41 - 2010-07-17 13:39 - 00002294 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-06-30 00:27 - 2013-07-08 01:32 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\AppData\Roaming\uTorrent
2014-06-29 08:52 - 2010-03-13 14:53 - 00095168 _____ () C:\Users\VICTOR HUGO PATSI\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-28 22:30 - 2014-06-28 21:59 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\Desktop\Nueva carpeta (3)
2014-06-28 21:25 - 2009-11-26 09:10 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-06-28 21:21 - 2011-12-21 00:52 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\AppData\Local\Deployment
2014-06-28 21:20 - 2011-06-28 16:28 - 00000000 ____D () C:\Program Files (x86)\Publicación en Web
2014-06-28 21:20 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\Help
2014-06-28 21:16 - 2011-06-08 15:37 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\Documents\ADSLNet
2014-06-28 21:06 - 2014-06-28 21:06 - 00002154 _____ () C:\Windows\epplauncher.mif
2014-06-28 20:55 - 2014-06-28 20:55 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-06-28 20:55 - 2014-06-28 20:55 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-06-28 20:55 - 2014-06-28 20:54 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-06-28 20:53 - 2013-11-05 02:48 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\AppData\Local\CrashDumps
2014-06-28 20:40 - 2012-02-01 10:55 - 00000000 ____D () C:\ProgramData\AVG2012
2014-06-28 20:30 - 2014-06-28 20:28 - 13829304 _____ (Microsoft Corporation) C:\Users\VICTOR HUGO PATSI\Desktop\mseinstall.exe
2014-06-28 20:21 - 2014-06-28 20:21 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\AppData\Local\Avg2014
2014-06-28 20:20 - 2011-06-07 15:12 - 00000000 ____D () C:\ProgramData\MFAData
2014-06-28 20:15 - 2014-06-28 20:15 - 00000000 ____D () C:\Windows\SysWOW64\Drivers\AVG
2014-06-28 20:15 - 2011-06-08 01:23 - 00000000 ____D () C:\Windows\system32\Drivers\AVG
2014-06-28 20:14 - 2014-06-28 20:14 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\AppData\Roaming\TuneUp Software
2014-06-28 19:24 - 2014-06-26 10:26 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\Documents\StarCraft II
2014-06-28 19:03 - 2014-06-28 18:24 - 00000000 ____D () C:\Program Files (x86)\StarCraft II-HoS
2014-06-28 19:01 - 2014-06-28 19:01 - 00001043 _____ () C:\Users\VICTOR HUGO PATSI\Desktop\StarCraft II.lnk
2014-06-26 21:27 - 2010-04-18 12:15 - 00885588 _____ () C:\Windows\DPINST.LOG
2014-06-26 21:13 - 2012-04-11 09:50 - 00001986 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-06-26 21:13 - 2012-03-16 15:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-06-26 21:13 - 2009-08-09 02:55 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-26 18:44 - 2014-06-26 18:44 - 00274736 _____ () C:\Windows\Minidump\062614-39031-01.dmp
2014-06-26 18:44 - 2012-07-17 19:15 - 498118321 _____ () C:\Windows\MEMORY.DMP
2014-06-26 18:44 - 2012-07-17 19:15 - 00000000 ____D () C:\Windows\Minidump
2014-06-26 13:57 - 2010-07-03 22:37 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\Desktop\Juegos
2014-06-26 10:55 - 2014-06-26 10:26 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-06-26 10:55 - 2014-06-26 10:26 - 00000000 ____D () C:\Program Files (x86)\StarCraft II
2014-06-26 10:41 - 2014-06-26 10:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2014-06-26 10:41 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-26 10:20 - 2014-06-26 10:20 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\Desktop\StarCraft II
2014-06-26 03:15 - 2014-06-25 00:35 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\Desktop\Star2
2014-06-24 01:15 - 2014-03-24 10:07 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\AppData\Roaming\vlc
2014-06-20 11:23 - 2014-02-03 10:42 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\Desktop\Hunter 084vl
2014-06-18 19:33 - 2014-06-16 02:33 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\Desktop\18 X Girls - Argentina
2014-06-16 22:44 - 2012-05-20 22:52 - 00003916 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-16 22:44 - 2012-05-20 22:52 - 00003664 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-16 13:41 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\tracing
2014-06-13 09:27 - 2012-04-26 08:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-12 20:03 - 2014-06-12 20:03 - 00004590 _____ () C:\Windows\System32\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-1
2014-06-12 20:03 - 2014-06-12 20:03 - 00004506 _____ () C:\Windows\System32\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-5
2014-06-12 20:03 - 2014-06-12 20:02 - 00000000 ____D () C:\Program Files (x86)\GoPhoto.it V9.0
2014-06-12 20:02 - 2014-06-12 20:02 - 00006862 _____ () C:\Windows\System32\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-11
2014-06-12 20:02 - 2014-06-12 20:02 - 00005264 _____ () C:\Windows\System32\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-4
2014-06-12 20:02 - 2014-06-12 20:02 - 00004592 _____ () C:\Windows\System32\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-6
2014-06-12 20:02 - 2014-06-12 20:02 - 00004522 _____ () C:\Windows\System32\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-7
2014-06-12 20:02 - 2014-06-12 19:57 - 00003966 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-06-12 20:02 - 2014-06-12 19:57 - 00003712 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-06-12 19:58 - 2014-06-12 19:58 - 00004536 _____ () C:\Windows\System32\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-1
2014-06-12 19:58 - 2014-06-12 19:58 - 00004464 _____ () C:\Windows\System32\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-5
2014-06-12 19:58 - 2014-06-12 19:57 - 00000000 ____D () C:\Program Files (x86)\Torntv V9.0
2014-06-12 19:57 - 2014-06-12 19:57 - 00006850 _____ () C:\Windows\System32\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-11
2014-06-12 19:57 - 2014-06-12 19:57 - 00005358 _____ () C:\Windows\System32\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-4
2014-06-12 19:57 - 2014-06-12 19:57 - 00004534 _____ () C:\Windows\System32\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-6
2014-06-12 19:57 - 2014-06-12 19:57 - 00004468 _____ () C:\Windows\System32\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-7
2014-06-12 19:57 - 2014-06-12 19:57 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\AppData\Local\globalUpdate
2014-06-12 19:57 - 2014-06-12 19:57 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-06-12 19:45 - 2009-07-14 01:13 - 00847962 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-12 15:33 - 2014-06-12 15:33 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\AppData\Local\Adobe
2014-06-12 11:51 - 2013-09-12 09:17 - 00003776 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-12 11:51 - 2012-07-07 19:21 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-12 11:51 - 2012-07-07 19:21 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-11 14:25 - 2014-06-11 14:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

ZeroAccess:
C:\Windows\assembly\tmp
C:\Windows\assembly\tmp\{1B372133-BFFA-4dba-9CCF-5474BED6A9F6}

ZeroAccess:
C:\Users\VICTOR HUGO PATSI\AppData\Local\c0f3925f
C:\Users\VICTOR HUGO PATSI\AppData\Local\c0f3925f\@

Some content of TEMP:
====================
C:\Users\Guest\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\Guest\AppData\Local\Temp\ResetDevice.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\2vatup1h.dll
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\7z920.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\appinstal1.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\BackupSetup.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\CmdLineExt02.dll
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\CommonInstaller.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\contentDATs.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\DelB101.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\DivXInstaller.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\DownloadManager.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\HSS-2.88-install-plain-456-silent.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\htmlayout.dll
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\ICReinstall_CR_Downloader_for_three-wonders.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\ICReinstall_JDownloaderSetup.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\iGearedHelper.dll
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\InstallFlashPlayer.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\installhelper.dll
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\INWinAmp.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jna1539680869461761389.dll
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jna5848365291703726192.dll
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jna8423701919783825674.dll
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jre-6u20-windows-i586-iftw-rv.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jre-6u21-windows-i586-iftw-rv.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jre-6u22-windows-i586-iftw-rv.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jre-6u30-windows-i586-iftw-rv.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jre-6u32-windows-i586-iftw.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jre-6u38-windows-i586-iftw.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jre-7u40-windows-i586-iftw.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\Launcher_i209558463.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\MSETUP4.EXE
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\ose00000.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\pricegong.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\Quarantine.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\SearchProtectionSetup.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\set-app.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\setapp.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\Setup-a.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\Setup2.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\setupa2.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\SetupAC.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\setup__4216.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\SIntf16.dll
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\SIntf32.dll
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\SIntfNT.dll
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\SkypeSetup.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\softonic.com4.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\Softonic_ES.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\sp48071.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\sp50843.exe.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\toolbar7127311.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\ToolbarInstaller.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\uninstall6988454.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\uninstall7008594.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\UninstallHPTCA.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\vcredist_x64.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\vlc-2.1.3-win32.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\vs60wiz.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\war3_Install.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\winamp556.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\_is7223.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-28 02:04

==================== End Of Log ============================

 

-------------------------------------------------------------------------------------------------------------------------

Addition.txt:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-07-2014
Ran by VICTOR HUGO PATSI at 2014-07-04 10:09:24
Running from C:\Users\VICTOR HUGO PATSI\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG Anti-Virus Free Edition 2012 (Enabled - Up to date) {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AS: AVG Anti-Virus Free Edition 2012 (Enabled - Up to date) {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.31395 - BitTorrent Inc.)
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version:  - Microsoft)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Activate Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.1.20.0 - Symantec)
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.2.602 - Adobe Systems, Inc.)
Advanced IP Address Calculator v1.1 (HKLM-x32\...\Advanced IP Address Calculator v1.1) (Version:  - )
Angry Birds [Full Version] for PC by TipsoTricks.com (HKLM-x32\...\Angry Birds [Full Version] for PC by TipsoTricks.com) (Version:  - )
ATI Catalyst Install Manager (HKLM\...\{83715090-142B-D305-36EC-7538A007D336}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 2.9.1025 - DsNET Corp)
Avanquest update (HKLM-x32\...\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}) (Version: 1.26 - Avanquest Software)
Bejeweled 2 Deluxe (HKLM-x32\...\Bejeweled 2 Deluxe_is1) (Version:  - )
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.6.3059 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{62763BAD-53A8-4C9F-B4CF-7CCABFEFD725}) (Version: 0.8.6.3059 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Camtasia Studio 8 (HKLM-x32\...\{5303CFB5-D635-44F0-A94B-9611E81F07C4}) (Version: 8.3.0.1471 - TechSmith Corporation)
Canon Inkjet Printer Driver Add-On Module (HKLM\...\CANONIJINBOXADDON100) (Version:  - )
Canon iP2700 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2700_series) (Version:  - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.0702.1239.20840 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Czech (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Danish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Dutch (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help English (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Finnish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help French (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help German (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Greek (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Italian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Japanese (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Korean (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Polish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Russian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Spanish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Swedish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Thai (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Turkish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
ccc-core-static (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
ccc-utility64 (Version: 2009.0702.1239.20840 - ATI) Hidden
CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version:  - dvd8n)
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
Cisco Packet Tracer 5.3.1 (HKLM-x32\...\Cisco Packet Tracer 5.3.1_is1) (Version:  - Cisco Systems, Inc.)
Cisco Packet Tracer 5.3.3 (HKLM-x32\...\Cisco Packet Tracer 5.3.3_is1) (Version:  - Cisco Systems, Inc.)
Complemento Guardar como PDF o XPS de Microsoft para programas de Microsoft Office 2007 (HKLM-x32\...\{90120000-00B2-0C0A-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Compresor WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
Corel Paint Shop Pro Photo X2 (HKLM-x32\...\{64E72FB1-2343-4977-B4A8-262CD53D0BD3}) (Version: 12.50.0001 - Corel Corporation)
Corel VideoStudio 12 (HKLM-x32\...\InstallShield_{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}) (Version: 12.0.0.0000 - Corel Corporation)
Creative ALchemy Universal (HKLM-x32\...\ALchemy) (Version:  - )
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3101 - CyberLink Corp.)
CyberLink DVD Suite (x32 Version: 6.0.3101 - CyberLink Corp.) Hidden
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.1501 - CyberLink Corp.)
CyberLink PowerDVD 9 (x32 Version: 9.0.1501 - CyberLink Corp.) Hidden
Desinstalador de impresoras EPSON TX115 Series (HKLM\...\EPSON TX115 Series) (Version:  - SEIKO EPSON Corporation)
Drivers para Puerto (HKLM-x32\...\Drivers para Puerto) (Version:  - )
Dropbox (HKCU\...\Dropbox) (Version: 1.6.16 - Dropbox, Inc.)
Empire Earth (HKLM-x32\...\{2447500B-22D7-47BD-9B13-1A927F43A267}) (Version:  - )
ENE CIR Receiver Driver (HKLM\...\FFE7D41DF3C645075BB149E21988B63996C34187) (Version: 2.7.4.0 - ENE)
Epson Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
ffdshow v1.3.4530 [2014-02-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4530.0 - )
FormatFactory 2.90 (HKLM-x32\...\FormatFactory) (Version: 2.90 - Free Time)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free Mp3 Wma Converter V 1.9 (HKLM-x32\...\Free Mp3 Wma Converter_is1) (Version: 1.9.0.0 - Koyote Soft)
Free Process-Traffic Monitor (HKLM-x32\...\{4FB762D4-9EDB-44E6-A842-565756712EDC}) (Version:  - )
Freecorder 6 (HKLM-x32\...\Freecorder 6) (Version: 2.1.10 - Applian Technologies Inc.)
Freecorder 6 Add-on for Firefox (HKLM-x32\...\Freecorder 6 Add-on for Firefox) (Version: 2.1.9 - Applian Technologies, Inc.)
Freecorder 6 Applications (6.0.0.37) (HKLM-x32\...\Freecorder 6 Applications) (Version: 6.0.0.37 - Applian Technologies)
Freecorder 6 extension for Chrome (HKLM-x32\...\Freecorder 6 extension for Chrome) (Version: 2.1.9 - Applian Technologies, Inc.)
Freez FLV to MP3 Converter (HKLM-x32\...\Freez FLV to MP3 Converter v1.5_is1) (Version: 1.5 - www.smallvideosoft.com)
Google Book Downloader (HKLM-x32\...\{6E3C58E8-60EA-4019-BA73-B615B69C61F8}) (Version: 0.6.4 - adma)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GoPhoto.it V9.0 (HKLM-x32\...\GoPhoto.it V9.0) (Version: 1.34.6.10 - installdaddy) <==== ATTENTION
Gothic 3 : Forsaken Gods (HKLM-x32\...\Gothic 3 : Forsaken Gods_is1) (Version:  - Jowood)
Homepage Protection (HKLM-x32\...\Homepage Protection) (Version:  - AOL Products)
HP 3D DriveGuard (HKLM\...\{85A42FF0-F0D0-44A3-B226-C124D6E8B1D5}) (Version: 4.0.3.1 - Hewlett-Packard)
HP Advisor (HKLM-x32\...\{B53E61D7-7C80-40DF-82D2-CF5390D6D20A}) (Version: 3.2.8946.3086 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.3 - Hewlett-Packard) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.0.3123 - Hewlett-Packard)
HP MediaSmart DVD (x32 Version: 3.0.3123 - Hewlett-Packard) Hidden
HP MediaSmart Internet TV (HKLM-x32\...\InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}) (Version: 3.0.1916 - Hewlett-Packard)
HP MediaSmart Internet TV (x32 Version: 3.0.1916 - Hewlett-Packard) Hidden
HP MediaSmart Live TV (HKLM-x32\...\InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}) (Version: 3.0.1924 - Hewlett-Packard)
HP MediaSmart Live TV (x32 Version: 3.0.1924 - Hewlett-Packard) Hidden
HP MediaSmart Movie Themes (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.0.3102 - Hewlett-Packard)
HP MediaSmart Movie Themes (x32 Version: 3.0.3102 - Hewlett-Packard) Hidden
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.0.3123 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (x32 Version: 3.0.3123 - Hewlett-Packard) Hidden
HP MediaSmart SlingPlayer (HKLM-x32\...\{90F6051D-A69F-4159-9203-7E20430E1056}) (Version: 2.1.1.60 - Sling Media, Inc.)
HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.0.30.1 - Hewlett-Packard)
HP MediaSmart Software Notebook Demo (HKLM-x32\...\{82A213BD-B6AA-4281-A2D3-59D51893CC56}) (Version: 1.00.0000 - Hewlett-Packard)
HP MediaSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.1913 - Hewlett-Packard)
HP MediaSmart Webcam (x32 Version: 3.0.1913 - Hewlett-Packard) Hidden
HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.3.1 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}) (Version: 1.2.3220.3079 - Hewlett-Packard)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Support Assistant (HKLM-x32\...\{08DB3902-2CE0-474D-BCE3-0177766CE9F1}) (Version: 5.1.10.7 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HP User Guides 0153 (HKLM-x32\...\{2EBA8202-FBD5-4004-81EA-BDC38C054CE2}) (Version: 1.01.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32\...\{54CC7901-804D-4155-B353-21F0CC9112AB}) (Version: 3.50.9.1 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
HyperMediaCenter (HKLM-x32\...\{CEEF97F8-C2CA-4B9C-AA86-08905CF1508C}) (Version: 3.0 - KWorld MultiMedia)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6225.0 - IDT)
Internet Tigo (HKLM-x32\...\Internet Tigo) (Version: 11.300.05.09.279 - Huawei Technologies Co.,Ltd)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 14 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416014FF}) (Version: 6.0.140 - Sun Microsystems, Inc.)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.32.1 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
KGB Archiver 1.2.1.24 (HKLM-x32\...\KGB Archiver_is1) (Version:  - Tomasz Pawlak)
K-Lite Codec Pack 10.3.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.3.5 - )
KWorld PVR-TV BDA Drivers (HKLM-x32\...\TVEpaDrv) (Version:  - )
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1913 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.1913 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{82EF29B1-9B60-4142-A155-0599216DD053}) (Version: 1.18.6.1 - LightScribe)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.1.94 - LSI Corporation)
Malwarebytes Anti-Malware versión 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MAMEUIFX32 (HKLM-x32\...\MAMEUIFX32) (Version: 0.146 - Mamesick)
MATLAB R2012a (HKLM\...\Matlab R2012a) (Version: 7.14 - The MathWorks, Inc.)
Media Buzz (HKLM-x32\...\MediaBuzzV1mode7412) (Version: 1.1 - Media Buzz) <==== ATTENTION
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Live Search Toolbar (HKLM-x32\...\{DF802C05-4660-418c-970C-B988ADB1D316}) (Version: 3.0.560.0 - Microsoft Live Search Toolbar)
Microsoft Live Search Toolbar (x32 Version: 3.0.560.0 - Microsoft Corporation) Hidden
Microsoft Mathematics (64 bits) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Basque) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Catalan) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Galician) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Spanish) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Standard 2007 (HKLM-x32\...\STANDARD) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Standard 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version:  - Microsoft)
Microsoft Office Visio 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Visio MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio Professional 2007 (HKLM-x32\...\VISPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Visio Professional 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS) (x32 Version: 9.2.3042.00 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Tools Express Edition (x32 Version: 9.2.3042.00 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Mobipocket Reader 6.2 (HKLM-x32\...\{342126E1-173C-4585-BFBE-3EBDD20E3E9E}) (Version: 6.2.608 - Mobipocket.com)
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSDN Library for Microsoft Visual Studio 2008 Express Editions (HKLM-x32\...\MSDN Library for Microsoft Visual Studio 2008 Express Editions) (Version:  - Microsoft Corporation)
MSDN Library for Microsoft Visual Studio 2008 Express Editions (x32 Version: 9.0.21022 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
Mystery P.I. - The New York Fortune en Español (HKLM-x32\...\Mystery P.I. - The New York Fortune en Español) (Version:  - )
Mystery P.I. - The Vegas Heist en Español (HKLM-x32\...\Mystery P.I. - The Vegas Heist en Español) (Version:  - )
Nero 7 (HKLM-x32\...\{F90D6825-8F1F-4E3A-9E42-A9C8A9DD1033}) (Version: 7.03.1152 - Nero AG)
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Opera 12.14 (HKLM-x32\...\Opera 12.14.1738) (Version: 12.14.1738 - Opera Software ASA)
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.5615 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.5615 - CyberLink Corp.) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3101 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3101 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3101 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3101 - CyberLink Corp.) Hidden
PowerRecover (x32 Version: 5.5.1923 - CyberLink Corp.) Hidden
Prince of Persia El Alma del Guerrero (HKLM-x32\...\{EE5BC0BB-9EDA-423C-8276-48857B735D68}) (Version: 1.00.999 - )
Prince of Persia Las Arenas del Tiempo (HKLM-x32\...\{8C453F13-6877-4D34-8816-009ABDE306DB}) (Version: 1.00.181 - )
Prince of Persia T2T (HKLM-x32\...\{DFFE2B1F-07E0-45A9-8801-CD8514CAA876}) (Version: 1.00.999 - Ubisoft)
Prince of Persia The Two Thrones (x32 Version: 1.00.999 - Ubisoft) Hidden
Project64 1.7 (HKLM-x32\...\Project64 1.7) (Version:  - )
QLBCASL (x32 Version: 6.40.17.2 - Hewlett-Packard) Hidden
QuickTime (HKLM-x32\...\{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}) (Version: 7.1.3.100 - Apple Computer, Inc.)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.2.2-1.0.6555.3 - raidcall.com)
Real Alternative 1.8.0 Lite (HKLM-x32\...\RealAlt_is1) (Version: 1.8.0 - )
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 12.0) (Version:  - RealNetworks)
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0007 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.37 - Piriform)
ScummVM 0.9.1 (HKLM-x32\...\ScummVM_is1) (Version:  - )
Search Protection (HKCU\...\Search Protection) (Version: 8.9.0.1 - Spigot, Inc.) <==== ATTENTION
Skype Toolbars (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.3.7280 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SlingBoxWatchYourTVAnyWhere (HKLM-x32\...\{4313E16C-811B-469F-8815-6EB98085F8B2}) (Version: 2.1.1.58 - Sling Media)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
Sony Ericsson Update Engine (HKLM-x32\...\Update Engine) (Version: 2.13.3.43 - Sony Ericsson Communications AB)
Sony PC Companion 2.10.211 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.211 - Sony)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: 1.0.0.16117 - Blizzard Entertainment)
StarCraft II: Heart of the Swarm © Blizzard Entertainment version 1 (HKLM-x32\...\U3RhckNyYWZ0IElJOiBIZWFydCBvZiB0aGUgU3dhcm0gKGMp~BFC02D25_is1) (Version: 1 - )
Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version:  - )
SWF Opener (HKLM-x32\...\{01386D1F-ADE7-43B4-A4E9-312FC5BC726F}_is1) (Version: 1.3 - UnH Solutions)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.4.12 - Synaptics Incorporated)
TeamSpeak 2 RC2 (HKLM-x32\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version:  - TeamSpeak Systems GmbH)
THE HISTORY CHANNEL Great Battles of Rome (HKLM-x32\...\{E5B5BF68-ECC3-42FE-A91A-3CAFEAD23DC4}) (Version: 1.0100 - )
Torntv V9.0 (HKLM-x32\...\Torntv V9.0) (Version: 1.34.6.10 - installdaddy) <==== ATTENTION
TotalAudioConverter (HKLM-x32\...\Total Audio Converter_is1) (Version:  - Softplicity, Inc.)
True Image 2013 (HKLM-x32\...\{75BC2136-B6A1-4F3B-8A69-55E39C647B1F}Visible) (Version: 16.0.6514 - Acronis)
True Image 2013 (x32 Version: 16.0.6514 - Acronis) Hidden
UltraISO Premium V9.33 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0C0A-0000-0000000FF1CE}_STANDARD_{F31C6FC9-7DD0-421D-B2D0-64AF8252BAE7}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Video Download Studio 3.4.14 (HKLM-x32\...\{8A075C9A-1368-4491-855E-F3D9ABE55740}_is1) (Version:  - aHisoft)
VideoStudio (x32 Version: 12.0.0.0000 - Corel Corporation) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - )
Warcraft III: All Products (HKCU\...\Warcraft III) (Version:  - )
WildTangent Games App (HP Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.5.36 - WildTangent)
Windows Driver Package - Broadcom Bluetooth  (06/15/2009 6.2.0.9000) (HKLM\...\6B8550A319DDC8B17F35F4A89988705E4592349B) (Version: 06/15/2009 6.2.0.9000 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Asistente para el inicio de sesión (HKLM-x32\...\{7593234B-2AEB-4FC9-B02D-C9B30D86084C}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Messenger (HKLM-x32\...\{F2FFEEAA-0B48-4342-9B67-12ABB0B58F24}) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{953D4586-9A16-495E-BA1F-EE5AA66604DB}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
Windows Media Encoder 9 Series (x32 Version: 9.00.2980 - Microsoft Corporation) Hidden
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - )

==================== Restore Points  =========================

28-06-2014 06:11:19 Punto de control programado
29-06-2014 00:12:28 Removed AVG 2012
29-06-2014 00:16:20 Removed AVG 2012
29-06-2014 00:54:08 Windows Update
29-06-2014 00:56:15 Windows Update
29-06-2014 01:15:33 ADSLNet Navigation Tools eliminado.
29-06-2014 01:16:56 Removed Apple Application Support
29-06-2014 01:18:27 Removed Apple Software Update
29-06-2014 01:18:57 Removed Apple Mobile Device Support
29-06-2014 01:21:20 Removed Dealio Toolbar v4.4.
29-06-2014 01:23:00 Removed iTunes
29-06-2014 01:29:11 Removed Microsoft .NET Framework 4 Multi-Targeting Pack
29-06-2014 01:33:58 Removed MySQL Server 5.0
29-06-2014 01:56:28 Windows Update
30-06-2014 04:28:57 Windows Update
30-06-2014 13:33:06 Windows Update
04-07-2014 13:26:58 Windows Update

==================== Hosts content: ==========================

2009-07-13 22:34 - 2011-04-04 23:32 - 00000864 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 validation.sls.microsoft.com

==================== Scheduled Tasks (whitelisted) =============

Task: {01BD09A5-6D15-4668-91F0-C96E59850DD3} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP TCS\RemEngine.exe [2009-07-08] ()
Task: {18F84772-84BD-402B-B42C-58732AB2A80F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-20] (Google Inc.)
Task: {1D6A9EFF-DEE6-435D-9D57-98A8F9C03519} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{8B253AE3-424A-4B91-8C6F-2B4F8EA11E0D}.exe
Task: {23F590C9-A793-460B-AC0B-B2C1FABB8CB2} - System32\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-1 => C:\Program Files (x86)\GoPhoto.it V9.0\GoPhoto.it V9.0-codedownloader.exe
Task: {2BDF3D4C-5D76-4E4E-A287-EEF62AC03362} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline No Task File <==== ATTENTION
Task: {3156E85A-8E74-472F-B722-FB5EE0EAD159} - System32\Tasks\CapUninst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapUninst.exe [2009-07-24] (CL)
Task: {3390764B-C0A9-4084-A5E2-CCBA2DAC763B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2010-11-15] (Hewlett-Packard Company)
Task: {3B3F5263-3400-4A31-8D9E-51C20370FA5E} - System32\Tasks\{D66DCDDB-AB9D-4836-864D-5ED68087D4F6} => Firefox.exe http://ui.skype.com/ui/0/5.3.0.116.259/es/abandoninstall?source=lightinstaller&amp;page=tsProblems&amp;LastError=-3&amp;installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;userlevelpresent
Task: {3FDF593A-C4B5-40F6-A96B-08362CB8106D} - System32\Tasks\TVAgent => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe [2009-07-24] (CyberLink Corp.)
Task: {47109718-CF38-4923-B935-B0B5704F6D84} - \AmiUpdXp No Task File <==== ATTENTION
Task: {5460AC13-7953-4443-8F1E-10F18664B2DA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-12] (Adobe Systems Incorporated)
Task: {54DC44A2-9A21-4C4E-8EA5-C87E9B08D0C3} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-06-12] (globalUpdate) <==== ATTENTION
Task: {5C4738F8-C2F3-442B-A117-A331BD12ADCF} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [2009-07-24] (CyberLink Corp.)
Task: {600B873D-071B-40D2-955D-8CD463D96EFD} - System32\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-6 => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-novainstaller.exe <==== ATTENTION
Task: {69292EBE-3AAF-47D5-A2FD-BC8C777E24E2} - System32\Tasks\CapSvcInst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSvcInst.exe [2009-07-24] (CL)
Task: {6AE12198-A19B-4DFB-B7BC-344482315D33} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP TCS\RemEngine.exe [2009-07-08] ()
Task: {6F140816-3378-4857-AE5E-1586DC586EF5} - System32\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-11 => C:\Program Files (x86)\Torntv V9.0\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-11.exe [2014-06-12] (installdaddy) <==== ATTENTION
Task: {81E29E5D-D3CB-46D1-8051-BF1CBA43CD15} - System32\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-4 => C:\Program Files (x86)\Torntv V9.0\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-4.exe [2014-06-12] (installdaddy) <==== ATTENTION
Task: {8933AA89-72EA-4EC3-A383-3689512BA829} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-07-23] (CyberLink)
Task: {8A86095D-D575-4D87-84EB-7828EC2800CA} - System32\Tasks\{19E68A17-A942-4F6C-BF95-49FDFD36734D} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {8DECB666-5E2A-433A-87F6-3A2EFD5EAD91} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-20] (Google Inc.)
Task: {8E3F28CE-D89E-47E9-8B8D-1A0205A75C73} - \Scheduled Update for Ask Toolbar No Task File <==== ATTENTION
Task: {8FC83B39-C298-464D-88FA-D1C464FF2ED8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\GetAssistance Maintenance Events => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPSAObjUtil.exe [2011-06-15] (HP)
Task: {900E34A9-315A-445C-993C-D6474A58C2DF} - System32\Tasks\RNUpgradeHelperResumePrompt_VICTOR HUGO PATSI => C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.00\rnupgagent.exe
Task: {95391584-B46D-47A0-970B-C313519156DE} - System32\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-4 => C:\Program Files (x86)\GoPhoto.it V9.0\da657d0c-e257-4364-8842-9d5a892cb4aa-4.exe [2014-06-12] (installdaddy)
Task: {9D23950C-8A35-41DC-8D00-67D7D70CFCE8} - System32\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-1 => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-codedownloader.exe <==== ATTENTION
Task: {A4D78E5A-C49F-42F6-8209-74BC8ABDADCA} - System32\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-7 => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-nova.exe [2014-06-12] (installdaddy) <==== ATTENTION
Task: {AD1F824F-13AE-4673-89F0-6984EA800BB2} - System32\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-5 => C:\Program Files (x86)\Torntv V9.0\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-5.exe [2014-06-12] (installdaddy) <==== ATTENTION
Task: {AEA8B6CC-49F5-425B-A4EC-A09CB167C756} - \GoforFilesUpdate No Task File <==== ATTENTION
Task: {B8CE5AA6-ED05-4766-BE16-BD36033BFF82} - System32\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-6 => C:\Program Files (x86)\GoPhoto.it V9.0\GoPhoto.it V9.0-novainstaller.exe
Task: {BC02260E-6E93-4931-8C63-C967652E5220} - System32\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-7 => C:\Program Files (x86)\GoPhoto.it V9.0\GoPhoto.it V9.0-nova.exe [2014-06-12] (installdaddy)
Task: {C2AD2323-7789-4281-A27E-5B3A75E3D245} - System32\Tasks\CapSchedInst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSchedInst.exe [2009-07-24] (CL)
Task: {CE8D9737-693F-4C20-A629-59B61E597028} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2417842332-3562377342-529798385-1006 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-03-29] (RealNetworks, Inc.)
Task: {D204F7D8-08BD-40A4-980A-8EB9FB4A6E67} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2417842332-3562377342-529798385-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-03-29] (RealNetworks, Inc.)
Task: {D43770E6-8DF3-4BE4-A18B-0AB32A27ECBA} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-06-12] (globalUpdate) <==== ATTENTION
Task: {E23EBA42-895A-4578-B9D9-1DDA031148FB} - System32\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-11 => C:\Program Files (x86)\GoPhoto.it V9.0\da657d0c-e257-4364-8842-9d5a892cb4aa-11.exe [2014-06-12] (installdaddy)
Task: {E2E2C495-8DB3-4850-9E21-BFCF847868DA} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2417842332-3562377342-529798385-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-03-29] (RealNetworks, Inc.)
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove No Task File <==== ATTENTION
Task: {F60287E0-D39B-40C9-95B5-A89B954C9D01} - System32\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-5 => C:\Program Files (x86)\GoPhoto.it V9.0\da657d0c-e257-4364-8842-9d5a892cb4aa-5.exe [2014-06-12] (installdaddy)
Task: {FD5F8445-A13D-42D7-94AA-818222AF42B2} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2417842332-3562377342-529798385-1006 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-03-29] (RealNetworks, Inc.)
Task: {FE0987C3-4C9F-4826-AAAD-EC7DC2CDF134} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask No Task File <==== ATTENTION
Task: {FFA69DED-D7F1-4ADC-90A2-4C71BF337F9A} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv => C:\Windows\TEMP\{D2B3A18B-19FB-4D43-902D-2B4DB0FC3CCC}.exe
Task: C:\Windows\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-1.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-11.job => C:\Program Files (x86)\Torntv V9.0\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-4.job => C:\Program Files (x86)\Torntv V9.0\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-5.job => C:\Program Files (x86)\Torntv V9.0\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-6.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-novainstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-7.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-nova.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job => C:\Windows\TEMP\{D2B3A18B-19FB-4D43-902D-2B4DB0FC3CCC}.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{8B253AE3-424A-4B91-8C6F-2B4F8EA11E0D}.exe
Task: C:\Windows\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-1.job => C:\Program Files (x86)\GoPhoto.it V9.0\GoPhoto.it V9.0-codedownloader.exe
Task: C:\Windows\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-11.job => C:\Program Files (x86)\GoPhoto.it V9.0\da657d0c-e257-4364-8842-9d5a892cb4aa-11.exe
Task: C:\Windows\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-4.job => C:\Program Files (x86)\GoPhoto.it V9.0\da657d0c-e257-4364-8842-9d5a892cb4aa-4.exe
Task: C:\Windows\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-5.job => C:\Program Files (x86)\GoPhoto.it V9.0\da657d0c-e257-4364-8842-9d5a892cb4aa-5.exe
Task: C:\Windows\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-6.job => C:\Program Files (x86)\GoPhoto.it V9.0\GoPhoto.it V9.0-novainstaller.exe
Task: C:\Windows\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-7.job => C:\Program Files (x86)\GoPhoto.it V9.0\GoPhoto.it V9.0-nova.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-03-27 22:39 - 2013-03-27 22:39 - 00021824 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\x64\ti_managers_proxy_stub.dll
2009-07-21 14:34 - 2009-07-21 14:34 - 00610872 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2012-03-07 14:59 - 2007-07-12 18:00 - 01435648 _____ () C:\Program Files (x86)\KWorld Multimedia\HyperMediaCenter\DTVR\Scheduled.exe
2009-06-22 16:37 - 2009-06-22 16:37 - 00016712 ____R () C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
2009-07-07 15:56 - 2009-07-07 15:56 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2009-11-26 08:45 - 2009-11-26 08:45 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2009-08-09 04:34 - 2009-01-21 14:47 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2009-07-01 18:44 - 2009-07-01 18:44 - 00632888 _____ () C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
2009-07-15 20:51 - 2009-07-15 20:51 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2009-07-15 20:51 - 2009-07-15 20:51 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2009-07-15 20:50 - 2009-07-15 20:50 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
2009-07-15 20:50 - 2009-07-15 20:50 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2009-07-15 20:50 - 2009-07-15 20:50 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2009-07-15 20:50 - 2009-07-15 20:50 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
2009-07-15 20:50 - 2009-07-15 20:50 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
2009-07-15 20:50 - 2009-07-15 20:50 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
2009-06-17 15:40 - 2009-06-17 15:40 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2009-06-17 15:40 - 2009-06-17 15:40 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2009-06-17 15:40 - 2009-06-17 15:40 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2009-07-23 15:37 - 2009-07-23 15:37 - 00931112 ____N () c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
2012-03-07 14:59 - 2003-09-10 04:42 - 00045056 _____ () C:\Program Files (x86)\KWorld Multimedia\HyperMediaCenter\DTVR\kwspnd.dll
2010-03-14 15:18 - 2009-03-12 15:45 - 00135168 ____N () C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
2010-03-14 15:18 - 2008-11-21 13:58 - 00057344 ____N () C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll
2013-03-27 22:09 - 2013-03-27 22:09 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2014-06-11 14:25 - 2014-06-11 14:25 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2008-10-26 05:42 - 2008-10-26 05:42 - 00065376 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2006-10-27 15:35 - 2006-10-27 15:35 - 00436512 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2011-05-31 15:45 - 2011-05-31 15:45 - 00756048 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2014-06-12 11:51 - 2014-06-12 11:51 - 17024688 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:B755D674

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/04/2014 09:13:52 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: No se puede iniciar el servicio. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   en BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   en System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (07/02/2014 05:32:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4399

Error: (07/02/2014 05:32:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4399

Error: (07/02/2014 05:32:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/02/2014 05:32:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2808

Error: (07/02/2014 05:32:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2808

Error: (07/02/2014 05:32:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/02/2014 05:32:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1279

Error: (07/02/2014 05:32:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1279

Error: (07/02/2014 05:32:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (07/04/2014 09:30:13 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Microsoft Network Inspection depende del servicio Microsoft Network Inspection System, el cual no pudo iniciarse debido al siguiente error:
%%1068

Error: (07/04/2014 09:30:13 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio Motor de filtrado de base se cerró con el siguiente error:
%%5

Error: (07/04/2014 09:30:13 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Microsoft Network Inspection System depende del servicio Motor de filtrado de base, el cual no pudo iniciarse debido al siguiente error:
%%5

Error: (07/04/2014 09:30:13 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 0.0.0.0

    Update Source: %NT AUTHORITY51

    Update Stage: 4.5.0216.00

    Source Path: 4.5.0216.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\Servicio de red

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (07/04/2014 09:30:13 AM) (Source: Microsoft Antimalware) (EventID: 2003) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update the engine.

    New Engine Version:

    Previous Engine Version:

    Engine Type: %NT AUTHORITY604

    User: NT AUTHORITY\Servicio de red

    Error Code: %NT AUTHORITY601

    Error description: %NT AUTHORITY602

Error: (07/04/2014 09:30:13 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version:

    Update Source: %NT AUTHORITY15

    Update Stage: 4.5.0216.00

    Source Path: 4.5.0216.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\Servicio de red

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (07/04/2014 09:30:01 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Actualización de definición para Microsoft Security Essentials – KB2310138 (Definición 1.177.1657.0).

Error: (07/04/2014 09:30:00 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.177.1657.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.5.0216.00

    Source Path: 4.5.0216.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (07/04/2014 09:29:59 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Microsoft Network Inspection depende del servicio Microsoft Network Inspection System, el cual no pudo iniciarse debido al siguiente error:
%%1068

Error: (07/04/2014 09:29:59 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio Motor de filtrado de base se cerró con el siguiente error:
%%5


Microsoft Office Sessions:
=========================
Error: (05/06/2013 11:30:09 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 254 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (07/09/2012 03:18:20 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 56 seconds with 0 seconds of active time.  This session ended with a crash.


==================== Memory info ===========================

Percentage of memory in use: 70%
Total physical RAM: 4063.19 MB
Available physical RAM: 1187 MB
Total Pagefile: 8124.51 MB
Available Pagefile: 4768.91 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:450.62 GB) (Free:55.76 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:14.95 GB) (Free:2.45 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: CF892B78)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=451 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)

==================== End Of Log ============================



#4 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:10:30 AM

Posted 05 July 2014 - 03:52 AM

Hello,

 

 

We have a lot of works.

 

Please remove all cracked software and illegally obtained copyrighted material you have on the system so we may continue with the clean up.

 

(like MiNODLogin and Hosts: 127.0.0.1 validation.sls.microsoft.com)!!!

 

 

I suggest you to uninstall µTorrent as well.


Your log(s) show that you are using so called peer-to-peer or file-sharing programs (in your case µTorrent). These programs allow to share files between users as the name(s) suggest. In today's world the cyber crime has come to an enormous dimension and any means is used to infect personal computers to make use of their stored data or machine power for further propagation of the malware files. A popular means is the use of file-sharing tools as a tremendous amount of prospective victims can be reached through it.

It is therefore possible to be infected by downloading manipulated files via peer-to-peer tools and thus suggested to be used with intense care. Some further readings on this subject, along the included links, are as follows: "File-Sharing, otherwise known as Peer To Peer" and "Risks of File-Sharing Technology."

It is also important to note that sharing entertainment files and proprietary software infringes the copyright laws in many countries over the world and you are putting yourself at risk of being indicted through organisations watching over the rights of the authors of such files (i.e. the RIAA for music files, or the MPAA for movie files in the USA) or the authors of the files themselves.

Naturally there are also legal ways to use these services, such as downloading Linux distributions or office suites such as "Libre Office or GIMP."


Also, please take a look here:

How cyber criminals infect victims via P2P with pirated software

 

 

 

Next click on Start > type in appwiz.cpl in the search box and press Enter
Find and uninstall the following applications from the list:

GoPhoto.it V9.0
Homepage Protection
Media Buzz
Mozilla Maintenance Service
Search Protection
Skype Toolbars
Torntv V9.0

 

 

IMPORTANT NOTE: One or more of the identified infections is related to the rootkit ZeroAccess. Rootkits, backdoor Trojans, Botnets, and IRCBots are very dangerous because they compromise system integrity by making changes that allow it to be used be the attacker for malicious purposes. Rootkits are used be Trojans to conceal its presence (hide from view) in order to prevent detection of an attacker's software and make removal more difficult. Many rootkits can hook into the Windows 32-bit kernel, and patch several APIs to hide new registry keys and files they install. They can disable your anti-virus and security tools to prevent detection and removal. Remote attackers use backdoors as a means of accessing and taking control of a computer that bepasses security mechanisms. This type of exploit allows them to steal sensitive information like passwords, personal and financial data which is send back to the hacker. To learn more about these types of infections, you can refer to:

If your computer was used for online banking, has credit card information or other sensitive data on it, you should stay disconnected from the Internet until your system is fully cleaned. All passwords should be changed immediately to include those used for banking, email, eBay, paypal and online forums. You should consider them to be compromised and change each password using a clean computer, not the infected one. If not, an attacker may get the new passwords and transaction information. If using a router, you need to reset it with a strong logon/password so the malware cannot gain control before connect again. Banking and credit card institutions should be notified of the possible security breach. Because your computer was compromised please read:

Although the infection has been identified and may be removed, your PC has likely been compromised and there is no way to be sure the computer can ever be trusted again. It is dangerous and incorrect to assume the computer is secure even if the malware appears to have been removed. In some instances an infection may have caused so much damage to your system that it cannot be completely cleaned or repaired so you can never be sure that you have completely removed a rootkit. The malware may leave so many remnants behind that security tools cannot find them. Tools that claim to be able to remove rootkits cannot guarantee that all traces of it will be removed. Many experts in the security community believe that once infected with this type of malware, the best course of action is to wipe the drive clean, reformat and reinstall the OS. Please read:

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. If you decide to continue, then please do the following:

 

 

Please download the following file => [attachment=152047:fixlist.txt] and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

 

Next click on Start > type in appwiz.cpl in the search box and press Enter
Now Google Update Helper should be visible through the Control Panel... Select Google Update Helper and press Uninstall.
 

Now please download Farbar Service Scanner and run it on the computer with the issue.

  • Make sure that all options are checked.
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and past the results in your next reply.

 

Regards,

Georgi


cXfZ4wS.png


#5 tazmania99

tazmania99
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:30 AM

Posted 05 July 2014 - 10:53 AM

Hi Georgi!

Thanks, i will take into account the tips.

Now:

 

(like MiNODLogin and Hosts: 127.0.0.1 validation.sls.microsoft.com)!!!

 

 

I suggest you to uninstall µTorrent as well.

MiNODLogin and Hosts: 127.0.0.1 validation.sls.microsoft.com) ------> i delete both files directly.

µTorrent uninstall correctly!!

 

Next click on Start > type in appwiz.cpl in the search box and press Enter
Find and uninstall the following applications from the list:

GoPhoto.it V9.0
Homepage Protection
Media Buzz
Mozilla Maintenance Service
Search Protection
Skype Toolbars
Torntv V9.0

All uninstall correctly!!

 

  • About the possible infection in other PC of my network, what program you recommend me to run in them??

 

Next click on Start > type in appwiz.cpl in the search box and press Enter
Now Google Update Helper should be visible through the Control Panel... Select Google Update Helper and press Uninstall.

Uninstall correctly!!

 

Now the logs:

------------------------------------------------------- Fixlog.txt ----------------------------------------------------------------------

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 05-07-2014 01
Ran by VICTOR HUGO PATSI at 2014-07-05 11:24:32 Run:1
Running from C:\Users\VICTOR HUGO PATSI\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
HKU\S-1-5-21-2417842332-3562377342-529798385-1000\...\Run: [SearchProtection] => "C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Search Protection\SearchProtection.EXE" /autostart
C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Search Protection
SearchScopes: HKLM - {BEC2075C-8E0A-4EB6-8D5D-A840665B39C9} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {BEC2075C-8E0A-4EB6-8D5D-A840665B39C9} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKCU - {C644396F-60F2-459C-BB4B-7321EB4CD7CC} URL = http://websearch.ask.com/redirect?client=ie&tb=ATU2&o=14670&src=crm&q={searchTerms}&locale=en_ES&apn_ptnrs=T8&apn_dtid=YYYYYYYYBO&apn_uid=99e1d478-768d-42b4-b150-73a790bbfd9d&apn_sauid=7BC1C5CA-1CDC-4A6F-8F76-964A29588EC9
BHO: GoPhoto.it V9.0 - {11111111-1111-1111-1111-110311401168} - C:\Program Files (x86)\GoPhoto.it V9.0\GoPhoto.it V9.0-bho64.dll (installdaddy)
C:\Program Files (x86)\GoPhoto.it V9.0
BHO: Torntv V9.0 - {11111111-1111-1111-1111-110511131190} - C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-bho64.dll (installdaddy)
C:\Program Files (x86)\Torntv V9.0
BHO-x32: GoPhoto.it V9.0 - {11111111-1111-1111-1111-110311401168} - C:\Program Files (x86)\GoPhoto.it V9.0\GoPhoto.it V9.0-bho.dll (installdaddy)
BHO-x32: Torntv V9.0 - {11111111-1111-1111-1111-110511131190} - C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-bho.dll (installdaddy)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Media Buzz - {94e9d9cf-27ef-4c8c-8474-f0db13974e6c} - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode7412\ie\MediaBuzzV1mode7412.dll ()
C:\Program Files (x86)\MediaBuzzV1
BHO-x32: hpBHO Class - {ABD3B5E1-B268-407B-A150-2641DAB8D898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll (AOL Products)
Toolbar: HKCU - No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} -  No File
Hosts: 127.0.0.1 validation.sls.microsoft.com
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update ESET's license.lnk
C:\Program Files (x86)\ESET\MiNODLogin
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
FF Extension: GoPhoto.it V9.0 - C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\Extensions\2ea36bf1-0877-4aaa-882c-ff78f7d9d95c@dfb1672d-116a-4eb4-8be0-44786bd1d3dd.com [2014-06-28]
FF Extension: Torntv V9.0 - C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com [2014-06-25]
FF Extension: Flash Video Downloader - Full HD Download - C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\Extensions\artur.dubovoy@gmail.com [2014-05-15]
FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2014-06-11]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaBuzzV1mode7412.net] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode7412\ff
FF Extension: Media Buzz - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode7412\ff [2014-04-25]
CHR Plugin: (npFreeCoder plugin) - C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\edhilgpnlmgniclikjhefmadegchepcg\2.1.9_0\plugins/npFreeCoder.dll No File
CHR Plugin: (registryAccess) - C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaapoomnboffjcgcebabolakmhbblbk\7.15.4.0_0\background/registryAccess.dll No File
CHR Plugin: (AVG Internet Security) - C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\plugins/avgnpss.dll No File
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll No File
CHR HKLM-x32\...\Chrome\Extension: [aaaapoomnboffjcgcebabolakmhbblbk] - C:\Users\VICTOR HUGO PATSI\AppData\Local\APN\GoogleCRXs\aaaapoomnboffjcgcebabolakmhbblbk_7.15.4.0.crx [2013-08-22]
CHR HKLM-x32\...\Chrome\Extension: [opbelockddbfndgkkpdllgdhmpjeldmd] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode7412\ch\MediaBuzzV1mode7412.crx [2014-04-24]
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-06-12] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-06-12] (globalUpdate) [File not signed]
S2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [X]
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [X]
S2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [X]
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [49952 2014-03-20] (AVG Technologies)
C:\Windows\system32\drivers\avgtpx64.sys
2014-06-28 20:21 - 2014-06-28 20:21 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\AppData\Local\Avg2014
2014-06-28 20:14 - 2014-06-28 20:14 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\AppData\Roaming\TuneUp Software
2014-06-12 19:57 - 2014-06-12 19:57 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\AppData\Local\globalUpdate
2014-06-12 19:57 - 2014-06-12 19:57 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-06-28 20:40 - 2012-02-01 10:55 - 00000000 ____D () C:\ProgramData\AVG2012
2014-06-28 20:20 - 2011-06-07 15:12 - 00000000 ____D () C:\ProgramData\MFAData
2014-06-28 20:15 - 2014-06-28 20:15 - 00000000 ____D () C:\Windows\SysWOW64\Drivers\AVG
2014-06-28 20:15 - 2011-06-08 01:23 - 00000000 ____D () C:\Windows\system32\Drivers\AVG
C:\Windows\assembly\tmp
C:\Users\VICTOR HUGO PATSI\AppData\Local\c0f3925f
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Task: {1D6A9EFF-DEE6-435D-9D57-98A8F9C03519} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{8B253AE3-424A-4B91-8C6F-2B4F8EA11E0D}.exe
Task: {23F590C9-A793-460B-AC0B-B2C1FABB8CB2} - System32\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-1 => C:\Program Files (x86)\GoPhoto.it V9.0\GoPhoto.it V9.0-codedownloader.exe
Task: {2BDF3D4C-5D76-4E4E-A287-EEF62AC03362} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline No Task File <==== ATTENTION
Task: {47109718-CF38-4923-B935-B0B5704F6D84} - \AmiUpdXp No Task File <==== ATTENTION
Task: {54DC44A2-9A21-4C4E-8EA5-C87E9B08D0C3} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-06-12] (globalUpdate) <==== ATTENTION
Task: {600B873D-071B-40D2-955D-8CD463D96EFD} - System32\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-6 => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-novainstaller.exe <==== ATTENTION
Task: {6F140816-3378-4857-AE5E-1586DC586EF5} - System32\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-11 => C:\Program Files (x86)\Torntv V9.0\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-11.exe [2014-06-12] (installdaddy) <==== ATTENTION
Task: {81E29E5D-D3CB-46D1-8051-BF1CBA43CD15} - System32\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-4 => C:\Program Files (x86)\Torntv V9.0\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-4.exe [2014-06-12] (installdaddy) <==== ATTENTION
Task: {8E3F28CE-D89E-47E9-8B8D-1A0205A75C73} - \Scheduled Update for Ask Toolbar No Task File <==== ATTENTION
Task: {95391584-B46D-47A0-970B-C313519156DE} - System32\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-4 => C:\Program Files (x86)\GoPhoto.it V9.0\da657d0c-e257-4364-8842-9d5a892cb4aa-4.exe [2014-06-12] (installdaddy)
Task: {9D23950C-8A35-41DC-8D00-67D7D70CFCE8} - System32\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-1 => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-codedownloader.exe <==== ATTENTION
Task: {A4D78E5A-C49F-42F6-8209-74BC8ABDADCA} - System32\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-7 => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-nova.exe [2014-06-12] (installdaddy) <==== ATTENTION
Task: {AD1F824F-13AE-4673-89F0-6984EA800BB2} - System32\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-5 => C:\Program Files (x86)\Torntv V9.0\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-5.exe [2014-06-12] (installdaddy) <==== ATTENTION
Task: {AEA8B6CC-49F5-425B-A4EC-A09CB167C756} - \GoforFilesUpdate No Task File <==== ATTENTION
Task: {B8CE5AA6-ED05-4766-BE16-BD36033BFF82} - System32\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-6 => C:\Program Files (x86)\GoPhoto.it V9.0\GoPhoto.it V9.0-novainstaller.exe
Task: {BC02260E-6E93-4931-8C63-C967652E5220} - System32\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-7 => C:\Program Files (x86)\GoPhoto.it V9.0\GoPhoto.it V9.0-nova.exe [2014-06-12] (installdaddy)
Task: {D43770E6-8DF3-4BE4-A18B-0AB32A27ECBA} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-06-12] (globalUpdate) <==== ATTENTION
Task: {E23EBA42-895A-4578-B9D9-1DDA031148FB} - System32\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-11 => C:\Program Files (x86)\GoPhoto.it V9.0\da657d0c-e257-4364-8842-9d5a892cb4aa-11.exe [2014-06-12] (installdaddy)
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove No Task File <==== ATTENTION
Task: {F60287E0-D39B-40C9-95B5-A89B954C9D01} - System32\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-5 => C:\Program Files (x86)\GoPhoto.it V9.0\da657d0c-e257-4364-8842-9d5a892cb4aa-5.exe [2014-06-12] (installdaddy)
Task: {FE0987C3-4C9F-4826-AAAD-EC7DC2CDF134} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask No Task File <==== ATTENTION
Task: {FFA69DED-D7F1-4ADC-90A2-4C71BF337F9A} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv => C:\Windows\TEMP\{D2B3A18B-19FB-4D43-902D-2B4DB0FC3CCC}.exe
Task: C:\Windows\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-1.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-11.job => C:\Program Files (x86)\Torntv V9.0\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-4.job => C:\Program Files (x86)\Torntv V9.0\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-5.job => C:\Program Files (x86)\Torntv V9.0\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-6.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-novainstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-7.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-nova.exe <==== ATTENTION
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job => C:\Windows\TEMP\{D2B3A18B-19FB-4D43-902D-2B4DB0FC3CCC}.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{8B253AE3-424A-4B91-8C6F-2B4F8EA11E0D}.exe
Task: C:\Windows\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-1.job => C:\Program Files (x86)\GoPhoto.it V9.0\GoPhoto.it V9.0-codedownloader.exe
Task: C:\Windows\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-11.job => C:\Program Files (x86)\GoPhoto.it V9.0\da657d0c-e257-4364-8842-9d5a892cb4aa-11.exe
Task: C:\Windows\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-4.job => C:\Program Files (x86)\GoPhoto.it V9.0\da657d0c-e257-4364-8842-9d5a892cb4aa-4.exe
Task: C:\Windows\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-5.job => C:\Program Files (x86)\GoPhoto.it V9.0\da657d0c-e257-4364-8842-9d5a892cb4aa-5.exe
Task: C:\Windows\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-6.job => C:\Program Files (x86)\GoPhoto.it V9.0\GoPhoto.it V9.0-novainstaller.exe
Task: C:\Windows\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-7.job => C:\Program Files (x86)\GoPhoto.it V9.0\GoPhoto.it V9.0-nova.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:B755D674
AV: AVG Anti-Virus Free Edition 2012 (Enabled - Up to date) {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AS: AVG Anti-Virus Free Edition 2012 (Enabled - Up to date) {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
C:\Users\Guest\AppData\Local\Temp
end
*****************

HKU\S-1-5-21-2417842332-3562377342-529798385-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SearchProtection => value deleted successfully.
"C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Search Protection" => File/Directory not found.
'HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BEC2075C-8E0A-4EB6-8D5D-A840665B39C9}' => Key deleted successfully.
'HKCR\CLSID\{BEC2075C-8E0A-4EB6-8D5D-A840665B39C9}'=> Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BEC2075C-8E0A-4EB6-8D5D-A840665B39C9}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{BEC2075C-8E0A-4EB6-8D5D-A840665B39C9}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C644396F-60F2-459C-BB4B-7321EB4CD7CC}' => Key deleted successfully.
'HKCR\CLSID\{C644396F-60F2-459C-BB4B-7321EB4CD7CC}'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311401168}'=> Key not found.
'HKCR\CLSID\{11111111-1111-1111-1111-110311401168}'=> Key not found.
"C:\Program Files (x86)\GoPhoto.it V9.0" => File/Directory not found.
'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511131190}'=> Key not found.
'HKCR\CLSID\{11111111-1111-1111-1111-110511131190}'=> Key not found.
"C:\Program Files (x86)\Torntv V9.0" => File/Directory not found.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311401168}'=> Key not found.
'HKCR\Wow6432Node\CLSID\{11111111-1111-1111-1111-110311401168}'=> Key not found.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511131190}'=> Key not found.
'HKCR\Wow6432Node\CLSID\{11111111-1111-1111-1111-110511131190}'=> Key not found.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}'=> Key not found.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{94e9d9cf-27ef-4c8c-8474-f0db13974e6c}'=> Key not found.
'HKCR\Wow6432Node\CLSID\{94e9d9cf-27ef-4c8c-8474-f0db13974e6c}'=> Key not found.
C:\Program Files (x86)\MediaBuzzV1 => Moved successfully.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ABD3B5E1-B268-407B-A150-2641DAB8D898}'=> Key not found.
'HKCR\Wow6432Node\CLSID\{ABD3B5E1-B268-407B-A150-2641DAB8D898}'=> Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} => value deleted successfully.
'HKCR\CLSID\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C}'=> Key not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update ESET's license.lnk => Moved successfully.
"C:\Program Files (x86)\ESET\MiNODLogin" => File/Directory not found.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\Extensions\2ea36bf1-0877-4aaa-882c-ff78f7d9d95c@dfb1672d-116a-4eb4-8be0-44786bd1d3dd.com not found.
C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com not found.
C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\Extensions\artur.dubovoy@gmail.com => Moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com => Moved successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ext@MediaBuzzV1mode7412.net => Value not found.
C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode7412\ff not found.
C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\edhilgpnlmgniclikjhefmadegchepcg\2.1.9_0\plugins/npFreeCoder.dll not found.
C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaapoomnboffjcgcebabolakmhbblbk\7.15.4.0_0\background/registryAccess.dll not found.
C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\plugins/avgnpss.dll not found.
C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll not found.
'HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aaaapoomnboffjcgcebabolakmhbblbk' => Key deleted successfully.
"C:\Users\VICTOR HUGO PATSI\AppData\Local\APN\GoogleCRXs\aaaapoomnboffjcgcebabolakmhbblbk_7.15.4.0.crx" => File/Directory not found.
'HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\opbelockddbfndgkkpdllgdhmpjeldmd'=> Key not found.
"C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode7412\ch\MediaBuzzV1mode7412.crx" => File/Directory not found.
globalUpdate => Service deleted successfully.
globalUpdatem => Service deleted successfully.
hshld => Service deleted successfully.
HssTrayService => Service deleted successfully.
HssWd => Service deleted successfully.
avgtp => Service stopped successfully.
avgtp => Service deleted successfully.
C:\Windows\system32\drivers\avgtpx64.sys => Moved successfully.
C:\Users\VICTOR HUGO PATSI\AppData\Local\Avg2014 => Moved successfully.
C:\Users\VICTOR HUGO PATSI\AppData\Roaming\TuneUp Software => Moved successfully.
C:\Users\VICTOR HUGO PATSI\AppData\Local\globalUpdate => Moved successfully.
C:\Program Files (x86)\globalUpdate => Moved successfully.
C:\ProgramData\AVG2012 => Moved successfully.
C:\ProgramData\MFAData => Moved successfully.
C:\Windows\SysWOW64\Drivers\AVG => Moved successfully.
C:\Windows\system32\Drivers\AVG => Moved successfully.
C:\Windows\assembly\tmp => Moved successfully.
C:\Users\VICTOR HUGO PATSI\AppData\Local\c0f3925f => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}\\SystemComponent => value deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1D6A9EFF-DEE6-435D-9D57-98A8F9C03519}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D6A9EFF-DEE6-435D-9D57-98A8F9C03519}' => Key deleted successfully.
C:\Windows\System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG-Secure-Search-Update_JUNE2013_TB_rmv' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23F590C9-A793-460B-AC0B-B2C1FABB8CB2}'=> Key not found.
C:\Windows\System32\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-1 not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\da657d0c-e257-4364-8842-9d5a892cb4aa-1'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2BDF3D4C-5D76-4E4E-A287-EEF62AC03362}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2BDF3D4C-5D76-4E4E-A287-EEF62AC03362}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{47109718-CF38-4923-B935-B0B5704F6D84}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47109718-CF38-4923-B935-B0B5704F6D84}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AmiUpdXp' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{54DC44A2-9A21-4C4E-8EA5-C87E9B08D0C3}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{54DC44A2-9A21-4C4E-8EA5-C87E9B08D0C3}' => Key deleted successfully.
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{600B873D-071B-40D2-955D-8CD463D96EFD}'=> Key not found.
C:\Windows\System32\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-6 not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-6'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F140816-3378-4857-AE5E-1586DC586EF5}'=> Key not found.
C:\Windows\System32\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-11 not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-11'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81E29E5D-D3CB-46D1-8051-BF1CBA43CD15}'=> Key not found.
C:\Windows\System32\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-4 not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-4'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8E3F28CE-D89E-47E9-8B8D-1A0205A75C73}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E3F28CE-D89E-47E9-8B8D-1A0205A75C73}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95391584-B46D-47A0-970B-C313519156DE}'=> Key not found.
C:\Windows\System32\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-4 not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\da657d0c-e257-4364-8842-9d5a892cb4aa-4'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D23950C-8A35-41DC-8D00-67D7D70CFCE8}'=> Key not found.
C:\Windows\System32\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-1 not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-1'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A4D78E5A-C49F-42F6-8209-74BC8ABDADCA}'=> Key not found.
C:\Windows\System32\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-7 not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-7'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AD1F824F-13AE-4673-89F0-6984EA800BB2}'=> Key not found.
C:\Windows\System32\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-5 not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-5'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AEA8B6CC-49F5-425B-A4EC-A09CB167C756}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AEA8B6CC-49F5-425B-A4EC-A09CB167C756}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoforFilesUpdate' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B8CE5AA6-ED05-4766-BE16-BD36033BFF82}'=> Key not found.
C:\Windows\System32\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-6 not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\da657d0c-e257-4364-8842-9d5a892cb4aa-6'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BC02260E-6E93-4931-8C63-C967652E5220}'=> Key not found.
C:\Windows\System32\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-7 not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\da657d0c-e257-4364-8842-9d5a892cb4aa-7'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D43770E6-8DF3-4BE4-A18B-0AB32A27ECBA}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D43770E6-8DF3-4BE4-A18B-0AB32A27ECBA}' => Key deleted successfully.
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E23EBA42-895A-4578-B9D9-1DDA031148FB}'=> Key not found.
C:\Windows\System32\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-11 not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\da657d0c-e257-4364-8842-9d5a892cb4aa-11'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{EB02381F-D652-4B1C-894A-712498C62C51}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB02381F-D652-4B1C-894A-712498C62C51}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MUI\LPRemove' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F60287E0-D39B-40C9-95B5-A89B954C9D01}'=> Key not found.
C:\Windows\System32\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-5 not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\da657d0c-e257-4364-8842-9d5a892cb4aa-5'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FE0987C3-4C9F-4826-AAAD-EC7DC2CDF134}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE0987C3-4C9F-4826-AAAD-EC7DC2CDF134}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Activation Technologies\ValidationTask' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FFA69DED-D7F1-4ADC-90A2-4C71BF337F9A}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FFA69DED-D7F1-4ADC-90A2-4C71BF337F9A}' => Key deleted successfully.
C:\Windows\System32\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG-Secure-Search-Update_JUNE2013_HP_rmv' => Key deleted successfully.
C:\Windows\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-1.job not found.
C:\Windows\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-11.job not found.
C:\Windows\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-4.job not found.
C:\Windows\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-5.job not found.
C:\Windows\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-6.job not found.
C:\Windows\Tasks\0b2b6178-1c7b-4e0e-85b0-d3caf11575f5-7.job not found.
C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job => Moved successfully.
C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => Moved successfully.
C:\Windows\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-1.job not found.
C:\Windows\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-11.job not found.
C:\Windows\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-4.job not found.
C:\Windows\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-5.job not found.
C:\Windows\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-6.job not found.
C:\Windows\Tasks\da657d0c-e257-4364-8842-9d5a892cb4aa-7.job not found.
C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => Moved successfully.
C:\ProgramData\Temp => ":B755D674" ADS removed successfully.
AV: AVG Anti-Virus Free Edition 2012 (Enabled - Up to date) {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} => The item is protected. Make sure the software is uninstalled and its services is removed.
AS: AVG Anti-Virus Free Edition 2012 (Enabled - Up to date) {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} => The item is protected. Make sure the software is uninstalled and its services is removed.
C:\Users\Guest\AppData\Local\Temp => Moved successfully.


The system needed a reboot.

==== End of Fixlog ====

 

------------------------------------------------------- FSS.txt ----------------------------------------------------------------------

Farbar Service Scanner Version: 10-06-2014
Ran by VICTOR HUGO PATSI (administrator) on 05-07-2014 at 11:34:48
Running from "C:\Users\VICTOR HUGO PATSI\Desktop"
Microsoft Windows 7 Home Premium   (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.

bfe Service is not running. Checking service configuration:
The start type of bfe service is OK.
The ImagePath of bfe service is OK.
The ServiceDll of bfe service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.

Action Center Notification Icon =====> Unable to open HKLM\...\ShellServiceObjects\{F56F6FDD-AA9D-4618-A949-C1B91AF43B1A} key. The key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============
Checking Start type of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
Checking ImagePath of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
Checking ServiceDll of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.



File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****



#6 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:10:30 AM

Posted 05 July 2014 - 11:25 AM

Hello,

 

About the possible infection in other PC of my network, what program you recommend me to run in them??

 

We will see at the end of the cleaning process...

 

 

Next let's try to fix the broken services.


Backup Your Registry

 


 

Now download the following files and save them to your desktop:
 

BFE.reg

 

MpsSvc.reg

 

wscsvc.reg

 

WinDefend.reg

 

iphlpsvc.reg

 

fix_action_center_x64.reg

 

Now double click on each of them one by one. An information box will pop up asking if you want to merge the information in the file into the registry, click YES.

 

  • Next please download the ESET ServicesRepair utility and save it to your Desktop.
  • Double-click ServicesRepair.exe to run the ESET ServicesRepair utility.
  • If you are using User Access Control, click Run when prompted and then click Yes when asked to allow changes.
  • Reboot the computer and then please post fresh log from Farbar Service Scanner.

 

Also since you uninstalled AVG please download and run the appropriate uninstaller to get rid of the leftovers:

 

AVG Remover(64bit) 2014

AVG Remover(64bit) 2013

AVG Remover(64bit) 2012

 

Next please run a new scan with Farbar Recovery Scan Tool (make sure that Addition.txt is ticked before you press the Scan button) and then post both logs in your next reply.

 

 

Regards,

Georgi


cXfZ4wS.png


#7 tazmania99

tazmania99
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:30 AM

Posted 05 July 2014 - 12:55 PM

 Hi Georgi! thanks for the help :cowboy:  you are the best!!

 

 

Backup Your Registry

Check!

 

 

Now download the following files and save them to your desktop:
 

BFE.reg

 

MpsSvc.reg

 

wscsvc.reg

 

WinDefend.reg

 

iphlpsvc.reg

 

fix_action_center_x64.reg

 

Now double click on each of them one by one. An information box will pop up asking if you want to merge the information in the file into the registry, click YES.

 

  • Next please download the ESET ServicesRepair utility and save it to your Desktop.
  • Double-click ServicesRepair.exe to run the ESET ServicesRepair utility.
  • If you are using User Access Control, click Run when prompted and then click Yes when asked to allow changes.
  • Reboot the computer and then please post fresh log from Farbar Service Scanner.

Check!!

After the reboot in my desktop appear a folder named "CC Support" inside have other 2 folder's "Logs" "Tools", i hope that's OK.

The log from Farbar Service Scanner:

------------------------------------------------------------------------------------------------------------------------------------------------

Farbar Service Scanner Version: 10-06-2014
Ran by VICTOR HUGO PATSI (administrator) on 05-07-2014 at 13:32:27
Running from "C:\Users\VICTOR HUGO PATSI\Desktop"
Microsoft Windows 7 Home Premium   (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****

------------------------------------------------------------------------------------------------------------------------------------------------

 

 

Also since you uninstalled AVG please download and run the appropriate uninstaller to get rid of the leftovers:

 

AVG Remover(64bit) 2014

AVG Remover(64bit) 2013

AVG Remover(64bit) 2012

Check!!

I expected a reboot of the system ............ nothing. Seem's to be ok.

 

 

Next please run a new scan with Farbar Recovery Scan Tool (make sure that Addition.txt is ticked before you press the Scan button) and then post both logs in your next reply.

The logs:

----------------------------------------------------------- FRST.txt -------------------------------------------------------------------------------------

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01
Ran by VICTOR HUGO PATSI (administrator) on VICTOR on 05-07-2014 13:38:23
Running from C:\Users\VICTOR HUGO PATSI\Desktop
Platform: Windows 7 Home Premium (X64) OS Language: Español (España, internacional)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\stacsv64.exe
(Hewlett-Packard) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIFBB.EXE
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
() C:\Program Files (x86)\KWorld Multimedia\HyperMediaCenter\DTVR\Scheduled.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Computer, Inc.) C:\Program Files (x86)\QuickTime\qttask.exe
() C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1815848 2009-07-14] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [450048 2009-07-21] (IDT, Inc.)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610872 2009-07-21] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Java\jre6\bin\jusched.exe [171520 2009-08-09] (Sun Microsystems, Inc.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2710856 2009-11-01] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-03] (CANON INC.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [516928 2013-02-15] (Acronis)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPCam_Menu] => c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\qttask.exe [282624 2006-09-01] (Apple Computer, Inc.)
HKLM-x32\...\Run: [Corel File Shell Monitor] => C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe [16712 2009-06-22] ()
HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [320056 2009-06-24] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [581480 2009-05-12] (Symantec Corporation)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-02-16] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2008-10-13] (CyberLink Corp.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [673616 2009-04-07] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [WinampAgent] => "C:\Program Files (x86)\Winamp\winampa.exe"
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [69632 2004-04-13] (InstallShield Software Corporation)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [273544 2011-06-27] (RealNetworks, Inc.)
HKLM-x32\...\Run: [HDD Regenerator] => "C:\Program Files (x86)\HDD Regenerator\Shell.exe" /1
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6365920 2013-03-27] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1103424 2013-01-10] (Acronis)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [815888 2014-02-18] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\.DEFAULT\...\Policies\system: [WallpaperStyle] 2
HKU\S-1-5-21-2417842332-3562377342-529798385-1000\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1668664 2009-07-15] (Hewlett-Packard)
HKU\S-1-5-21-2417842332-3562377342-529798385-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-06-17] (Hewlett-Packard Company)
HKU\S-1-5-21-2417842332-3562377342-529798385-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2008-01-22] (Nero AG)
HKU\S-1-5-21-2417842332-3562377342-529798385-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [196608 2004-04-17] (InstallShield Software Corporation)
HKU\S-1-5-21-2417842332-3562377342-529798385-1000\...\Run: [EPSON TX115 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFBB.EXE [223232 2008-09-26] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2417842332-3562377342-529798385-1000\...\Run: [Center Agent] => C:\Program Files (x86)\KWorld Multimedia\HyperMediaCenter\DTVR\Scheduled.exe [1435648 2007-07-12] ()
HKU\S-1-5-21-2417842332-3562377342-529798385-1000\...\Run: [NetLimiter] => C:\Program Files\NetLimiter 3\NLClientApp.exe /tray
HKU\S-1-5-21-2417842332-3562377342-529798385-1000\...\Policies\system: [WallpaperStyle] 2
ShellIconOverlayIdentifiers: AcronisSyncError -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: AcronisSyncInProgress -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: AcronisSyncOk -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/#!/home.php?sk=lf
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.facebook.com/#!/home.php?sk=lf
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {1710F97F-F7BD-4B44-BAEE-31ED4C9C2DBE} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=443898&p={searchTerms}
SearchScopes: HKCU - {1710F97F-F7BD-4B44-BAEE-31ED4C9C2DBE} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=443898&p={searchTerms}
SearchScopes: HKCU - {BEC2075C-8E0A-4EB6-8D5D-A840665B39C9} URL =
SearchScopes: HKCU - {CC778948-1EA5-4599-AE7A-9807D211DCF4} URL =
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll No File
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll (Microsoft Corp.)
DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 200.0.0.1
Tcpip\..\Interfaces\{1EE849A1-A4D4-4728-AA34-F73FBADE191A}: [NameServer]200.105.128.40,200.105.128.41
Tcpip\..\Interfaces\{C5013BDC-5B96-4D68-9005-62D2BA4B7BD5}: [NameServer]200.73.96.146 200.73.96.162

FireFox:
========
FF ProfilePath: C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224
FF Homepage: hxxp://www.google.com.bo/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @raidcall.com/RCplugin - C:\Users\VICTOR HUGO PATSI\AppData\LocalLow\raidcall\plugins\webplugin.dll (Raidcall)
FF Plugin-x32: @raidcall.en/RCplugin - C:\Users\VICTOR HUGO PATSI\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @real.com/nppl3260;version=12.0.1.647 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=12.0.1.647 - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=12.0.1.652 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll No File
FF Plugin-x32: @real.com/nprphtml5videoshim;version=12.0.1.652 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
FF Plugin-x32: @real.com/nprpjplug;version=12.0.1.647 - c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Extension: Adblock Plus - C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-26]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-06-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-06-11]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009-08-09]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009-08-09]
FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\VICTOR HUGO PATSI\AppData\Roaming\IDM\idmmzcc5

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR DefaultSearchURL: http://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}&src={referrer:source?}
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (npFreeCoder plugin) - C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\edhilgpnlmgniclikjhefmadegchepcg\2.1.9_0\plugins/npFreeCoder.dll No File
CHR Plugin: (registryAccess) - C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaapoomnboffjcgcebabolakmhbblbk\7.15.4.0_0\background/registryAccess.dll No File
CHR Plugin: (AVG Internet Security) - C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\plugins/avgnpss.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll No File
CHR Plugin: (QuickTime Plug-in 7.1.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Computer, Inc.)
CHR Plugin: (QuickTime Plug-in 7.1.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Computer, Inc.)
CHR Plugin: (QuickTime Plug-in 7.1.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Computer, Inc.)
CHR Plugin: (QuickTime Plug-in 7.1.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Computer, Inc.)
CHR Plugin: (QuickTime Plug-in 7.1.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Computer, Inc.)
CHR Plugin: (QuickTime Plug-in 7.1.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Computer, Inc.)
CHR Plugin: (QuickTime Plug-in 7.1.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Computer, Inc.)
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Java™ Platform SE 7 U9) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll No File
CHR Plugin: (Raidcall plugin) - C:\Users\VICTOR HUGO PATSI\AppData\LocalLow\raidcall\plugins\webplugin.dll (Raidcall)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.70.11) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Windows Activation Technologies) - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\2.0.31005.0\npctrl.dll No File
CHR Plugin: (RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
CHR Extension: (Adblock Plus) - C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-26]
CHR Extension: (Google Wallet) - C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2013-08-22]

==================== Services (Whitelisted) =================

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-02-18] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-02-18] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [766736 2014-02-18] (BlueStack Systems, Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29178224 2007-02-10] (Microsoft Corporation)
S2 MySQL; C:\Program Files\MySQL\MySQL Server 5.0\my.ini [9252 2013-02-25] () [File not signed]
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [275752 2008-01-22] (Nero AG)
R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-01-21] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe [240128 2009-07-21] (IDT, Inc.)

==================== Drivers (Whitelisted) ====================

R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122128 2014-02-18] (BlueStack Systems)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [246224 2009-12-07] (Huawei Technologies Co., Ltd.)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [54984 2014-03-19] (AnchorFree Inc.)
S2 io.sys; C:\Windows\SysWOW64\drivers\io.sys [5152 2013-01-21] () [File not signed]
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2009-02-10] (EZB Systems, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
R2 NPF; C:\Windows\SysWOW64\drivers\npf.sys [50704 2010-03-22] (CACE Technologies, Inc.)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [113704 2008-10-21] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [19496 2008-10-21] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [152616 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [133160 2008-10-21] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [34856 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [128552 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [145960 2008-10-21] (MCCI Corporation)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-03-19] (Anchorfree Inc.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2013-12-23] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2013-12-23] (Acronis)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2013-12-23] (Acronis International GmbH)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2009-07-24] (CyberLink Corp.)
S3 NLNdisMP; system32\DRIVERS\nlndis.sys [X]
S3 NLNdisPT; system32\DRIVERS\nlndis.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-05 13:38 - 2014-07-05 13:39 - 00030203 _____ () C:\Users\VICTOR HUGO PATSI\Desktop\FRST.txt
2014-07-05 13:35 - 2014-07-05 13:36 - 00228988 _____ () C:\Users\VICTOR HUGO PATSI\Desktop\avgremover.log
2014-07-05 13:35 - 2014-07-05 13:35 - 03386520 _____ (AVG Technologies CZ, s.r.o.) C:\Users\VICTOR HUGO PATSI\Desktop\avg_remover_stf_x64_2014_4116.exe
2014-07-05 13:32 - 2014-07-05 13:32 - 00002963 _____ () C:\Users\VICTOR HUGO PATSI\Desktop\FSS.txt
2014-07-05 13:31 - 2014-07-05 13:31 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\Desktop\Nueva carpeta
2014-07-05 13:29 - 2014-07-05 13:29 - 00000000 ___RD () C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9
2014-07-05 13:26 - 2014-07-05 13:26 - 00000000 ____D () C:\Users\Public\Desktop\CC Support
2014-07-05 13:24 - 2014-07-05 13:25 - 04009167 _____ () C:\Users\VICTOR HUGO PATSI\Desktop\ServicesRepair.exe
2014-07-05 13:23 - 2014-07-05 13:23 - 00007586 _____ () C:\Users\VICTOR HUGO PATSI\Desktop\WinDefend.reg
2014-07-05 13:23 - 2014-07-05 13:23 - 00006296 _____ () C:\Users\VICTOR HUGO PATSI\Desktop\iphlpsvc.reg
2014-07-05 13:23 - 2014-07-05 13:23 - 00000186 _____ () C:\Users\VICTOR HUGO PATSI\Desktop\fix_action_center_x64.reg
2014-07-05 13:22 - 2014-07-05 13:22 - 00176940 _____ () C:\Users\VICTOR HUGO PATSI\Desktop\BFE.reg
2014-07-05 13:22 - 2014-07-05 13:22 - 00006396 _____ () C:\Users\VICTOR HUGO PATSI\Desktop\MpsSvc.reg
2014-07-05 13:22 - 2014-07-05 13:22 - 00005256 _____ () C:\Users\VICTOR HUGO PATSI\Desktop\wscsvc.reg
2014-07-05 13:19 - 2014-07-05 13:19 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-VICTOR-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-07-05 13:18 - 2014-07-05 13:18 - 00000000 ____D () C:\RegBackup
2014-07-05 13:17 - 2014-07-05 13:17 - 00002195 _____ () C:\Users\VICTOR HUGO PATSI\Desktop\Tweaking.com - Registry Backup.lnk
2014-07-05 13:17 - 2014-07-05 13:17 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-07-05 13:17 - 2014-07-05 13:17 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-07-05 11:33 - 2014-07-05 11:33 - 00415744 _____ (Farbar) C:\Users\VICTOR HUGO PATSI\Desktop\FSS.exe
2014-07-05 11:24 - 2014-07-05 11:24 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\Desktop\FRST-OlderVersion
2014-07-05 11:11 - 2014-07-05 11:11 - 00003142 _____ () C:\Windows\System32\Tasks\{EBF56391-1981-447E-92AE-341308D99FD2}
2014-07-04 09:55 - 2014-07-05 11:24 - 02084352 _____ (Farbar) C:\Users\VICTOR HUGO PATSI\Desktop\FRST64.exe
2014-06-30 19:03 - 2014-07-01 02:03 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\Desktop\compartir
2014-06-30 12:19 - 2009-09-10 02:28 - 00311808 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-06-30 12:19 - 2009-09-10 01:52 - 00257024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-06-30 12:12 - 2014-06-30 12:14 - 00445448 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2014-06-30 11:58 - 2014-06-30 12:07 - 00444840 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-06-30 11:48 - 2014-06-30 11:48 - 17857536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 12356608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 10890240 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 09711104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-06-30 11:48 - 2014-06-30 11:48 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-06-30 11:48 - 2014-06-30 11:48 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-30 11:48 - 2014-06-30 11:48 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-30 11:48 - 2014-06-30 11:48 - 02338816 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 02148352 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-30 11:48 - 2014-06-30 11:48 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-30 11:48 - 2014-06-30 11:48 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 01348608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 01106432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-06-30 11:48 - 2014-06-30 11:48 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-06-30 11:48 - 2014-06-30 11:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-06-30 11:48 - 2014-06-30 11:48 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-06-30 11:48 - 2014-06-30 11:48 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-06-30 11:33 - 2014-06-30 11:33 - 00000000 ____D () C:\Windows\SQLTools9_KB960089_ENU
2014-06-30 11:28 - 2014-06-30 11:28 - 00000000 ____D () C:\Windows\SQL9_KB960089_ENU
2014-06-30 11:23 - 2012-12-16 12:52 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-06-30 11:23 - 2012-12-16 10:40 - 00367616 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-06-30 11:23 - 2012-12-16 10:25 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-06-30 11:23 - 2012-12-16 10:25 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-06-30 11:23 - 2009-10-19 10:46 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-06-30 11:23 - 2009-10-19 10:10 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-06-30 11:18 - 2014-06-30 11:18 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-06-30 11:18 - 2014-06-30 11:18 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-06-30 09:40 - 2012-03-01 02:54 - 00022896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-06-30 09:40 - 2012-03-01 02:40 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-06-30 09:40 - 2012-03-01 02:35 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-06-30 09:40 - 2012-03-01 01:45 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-06-30 09:40 - 2012-03-01 01:40 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2014-06-29 11:10 - 2012-11-09 01:34 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-06-29 11:10 - 2012-11-09 00:49 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-06-29 11:10 - 2012-03-03 02:29 - 01837568 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-06-29 11:10 - 2012-03-03 02:29 - 01541120 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-06-29 11:10 - 2012-03-03 02:29 - 00902656 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-06-29 11:10 - 2012-03-03 02:29 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-06-29 11:10 - 2012-03-03 02:29 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-06-29 11:10 - 2012-03-03 01:40 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-06-29 11:10 - 2012-03-03 01:40 - 01074176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-06-29 11:10 - 2012-03-03 01:40 - 00739840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-06-29 11:10 - 2012-03-03 01:40 - 00218624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-06-29 11:10 - 2012-03-03 01:40 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-06-29 11:10 - 2011-06-15 05:58 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2014-06-29 11:10 - 2011-06-15 05:58 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2014-06-29 11:10 - 2011-06-15 05:58 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2014-06-29 11:10 - 2011-06-15 05:58 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2014-06-29 11:10 - 2011-06-15 05:04 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2014-06-29 11:10 - 2011-06-15 05:04 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2014-06-29 11:10 - 2011-06-15 05:04 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2014-06-29 11:10 - 2011-06-15 05:04 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2014-06-29 11:10 - 2011-06-15 05:04 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2014-06-29 11:10 - 2011-04-26 22:57 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-06-29 11:10 - 2010-03-05 03:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2014-06-29 11:10 - 2010-03-05 03:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2014-06-29 11:09 - 2013-02-12 11:42 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-06-29 11:09 - 2013-02-12 11:37 - 03138048 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-06-29 11:09 - 2013-02-12 11:31 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-06-29 11:09 - 2013-02-12 11:13 - 02691072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-06-29 11:09 - 2013-02-12 11:07 - 00131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-06-29 11:09 - 2013-02-12 09:59 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-06-29 11:09 - 2011-04-09 02:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-06-29 11:09 - 2011-04-09 01:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-06-29 11:08 - 2012-11-09 01:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-06-29 11:08 - 2012-11-09 00:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-06-29 11:08 - 2010-12-23 02:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2014-06-29 11:08 - 2010-12-23 02:07 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2014-06-29 11:08 - 2010-12-23 02:02 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-06-29 11:08 - 2010-12-23 01:28 - 00850432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2014-06-29 11:08 - 2010-12-23 01:28 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2014-06-29 11:08 - 2010-12-23 01:24 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2014-06-29 11:08 - 2010-08-26 01:27 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2014-06-29 11:08 - 2010-08-26 00:39 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2014-06-29 11:05 - 2013-02-28 23:32 - 03150848 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-06-29 11:05 - 2011-11-17 03:12 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-06-29 11:05 - 2011-11-17 01:39 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2014-06-29 11:05 - 2011-10-26 01:22 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-06-29 11:05 - 2011-10-26 01:22 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-06-29 11:05 - 2011-10-26 00:28 - 01328640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-06-29 11:05 - 2011-10-26 00:28 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-06-29 11:05 - 2011-07-08 22:44 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-06-29 11:05 - 2011-05-03 22:51 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-06-29 11:05 - 2011-05-03 22:51 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-06-29 11:05 - 2010-11-02 01:18 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2014-06-29 11:05 - 2010-11-02 01:17 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2014-06-29 11:05 - 2010-11-02 01:17 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2014-06-29 11:05 - 2010-11-02 01:16 - 01114624 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-06-29 11:05 - 2010-11-02 01:10 - 00464384 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2014-06-29 11:05 - 2010-11-02 01:10 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2014-06-29 11:05 - 2010-11-02 00:40 - 00496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2014-06-29 11:05 - 2010-11-02 00:40 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2014-06-29 11:05 - 2010-11-02 00:34 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2014-06-29 11:05 - 2010-11-02 00:34 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2014-06-29 11:05 - 2010-06-29 01:39 - 02085376 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2014-06-29 11:05 - 2010-06-29 01:02 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2014-06-29 11:05 - 2010-05-05 03:37 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2014-06-29 11:05 - 2010-05-05 02:46 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2014-06-29 11:04 - 2009-09-03 03:36 - 01975296 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2014-06-29 11:04 - 2009-09-03 03:04 - 01320960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2014-06-29 11:02 - 2013-04-12 10:36 - 01653096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-06-29 11:01 - 2013-02-12 10:02 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-06-29 11:01 - 2012-06-09 01:30 - 14165504 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-06-29 11:01 - 2012-06-09 00:46 - 12868608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-06-29 11:01 - 2012-06-02 01:38 - 00152432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-06-29 11:01 - 2012-06-02 01:38 - 00095088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-06-29 11:01 - 2012-06-02 01:37 - 00459216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-06-29 11:01 - 2012-06-02 01:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-06-29 11:01 - 2012-06-02 00:48 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-06-29 11:01 - 2012-06-02 00:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-06-29 11:01 - 2012-06-02 00:42 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-06-29 11:01 - 2012-04-26 01:34 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-06-29 11:01 - 2012-04-26 01:34 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-06-29 11:01 - 2012-04-26 01:28 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-06-29 11:01 - 2011-11-17 03:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-06-29 11:01 - 2011-11-17 03:11 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-06-29 11:01 - 2011-11-17 03:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-06-29 11:01 - 2011-11-17 03:08 - 01446912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-06-29 11:01 - 2011-11-17 03:05 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-06-29 11:01 - 2011-03-11 02:19 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2014-06-29 11:01 - 2011-03-11 02:19 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2014-06-29 11:01 - 2011-03-11 01:40 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2014-06-29 11:01 - 2011-03-11 01:40 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2014-06-29 11:01 - 2010-08-21 02:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-06-29 11:01 - 2010-08-21 01:33 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-06-29 11:01 - 2010-06-19 02:53 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll
2014-06-29 11:01 - 2010-06-19 02:23 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtutils.dll
2014-06-29 11:01 - 2009-10-31 02:34 - 02870272 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-06-29 11:01 - 2009-10-31 01:45 - 02614272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-06-29 11:01 - 2009-10-28 02:24 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-06-29 11:00 - 2012-11-02 01:30 - 02001408 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-29 11:00 - 2012-11-02 01:30 - 01880064 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-29 11:00 - 2012-11-02 00:50 - 01388544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-29 11:00 - 2012-11-02 00:50 - 01236992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-29 11:00 - 2011-03-03 02:17 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-06-29 11:00 - 2011-03-03 02:17 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-06-29 11:00 - 2011-03-03 02:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-06-29 11:00 - 2011-03-03 01:29 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-06-29 11:00 - 2011-03-03 01:27 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2014-06-29 11:00 - 2010-08-21 02:29 - 00558592 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-06-29 11:00 - 2010-07-29 02:30 - 00082944 _____ (Radius Inc.) C:\Windows\SysWOW64\iccvid.dll
2014-06-29 10:59 - 2013-01-04 01:37 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-06-29 10:59 - 2013-01-04 01:37 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-06-29 10:59 - 2013-01-04 01:37 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-06-29 10:59 - 2013-01-04 01:36 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-06-29 10:59 - 2013-01-04 01:33 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-06-29 10:59 - 2013-01-04 01:30 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-06-29 10:59 - 2013-01-04 01:30 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-06-29 10:59 - 2013-01-04 01:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:27 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:27 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:26 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:26 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:26 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 01:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:51 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-06-29 10:59 - 2013-01-04 00:51 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-06-29 10:59 - 2013-01-04 00:51 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-06-29 10:59 - 2013-01-04 00:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-06-29 10:59 - 2013-01-03 23:19 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-06-29 10:59 - 2013-01-03 22:48 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-06-29 10:59 - 2013-01-03 22:48 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-06-29 10:59 - 2013-01-03 22:48 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-06-29 10:59 - 2013-01-03 22:48 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-06-29 10:59 - 2013-01-03 22:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-06-29 10:59 - 2013-01-03 22:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-06-29 10:59 - 2013-01-03 22:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-06-29 10:59 - 2013-01-03 22:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-06-29 10:59 - 2012-11-20 01:55 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-06-29 10:59 - 2012-11-20 01:10 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-06-29 10:59 - 2012-11-02 01:27 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-06-29 10:59 - 2012-11-02 00:48 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2014-06-29 10:59 - 2012-09-06 13:38 - 00295792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-06-29 10:59 - 2012-08-24 14:05 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-06-29 10:59 - 2012-08-24 13:10 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-06-29 10:59 - 2011-04-28 23:13 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-06-29 10:59 - 2011-04-28 23:12 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-06-29 10:59 - 2011-04-28 23:12 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-06-29 10:59 - 2010-08-21 02:38 - 01024512 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-06-29 10:59 - 2010-08-21 01:36 - 00738816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2014-06-29 10:59 - 2009-12-19 05:50 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\tsbyuv.dll
2014-06-29 10:59 - 2009-12-19 05:47 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\msvidc32.dll
2014-06-29 10:59 - 2009-12-19 05:47 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msyuv.dll
2014-06-29 10:59 - 2009-12-19 05:47 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\msrle32.dll
2014-06-29 10:59 - 2009-12-19 05:46 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\iyuv_32.dll
2014-06-29 10:59 - 2009-12-19 05:02 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\avifil32.dll
2014-06-29 10:59 - 2009-12-19 05:02 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mciavi32.dll
2014-06-29 10:59 - 2009-12-19 05:02 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iyuv_32.dll
2014-06-29 10:59 - 2009-12-19 05:02 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvidc32.dll
2014-06-29 10:59 - 2009-12-19 05:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msyuv.dll
2014-06-29 10:59 - 2009-12-19 05:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrle32.dll
2014-06-29 10:59 - 2009-12-19 05:02 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsbyuv.dll
2014-06-29 10:58 - 2013-01-04 01:41 - 01893224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-29 10:58 - 2013-01-04 01:40 - 00287576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-29 10:58 - 2012-04-27 23:50 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-06-29 10:58 - 2011-08-17 01:32 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-06-29 10:58 - 2011-08-17 01:27 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2014-06-29 10:58 - 2011-08-17 01:27 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-06-29 10:58 - 2011-08-17 01:27 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2014-06-29 10:58 - 2011-08-17 01:27 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2014-06-29 10:58 - 2011-08-17 00:26 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2014-06-29 10:58 - 2011-08-17 00:22 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2014-06-29 10:58 - 2011-08-17 00:22 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2014-06-29 10:58 - 2011-08-17 00:22 - 00072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2014-06-29 10:58 - 2011-08-17 00:22 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2014-06-29 10:57 - 2012-03-17 03:55 - 00075632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-06-29 10:57 - 2011-12-27 23:59 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-06-29 10:56 - 2012-08-10 20:53 - 00714752 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-06-29 10:56 - 2012-08-10 19:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-06-29 10:44 - 2012-09-25 18:39 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-06-29 10:44 - 2012-09-25 17:55 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-06-29 10:44 - 2011-02-05 08:41 - 00640896 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-06-29 10:44 - 2011-02-05 08:41 - 00556928 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-06-29 10:44 - 2011-02-05 08:41 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2014-06-29 10:44 - 2011-02-05 08:41 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2014-06-29 10:44 - 2011-02-05 08:41 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2014-06-29 10:44 - 2011-02-05 08:39 - 00603976 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-06-29 10:44 - 2011-02-05 08:39 - 00518160 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-06-29 10:44 - 2010-08-31 00:32 - 00954752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40.dll
2014-06-29 10:44 - 2010-08-31 00:32 - 00954288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40u.dll
2014-06-29 10:42 - 2012-07-04 18:04 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-06-29 10:42 - 2012-07-04 18:01 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-06-29 10:42 - 2012-07-04 18:01 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-06-29 10:42 - 2012-07-04 17:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2014-06-29 10:42 - 2012-07-04 17:23 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2014-06-29 10:42 - 2012-05-14 01:20 - 00956416 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-06-29 10:42 - 2011-12-16 04:42 - 00634368 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-06-29 10:42 - 2011-12-16 03:59 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2014-06-29 10:42 - 2011-08-27 01:40 - 00861184 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-06-29 10:42 - 2011-08-27 01:40 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-06-29 10:42 - 2011-08-27 00:43 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-06-29 10:42 - 2011-08-27 00:43 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2014-06-29 10:42 - 2011-05-24 07:21 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-06-29 10:42 - 2011-05-24 06:34 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2014-06-29 10:42 - 2011-05-24 06:34 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2014-06-29 10:42 - 2011-05-24 06:34 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2014-06-29 10:42 - 2011-05-24 06:32 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-06-29 10:42 - 2011-05-03 01:21 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-06-29 10:42 - 2011-05-03 00:50 - 00740864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-06-29 10:42 - 2011-02-23 01:15 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-06-29 10:42 - 2011-02-12 02:14 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2014-06-29 10:42 - 2010-12-18 02:08 - 01097216 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-06-29 10:42 - 2010-12-18 01:26 - 01034240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-06-29 10:42 - 2010-10-16 01:23 - 00112000 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-06-29 10:42 - 2010-09-01 01:21 - 14627840 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-06-29 10:42 - 2010-09-01 01:12 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-06-29 10:42 - 2010-09-01 00:29 - 11406848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-06-29 10:42 - 2010-09-01 00:23 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-06-29 10:42 - 2009-08-29 03:50 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\msasn1.dll
2014-06-29 10:42 - 2009-08-29 02:57 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msasn1.dll
2014-06-29 10:41 - 2013-03-19 02:19 - 05497688 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-06-29 10:41 - 2013-03-19 01:54 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-06-29 10:41 - 2013-03-19 01:06 - 03958120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-06-29 10:41 - 2013-03-19 01:06 - 03902312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-06-29 10:41 - 2013-03-19 00:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-06-29 10:41 - 2013-03-18 23:19 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-06-29 10:41 - 2011-10-15 02:25 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-06-29 10:41 - 2011-10-15 01:48 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2014-06-29 10:40 - 2010-10-16 01:17 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
2014-06-29 10:40 - 2010-10-16 00:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbc32.dll
2014-06-29 10:39 - 2011-11-17 03:14 - 01739160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-06-29 10:39 - 2011-11-17 01:41 - 01292592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-06-29 10:39 - 2010-08-27 02:14 - 00236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-06-29 10:39 - 2010-08-27 01:46 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2014-06-29 09:35 - 2012-06-02 01:25 - 01462784 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-06-29 09:35 - 2012-06-02 01:25 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-06-29 09:35 - 2012-06-02 01:25 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-06-29 09:35 - 2012-06-02 00:45 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-06-29 09:35 - 2012-06-02 00:45 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-06-29 09:35 - 2012-06-02 00:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-06-29 09:34 - 2011-11-19 11:07 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-06-29 09:34 - 2011-11-19 10:06 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-06-29 09:08 - 2012-02-15 02:27 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-06-29 09:08 - 2012-02-15 01:44 - 00826368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2014-06-29 09:08 - 2012-02-15 00:46 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-06-29 09:08 - 2010-01-09 03:19 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll
2014-06-29 09:08 - 2010-01-09 02:52 - 00132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cabview.dll
2014-06-28 21:58 - 2014-07-05 13:38 - 00000000 ____D () C:\FRST
2014-06-28 21:06 - 2014-06-28 21:06 - 00002154 _____ () C:\Windows\epplauncher.mif
2014-06-28 20:56 - 2012-06-02 18:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-06-28 20:56 - 2012-06-02 18:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-06-28 20:56 - 2012-06-02 18:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-06-28 20:56 - 2012-06-02 18:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-06-28 20:56 - 2012-06-02 18:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-06-28 20:56 - 2012-06-02 18:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-06-28 20:56 - 2012-06-02 18:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-06-28 20:56 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-06-28 20:56 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-06-28 20:55 - 2014-06-28 20:55 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-06-28 20:55 - 2014-06-28 20:55 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-06-28 20:54 - 2014-06-28 20:55 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-06-28 20:54 - 2010-04-09 07:06 - 00374664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-06-28 19:01 - 2014-06-28 19:01 - 00001043 _____ () C:\Users\VICTOR HUGO PATSI\Desktop\StarCraft II.lnk
2014-06-28 18:24 - 2014-06-28 19:03 - 00000000 ____D () C:\Program Files (x86)\StarCraft II-HoS
2014-06-26 18:44 - 2014-06-26 18:44 - 00274736 _____ () C:\Windows\Minidump\062614-39031-01.dmp
2014-06-26 10:26 - 2014-06-28 19:24 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\Documents\StarCraft II
2014-06-26 10:26 - 2014-06-26 10:55 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-06-26 10:26 - 2014-06-26 10:55 - 00000000 ____D () C:\Program Files (x86)\StarCraft II
2014-06-26 10:26 - 2014-06-26 10:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2014-06-26 10:20 - 2014-06-26 10:20 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\Desktop\StarCraft II
2014-06-25 00:35 - 2014-06-26 03:15 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\Desktop\Star2
2014-06-16 02:33 - 2014-06-18 19:33 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\Desktop\18 X Girls - Argentina
2014-06-12 15:33 - 2014-06-12 15:33 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\AppData\Local\Adobe
2014-06-11 14:25 - 2014-06-11 14:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-07-05 13:39 - 2014-07-05 13:38 - 00030203 _____ () C:\Users\VICTOR HUGO PATSI\Desktop\FRST.txt
2014-07-05 13:38 - 2014-06-28 21:58 - 00000000 ____D () C:\FRST
2014-07-05 13:37 - 2009-07-14 00:45 - 00023024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-05 13:37 - 2009-07-14 00:45 - 00023024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-05 13:36 - 2014-07-05 13:35 - 00228988 _____ () C:\Users\VICTOR HUGO PATSI\Desktop\avgremover.log
2014-07-05 13:35 - 2014-07-05 13:35 - 03386520 _____ (AVG Technologies CZ, s.r.o.) C:\Users\VICTOR HUGO PATSI\Desktop\avg_remover_stf_x64_2014_4116.exe
2014-07-05 13:34 - 2009-07-14 01:13 - 00780582 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-05 13:33 - 2013-09-12 09:17 - 00000838 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-05 13:33 - 2009-11-26 08:47 - 01802203 _____ () C:\Windows\WindowsUpdate.log
2014-07-05 13:32 - 2014-07-05 13:32 - 00002963 _____ () C:\Users\VICTOR HUGO PATSI\Desktop\FSS.txt
2014-07-05 13:31 - 2014-07-05 13:31 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\Desktop\Nueva carpeta
2014-07-05 13:29 - 2014-07-05 13:29 - 00000000 ___RD () C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9
2014-07-05 13:29 - 2011-02-03 22:18 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-07-05 13:28 - 2012-05-20 22:52 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-05 13:28 - 2010-03-13 15:55 - 00763314 _____ () C:\Windows\setupact.log
2014-07-05 13:28 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-05 13:26 - 2014-07-05 13:26 - 00000000 ____D () C:\Users\Public\Desktop\CC Support
2014-07-05 13:25 - 2014-07-05 13:24 - 04009167 _____ () C:\Users\VICTOR HUGO PATSI\Desktop\ServicesRepair.exe
2014-07-05 13:23 - 2014-07-05 13:23 - 00007586 _____ () C:\Users\VICTOR HUGO PATSI\Desktop\WinDefend.reg
2014-07-05 13:23 - 2014-07-05 13:23 - 00006296 _____ () C:\Users\VICTOR HUGO PATSI\Desktop\iphlpsvc.reg
2014-07-05 13:23 - 2014-07-05 13:23 - 00000186 _____ () C:\Users\VICTOR HUGO PATSI\Desktop\fix_action_center_x64.reg
2014-07-05 13:22 - 2014-07-05 13:22 - 00176940 _____ () C:\Users\VICTOR HUGO PATSI\Desktop\BFE.reg
2014-07-05 13:22 - 2014-07-05 13:22 - 00006396 _____ () C:\Users\VICTOR HUGO PATSI\Desktop\MpsSvc.reg
2014-07-05 13:22 - 2014-07-05 13:22 - 00005256 _____ () C:\Users\VICTOR HUGO PATSI\Desktop\wscsvc.reg
2014-07-05 13:19 - 2014-07-05 13:19 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-VICTOR-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-07-05 13:18 - 2014-07-05 13:18 - 00000000 ____D () C:\RegBackup
2014-07-05 13:17 - 2014-07-05 13:17 - 00002195 _____ () C:\Users\VICTOR HUGO PATSI\Desktop\Tweaking.com - Registry Backup.lnk
2014-07-05 13:17 - 2014-07-05 13:17 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-07-05 13:17 - 2014-07-05 13:17 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-07-05 13:07 - 2012-05-20 22:52 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-05 11:33 - 2014-07-05 11:33 - 00415744 _____ (Farbar) C:\Users\VICTOR HUGO PATSI\Desktop\FSS.exe
2014-07-05 11:28 - 2014-02-16 01:34 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-07-05 11:26 - 2010-03-22 14:19 - 00135776 _____ () C:\Windows\PFRO.log
2014-07-05 11:24 - 2014-07-05 11:24 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\Desktop\FRST-OlderVersion
2014-07-05 11:24 - 2014-07-04 09:55 - 02084352 _____ (Farbar) C:\Users\VICTOR HUGO PATSI\Desktop\FRST64.exe
2014-07-05 11:24 - 2013-11-05 02:48 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\AppData\Local\CrashDumps
2014-07-05 11:24 - 2009-07-13 23:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-07-05 11:11 - 2014-07-05 11:11 - 00003142 _____ () C:\Windows\System32\Tasks\{EBF56391-1981-447E-92AE-341308D99FD2}
2014-07-05 11:05 - 2011-06-06 23:42 - 00000000 ____D () C:\ProgramData\Skype
2014-07-05 10:52 - 2013-07-08 01:32 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\AppData\Roaming\uTorrent
2014-07-04 09:11 - 2009-07-14 01:08 - 00032536 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-01 02:03 - 2014-06-30 19:03 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\Desktop\compartir
2014-06-30 20:27 - 2010-03-14 16:50 - 00000000 ____D () C:\DISCOS
2014-06-30 13:23 - 2010-03-13 14:52 - 00001393 _____ () C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-06-30 13:23 - 2010-03-13 14:52 - 00001387 _____ () C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-30 13:20 - 2009-07-14 00:45 - 00374904 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-30 13:17 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-06-30 13:17 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-06-30 12:23 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-06-30 12:14 - 2014-06-30 12:12 - 00445448 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2014-06-30 12:07 - 2014-06-30 11:58 - 00444840 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-06-30 11:50 - 2012-03-29 23:46 - 00007314 _____ () C:\Windows\IE9_main.log
2014-06-30 11:48 - 2014-06-30 11:48 - 17857536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 12356608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 10890240 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 09711104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-06-30 11:48 - 2014-06-30 11:48 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-06-30 11:48 - 2014-06-30 11:48 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-30 11:48 - 2014-06-30 11:48 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-30 11:48 - 2014-06-30 11:48 - 02338816 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 02148352 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-30 11:48 - 2014-06-30 11:48 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-30 11:48 - 2014-06-30 11:48 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 01348608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 01106432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-06-30 11:48 - 2014-06-30 11:48 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-06-30 11:48 - 2014-06-30 11:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-06-30 11:48 - 2014-06-30 11:48 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-06-30 11:48 - 2014-06-30 11:48 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-06-30 11:48 - 2014-06-30 11:48 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-06-30 11:48 - 2014-06-30 11:48 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-06-30 11:36 - 2009-08-09 03:44 - 00001107 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works Task Launcher.lnk
2014-06-30 11:36 - 2009-08-09 03:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
2014-06-30 11:36 - 2009-08-09 03:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-06-30 11:33 - 2014-06-30 11:33 - 00000000 ____D () C:\Windows\SQLTools9_KB960089_ENU
2014-06-30 11:33 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2014-06-30 11:28 - 2014-06-30 11:28 - 00000000 ____D () C:\Windows\SQL9_KB960089_ENU
2014-06-30 11:18 - 2014-06-30 11:18 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-06-30 11:18 - 2014-06-30 11:18 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-06-30 11:18 - 2011-12-13 10:08 - 00000039 _____ () C:\Windows\vbaddin.ini
2014-06-30 11:18 - 2010-03-13 15:11 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-30 09:44 - 2009-07-13 22:34 - 00000478 _____ () C:\Windows\win.ini
2014-06-30 09:41 - 2010-07-17 13:39 - 00002294 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-06-29 08:52 - 2010-03-13 14:53 - 00095168 _____ () C:\Users\VICTOR HUGO PATSI\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-28 21:25 - 2009-11-26 09:10 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-06-28 21:21 - 2011-12-21 00:52 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\AppData\Local\Deployment
2014-06-28 21:20 - 2011-06-28 16:28 - 00000000 ____D () C:\Program Files (x86)\Publicación en Web
2014-06-28 21:20 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\Help
2014-06-28 21:16 - 2011-06-08 15:37 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\Documents\ADSLNet
2014-06-28 21:06 - 2014-06-28 21:06 - 00002154 _____ () C:\Windows\epplauncher.mif
2014-06-28 20:55 - 2014-06-28 20:55 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-06-28 20:55 - 2014-06-28 20:55 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-06-28 20:55 - 2014-06-28 20:54 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-06-28 19:24 - 2014-06-26 10:26 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\Documents\StarCraft II
2014-06-28 19:03 - 2014-06-28 18:24 - 00000000 ____D () C:\Program Files (x86)\StarCraft II-HoS
2014-06-28 19:01 - 2014-06-28 19:01 - 00001043 _____ () C:\Users\VICTOR HUGO PATSI\Desktop\StarCraft II.lnk
2014-06-26 21:27 - 2010-04-18 12:15 - 00885588 _____ () C:\Windows\DPINST.LOG
2014-06-26 21:13 - 2012-04-11 09:50 - 00001986 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-06-26 21:13 - 2012-03-16 15:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-06-26 21:13 - 2009-08-09 02:55 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-26 18:44 - 2014-06-26 18:44 - 00274736 _____ () C:\Windows\Minidump\062614-39031-01.dmp
2014-06-26 18:44 - 2012-07-17 19:15 - 498118321 _____ () C:\Windows\MEMORY.DMP
2014-06-26 18:44 - 2012-07-17 19:15 - 00000000 ____D () C:\Windows\Minidump
2014-06-26 13:57 - 2010-07-03 22:37 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\Desktop\Juegos
2014-06-26 10:55 - 2014-06-26 10:26 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-06-26 10:55 - 2014-06-26 10:26 - 00000000 ____D () C:\Program Files (x86)\StarCraft II
2014-06-26 10:41 - 2014-06-26 10:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2014-06-26 10:41 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-26 10:20 - 2014-06-26 10:20 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\Desktop\StarCraft II
2014-06-26 03:15 - 2014-06-25 00:35 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\Desktop\Star2
2014-06-24 01:15 - 2014-03-24 10:07 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\AppData\Roaming\vlc
2014-06-20 11:23 - 2014-02-03 10:42 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\Desktop\Hunter 084vl
2014-06-18 19:33 - 2014-06-16 02:33 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\Desktop\18 X Girls - Argentina
2014-06-16 22:44 - 2012-05-20 22:52 - 00003916 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-16 22:44 - 2012-05-20 22:52 - 00003664 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-16 13:41 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\tracing
2014-06-12 15:33 - 2014-06-12 15:33 - 00000000 ____D () C:\Users\VICTOR HUGO PATSI\AppData\Local\Adobe
2014-06-12 11:51 - 2013-09-12 09:17 - 00003776 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-12 11:51 - 2012-07-07 19:21 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-12 11:51 - 2012-07-07 19:21 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-11 14:25 - 2014-06-11 14:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

Some content of TEMP:
====================
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\2vatup1h.dll
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\7z920.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\appinstal1.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\BackupSetup.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\CmdLineExt02.dll
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\CommonInstaller.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\contentDATs.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\DelB101.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\DivXInstaller.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\DownloadManager.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\HSS-2.88-install-plain-456-silent.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\htmlayout.dll
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\ICReinstall_CR_Downloader_for_three-wonders.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\ICReinstall_JDownloaderSetup.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\iGearedHelper.dll
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\InstallFlashPlayer.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\installhelper.dll
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\INWinAmp.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jna1539680869461761389.dll
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jna5848365291703726192.dll
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jna8423701919783825674.dll
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jre-6u20-windows-i586-iftw-rv.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jre-6u21-windows-i586-iftw-rv.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jre-6u22-windows-i586-iftw-rv.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jre-6u30-windows-i586-iftw-rv.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jre-6u32-windows-i586-iftw.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jre-6u38-windows-i586-iftw.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jre-7u40-windows-i586-iftw.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\Launcher_i209558463.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\MSETUP4.EXE
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\ose00000.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\pricegong.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\Quarantine.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\SearchProtectionSetup.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\set-app.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\setapp.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\Setup-a.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\Setup2.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\setupa2.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\SetupAC.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\setup__4216.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\SIntf16.dll
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\SIntf32.dll
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\SIntfNT.dll
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\SkypeSetup.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\softonic.com4.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\Softonic_ES.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\sp48071.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\sp50843.exe.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\toolbar7127311.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\ToolbarInstaller.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\uninstall6988454.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\uninstall7008594.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\UninstallHPTCA.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\vcredist_x64.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\vlc-2.1.3-win32.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\vs60wiz.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\war3_Install.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\winamp556.exe
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\_is7223.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-28 02:04

==================== End Of Log ============================

------------------------------------------------------------------------------------------------------------------------------------------------

 

------------------------------------------------------------Addition.txt------------------------------------------------------------------------------------

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-07-2014 01
Ran by VICTOR HUGO PATSI at 2014-07-05 13:40:25
Running from C:\Users\VICTOR HUGO PATSI\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version:  - Microsoft)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Activate Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.1.20.0 - Symantec)
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.2.602 - Adobe Systems, Inc.)
Advanced IP Address Calculator v1.1 (HKLM-x32\...\Advanced IP Address Calculator v1.1) (Version:  - )
Angry Birds [Full Version] for PC by TipsoTricks.com (HKLM-x32\...\Angry Birds [Full Version] for PC by TipsoTricks.com) (Version:  - )
ATI Catalyst Install Manager (HKLM\...\{83715090-142B-D305-36EC-7538A007D336}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 2.9.1025 - DsNET Corp)
Avanquest update (HKLM-x32\...\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}) (Version: 1.26 - Avanquest Software)
Bejeweled 2 Deluxe (HKLM-x32\...\Bejeweled 2 Deluxe_is1) (Version:  - )
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.6.3059 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{62763BAD-53A8-4C9F-B4CF-7CCABFEFD725}) (Version: 0.8.6.3059 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Camtasia Studio 8 (HKLM-x32\...\{5303CFB5-D635-44F0-A94B-9611E81F07C4}) (Version: 8.3.0.1471 - TechSmith Corporation)
Canon Inkjet Printer Driver Add-On Module (HKLM\...\CANONIJINBOXADDON100) (Version:  - )
Canon iP2700 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2700_series) (Version:  - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.0702.1239.20840 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Czech (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Danish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Dutch (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help English (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Finnish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help French (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help German (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Greek (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Italian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Japanese (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Korean (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Polish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Russian (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Spanish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Swedish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Thai (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Turkish (x32 Version: 2009.0702.1238.20840 - ATI) Hidden
ccc-core-static (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
ccc-utility64 (Version: 2009.0702.1239.20840 - ATI) Hidden
CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version:  - dvd8n)
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
Cisco Packet Tracer 5.3.1 (HKLM-x32\...\Cisco Packet Tracer 5.3.1_is1) (Version:  - Cisco Systems, Inc.)
Cisco Packet Tracer 5.3.3 (HKLM-x32\...\Cisco Packet Tracer 5.3.3_is1) (Version:  - Cisco Systems, Inc.)
Complemento Guardar como PDF o XPS de Microsoft para programas de Microsoft Office 2007 (HKLM-x32\...\{90120000-00B2-0C0A-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Compresor WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
Corel Paint Shop Pro Photo X2 (HKLM-x32\...\{64E72FB1-2343-4977-B4A8-262CD53D0BD3}) (Version: 12.50.0001 - Corel Corporation)
Corel VideoStudio 12 (HKLM-x32\...\InstallShield_{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}) (Version: 12.0.0.0000 - Corel Corporation)
Creative ALchemy Universal (HKLM-x32\...\ALchemy) (Version:  - )
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3101 - CyberLink Corp.)
CyberLink DVD Suite (x32 Version: 6.0.3101 - CyberLink Corp.) Hidden
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.1501 - CyberLink Corp.)
CyberLink PowerDVD 9 (x32 Version: 9.0.1501 - CyberLink Corp.) Hidden
Desinstalador de impresoras EPSON TX115 Series (HKLM\...\EPSON TX115 Series) (Version:  - SEIKO EPSON Corporation)
Drivers para Puerto (HKLM-x32\...\Drivers para Puerto) (Version:  - )
Dropbox (HKCU\...\Dropbox) (Version: 1.6.16 - Dropbox, Inc.)
Empire Earth (HKLM-x32\...\{2447500B-22D7-47BD-9B13-1A927F43A267}) (Version:  - )
ENE CIR Receiver Driver (HKLM\...\FFE7D41DF3C645075BB149E21988B63996C34187) (Version: 2.7.4.0 - ENE)
Epson Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
ffdshow v1.3.4530 [2014-02-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4530.0 - )
FormatFactory 2.90 (HKLM-x32\...\FormatFactory) (Version: 2.90 - Free Time)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free Mp3 Wma Converter V 1.9 (HKLM-x32\...\Free Mp3 Wma Converter_is1) (Version: 1.9.0.0 - Koyote Soft)
Free Process-Traffic Monitor (HKLM-x32\...\{4FB762D4-9EDB-44E6-A842-565756712EDC}) (Version:  - )
Freecorder 6 (HKLM-x32\...\Freecorder 6) (Version: 2.1.10 - Applian Technologies Inc.)
Freecorder 6 Add-on for Firefox (HKLM-x32\...\Freecorder 6 Add-on for Firefox) (Version: 2.1.9 - Applian Technologies, Inc.)
Freecorder 6 Applications (6.0.0.37) (HKLM-x32\...\Freecorder 6 Applications) (Version: 6.0.0.37 - Applian Technologies)
Freecorder 6 extension for Chrome (HKLM-x32\...\Freecorder 6 extension for Chrome) (Version: 2.1.9 - Applian Technologies, Inc.)
Freez FLV to MP3 Converter (HKLM-x32\...\Freez FLV to MP3 Converter v1.5_is1) (Version: 1.5 - www.smallvideosoft.com)
Google Book Downloader (HKLM-x32\...\{6E3C58E8-60EA-4019-BA73-B615B69C61F8}) (Version: 0.6.4 - adma)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Gothic 3 : Forsaken Gods (HKLM-x32\...\Gothic 3 : Forsaken Gods_is1) (Version:  - Jowood)
HP 3D DriveGuard (HKLM\...\{85A42FF0-F0D0-44A3-B226-C124D6E8B1D5}) (Version: 4.0.3.1 - Hewlett-Packard)
HP Advisor (HKLM-x32\...\{B53E61D7-7C80-40DF-82D2-CF5390D6D20A}) (Version: 3.2.8946.3086 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.3 - Hewlett-Packard) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.0.3123 - Hewlett-Packard)
HP MediaSmart DVD (x32 Version: 3.0.3123 - Hewlett-Packard) Hidden
HP MediaSmart Internet TV (HKLM-x32\...\InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}) (Version: 3.0.1916 - Hewlett-Packard)
HP MediaSmart Internet TV (x32 Version: 3.0.1916 - Hewlett-Packard) Hidden
HP MediaSmart Live TV (HKLM-x32\...\InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}) (Version: 3.0.1924 - Hewlett-Packard)
HP MediaSmart Live TV (x32 Version: 3.0.1924 - Hewlett-Packard) Hidden
HP MediaSmart Movie Themes (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.0.3102 - Hewlett-Packard)
HP MediaSmart Movie Themes (x32 Version: 3.0.3102 - Hewlett-Packard) Hidden
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.0.3123 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (x32 Version: 3.0.3123 - Hewlett-Packard) Hidden
HP MediaSmart SlingPlayer (HKLM-x32\...\{90F6051D-A69F-4159-9203-7E20430E1056}) (Version: 2.1.1.60 - Sling Media, Inc.)
HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.0.30.1 - Hewlett-Packard)
HP MediaSmart Software Notebook Demo (HKLM-x32\...\{82A213BD-B6AA-4281-A2D3-59D51893CC56}) (Version: 1.00.0000 - Hewlett-Packard)
HP MediaSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.1913 - Hewlett-Packard)
HP MediaSmart Webcam (x32 Version: 3.0.1913 - Hewlett-Packard) Hidden
HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.3.1 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}) (Version: 1.2.3220.3079 - Hewlett-Packard)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Support Assistant (HKLM-x32\...\{08DB3902-2CE0-474D-BCE3-0177766CE9F1}) (Version: 5.1.10.7 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HP User Guides 0153 (HKLM-x32\...\{2EBA8202-FBD5-4004-81EA-BDC38C054CE2}) (Version: 1.01.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32\...\{54CC7901-804D-4155-B353-21F0CC9112AB}) (Version: 3.50.9.1 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
HyperMediaCenter (HKLM-x32\...\{CEEF97F8-C2CA-4B9C-AA86-08905CF1508C}) (Version: 3.0 - KWorld MultiMedia)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6225.0 - IDT)
Internet Tigo (HKLM-x32\...\Internet Tigo) (Version: 11.300.05.09.279 - Huawei Technologies Co.,Ltd)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 14 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416014FF}) (Version: 6.0.140 - Sun Microsystems, Inc.)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.32.1 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
KGB Archiver 1.2.1.24 (HKLM-x32\...\KGB Archiver_is1) (Version:  - Tomasz Pawlak)
K-Lite Codec Pack 10.3.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.3.5 - )
KWorld PVR-TV BDA Drivers (HKLM-x32\...\TVEpaDrv) (Version:  - )
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1913 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.1913 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{82EF29B1-9B60-4142-A155-0599216DD053}) (Version: 1.18.6.1 - LightScribe)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.1.94 - LSI Corporation)
Malwarebytes Anti-Malware versión 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MAMEUIFX32 (HKLM-x32\...\MAMEUIFX32) (Version: 0.146 - Mamesick)
MATLAB R2012a (HKLM\...\Matlab R2012a) (Version: 7.14 - The MathWorks, Inc.)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Live Search Toolbar (HKLM-x32\...\{DF802C05-4660-418c-970C-B988ADB1D316}) (Version: 3.0.560.0 - Microsoft Live Search Toolbar)
Microsoft Live Search Toolbar (x32 Version: 3.0.560.0 - Microsoft Corporation) Hidden
Microsoft Mathematics (64 bits) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Basque) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Catalan) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Galician) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Spanish) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Standard 2007 (HKLM-x32\...\STANDARD) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Standard 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version:  - Microsoft)
Microsoft Office Visio 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Visio MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio Professional 2007 (HKLM-x32\...\VISPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Visio Professional 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS) (x32 Version: 9.2.3042.00 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Tools Express Edition (x32 Version: 9.2.3042.00 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Mobipocket Reader 6.2 (HKLM-x32\...\{342126E1-173C-4585-BFBE-3EBDD20E3E9E}) (Version: 6.2.608 - Mobipocket.com)
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
MSDN Library for Microsoft Visual Studio 2008 Express Editions (HKLM-x32\...\MSDN Library for Microsoft Visual Studio 2008 Express Editions) (Version:  - Microsoft Corporation)
MSDN Library for Microsoft Visual Studio 2008 Express Editions (x32 Version: 9.0.21022 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
Mystery P.I. - The New York Fortune en Español (HKLM-x32\...\Mystery P.I. - The New York Fortune en Español) (Version:  - )
Mystery P.I. - The Vegas Heist en Español (HKLM-x32\...\Mystery P.I. - The Vegas Heist en Español) (Version:  - )
Nero 7 (HKLM-x32\...\{F90D6825-8F1F-4E3A-9E42-A9C8A9DD1033}) (Version: 7.03.1152 - Nero AG)
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Opera 12.14 (HKLM-x32\...\Opera 12.14.1738) (Version: 12.14.1738 - Opera Software ASA)
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.5615 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.5615 - CyberLink Corp.) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3101 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3101 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3101 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3101 - CyberLink Corp.) Hidden
PowerRecover (x32 Version: 5.5.1923 - CyberLink Corp.) Hidden
Prince of Persia El Alma del Guerrero (HKLM-x32\...\{EE5BC0BB-9EDA-423C-8276-48857B735D68}) (Version: 1.00.999 - )
Prince of Persia Las Arenas del Tiempo (HKLM-x32\...\{8C453F13-6877-4D34-8816-009ABDE306DB}) (Version: 1.00.181 - )
Prince of Persia T2T (HKLM-x32\...\{DFFE2B1F-07E0-45A9-8801-CD8514CAA876}) (Version: 1.00.999 - Ubisoft)
Prince of Persia The Two Thrones (x32 Version: 1.00.999 - Ubisoft) Hidden
Project64 1.7 (HKLM-x32\...\Project64 1.7) (Version:  - )
QLBCASL (x32 Version: 6.40.17.2 - Hewlett-Packard) Hidden
QuickTime (HKLM-x32\...\{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}) (Version: 7.1.3.100 - Apple Computer, Inc.)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.2.2-1.0.6555.3 - raidcall.com)
Real Alternative 1.8.0 Lite (HKLM-x32\...\RealAlt_is1) (Version: 1.8.0 - )
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 12.0) (Version:  - RealNetworks)
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0007 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.37 - Piriform)
ScummVM 0.9.1 (HKLM-x32\...\ScummVM_is1) (Version:  - )
SlingBoxWatchYourTVAnyWhere (HKLM-x32\...\{4313E16C-811B-469F-8815-6EB98085F8B2}) (Version: 2.1.1.58 - Sling Media)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
Sony Ericsson Update Engine (HKLM-x32\...\Update Engine) (Version: 2.13.3.43 - Sony Ericsson Communications AB)
Sony PC Companion 2.10.211 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.211 - Sony)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: 1.0.0.16117 - Blizzard Entertainment)
StarCraft II: Heart of the Swarm © Blizzard Entertainment version 1 (HKLM-x32\...\U3RhckNyYWZ0IElJOiBIZWFydCBvZiB0aGUgU3dhcm0gKGMp~BFC02D25_is1) (Version: 1 - )
Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version:  - )
SWF Opener (HKLM-x32\...\{01386D1F-ADE7-43B4-A4E9-312FC5BC726F}_is1) (Version: 1.3 - UnH Solutions)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.4.12 - Synaptics Incorporated)
TeamSpeak 2 RC2 (HKLM-x32\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version:  - TeamSpeak Systems GmbH)
THE HISTORY CHANNEL Great Battles of Rome (HKLM-x32\...\{E5B5BF68-ECC3-42FE-A91A-3CAFEAD23DC4}) (Version: 1.0100 - )
TotalAudioConverter (HKLM-x32\...\Total Audio Converter_is1) (Version:  - Softplicity, Inc.)
True Image 2013 (HKLM-x32\...\{75BC2136-B6A1-4F3B-8A69-55E39C647B1F}Visible) (Version: 16.0.6514 - Acronis)
True Image 2013 (x32 Version: 16.0.6514 - Acronis) Hidden
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 1.9.0 - Tweaking.com)
UltraISO Premium V9.33 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0C0A-0000-0000000FF1CE}_STANDARD_{F31C6FC9-7DD0-421D-B2D0-64AF8252BAE7}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Video Download Studio 3.4.14 (HKLM-x32\...\{8A075C9A-1368-4491-855E-F3D9ABE55740}_is1) (Version:  - aHisoft)
VideoStudio (x32 Version: 12.0.0.0000 - Corel Corporation) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - )
Warcraft III: All Products (HKCU\...\Warcraft III) (Version:  - )
WildTangent Games App (HP Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.5.36 - WildTangent)
Windows Driver Package - Broadcom Bluetooth  (06/15/2009 6.2.0.9000) (HKLM\...\6B8550A319DDC8B17F35F4A89988705E4592349B) (Version: 06/15/2009 6.2.0.9000 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Asistente para el inicio de sesión (HKLM-x32\...\{7593234B-2AEB-4FC9-B02D-C9B30D86084C}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Messenger (HKLM-x32\...\{F2FFEEAA-0B48-4342-9B67-12ABB0B58F24}) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{953D4586-9A16-495E-BA1F-EE5AA66604DB}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
Windows Media Encoder 9 Series (x32 Version: 9.00.2980 - Microsoft Corporation) Hidden
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - )

==================== Restore Points  =========================

29-06-2014 00:54:08 Windows Update
29-06-2014 00:56:15 Windows Update
29-06-2014 01:15:33 ADSLNet Navigation Tools eliminado.
29-06-2014 01:16:56 Removed Apple Application Support
29-06-2014 01:18:27 Removed Apple Software Update
29-06-2014 01:18:57 Removed Apple Mobile Device Support
29-06-2014 01:21:20 Removed Dealio Toolbar v4.4.
29-06-2014 01:23:00 Removed iTunes
29-06-2014 01:29:11 Removed Microsoft .NET Framework 4 Multi-Targeting Pack
29-06-2014 01:33:58 Removed MySQL Server 5.0
29-06-2014 01:56:28 Windows Update
30-06-2014 04:28:57 Windows Update
30-06-2014 13:33:06 Windows Update
04-07-2014 13:26:58 Windows Update
05-07-2014 15:02:43 Removed Skype™ 6.11
05-07-2014 15:05:30 Removed Skype Toolbars
05-07-2014 15:32:03 Removed Google Update Helper

==================== Hosts content: ==========================

2009-07-13 22:34 - 2014-07-05 11:24 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {01BD09A5-6D15-4668-91F0-C96E59850DD3} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP TCS\RemEngine.exe [2009-07-08] ()
Task: {18F84772-84BD-402B-B42C-58732AB2A80F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-20] (Google Inc.)
Task: {3156E85A-8E74-472F-B722-FB5EE0EAD159} - System32\Tasks\CapUninst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapUninst.exe [2009-07-24] (CL)
Task: {3390764B-C0A9-4084-A5E2-CCBA2DAC763B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2010-11-15] (Hewlett-Packard Company)
Task: {3B3F5263-3400-4A31-8D9E-51C20370FA5E} - System32\Tasks\{D66DCDDB-AB9D-4836-864D-5ED68087D4F6} => Firefox.exe http://ui.skype.com/ui/0/5.3.0.116.259/es/abandoninstall?source=lightinstaller&amp;page=tsProblems&amp;LastError=-3&amp;installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;userlevelpresent
Task: {3FDF593A-C4B5-40F6-A96B-08362CB8106D} - System32\Tasks\TVAgent => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe [2009-07-24] (CyberLink Corp.)
Task: {5460AC13-7953-4443-8F1E-10F18664B2DA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-12] (Adobe Systems Incorporated)
Task: {5C4738F8-C2F3-442B-A117-A331BD12ADCF} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [2009-07-24] (CyberLink Corp.)
Task: {69292EBE-3AAF-47D5-A2FD-BC8C777E24E2} - System32\Tasks\CapSvcInst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSvcInst.exe [2009-07-24] (CL)
Task: {6AE12198-A19B-4DFB-B7BC-344482315D33} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP TCS\RemEngine.exe [2009-07-08] ()
Task: {8933AA89-72EA-4EC3-A383-3689512BA829} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-07-23] (CyberLink)
Task: {8A86095D-D575-4D87-84EB-7828EC2800CA} - System32\Tasks\{19E68A17-A942-4F6C-BF95-49FDFD36734D} => C:\Program Files (x86)\Skype\\Phone\Skype.exe
Task: {8DECB666-5E2A-433A-87F6-3A2EFD5EAD91} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-20] (Google Inc.)
Task: {8FC83B39-C298-464D-88FA-D1C464FF2ED8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\GetAssistance Maintenance Events => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPSAObjUtil.exe [2011-06-15] (HP)
Task: {900E34A9-315A-445C-993C-D6474A58C2DF} - System32\Tasks\RNUpgradeHelperResumePrompt_VICTOR HUGO PATSI => C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.00\rnupgagent.exe
Task: {C2AD2323-7789-4281-A27E-5B3A75E3D245} - System32\Tasks\CapSchedInst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSchedInst.exe [2009-07-24] (CL)
Task: {CE8D9737-693F-4C20-A629-59B61E597028} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2417842332-3562377342-529798385-1006 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-03-29] (RealNetworks, Inc.)
Task: {D204F7D8-08BD-40A4-980A-8EB9FB4A6E67} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2417842332-3562377342-529798385-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-03-29] (RealNetworks, Inc.)
Task: {E2E2C495-8DB3-4850-9E21-BFCF847868DA} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2417842332-3562377342-529798385-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-03-29] (RealNetworks, Inc.)
Task: {FD5F8445-A13D-42D7-94AA-818222AF42B2} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2417842332-3562377342-529798385-1006 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-03-29] (RealNetworks, Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-03-27 22:39 - 2013-03-27 22:39 - 00021824 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\x64\ti_managers_proxy_stub.dll
2010-03-13 15:02 - 2009-06-02 01:15 - 00051200 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2009-07-21 14:34 - 2009-07-21 14:34 - 00610872 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2012-03-07 14:59 - 2007-07-12 18:00 - 01435648 _____ () C:\Program Files (x86)\KWorld Multimedia\HyperMediaCenter\DTVR\Scheduled.exe
2009-06-22 16:37 - 2009-06-22 16:37 - 00016712 ____R () C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
2009-08-09 04:34 - 2009-01-21 14:47 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2009-07-07 15:56 - 2009-07-07 15:56 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2009-11-26 08:45 - 2009-11-26 08:45 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2009-07-01 18:44 - 2009-07-01 18:44 - 00632888 _____ () C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
2009-07-15 20:51 - 2009-07-15 20:51 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2009-07-15 20:51 - 2009-07-15 20:51 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2009-07-15 20:50 - 2009-07-15 20:50 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
2009-07-15 20:50 - 2009-07-15 20:50 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2009-07-15 20:50 - 2009-07-15 20:50 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2009-07-15 20:50 - 2009-07-15 20:50 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
2009-07-15 20:50 - 2009-07-15 20:50 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
2009-07-15 20:50 - 2009-07-15 20:50 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
2009-06-17 15:40 - 2009-06-17 15:40 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2009-06-17 15:40 - 2009-06-17 15:40 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2009-06-17 15:40 - 2009-06-17 15:40 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2009-07-23 15:37 - 2009-07-23 15:37 - 00931112 ____N () c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
2012-03-07 14:59 - 2003-09-10 04:42 - 00045056 _____ () C:\Program Files (x86)\KWorld Multimedia\HyperMediaCenter\DTVR\kwspnd.dll
2010-03-14 15:18 - 2009-03-12 15:45 - 00135168 ____N () C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
2010-03-14 15:18 - 2008-11-21 13:58 - 00057344 ____N () C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll
2013-03-27 22:09 - 2013-03-27 22:09 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2014-06-11 14:25 - 2014-06-11 14:25 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-03-27 22:36 - 2013-03-27 22:36 - 00021312 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/05/2014 01:34:42 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: No se pueden leer las cadenas del contador de rendimiento definidas para el identificador de idioma 00a. El primer valor DWORD de la sección de datos contiene el código de error de Win32.

Error: (07/05/2014 01:30:21 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: No se puede iniciar el servicio. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   en BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   en System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (07/05/2014 00:06:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3619

Error: (07/05/2014 00:06:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3619

Error: (07/05/2014 00:06:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/05/2014 00:06:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2480

Error: (07/05/2014 00:06:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2480

Error: (07/05/2014 00:06:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/05/2014 00:06:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1154

Error: (07/05/2014 00:06:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1154


System errors:
=============
Error: (07/05/2014 01:30:21 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio BlueStacks Android Service se cerró con el siguiente error:
%%1064

Error: (07/05/2014 01:29:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio MySQL no pudo iniciarse debido al siguiente error:
%%2

Error: (07/05/2014 01:29:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio SQL Server (SQLEXPRESS) no pudo iniciarse debido al siguiente error:
%%1053

Error: (07/05/2014 01:29:48 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio SQL Server (SQLEXPRESS).

Error: (07/05/2014 01:29:06 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Se bloqueó la carga de \??\C:\Windows\SysWow64\drivers\io.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador.

Error: (07/05/2014 11:28:46 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la respuesta de transacción del servicio LanmanWorkstation.

Error: (07/05/2014 11:28:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Windows Search no pudo iniciarse debido al siguiente error:
%%1053

Error: (07/05/2014 11:28:32 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Windows Search.

Error: (07/05/2014 11:28:33 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (07/05/2014 11:27:56 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio BlueStacks Android Service se cerró con el siguiente error:
%%1064


Microsoft Office Sessions:
=========================
Error: (05/06/2013 11:30:09 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 254 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (07/09/2012 03:18:20 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 56 seconds with 0 seconds of active time.  This session ended with a crash.


==================== Memory info ===========================

Percentage of memory in use: 55%
Total physical RAM: 4063.19 MB
Available physical RAM: 1808.3 MB
Total Pagefile: 8124.51 MB
Available Pagefile: 5530.7 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:450.62 GB) (Free:55.49 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:14.95 GB) (Free:2.45 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: CF892B78)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=451 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)

==================== End Of Log ============================

------------------------------------------------------------------------------------------------------------------------------------------------

 

:clapping: :clapping:

 

 



#8 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:10:30 AM

Posted 05 July 2014 - 01:15 PM

Hello,

 

Can you turn Windows firewall on now?

 

 

Regards,

Georgi


cXfZ4wS.png


#9 tazmania99

tazmania99
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:30 AM

Posted 05 July 2014 - 01:25 PM

!!!!!!!!!!!!!!!!!!!!

Yes, now is ON


8b1f49007bd3541ec5958ed79e390905o.jpg

almost cry!! :) :) :)

Thanks!!!

 


Edited by tazmania99, 05 July 2014 - 01:32 PM.


#10 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:10:30 AM

Posted 05 July 2014 - 01:50 PM

Hello,

 

Nice work! We managed to deal with the trojan. :)

 

However I want to make sure there is nothing lurking on the system so just in case I want you to go through these steps:

 

The most of them should take no more than 5 minutes each (but the time they take to complete can vary depending on the size of your hard and the speed of your computer).

 

 

First please create a new restore point just in case:

 

Create a Restore Point

 

 

 

STEP 1

 

 

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer.
  • After the scan has finished click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

 

 

STEP 2

 

 

thisisujrt.gif  Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

 

 

 

STEP 3

 

 

  • Please download RKill by Grinler from the link below and save it to your desktop.

    Rkill
  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
  • Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • If nothing happens or if the tool does not run, please let me know in your next reply.
  • A log pops up at the end of the run. This log file is located at C:\rkill.log.
  • Please post the log in your next reply.

 

 

STEP 4

 

 

  • Please download RogueKillerx64.exe and save to the desktop.
  • Close all windows and browsers
  • Right-click the program and select 'Run as Administrator'
  • Press the scan button.
  • A report opens on the desktop named - RKreport.txt
  • Please copy and past the results at pastebin.com and post the link to the log in your next reply.

 

 

STEP 5
 

 

Please download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
     
  • Put a checkmark beside loaded modules.
    Sbf88.png
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
     
  • Click the Start Scan button.
     
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    67776163.jpg
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    62117367.jpg
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and past the results at pastebin.com and post the link to the log in your next reply.

 

 

STEP 6

 

 

Please download Malwarebytes Anti-Malware to your desktop.
 

  • Double-click mbam-setup-2.0.2.1012.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • On the Settings tab > Detection and Protection subtab, Detection Options, tick the box 'Scan for rootkits'.
  • Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • With some infections, you may see this message box.
    • 'Could not load DDA driver'
  • Click 'Yes' to this message, to allow the driver to load after a restart.
  • Allow the computer to restart. Continue with the rest of these instructions.
  • When the scan is complete, click Apply Actions.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

 

 

STEP 7

 

 

1.Please download HitmanPro.

  • For 32-bit Operating System - dEMD6.gif.
  • This is the mirror - dEMD6.gif
  • For 64-bit Operating System - dEMD6.gif
  • This is the mirror - dEMD6.gif

2.Launch the program by double clicking on the 5vo5F.jpg icon. (Windows Vista/7 users right click on the HitmanPro icon and select run as administrator).

Note: If the program won't run please then open the program while holding down the left CTRL key until the program is loaded.

3.Click on the next button. You must agree with the terms of EULA. (if asked)

4.Check the box beside "No, I only want to perform a one-time scan to check this computer".

5.Click on the next button.

6.The program will start to scan the computer. The scan will typically take no more than 2-3 minutes.

7.When the scan is done click on drop-down menu of the found entries (if any) and choose - Apply to all => Ignore <= IMPORTANT!!!
 
8.Click on the next button.

9.Click on the "Save Log" button.

10.Save that file to your desktop and post the content of that file in your next reply.
 
Note: if there isn't a dropdown menu when the scan is done then please don't delete anything and close HitmanPro

Navigate to C:\ProgramData\HitmanPro\Logs open the report and copy and paste it to your next reply.

 

 

STEP 8

 

 

I'd like us to scan your machine with ESET OnlineScan

 

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Run ESET Online Scanner button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetSmartInstallDesktopIcon.png icon on your desktop.
  • Check esetAcceptTerms.png
  • Click the esetStart.png button.
  • Accept any security warnings from your browser.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is  checked.
  • Now click on Advanced Settings and select the following:

    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push esetListThreats.png
  • Push esetExport.png, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the esetBack.png button.
  • Push esetFinish.png

 

 

STEP 9

 

 

And finally let's check for outdated and vulnerable software on your pc.

 

Download Security Check by screen317 from here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

 

and then if there aren't any issues left I'll give you my final recommendations. :)

 

 

Regards,

Georgi


Edited by B-boy/StyLe/, 05 July 2014 - 01:51 PM.

cXfZ4wS.png


#11 tazmania99

tazmania99
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:30 AM

Posted 05 July 2014 - 01:55 PM

Ok!!!

now i start the steps ;)


Edited by tazmania99, 05 July 2014 - 01:55 PM.


#12 tazmania99

tazmania99
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:30 AM

Posted 05 July 2014 - 02:46 PM

 

STEP 4

 

 

  • Please download RogueKillerx64.exe and save to the desktop.
  • Close all windows and browsers
  • Right-click the program and select 'Run as Administrator'
  • Press the scan button.
  • A report opens on the desktop named - RKreport.txt
  • Please copy and past the results at pastebin.com and post the link to the log in your next reply.

 

the link is broken .....

i search in google and download from other web???



#13 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:10:30 AM

Posted 05 July 2014 - 03:47 PM

Hello,

 

Please use this link instead. :)

 

 

Regards,

Georgi


cXfZ4wS.png


#14 tazmania99

tazmania99
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:30 AM

Posted 06 July 2014 - 10:24 AM

ufff, finally all is done .....

The results:

 

Create a Restore Point

Check!

 

STEP 1

 

 

Please download AdwCleaner by Xplode and save to your Desktop.

  • Copy and paste the contents of that logfile in your next reply.

# AdwCleaner v3.214 - Reporte Creado 05/07/2014 en 15:09:52
# Actualizado 29/06/2014 por Xplode
# Sistema Operativo : Windows 7 Home Premium  (64 bits)
# Nombre de usuario : VICTOR HUGO PATSI - VICTOR
# Ejecutado desde : C:\Users\VICTOR HUGO PATSI\Desktop\AdwCleaner.exe
# Opción : Limpiar

***** [ Servicios ] *****


***** [ Archivos / Carpetas ] *****

Carpeta Borrar : C:\ProgramData\hotspot shield
Carpeta Borrar : C:\Users\VICTOR~1\AppData\Local\Temp\AtuZi
Carpeta Borrar : C:\Users\Guest\AppData\Local\Winamp Toolbar
Carpeta Borrar : C:\Users\Guest\AppData\LocalLow\Conduit
Carpeta Borrar : C:\Users\Guest\AppData\LocalLow\Dealio
Carpeta Borrar : C:\Users\Guest\AppData\LocalLow\Search Settings
Carpeta Borrar : C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\zes2g835.default\Searchqutoolbar
Carpeta Borrar : C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\zes2g835.default\Extensions\{99079A25-328F-4BD4-BE04-00955ACAA0A7}

***** [ Accesos directos ] *****


***** [ Registro ] *****

Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASMANCS
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASAPI32
Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASMANCS
Clave Borrar : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Clave Borrar : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Clave Borrar : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clave Borrar : HKCU\Software\1ClickDownload
Clave Borrar : HKCU\Software\AppDataLow\Software\Search Protection

***** [ Navegadores ] *****

-\\ Internet Explorer v9.0.8112.16555


-\\ Mozilla Firefox v30.0 (en-US)

[ Archivo : C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\zes2g835.default\prefs.js ]


[ Archivo : C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\prefs.js ]

Linea borrada : user_pref("extensions.crossrider.bic", "1469289588ca6470494854c17ac72a50");
Linea borrada : user_pref("extensions.fvd_single.__surfcanyon_disable_time", "1402528489771");

-\\ Google Chrome v35.0.1916.153

[ Archivo : C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [48782 octets] - [25/04/2014 22:51:04]
AdwCleaner[R1].txt - [3153 octets] - [05/07/2014 15:04:01]
AdwCleaner[S0].txt - [45745 octets] - [25/04/2014 22:53:57]
AdwCleaner[S1].txt - [2927 octets] - [05/07/2014 15:09:52]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2987 octets] ##########
 

 

STEP 2

 

 

thisisujrt.gif  Please download Junkware Removal Tool to your desktop.

  • Post the contents of JRT.txt into your next message.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by VICTOR HUGO PATSI on Sat 07/05/2014 at 15:21:56.97
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311401168}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110511131190}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311401168}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511131190}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\msntask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\msntask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dealio_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dealio_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\msntask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\msntask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dealio_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dealio_RASMANCS
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\VICTOR HUGO PATSI\AppData\Roaming\mozilla\firefox\profiles\i7bfviz8.default-1398482640224\minidumps [21 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 07/05/2014 at 15:32:03.48
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

STEP 3

 

 

  • Please download RKill by Grinler from the link below and save it to your desktop.
  • Please post the log in your next reply.

Rkill 2.6.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 07/05/2014 03:40:09 PM in x64 mode.
Windows Version: Windows 7 Home Premium

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\Program Files\Java\jre6\bin\jusched.exe (PID: 2664) [FI]
 * C:\Windows\SysWOW64\IoctlSvc.exe (PID: 3552) [WD-HEUR]

2 proccesses terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * WinHttpAutoProxySvc [Missing Service]

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * No issues found.

Program finished at: 07/05/2014 03:41:34 PM
Execution time: 0 hours(s), 1 minute(s), and 25 seconds(s)
 

 

STEP 4

 

 

  • Please download RogueKillerx64.exe and save to the desktop.
  • Please copy and past the results at pastebin.com and post the link to the log in your next reply.

http://pastebin.com/q9QmQEWk

 

STEP 5
 

 

Please download the latest version of TDSSKiller from here and save it to your Desktop.

  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and past the results at pastebin.com and post the link to the log in your next reply.

http://pastebin.com/HyLDMw2M

 

STEP 6

 

 

Please download Malwarebytes Anti-Malware to your desktop.
 

  • Paste the contents of the clipboard into your reply.

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 7/5/2014
Scan Time: 6:03:03 PM
Logfile:
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.07.05.10
Rootkit Database: v2014.07.03.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7
CPU: x64
File System: NTFS
User: VICTOR HUGO PATSI

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 410605
Time Elapsed: 1 hr, 3 min, 58 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 21
PUP.Optional.SearchQu, HKU\S-1-5-21-2417842332-3562377342-529798385-1013-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{99079A25-328F-4BD4-BE04-00955ACAA0A7}, Quarantined, [2df578234932092d262998bb2bd7748c],
PUP.Optional.SearchQu, HKU\S-1-5-21-2417842332-3562377342-529798385-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{99079A25-328F-4BD4-BE04-00955ACAA0A7}, Quarantined, [2df578234932092d262998bb2bd7748c],
PUP.Optional.SearchQu, HKU\S-1-5-21-2417842332-3562377342-529798385-1013-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{99079A25-328F-4BD4-BE04-00955ACAA0A7}, Quarantined, [2df578234932092d262998bb2bd7748c],
PUP.Optional.SearchQu, HKU\S-1-5-21-2417842332-3562377342-529798385-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{99079A25-328F-4BD4-BE04-00955ACAA0A7}, Quarantined, [2df578234932092d262998bb2bd7748c],
PUP.Optional.BestToolbar.A, HKU\S-1-5-21-2417842332-3562377342-529798385-1013-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}, Quarantined, [081a7328cbb0b6808e189cb17989f30d],
PUP.Optional.BestToolbar.A, HKU\S-1-5-21-2417842332-3562377342-529798385-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}, Quarantined, [081a7328cbb0b6808e189cb17989f30d],
PUP.Optional.BestToolbar.A, HKU\S-1-5-21-2417842332-3562377342-529798385-1013-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}, Quarantined, [081a7328cbb0b6808e189cb17989f30d],
PUP.Optional.BestToolbar.A, HKU\S-1-5-21-2417842332-3562377342-529798385-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}, Quarantined, [081a7328cbb0b6808e189cb17989f30d],
PUP.Optional.Yontoo.A, HKU\S-1-5-21-2417842332-3562377342-529798385-1013-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}, Quarantined, [23fff2a9b4c7171f3669c6879a683cc4],
PUP.Optional.Yontoo.A, HKU\S-1-5-21-2417842332-3562377342-529798385-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}, Quarantined, [23fff2a9b4c7171f3669c6879a683cc4],
PUP.Optional.Yontoo.A, HKU\S-1-5-21-2417842332-3562377342-529798385-1013-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}, Quarantined, [23fff2a9b4c7171f3669c6879a683cc4],
PUP.Optional.Yontoo.A, HKU\S-1-5-21-2417842332-3562377342-529798385-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}, Quarantined, [23fff2a9b4c7171f3669c6879a683cc4],
PUP.Optional.StartNow.A, HKU\S-1-5-21-2417842332-3562377342-529798385-1013-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{5911488E-9D1E-40EC-8CBB-06B231CC153F}, Quarantined, [e240cecd790289adb2f556f7ea18a45c],
PUP.Optional.StartNow.A, HKU\S-1-5-21-2417842332-3562377342-529798385-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{5911488E-9D1E-40EC-8CBB-06B231CC153F}, Quarantined, [e240cecd790289adb2f556f7ea18a45c],
PUP.Optional.Softomate.A, HKU\S-1-5-21-2417842332-3562377342-529798385-1013-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{CA3EB689-8F09-4026-AA10-B9534C691CE0}, Quarantined, [29f9f6a53d3e3ef8b0e08ebeb84aaa56],
PUP.Optional.Softomate.A, HKU\S-1-5-21-2417842332-3562377342-529798385-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{CA3EB689-8F09-4026-AA10-B9534C691CE0}, Quarantined, [29f9f6a53d3e3ef8b0e08ebeb84aaa56],
PUP.Optional.NextLive.A, HKU\S-1-5-21-2417842332-3562377342-529798385-1013-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Search Protection, Quarantined, [c959e1baf2899b9b62017e5b9e647d83],
PUP.Optional.NextLive.A, HKU\S-1-5-21-2417842332-3562377342-529798385-1013-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\uTorrent, Quarantined, [c959e1baf2899b9b62017e5b9e647d83],
PUP.Optional.NextLive.A, HKU\S-1-5-21-2417842332-3562377342-529798385-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Search Protection, Quarantined, [c959e1baf2899b9b62017e5b9e647d83],
PUP.Optional.NextLive.A, HKU\S-1-5-21-2417842332-3562377342-529798385-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\uTorrent, Quarantined, [c959e1baf2899b9b62017e5b9e647d83],
PUP.Optional.Spigot.A, HKU\S-1-5-21-2417842332-3562377342-529798385-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Search Settings, Quarantined, [f2302a71ceadd85e032cfb1405ffbf41],

Registry Values: 10
PUP.Optional.Softomate.A, HKU\S-1-5-21-2417842332-3562377342-529798385-1013-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{CA3EB689-8F09-4026-AA10-B9534C691CE0}, Quarantined, [29f9f6a53d3e3ef8b0e08ebeb84aaa56],
PUP.Optional.Softomate.A, HKU\S-1-5-21-2417842332-3562377342-529798385-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{CA3EB689-8F09-4026-AA10-B9534C691CE0}, Quarantined, [29f9f6a53d3e3ef8b0e08ebeb84aaa56],
PUP.Optional.Softomate.A, HKU\S-1-5-21-2417842332-3562377342-529798385-1013-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{CA3EB689-8F09-4026-AA10-B9534C691CE0}, Quarantined, [5fc3fe9d54272c0af29e67e516ecdb25],
PUP.Optional.Softomate.A, HKU\S-1-5-21-2417842332-3562377342-529798385-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{CA3EB689-8F09-4026-AA10-B9534C691CE0}, Quarantined, [c959f6a56a115adc335d6be18b77c13f],
PUP.Optional.NextLive.A, HKU\S-1-5-21-2417842332-3562377342-529798385-1013-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|NextLive, C:\Windows\SysWOW64\rundll32.exe "C:\Users\VICTOR HUGO PATSI\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l, Quarantined, [c959e1baf2899b9b62017e5b9e647d83]
PUP.Optional.NextLive.A, HKU\S-1-5-21-2417842332-3562377342-529798385-1013-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Yontoo Desktop, "C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Yontoo\YontooDesktop.exe", Quarantined, [c959e1baf2899b9b62017e5b9e647d83]
PUP.Optional.NextLive.A, HKU\S-1-5-21-2417842332-3562377342-529798385-1013-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SearchProtection, "C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Search Protection\SearchProtection.EXE" /autostart, Quarantined, [c959e1baf2899b9b62017e5b9e647d83]
PUP.Optional.NextLive.A, HKU\S-1-5-21-2417842332-3562377342-529798385-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Yontoo Desktop, "C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Yontoo\YontooDesktop.exe", Quarantined, [c959e1baf2899b9b62017e5b9e647d83]
PUP.Optional.NextLive.A, HKU\S-1-5-21-2417842332-3562377342-529798385-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SearchProtection, "C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Search Protection\SearchProtection.EXE" /autostart, Quarantined, [c959e1baf2899b9b62017e5b9e647d83]
PUP.Optional.NextLive.A, HKU\S-1-5-21-2417842332-3562377342-529798385-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|NextLive, C:\Windows\SysWOW64\rundll32.exe "C:\Users\VICTOR HUGO PATSI\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l, Quarantined, [c959e1baf2899b9b62017e5b9e647d83]

Registry Data: 0
(No malicious items detected)

Folders: 2
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2, Quarantined, [1a08abf0205b53e34fb65744e12124dc],
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2\2.0.0.1758, Quarantined, [1a08abf0205b53e34fb65744e12124dc],

Files: 57
PUP.Optional.Amonetize, C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\setup__4216.exe, Quarantined, [c062c1da89f2092d9b52eb49f8088a76],
PUP.Optional.InstalleRex, C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\WSANqzCK.exe.part, Quarantined, [3de55b40d7a4cb6bc685c871d8293ec2],
PUP.Optional.OutBrowse, C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\DownloadManager.exe, Quarantined, [ed35108bf388d06627e859c5d729db25],
PUP.Optional.BundleInstaller.DES, C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\pFglUmPq.exe.part, Quarantined, [3ce6a6f5d5a6e6500821aa623dc4738d],
PUP.Optional.GoForFiles.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\uninstall6988454.exe, Quarantined, [a57df5a64e2d94a22348e63b23de7a86],
PUP.Optional.InstallCore.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\HPxmJ0_N.exe.part, Quarantined, [b2700e8d94e73303a7e3dc43a35ec838],
PUP.Optional.OutBrowse.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\toolbar7127311.exe, Quarantined, [b36f3566f08b73c37f0e78203bc6db25],
PUP.Optional.Softonic.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\9jAHssbO.exe.part, Quarantined, [061c811abbc06accb2a932f432cfb947],
PUP.Optional.Amonetize, C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\awhC42B.tmp, Quarantined, [8a98e6b5f883f83ecc576ebe857c6898],
PUP.Optional.InstallMonetizer, C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\Launcher_i209558463.exe, Quarantined, [dc46ecafcdaee74f998372bdd32e6a96],
PUP.Optional.Spigot.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\SearchProtectionSetup.exe, Quarantined, [ca58ecafb0cbc76fbc5d91abed13d42c],
PUP.Optional.MediaBuzz.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\appinstal1.exe, Quarantined, [978b4e4de695c47251e80eb2f60eae52],
PUP.Optional.MediaViewer.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\Setup-a.exe, Quarantined, [b56d108b9dde66d026b91da1c83cb54b],
PUP.Optional.MediaPlayerAlpha.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\Setup2.exe, Quarantined, [28fa5843f98267cfa32d89d1ca37aa56],
PUP.Optional.InstallCore, C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\ICReinstall_CR_Downloader_for_three-wonders.exe, Quarantined, [cd553e5dcdae7fb78379095829db14ec],
PUP.Optional.MediaWatch.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\set-app.exe, Quarantined, [081ae2b980fb89ad3df3efd0ff056d93],
PUP.Optional.MediaView.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\setapp.exe, Quarantined, [b072fe9de794a88e88c01f5618e91fe1],
PUP.Optional.NextLive.A, C:\Users\VICTOR, Quarantined, [c959e1baf2899b9b62017e5b9e647d83],
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2\2.0.0.1758\passport.dll, Quarantined, [1a08abf0205b53e34fb65744e12124dc],
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2\2.0.0.1758\TNT2UserPS.dll, Quarantined, [1a08abf0205b53e34fb65744e12124dc],
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2\2.0.0.1758\Autorun.inf, Quarantined, [1a08abf0205b53e34fb65744e12124dc],
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2\2.0.0.1758\crx.tar, Quarantined, [1a08abf0205b53e34fb65744e12124dc],
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2\2.0.0.1758\GameApps.ini, Quarantined, [1a08abf0205b53e34fb65744e12124dc],
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2\2.0.0.1758\GameConsole.exe, Quarantined, [1a08abf0205b53e34fb65744e12124dc],
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2\2.0.0.1758\GameEngine.dll, Quarantined, [1a08abf0205b53e34fb65744e12124dc],
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2\2.0.0.1758\GLOBALUNINSTALL.TNT, Quarantined, [1a08abf0205b53e34fb65744e12124dc],
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2\2.0.0.1758\hmac.1.dll, Quarantined, [1a08abf0205b53e34fb65744e12124dc],
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2\2.0.0.1758\iestage2.1.dll, Quarantined, [1a08abf0205b53e34fb65744e12124dc],
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2\2.0.0.1758\IEToolbar.dll, Quarantined, [1a08abf0205b53e34fb65744e12124dc],
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2\2.0.0.1758\IEToolbar64.dll, Quarantined, [1a08abf0205b53e34fb65744e12124dc],
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2\2.0.0.1758\INSTALL.TNT, Quarantined, [1a08abf0205b53e34fb65744e12124dc],
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2\2.0.0.1758\log.dll, Quarantined, [1a08abf0205b53e34fb65744e12124dc],
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2\2.0.0.1758\MinecraftShims64.dll, Quarantined, [1a08abf0205b53e34fb65744e12124dc],
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2\2.0.0.1758\npTNT2.dll, Quarantined, [1a08abf0205b53e34fb65744e12124dc],
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2\2.0.0.1758\npTNT2Ghost.dll, Quarantined, [1a08abf0205b53e34fb65744e12124dc],
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2\2.0.0.1758\PARTNER.TNT, Quarantined, [1a08abf0205b53e34fb65744e12124dc],
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2\2.0.0.1758\passport64.dll, Quarantined, [1a08abf0205b53e34fb65744e12124dc],
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2\2.0.0.1758\pinnedSearch.htm, Quarantined, [1a08abf0205b53e34fb65744e12124dc],
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2\2.0.0.1758\pinnedSearch_FindWide.htm, Quarantined, [1a08abf0205b53e34fb65744e12124dc],
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2\2.0.0.1758\ppshim.dll, Quarantined, [1a08abf0205b53e34fb65744e12124dc],
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2\2.0.0.1758\ppTNT2.dll, Quarantined, [1a08abf0205b53e34fb65744e12124dc],
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2\2.0.0.1758\progress.1.dll, Quarantined, [1a08abf0205b53e34fb65744e12124dc],
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2\2.0.0.1758\regsvr.1.dll, Quarantined, [1a08abf0205b53e34fb65744e12124dc],
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2\2.0.0.1758\RemoteSkin.wms, Quarantined, [1a08abf0205b53e34fb65744e12124dc],
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2\2.0.0.1758\sqlite.1.dll, Quarantined, [1a08abf0205b53e34fb65744e12124dc],
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2\2.0.0.1758\tnt2chrome.dll, Quarantined, [1a08abf0205b53e34fb65744e12124dc],
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2\2.0.0.1758\TNT2User.exe, Quarantined, [1a08abf0205b53e34fb65744e12124dc],
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2\2.0.0.1758\TNT2UserPS64.dll, Quarantined, [1a08abf0205b53e34fb65744e12124dc],
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2\2.0.0.1758\TntMagicDel.dll, Quarantined, [1a08abf0205b53e34fb65744e12124dc],
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2\2.0.0.1758\UnInjLib.dll, Quarantined, [1a08abf0205b53e34fb65744e12124dc],
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2\2.0.0.1758\UnInjLib64.dll, Quarantined, [1a08abf0205b53e34fb65744e12124dc],
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2\2.0.0.1758\UNINSTALL.TNT, Quarantined, [1a08abf0205b53e34fb65744e12124dc],
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2\2.0.0.1758\UninstallDlg.1.dll, Quarantined, [1a08abf0205b53e34fb65744e12124dc],
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2\2.0.0.1758\untar.1.dll, Quarantined, [1a08abf0205b53e34fb65744e12124dc],
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2\2.0.0.1758\UPDATE.TNT, Quarantined, [1a08abf0205b53e34fb65744e12124dc],
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2\2.0.0.1758\xpi.tar, Quarantined, [1a08abf0205b53e34fb65744e12124dc],
PUP.Optional.TidyNetwork.A, C:\Users\VICTOR HUGO PATSI\AppData\Local\TNT2\2.0.0.1758\zipunzip.1.dll, Quarantined, [1a08abf0205b53e34fb65744e12124dc],

Physical Sectors: 0
(No malicious items detected)


(end)

 

STEP 7

 

 

1.Please download HitmanPro.

Navigate to C:\ProgramData\HitmanPro\Logs open the report and copy and paste it to your next reply.

HitmanPro 3.7.9.220
www.hitmanpro.com

   Computer name . . . . : VICTOR
   Windows . . . . . . . : 6.1.0.7600.X64/2
   User name . . . . . . : VICTOR\VICTOR HUGO PATSI
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2014-07-05 19:24:29
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 46m 35s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 9
   Traces  . . . . . . . : 184

   Objects scanned . . . : 2,637,738
   Files scanned . . . . : 92,113
   Remnants scanned  . . : 966,662 files / 1,578,963 keys

Malware _____________________________________________________________________

   C:\DISCOS\JUEGOS\Consolas\NEO GEO\NeorageX_esp.exe
      Size . . . . . . . : 220,160 bytes
      Age  . . . . . . . : 1440.8 days (2010-07-26 01:04:50)
      Entropy  . . . . . : 7.8
      SHA-256  . . . . . : 123A5433E09372E17A759E3F10A6C07044572CB9AD21A5CD875E8F935933423C
    > G Data . . . . . . : Trojan.Generic.1719604 (Engine A)
      Fuzzy  . . . . . . : 108.0
      References
         C:\Users\VICTOR HUGO PATSI\Desktop\Juegos\Emuladores\NeorageX_esp.lnk

   C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\nse5BD3.tmp\zplugins.dll
      Size . . . . . . . : 478,944 bytes
      Age  . . . . . . . : 513.8 days (2013-02-06 23:06:49)
      Entropy  . . . . . : 6.7
      SHA-256  . . . . . : 0C3997E118D631483EDBE125898F620DF5F398F012E66D14FB91B1721BEB9465
      RSA Key Size . . . : 2048
      Authenticode . . . : Self-signed
    > Bitdefender  . . . : Adware.Zugo.O
      Fuzzy  . . . . . . : 109.0

   C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\nsf68A3.tmp\zplugins.dll
      Size . . . . . . . : 478,944 bytes
      Age  . . . . . . . : 662.4 days (2012-09-11 09:17:49)
      Entropy  . . . . . : 6.7
      SHA-256  . . . . . : 0C3997E118D631483EDBE125898F620DF5F398F012E66D14FB91B1721BEB9465
      RSA Key Size . . . : 2048
      Authenticode . . . : Self-signed
    > Bitdefender  . . . : Adware.Zugo.O
      Fuzzy  . . . . . . : 109.0

   C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\nsl271D.tmp\zplugins.dll
      Size . . . . . . . : 478,944 bytes
      Age  . . . . . . . : 395.3 days (2013-06-05 12:08:07)
      Entropy  . . . . . : 6.7
      SHA-256  . . . . . : 0C3997E118D631483EDBE125898F620DF5F398F012E66D14FB91B1721BEB9465
      RSA Key Size . . . : 2048
      Authenticode . . . : Self-signed
    > Bitdefender  . . . : Adware.Zugo.O
      Fuzzy  . . . . . . : 109.0

   C:\Users\VICTOR HUGO PATSI\Desktop\Temp\DIEBOLD\visual\14 Marzo 2011\asCII.exe
      Size . . . . . . . : 102,400 bytes
      Age  . . . . . . . : 1149.2 days (2011-05-13 14:19:53)
      Entropy  . . . . . : 7.3
      SHA-256  . . . . . : 6DD3102BF2939CFA1D87F5D309150B646CA95D4070395D2C693A9008FD630365
      Product  . . . . . : asCII
      Publisher  . . . . : L311-SOFTWARE
      LanguageID . . . . : 3082
    > Bitdefender  . . . : Gen:Variant.Symmi.40244
      Fuzzy  . . . . . . : 107.0

   C:\Windows\Temp\TBU012\ToolbarUpdate.exe
      Size . . . . . . . : 1,644,440 bytes
      Age  . . . . . . . : 662.4 days (2012-09-11 09:17:19)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : 9785E372D8B528B44CD2FB783735C42FEC4AD66F0AA5A94B6AFFF21E8669E327
      RSA Key Size . . . : 2048
      Authenticode . . . : Self-signed
    > Bitdefender  . . . : Adware.Zugo.O
      Fuzzy  . . . . . . : 117.0

   C:\Windows\Temp\TBU013\ToolbarUpdate.exe
      Size . . . . . . . : 409,992 bytes
      Age  . . . . . . . : 513.8 days (2013-02-06 23:06:34)
      Entropy  . . . . . : 7.8
      SHA-256  . . . . . : 2161F5273040995D2640E38201150A3ABB789277950C9DEC182D6AC549C16158
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Bitdefender  . . . : Adware.Zugo.O
      Fuzzy  . . . . . . : 107.0

   C:\Windows\Temp\TBU014\ToolbarUpdate.exe
      Size . . . . . . . : 1,255,928 bytes
      Age  . . . . . . . : 395.3 days (2013-06-05 12:07:31)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : FE9921A7C32B25A6C17D2E3AE0B82020E5997F5B017CD3ABEF38D39397D297AF
      Product  . . . . . : StartNow Toolbar update (Firefox)
      Description  . . . : StartNow Toolbar update (Firefox)
      Version  . . . . . : 2.5.3
      Copyright
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
    > Bitdefender  . . . : Adware.Zugo.O
      Fuzzy  . . . . . . : 104.0


Suspicious files ____________________________________________________________

   C:\Users\VICTOR HUGO PATSI\Desktop\FRST-OlderVersion\FRST64.exe
      Size . . . . . . . : 2,083,840 bytes
      Age  . . . . . . . : 1.4 days (2014-07-04 09:55:21)
      Entropy  . . . . . : 7.5
      SHA-256  . . . . . : C0B38814FBC800F94241355B7FE8D437727C60F5CF846543FDB2638E3AF389A6
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
          0.0s C:\Users\VICTOR HUGO PATSI\Desktop\Nueva carpeta\segunda descarga\FRST64.exe
          0.0s C:\Users\VICTOR HUGO PATSI\Desktop\FRST-OlderVersion\FRST64.exe
          0.0s C:\Users\VICTOR HUGO PATSI\Desktop\FRST-OlderVersion\FRST64.exe
          0.0s C:\Users\VICTOR HUGO PATSI\Desktop\FRST-OlderVersion\FRST64.exe
          0.0s C:\Users\VICTOR HUGO PATSI\Desktop\FRST-OlderVersion\FRST64.exe
          0.0s C:\Users\VICTOR HUGO PATSI\Desktop\FRST-OlderVersion\FRST64.exe
          0.0s C:\Users\VICTOR HUGO PATSI\Desktop\FRST-OlderVersion\FRST64.exe
          0.0s C:\Users\VICTOR HUGO PATSI\Desktop\FRST-OlderVersion\FRST64.exe
          0.0s C:\Users\VICTOR HUGO PATSI\Desktop\FRST-OlderVersion\FRST64.exe
          0.0s C:\Users\VICTOR HUGO PATSI\Desktop\FRST-OlderVersion\FRST64.exe
          0.0s C:\Users\VICTOR HUGO PATSI\Desktop\FRST-OlderVersion\FRST64.exe

   C:\Users\VICTOR HUGO PATSI\Desktop\Nueva carpeta\segunda descarga\FRST64.exe
      Size . . . . . . . : 2,084,352 bytes
      Age  . . . . . . . : 1.4 days (2014-07-04 09:55:21)
      Entropy  . . . . . : 7.5
      SHA-256  . . . . . : 7A418A9E5BAC292758ECC94531F2FAB96264A33AAE3E880CF17B2AA603058676
      Needs elevation  . : Yes
      Source URL . . . . : hxxp://download.bleepingcomputer.com/dl/8cf95ad41f839e351017f625ca51d5f6/53b81881/windows/security/security-utilities/f/farbar-recovery-scan-tool/64/FRST64.exe
      Fuzzy  . . . . . . : 27.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         The file is downloaded from the Internet to this computer.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
          0.0s C:\Users\VICTOR HUGO PATSI\Desktop\Nueva carpeta\segunda descarga\FRST64.exe
          0.0s C:\Users\VICTOR HUGO PATSI\Desktop\FRST-OlderVersion\FRST64.exe
          0.0s C:\Users\VICTOR HUGO PATSI\Desktop\FRST-OlderVersion\FRST64.exe
          0.0s C:\Users\VICTOR HUGO PATSI\Desktop\FRST-OlderVersion\FRST64.exe
          0.0s C:\Users\VICTOR HUGO PATSI\Desktop\FRST-OlderVersion\FRST64.exe
          0.0s C:\Users\VICTOR HUGO PATSI\Desktop\FRST-OlderVersion\FRST64.exe
          0.0s C:\Users\VICTOR HUGO PATSI\Desktop\FRST-OlderVersion\FRST64.exe
          0.0s C:\Users\VICTOR HUGO PATSI\Desktop\FRST-OlderVersion\FRST64.exe
          0.0s C:\Users\VICTOR HUGO PATSI\Desktop\FRST-OlderVersion\FRST64.exe
          0.0s C:\Users\VICTOR HUGO PATSI\Desktop\FRST-OlderVersion\FRST64.exe
          0.0s C:\Users\VICTOR HUGO PATSI\Desktop\FRST-OlderVersion\FRST64.exe

   C:\Users\VICTOR HUGO PATSI\Desktop\Nueva carpeta\segunda descarga\FSS.exe
      Size . . . . . . . : 415,744 bytes
      Age  . . . . . . . : 0.3 days (2014-07-05 11:33:42)
      Entropy  . . . . . : 7.9
      SHA-256  . . . . . : 66AA65136E24105ED8854E281CD53744FBDAA5EE466058F7AD66DBFD9B29F5BD
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.


Malware remnants ____________________________________________________________

   HKU\S-1-5-21-2417842332-3562377342-529798385-1000\Software\TNT2\ (FindWide)

Potential Unwanted Programs _________________________________________________

   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF\ (AskBar)
   HKU\S-1-5-21-2417842332-3562377342-529798385-1013\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ (Conduit)
   HKU\S-1-5-21-2417842332-3562377342-529798385-501\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ (Conduit)

Cookies _____________________________________________________________________

   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.360yield.com
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.yashi.com
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.yieldmanager.com
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:adbrite.com
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.ad4game.com
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.adk2.com
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.creative-serving.com
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.e-planning.net
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.genericlink.com
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.ibtracking.com
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.mediade.sk
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.p161.net
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.publicidad.net
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.trafficjunky.net
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.yahoo.com
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechus.com
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:adultadworld.com
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.fussball-liveticker.eu
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:apmebf.com
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:at.atwola.com
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:bs.serving-sys.com
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:burstnet.com
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:c.atdmt.com
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:clickbank.net
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:clicksor.com
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:collective-media.net
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:emjcd.com
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:engine.phn.doublepimp.com
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:fastclick.net
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:googleadservices.com
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:h.atdmt.com
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:in.getclicky.com
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:invitemedia.com
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:mediaplex.com
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:pool-eu-ie.creative-serving.com
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:questionmarket.com
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:server.cpmstar.com
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:sexad.net
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:sexshopsexy.es
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:smartadserver.com
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:specificclick.net
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:statcounter.com
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.adform.net
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:ww619.smartadserver.com
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.burstnet.com
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:yadro.ru
   C:\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Cookies:zedo.com
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Cookies\victor_hugo_patsi@a1.interclick[2].txt
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Cookies\victor_hugo_patsi@ad.360yield[1].txt
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Cookies\victor_hugo_patsi@ad.mlnadvertising[1].txt
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Cookies\victor_hugo_patsi@ad.yieldmanager[1].txt
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Cookies\victor_hugo_patsi@ads.creative-serving[2].txt
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Cookies\victor_hugo_patsi@ads.depositfiles[1].txt
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Cookies\victor_hugo_patsi@ads.p161[2].txt
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Cookies\victor_hugo_patsi@ads.pointroll[2].txt
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Cookies\victor_hugo_patsi@ads.pubmatic[2].txt
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Cookies\victor_hugo_patsi@ads.stickyadstv[2].txt
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Cookies\victor_hugo_patsi@ads.undertone[2].txt
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Cookies\victor_hugo_patsi@ads.yahoo[1].txt
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Cookies\victor_hugo_patsi@adtechus[1].txt
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Cookies\victor_hugo_patsi@advertising[1].txt
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Cookies\victor_hugo_patsi@apmebf[2].txt
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Cookies\victor_hugo_patsi@at.atwola[1].txt
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Cookies\victor_hugo_patsi@atdmt[1].txt
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Cookies\victor_hugo_patsi@c.atdmt[2].txt
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Cookies\victor_hugo_patsi@casalemedia[1].txt
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Cookies\victor_hugo_patsi@collective-media[2].txt
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Cookies\victor_hugo_patsi@content.yieldmanager[2].txt
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Cookies\victor_hugo_patsi@doubleclick[1].txt
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Cookies\victor_hugo_patsi@emjcd[2].txt
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Cookies\victor_hugo_patsi@fastclick[1].txt
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Cookies\victor_hugo_patsi@interclick[2].txt
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Cookies\victor_hugo_patsi@invitemedia[1].txt
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Cookies\victor_hugo_patsi@media6degrees[2].txt
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Cookies\victor_hugo_patsi@mediaplex[1].txt
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Cookies\victor_hugo_patsi@network.realmedia[1].txt
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Cookies\victor_hugo_patsi@pointroll[1].txt
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Cookies\victor_hugo_patsi@realmedia[1].txt
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Cookies\victor_hugo_patsi@revsci[2].txt
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Cookies\victor_hugo_patsi@ru4[2].txt
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Cookies\victor_hugo_patsi@serving-sys[1].txt
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Cookies\victor_hugo_patsi@smartadserver[1].txt
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Cookies\victor_hugo_patsi@tacoda.at.atwola[2].txt
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Cookies\victor_hugo_patsi@track.adform[2].txt
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Cookies\victor_hugo_patsi@tribalfusion[1].txt
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Microsoft\Windows\Cookies\victor_hugo_patsi@zedo[2].txt
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\cookies.sqlite:112.2o7.net
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\cookies.sqlite:2o7.net
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\cookies.sqlite:ad.360yield.com
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\cookies.sqlite:ad.mlnadvertising.com
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\cookies.sqlite:ad.zanox.com
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\cookies.sqlite:ads.adsfirefly.com
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\cookies.sqlite:ads.pubmatic.com
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\cookies.sqlite:ads.yahoo.com
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\cookies.sqlite:atdmt.com
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\cookies.sqlite:casalemedia.com
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\cookies.sqlite:clickbank.net
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\cookies.sqlite:dmtracker.com
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\cookies.sqlite:doubleclick.net
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\cookies.sqlite:fatbleepfrank.org
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\cookies.sqlite:fr.sitestat.com
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\cookies.sqlite:googleadservices.com
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\cookies.sqlite:in.getclicky.com
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\cookies.sqlite:lasexta.com
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\cookies.sqlite:oracle.112.2o7.net
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\cookies.sqlite:prisacom.112.2o7.net
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\cookies.sqlite:ru4.com
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\cookies.sqlite:smartadserver.com
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\cookies.sqlite:speedxxxhost.org
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\cookies.sqlite:statcounter.com
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\cookies.sqlite:stats.complex.com
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\cookies.sqlite:track.adform.net
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\cookies.sqlite:tribalfusion.com
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\cookies.sqlite:xiti.com
   C:\Users\VICTOR HUGO PATSI\AppData\Roaming\Mozilla\Firefox\Profiles\i7bfviz8.default-1398482640224\cookies.sqlite:yadro.ru

 

STEP 8

 

 

I'd like us to scan your machine with ESET OnlineScan
 

  • Push esetExport.png, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe.vir    probably a variant of Win32/Toolbar.Visicom.C potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\searchquband.dll.vir    a variant of Win32/Toolbar.Visicom.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll.vir    a variant of Win32/Toolbar.Visicom.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Yontoo\YontooIEClient.dll.vir    a variant of Win32/Adware.Yontoo.A application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Yontoo\YontooLayers.crx.vir    multiple threats
C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll.vir    a variant of Win32/Adware.Yontoo.B application
C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll.vir    a variant of Win32/Adware.Yontoo.B application
C:\AdwCleaner\Quarantine\C\Users\VICTOR HUGO PATSI\AppData\Local\genienext\nengine.dll.vir    Win32/NextLive.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0\back.js.vir    JS/Adware.Yontoo.B application
C:\AdwCleaner\Quarantine\C\Users\VICTOR HUGO PATSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0\yl.js.vir    JS/Adware.Yontoo.A application
C:\AdwCleaner\Quarantine\C\Users\VICTOR HUGO PATSI\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie2.2.0.zip.vir    a variant of Win32/Mobogenie.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\VICTOR HUGO PATSI\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\DaemonProcess.exe.vir    a variant of Win32/Mobogenie.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\VICTOR HUGO PATSI\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\Mobogenie.exe.vir    a variant of Win32/Mobogenie.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\VICTOR HUGO PATSI\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\MUServer.apk.vir    a variant of Android/Mobserv.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\VICTOR HUGO PATSI\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\nengine.dll.vir    Win32/NextLive.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\VICTOR HUGO PATSI\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\New_UpdateMoboGenie.exe.vir    a variant of Win32/Mobogenie.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\VICTOR HUGO PATSI\AppData\Local\SwvUpdater\Updater.exe.vir    a variant of Win32/Amonetize.AM potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\VICTOR HUGO PATSI\AppData\Local\Temp\SetupDataMngr_Searchqu.exe.vir    a variant of Win32/Toolbar.SearchSuite.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\VICTOR HUGO PATSI\AppData\Roaming\newnext.me\nengine.dll.vir    Win32/NextLive.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\VICTOR HUGO PATSI\AppData\Roaming\Yontoo\YontooDesktop.exe.vir    a variant of MSIL/WebCake.B potentially unwanted application
C:\DISCOS\DIEBOLD\ordenar\Todo Escritorio\3GP-Player.exe    a variant of Win32/Toolbar.Conduit.B potentially unwanted application
C:\DISCOS\FACULTAD TECNICA\EXAMEN GRADO\Bibliografia\textos VICTOR\SOFTWARES\crack mikroe.zip    a variant of Win32/Keygen.ID potentially unsafe application
C:\DISCOS\FACULTAD TECNICA\EXAMEN GRADO\Bibliografia\textos VICTOR\SOFTWARES\Parche Mikroe.rar    a variant of Win32/HackTool.Patcher.T potentially unsafe application
C:\DISCOS\FACULTAD TECNICA\PROGRAMAS\circuit maker 2000\circuit maker 2000 with crack.exe    a variant of Win32/HackTool.Patcher.BS potentially unsafe application
C:\DISCOS\FACULTAD TECNICA\PROGRAMAS\circuit maker 2000\TraxMaker_2000_crack.zip    a variant of Win32/HackTool.Patcher.BS potentially unsafe application
C:\DISCOS\INSTALADORES_ACTUALIZACIONES\aTube_Catcher_Setup.exe    a variant of Win32/Toolbar.Visicom.A potentially unwanted application
C:\DISCOS\INSTALADORES_ACTUALIZACIONES\DAEMONToolsPro520-0348.exe    Win32/OpenCandy potentially unsafe application
C:\DISCOS\INSTALADORES_ACTUALIZACIONES\FFSetup230.exe    a variant of Win32/Bundled.Toolbar.Ask.A potentially unsafe application
C:\DISCOS\INSTALADORES_ACTUALIZACIONES\FFSetup290.exe    a variant of Win32/ELEX.AG potentially unwanted application
C:\DISCOS\INSTALADORES_ACTUALIZACIONES\HSS-3.09-install-hss-512-conduit.exe    Win32/Toolbar.Conduit potentially unwanted application
C:\DISCOS\INSTALADORES_ACTUALIZACIONES\SoftonicDownloader44879.exe    Win32/SoftonicDownloader.A potentially unwanted application
C:\DISCOS\INSTALADORES_ACTUALIZACIONES\SoftonicDownloader68672.exe    Win32/SoftonicDownloader.A potentially unwanted application
C:\DISCOS\INSTALADORES_ACTUALIZACIONES\SoftonicDownloader_para_teamspeak.exe    Win32/SoftonicDownloader.A potentially unwanted application
C:\DISCOS\INSTALADORES_ACTUALIZACIONES\VisualBoyAdvance-1.8.0-beta3.exe    a variant of Win32/Toolbar.Conduit.B potentially unwanted application
C:\DISCOS\INSTALADORES_ACTUALIZACIONES\vlcmediaplayer-setup.exe    Win32/DownloadAdmin.G potentially unwanted application
C:\DISCOS\INSTALADORES_ACTUALIZACIONES\winamp5581_full_bundle_emusic-7plus_es-us.exe    Win32/OpenCandy potentially unsafe application
C:\DISCOS\INSTALADORES_ACTUALIZACIONES\Folder Protector\Folder_Protector_v5.43(USB) by NestorNSTR101.rar    a variant of Win32/Lockdir.A potentially unsafe application
C:\DISCOS\INSTALADORES_ACTUALIZACIONES\Folder Protector\lockdir.exe    a variant of Win32/Lockdir.A potentially unsafe application
C:\DISCOS\INSTALADORES_ACTUALIZACIONES\instal bas\para messenger 8\MsgPlusLive-479.exe    a variant of Win32/Adware.CiDHelp application
C:\DISCOS\JUEGOS\Juegos Portatiles\Darkstalkers_The_Night_Warriors_Portable\Darkstalkers_The_Night_Warriors_Portable.exe    a variant of MSIL/Agent.OJF trojan
C:\DISCOS\JUEGOS\Juegos Portatiles\King_of_Fighters_98_Portable\King_of_Fighters_98_Portable.exe    a variant of MSIL/Agent.OJF trojan
C:\DISCOS\JUEGOS\Juegos Portatiles\MarvelVSCapcom\MarvelVSCapcom.exe    a variant of MSIL/Agent.OJF trojan
C:\DISCOS\JUEGOS\Juegos Portatiles\Metal Slug X Portable\Metal Slug X Portable.exe    a variant of MSIL/Agent.OJF trojan
C:\DISCOS\JUEGOS\Juegos Portatiles\MetalSlug1\MetalSlug1.exe    a variant of MSIL/Agent.OJF trojan
C:\DISCOS\JUEGOS\Juegos Portatiles\MetalSlug2\MetalSlug2.exe    a variant of MSIL/Agent.OJF trojan
C:\DISCOS\JUEGOS\Juegos Portatiles\Super_Gem_Fighter\Super_Gem_Fighter.exe    a variant of MSIL/Agent.OJF trojan
C:\DISCOS\JUEGOS\Juegos Portatiles\Tekken 2\Tekken 2 Portable.exe    a variant of MSIL/Agent.OJF trojan
C:\DISCOS\JUEGOS\Juegos Portatiles\The_King_of_Fighters__99_Portable\The_King_of_Fighters__99_Portable.exe    a variant of MSIL/Agent.OJF trojan
C:\DISCOS\JUEGOS\Juegos Portatiles\X-Men vs Street Fighter\X-Men vs Street Fighter Portable.exe    a variant of MSIL/Agent.OJF trojan
C:\FRST\Quarantine\C\Users\Guest\AppData\Local\Temp\98\Game.exe    a variant of MSIL/Agent.OJF trojan
C:\Users\VICTOR HUGO PATSI\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\08BCMW4R\32393-92428-limewire[1].exe    a variant of Win32/Bundled.Toolbar.Ask.A potentially unsafe application
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\awhCD9E.tmp    Win32/Mobogenie.B potentially unwanted application
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\ICReinstall_JDownloaderSetup.exe    a variant of Win32/InstallCore.BY potentially unwanted application
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\plkmtkYa.exe.part    MSIL/Solimba.K.Gen potentially unwanted application
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\pricegong.exe    a variant of Win32/PriceGong.A potentially unwanted application
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\softonic.com4.exe    a variant of Win32/Toolbar.Conduit.B potentially unwanted application
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\Softonic_ES.exe    a variant of Win32/Toolbar.Conduit.B potentially unwanted application
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\98\Game.exe    a variant of MSIL/Agent.OJF trojan
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\AskToolbarTemp\ApnIC.dll    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\AskToolbarTemp\ApnToolbarInstaller.exe    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\Bunndle\BunndleOfferManager.dll    a variant of Win32/Bunndle potentially unsafe application
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\dark\Game.exe    a variant of MSIL/Agent.OJF trojan
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\gem\Game.exe    a variant of MSIL/Agent.OJF trojan
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\kof99\Game.exe    a variant of MSIL/Agent.OJF trojan
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\marvel\Game.exe    a variant of MSIL/Agent.OJF trojan
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\me1\Game.exe    a variant of MSIL/Agent.OJF trojan
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\NeroDemo12556\Toolbar.exe    Win32/Toolbar.AskSBar potentially unwanted application
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\nsd4330.tmp\ApnStub.exe    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\nse5BD3.tmp\zplugins.dll    Win32/Toolbar.Zugo.D potentially unwanted application
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\nsf68A3.tmp\zplugins.dll    Win32/Toolbar.Zugo.D potentially unwanted application
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\nsl271D.tmp\zplugins.dll    Win32/Toolbar.Zugo.D potentially unwanted application
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\nso3AFD.tmp\ApnStub.exe    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\nsuEFDB.tmp\nsf6F77.tmp\SetupDataMngr_Searchqu.exe    a variant of Win32/Toolbar.SearchSuite.A potentially unwanted application
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\tekken2\Game.exe    a variant of MSIL/Agent.OJF trojan
C:\Users\VICTOR HUGO PATSI\AppData\Local\Temp\xvst\Game.exe    a variant of MSIL/Agent.OJF trojan
C:\Users\VICTOR HUGO PATSI\Downloads\Programs\installer_limewire_5_5_16_Spanish.exe    Win32/Toolbar.Babylon potentially unwanted application
C:\Users\VICTOR HUGO PATSI\Downloads\Programs\SoftonicDownloader_para_emule.exe    Win32/SoftonicDownloader.D potentially unwanted application
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\genfix-e-uld[1]    Win32/Toolbar.Zugo.D potentially unwanted application
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\search-update-d[1]    Win32/Toolbar.Zugo.D potentially unwanted application
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\genfix2-a[1]    Win32/Toolbar.Zugo.D potentially unwanted application
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA\updater-startnow-200-2.5-d[1].exe    a variant of Win32/Toolbar.Zugo potentially unwanted application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\genfix-e-uld[1]    Win32/Toolbar.Zugo.D potentially unwanted application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\search-update-d[1]    Win32/Toolbar.Zugo.D potentially unwanted application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\genfix2-a[1]    Win32/Toolbar.Zugo.D potentially unwanted application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA\updater-startnow-200-2.5-d[1].exe    a variant of Win32/Toolbar.Zugo potentially unwanted application
C:\Windows\Temp\TBU012\ToolbarUpdate.exe    Win32/Toolbar.Zugo.D potentially unwanted application
C:\Windows\Temp\TBU013\ToolbarUpdate.exe    Win32/Toolbar.Zugo.D potentially unwanted application
C:\Windows\Temp\TBU014\ToolbarUpdate.exe    Win32/Toolbar.Zugo.D potentially unwanted application
 

 

STEP 9

 

 

And finally let's check for outdated and vulnerable software on your pc.

 

Download Security Check by screen317 from here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

 Results of screen317's Security Check version 0.99.85  
 Windows 7  x64 (UAC is enabled)  
 Out of date service pack!!
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
Microsoft Security Essentials   
  (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 Java 7 Update 55  
 Java version out of Date!
 Adobe Flash Player 14.0.0.125  
 Adobe Reader XI  
 Mozilla Firefox (30.0)
 Google Chrome 35.0.1916.114  
 Google Chrome 35.0.1916.153  
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe
 Microsoft Security Essentials msseces.exe
 Malwarebytes Anti-Malware mbam.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````

 

 

 

END :warrior:
 


Edited by tazmania99, 06 July 2014 - 10:28 AM.


#15 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:10:30 AM

Posted 06 July 2014 - 11:29 AM

Hi,

 

 

No wonder your computer was so severly infected. You use a lot of cracks. This is playing with fire though.

Avoid using cracks and unknown programs from sources you don't trust. There are MANY alternative open-source applications.

Malware writers just love cracks and keygens, and will often attach malicious code into them. By using cracks and/or keygens, you are asking for problems.

So my advice is - stay away from them!

 

 

 

 

Now download the following file and save it to your desktop:
 

WinHttpAutoProxySvc.reg

 

Now double click on it. An information box will pop up asking if you want to merge the information in the file into the registry, click YES.

 

 

 

Please download the following file => [attachment=152088:fixlist.txt] and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

Also post new logs from Rkill and Farbar Service Scanner.

 

 

Finally it's a good idea to install Service Pack 1 for Windows 7!

 

Learn how to install Windows 7 Service Pack 1 (SP1)

 

Also go ahead and turn Microsoft Security Essentials on:

 

(On Access scanning disabled!)

 

Also your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version of Java components and upgrade the application.

  • Download the latest version of Java SE 7.
  • Click the Java SE 7 Update 60  "Download JRE" button to the right.
  • Select your Platform, Register and check the box that says: "I agree to the Java SE Runtime Environment 7 License Agreement.".
  • Click on Continue.
  • Click on the link to download Windows Offline Installation (jre-7u60-windows-i586.exe) and save it to your desktop. Do NOT use the Sun Download Manager..
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel > Programs, click on Uninstall a program and remove all older versions of Java:
    Java 7 Update 55
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java version.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on the download to install the newest version. (Vista/Windows 7 users, right click on the jre-7u60-windows-i586.exe and select "Run as an Administrator.")
  • Also go ahead and clean the Java Cache => How do I clear the Java cache?

 

 

  • It is possible for other programs on your computer to have security vulnerability that can allow malware to infect you.
  • Therefore, it is also a good idea to check for the latest versions of commonly installed applications that are regularly patched to fix vulnerabilities.
  • You can check these by visiting Secunia Software Inspector or you can use the following application for this purpose PatchMyPC

 
Visit Microsoft's Windows Update Site Frequently

 

  • It is important that you visit Windows Update regularly.
  • This will ensure your computer has always the latest security updates available installed on your computer.
  • If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.

 

Finally post a new log from SecurityCheck and then I'll give you my final recommendations!  :)\

 

 

Regards,

Georgi


cXfZ4wS.png





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users