Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Gameharbor.org Popup window duringstarup 2nd Case


  • This topic is locked This topic is locked
7 replies to this topic

#1 LanguageSoez

LanguageSoez

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:11 AM

Posted 12 September 2014 - 10:28 PM

Hi i'm new in this Forum. I had the same problem that "Hello6921" had. He posted a thread yesterday related to this misterious Popup Window. 

 

The thing is that i didn't install anything. Well, i don't know. I updated Origin, and Razer's Gamebooster. (Now called Razers Cortex-awful name-)

 

Some kind soul would like to help me?

 

From now on, thank you.

 

I quote the thread i was talking about.

 

hello6921

  • default_large.png
  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:25 PM

Posted Yesterday, 02:35 AM

Hello and thanks for helping me. Basically when I get to desktop screen after boot up, a CMD window appears and then causes Mozilla firefox to open a window that redirects me to gameharbor.org. My computer has no performance issues but the popup is just annoying. Tried to get rid of it using Norton and Malwarebytes but it's not working. Also looked in the programs list to see if I could uninstall something but nothing looked suspicious. Any and all help would be much appreciated!


Edited by LanguageSoez, 12 September 2014 - 10:29 PM.


BC AdBot (Login to Remove)

 


m

#2 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:11 AM

Posted 13 September 2014 - 06:56 AM

Hi,

please run a FRST scan:


Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.


#3 LanguageSoez

LanguageSoez
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:11 AM

Posted 13 September 2014 - 12:59 PM

aharonov

Thanks for helping
 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Nicolás (administrator) on HOME-PC on 13-09-2014 14:57:09
Running from D:\User\Desktop
Platform: Windows 8.1 Pro (X64) OS Language: Inglés (Estados Unidos)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\37.0.2062.28\remoting_host.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\37.0.2062.28\remoting_host.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\main.exe
(Electronic Arts) D:\Program Files (x86)\Origin\Origin.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Maxthon International ltd.) D:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) D:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) D:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) D:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) D:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-04-16] (Saitek)
HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2013-04-16] (Saitek)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Cm108Sound] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm108.dll,CMICtrlWnd
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [PWRISOVM.EXE] => D:\Program Files (x86)\PowerISO\PWRISOVM.EXE [337432 2014-02-03] (Power Software Ltd)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-3817839899-1924858115-234469675-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-11-22] (AMD)
HKU\S-1-5-21-3817839899-1924858115-234469675-1001\...\Run: [Spotify Web Helper] => C:\Users\Nicolás\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-09-10] (Spotify Ltd)
HKU\S-1-5-21-3817839899-1924858115-234469675-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [2990304 2013-10-30] (Nota Inc.)
HKU\S-1-5-21-3817839899-1924858115-234469675-1001\...\Run: [uTorrent] => C:\Users\Nicolás\AppData\Roaming\uTorrent\uTorrent.exe [1938256 2014-08-19] (BitTorrent Inc.)
HKU\S-1-5-21-3817839899-1924858115-234469675-1001\...\Run: [Spotify] => C:\Users\Nicolás\AppData\Roaming\Spotify\spotify.exe [6621752 2014-09-10] (Spotify Ltd)
HKU\S-1-5-21-3817839899-1924858115-234469675-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3817839899-1924858115-234469675-1001\...\Run: [Octoshape Streaming Services] => C:\Users\Nicolás\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [107800 2011-03-24] (Octoshape ApS)
HKU\S-1-5-21-3817839899-1924858115-234469675-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3817839899-1924858115-234469675-1001\...\Run: [TU Go] => C:\Program Files (x86)\TU Go\TU Go.exe [2092304 2014-05-21] ()
HKU\S-1-5-21-3817839899-1924858115-234469675-1001\...\Run: [EADM] => D:\Program Files (x86)\Origin\Origin.exe [3600216 2014-08-29] (Electronic Arts)
HKU\S-1-5-21-3817839899-1924858115-234469675-1001\...\Run: [Pushbullet] => d:\Program Files (x86)\Pushbullet\pushbullet_app.exe [822320 2014-08-26] ()
HKU\S-1-5-21-3817839899-1924858115-234469675-1001\...\Run: [Topkpd] => C:\Users\Nicolás\AppData\Roaming\Topkpd.scr
HKU\S-1-5-21-3817839899-1924858115-234469675-1001\...\Run: [CMD] => cmd.exe /c start http://extendedunlimited.org && exit <===== ATTENTION
HKU\S-1-5-21-3817839899-1924858115-234469675-1001\...\MountPoints2: F - "F:\SETUP.EXE" 
Startup: C:\Users\Nicolás\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Nicolás\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.ar.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5D0DBB4FB8C4CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es-AR,es;q=0.5
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: QUICKfind BHO Object -> {C08DF07A-3E49-4E25-9AB0-D3882835F153} -> D:\Program Files (x86)\IDM\QUICKfind\PlugIns\IEHelp.dll (IDM)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{CEDF713D-68ED-4435-94C6-D17AD0DC0F45}: [NameServer] 8.8.4.4,8.8.8.8
 
FireFox:
========
FF ProfilePath: C:\Users\Nicolás\AppData\Roaming\Mozilla\Firefox\Profiles\undr4o9x.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> D:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Nicolás\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1312180-0-npoctoshape.dll (Octoshape ApS)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Nicolás\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: electronicarts.com/GameFacePlugin -> C:\Users\Nicolás\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Nicolás\AppData\Roaming\mozilla\plugins\npoctoshape.dll (Octoshape ApS)
FF Extension: NoScript - C:\Users\Nicolás\AppData\Roaming\Mozilla\Firefox\Profiles\undr4o9x.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-08-31]
FF Extension: Adblock Plus - C:\Users\Nicolás\AppData\Roaming\Mozilla\Firefox\Profiles\undr4o9x.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-27]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com.ar/"
CHR DefaultSearchKeyword: Default -> E5DBFA22F12FA4558BFCAD4C53C2CAEF15018753FF3676C2BE10E30267BCF398
CHR Profile: C:\Users\Nicolás\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Las gotas de lluvia) - C:\Users\Nicolás\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcipapbfhdnmgihoimbjiadmhpcgcnil [2014-03-26]
CHR Extension: (YouTube) - C:\Users\Nicolás\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-06]
CHR Extension: (Adblock Plus) - C:\Users\Nicolás\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-31]
CHR Extension: (Búsqueda de Google) - C:\Users\Nicolás\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-06]
CHR Extension: (Escritorio remoto de Chrome) - C:\Users\Nicolás\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2014-04-21]
CHR Extension: (Hola Un Internet Mejor) - C:\Users\Nicolás\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2014-09-06]
CHR Extension: (IE Tab) - C:\Users\Nicolás\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2014-02-14]
CHR Extension: (Test de Velocidad) - C:\Users\Nicolás\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlhbmnfdcklajeaeikfinieljfegamko [2014-03-15]
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\Nicolás\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2014-02-07]
CHR Extension: (Chrome to Mobile) - C:\Users\Nicolás\AppData\Local\Google\Chrome\User Data\Default\Extensions\idknbmbdnapjicclomlijcgfpikmndhd [2014-02-06]
CHR Extension: (Cuevana Stream) - C:\Users\Nicolás\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfdckejfnkaemompfjhecfmhjgnchmjg [2014-02-06]
CHR Extension: (Google Wallet) - C:\Users\Nicolás\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-29]
CHR Extension: (Gmail) - C:\Users\Nicolás\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-06]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\37.0.2062.28\remoting_host.exe [51016 2014-07-17] (Google Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-12-07] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-08-16] ()
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [105448 2014-08-28] (Razer Inc.)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [688128 2013-11-19] () [File not signed]
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-22] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2014-03-11] (Advanced Micro Devices)
S3 droidpad; C:\Windows\System32\drivers\droidpad.sys [21320 2013-04-18] (Windows ® Win 7 DDK provider)
R3 SaiK0CD3; C:\Windows\system32\DRIVERS\SaiK0CD3.sys [180544 2012-09-20] (Saitek)
R3 SaiMini; C:\Windows\System32\drivers\SaiMini.sys [25120 2013-04-30] (Saitek)
R3 SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)
R3 SaiU0CD3; C:\Windows\System32\drivers\SaiU0CD3.sys [47168 2012-09-20] (Saitek)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-12 15:57 - 2014-09-13 14:57 - 00000000 ____D () C:\FRST
2014-09-11 12:31 - 2014-08-15 23:40 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-11 12:31 - 2014-08-15 23:04 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-11 12:31 - 2014-08-15 23:00 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-11 12:31 - 2014-08-15 23:00 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-11 12:31 - 2014-08-15 22:56 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-11 12:31 - 2014-08-15 22:54 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-11 12:31 - 2014-08-15 22:45 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-11 12:31 - 2014-08-15 22:43 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-11 12:31 - 2014-08-15 22:32 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-11 12:31 - 2014-08-15 22:25 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-11 12:31 - 2014-08-15 22:22 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-11 12:31 - 2014-08-15 22:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-11 12:31 - 2014-08-15 22:19 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-11 12:31 - 2014-08-15 22:18 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-11 12:31 - 2014-08-15 22:18 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-11 12:31 - 2014-08-15 22:11 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-11 12:31 - 2014-08-15 22:06 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-11 12:31 - 2014-08-15 22:05 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-11 12:31 - 2014-08-15 22:05 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-11 12:31 - 2014-08-15 22:03 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-11 12:31 - 2014-08-15 22:03 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-11 12:31 - 2014-08-15 21:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-11 12:31 - 2014-08-15 21:56 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-11 12:31 - 2014-08-15 21:53 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-11 12:31 - 2014-08-15 21:53 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-11 12:31 - 2014-08-15 21:53 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-11 12:31 - 2014-08-15 21:51 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-11 12:31 - 2014-08-15 21:45 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-11 12:31 - 2014-08-15 21:44 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-11 12:31 - 2014-08-15 21:44 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-11 12:31 - 2014-08-15 21:34 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-11 12:31 - 2014-08-15 21:20 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-11 12:31 - 2014-08-15 21:18 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-11 12:31 - 2014-08-15 21:14 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-11 12:31 - 2014-08-15 21:12 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-10 22:37 - 2014-09-04 23:36 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-09-10 22:37 - 2014-09-04 23:31 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-10 22:37 - 2014-09-04 21:48 - 00738816 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 22:37 - 2014-08-01 21:18 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-09-10 22:33 - 2014-07-24 00:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2014-09-10 22:33 - 2014-07-24 00:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2014-09-10 14:35 - 2014-09-10 14:35 - 00002062 _____ () C:\Users\Public\Desktop\Razer Cortex.lnk
2014-09-10 14:35 - 2014-09-10 14:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2014-09-10 14:35 - 2014-09-10 14:35 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-09-10 08:50 - 2014-09-12 16:04 - 00525618 _____ () C:\Windows\PFRO.log
2014-09-09 18:26 - 2014-09-09 18:26 - 00000910 _____ () C:\Users\Public\Desktop\FIFA 15 Demo.lnk
2014-09-09 18:26 - 2014-09-09 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 15 Demo
2014-09-07 18:47 - 2014-09-07 18:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The SIMS 4 Deluxe Edition
2014-09-07 15:05 - 2014-09-07 15:05 - 00003584 _____ () C:\Windows\System32\Tasks\Maxthon Update
2014-09-07 15:05 - 2014-09-07 15:05 - 00000000 ____D () C:\Users\Nicolás\AppData\Roaming\Maxthon3
2014-09-07 15:05 - 2014-09-07 15:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser
2014-09-07 15:02 - 2014-09-13 11:08 - 00000000 ____D () C:\Users\Nicolás\AppData\Roaming\pushbullet
2014-09-07 15:02 - 2014-09-07 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pushbullet
2014-09-02 15:50 - 2014-03-03 17:19 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2014-08-29 11:11 - 2014-09-12 14:34 - 00002572 _____ () C:\Windows\setupact.log
2014-08-29 11:11 - 2014-08-29 11:11 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-28 18:00 - 2014-08-28 18:00 - 00000000 ____D () C:\Users\Nicolás\AppData\Local\storage
2014-08-28 15:10 - 2014-08-28 15:10 - 00000000 ____D () C:\ProgramData\REVOLT
2014-08-28 08:04 - 2014-08-22 21:42 - 04148224 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 14:16 - 2014-08-27 14:16 - 00000000 ____D () C:\Users\Nicolás\AppData\Local\Macromedia
2014-08-27 11:44 - 2014-09-13 14:25 - 00000838 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-27 11:44 - 2014-09-09 15:26 - 00003726 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-27 11:17 - 2014-08-27 11:17 - 00000000 ____D () C:\Users\Nicolás\AppData\Local\Mozilla
2014-08-26 14:56 - 2014-08-26 14:56 - 00000000 ____D () C:\ProgramData\Mozilla
2014-08-25 15:10 - 2014-08-25 15:10 - 00000000 ____D () C:\Users\Nicolás\AppData\Roaming\Colibri Games
2014-08-25 15:10 - 2014-08-25 15:10 - 00000000 ____D () C:\ProgramData\Colibri Games
2014-08-24 01:13 - 2014-08-24 01:13 - 00000000 ____D () C:\ProgramData\Age of Empires 3
2014-08-24 01:12 - 2014-08-30 16:31 - 00100432 _____ () C:\Windows\DirectX.log
2014-08-23 20:10 - 2014-09-05 16:23 - 05117744 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-20 10:14 - 2014-09-13 13:37 - 01251418 _____ () C:\Windows\WindowsUpdate.log
2014-08-18 13:44 - 2014-08-19 14:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2014-08-18 12:49 - 2014-08-18 12:49 - 00000000 ____D () C:\Users\Nicolás\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dream Tale - The Golden Keys
2014-08-16 18:35 - 2014-08-16 18:35 - 00000000 ____D () C:\ProgramData\ATI
2014-08-16 18:15 - 2014-08-16 18:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-13 14:57 - 2014-09-12 15:57 - 00000000 ____D () C:\FRST
2014-09-13 14:25 - 2014-08-27 11:44 - 00000838 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-13 14:25 - 2013-11-29 00:48 - 00000922 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-13 14:02 - 2013-08-22 12:36 - 00000000 ____D () C:\Windows\system32\sru
2014-09-13 13:47 - 2014-05-11 16:48 - 00005046 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for HOME-PC-Nicolás Home-PC
2014-09-13 13:37 - 2014-08-20 10:14 - 01251418 _____ () C:\Windows\WindowsUpdate.log
2014-09-13 12:39 - 2013-11-29 01:02 - 00000000 ____D () C:\Users\Nicolás\AppData\Roaming\uTorrent
2014-09-13 12:20 - 2013-11-29 00:28 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3817839899-1924858115-234469675-1001
2014-09-13 11:29 - 2013-11-29 19:04 - 00000000 ____D () C:\ProgramData\Origin
2014-09-13 11:10 - 2013-11-29 00:48 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-13 11:08 - 2014-09-07 15:02 - 00000000 ____D () C:\Users\Nicolás\AppData\Roaming\pushbullet
2014-09-13 01:34 - 2013-08-22 11:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-13 01:33 - 2013-08-22 10:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-09-13 01:31 - 2013-11-29 00:28 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{B53EA8D2-A8BF-441E-8821-57CB044B565F}
2014-09-13 00:29 - 2013-08-22 12:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-09-12 16:04 - 2014-09-10 08:50 - 00525618 _____ () C:\Windows\PFRO.log
2014-09-12 15:33 - 2014-07-09 16:49 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-12 14:34 - 2014-08-29 11:11 - 00002572 _____ () C:\Windows\setupact.log
2014-09-12 14:01 - 2013-11-29 00:22 - 00000000 ____D () C:\Users\Nicolás\AppData\Local\Packages
2014-09-12 12:42 - 2014-02-07 03:46 - 00000132 _____ () C:\Users\Nicolás\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-09-11 14:59 - 2013-11-29 06:15 - 00000000 ____D () C:\Users\Nicolás\AppData\Roaming\Dropbox
2014-09-11 13:47 - 2014-02-07 23:12 - 00000132 _____ () C:\Users\Nicolás\AppData\Roaming\Adobe BMP Format CS6 Prefs
2014-09-11 12:36 - 2013-08-22 12:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-09-11 12:35 - 2014-03-04 01:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-09-11 12:35 - 2014-03-04 01:06 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-11 12:32 - 2014-06-11 08:30 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-11 12:32 - 2014-06-11 08:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-11 12:31 - 2014-06-11 08:35 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-11 12:31 - 2014-06-11 08:35 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-11 12:31 - 2014-06-11 08:30 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-11 12:31 - 2014-06-11 08:30 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-11 12:31 - 2014-06-11 08:30 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-11 12:31 - 2014-06-11 08:30 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-11 12:31 - 2014-06-11 08:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-11 12:31 - 2014-06-11 08:30 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-11 12:31 - 2014-06-11 08:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-11 12:31 - 2014-06-11 08:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-11 12:31 - 2014-06-11 08:30 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-11 12:31 - 2014-06-11 08:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-11 12:31 - 2014-05-02 16:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-11 12:31 - 2014-05-02 16:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 15:50 - 2013-11-29 02:57 - 00000000 ____D () C:\Users\Nicolás\AppData\Roaming\Spotify
2014-09-10 14:56 - 2013-11-29 03:03 - 00000000 ____D () C:\Users\Nicolás\AppData\Local\Spotify
2014-09-10 14:35 - 2014-09-10 14:35 - 00002062 _____ () C:\Users\Public\Desktop\Razer Cortex.lnk
2014-09-10 14:35 - 2014-09-10 14:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2014-09-10 14:35 - 2014-09-10 14:35 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-09-10 14:35 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\Nicolás\AppData\Local\Razer_Inc
2014-09-10 14:35 - 2014-06-20 23:35 - 00000000 ____D () C:\Users\Nicolás\AppData\Local\Razer
2014-09-10 14:35 - 2014-06-20 23:35 - 00000000 ____D () C:\ProgramData\Razer
2014-09-10 01:46 - 2013-12-31 11:09 - 00000000 ____D () C:\Users\Nicolás\AppData\Roaming\vlc
2014-09-09 18:26 - 2014-09-09 18:26 - 00000910 _____ () C:\Users\Public\Desktop\FIFA 15 Demo.lnk
2014-09-09 18:26 - 2014-09-09 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 15 Demo
2014-09-09 15:26 - 2014-08-27 11:44 - 00003726 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-09 13:41 - 2014-05-31 23:13 - 00000000 ____D () C:\Users\Nicolás\AppData\Roaming\TU Go
2014-09-08 11:44 - 2014-08-11 11:30 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-09-08 11:27 - 2013-11-29 06:56 - 00808994 _____ () C:\Windows\system32\perfh00A.dat
2014-09-08 11:27 - 2013-11-29 06:56 - 00166346 _____ () C:\Windows\system32\perfc00A.dat
2014-09-08 11:27 - 2013-11-29 00:28 - 01829802 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-07 19:19 - 2013-11-29 19:15 - 00000000 ____D () C:\Users\Nicolás\AppData\Roaming\Origin
2014-09-07 18:47 - 2014-09-07 18:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The SIMS 4 Deluxe Edition
2014-09-07 15:05 - 2014-09-07 15:05 - 00003584 _____ () C:\Windows\System32\Tasks\Maxthon Update
2014-09-07 15:05 - 2014-09-07 15:05 - 00000000 ____D () C:\Users\Nicolás\AppData\Roaming\Maxthon3
2014-09-07 15:05 - 2014-09-07 15:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser
2014-09-07 15:02 - 2014-09-07 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pushbullet
2014-09-06 01:09 - 2013-11-29 00:17 - 00000000 ____D () C:\Users\Nicolás
2014-09-05 20:55 - 2014-05-19 09:47 - 00000000 ____D () C:\Users\Nicolás\AppData\Local\Cuevana
2014-09-05 16:23 - 2014-08-23 20:10 - 05117744 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-04 23:36 - 2014-09-10 22:37 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-09-04 23:31 - 2014-09-10 22:37 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-04 21:48 - 2014-09-10 22:37 - 00738816 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-02 17:06 - 2013-11-30 22:39 - 00706016 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-02 17:06 - 2013-11-30 22:39 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-02 14:13 - 2014-02-01 01:09 - 00000000 ____D () C:\Users\Nicolás\AppData\Local\SKIDROW
2014-08-30 22:04 - 2013-08-22 12:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-30 16:31 - 2014-08-24 01:12 - 00100432 _____ () C:\Windows\DirectX.log
2014-08-29 14:12 - 2013-11-29 00:47 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-29 14:11 - 2014-04-11 11:04 - 00000000 ____D () C:\Users\Nicolás\AppData\Local\Ubisoft
2014-08-29 11:11 - 2014-08-29 11:11 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-28 18:04 - 2013-12-07 00:55 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-28 18:00 - 2014-08-28 18:00 - 00000000 ____D () C:\Users\Nicolás\AppData\Local\storage
2014-08-28 15:10 - 2014-08-28 15:10 - 00000000 ____D () C:\ProgramData\REVOLT
2014-08-27 14:16 - 2014-08-27 14:16 - 00000000 ____D () C:\Users\Nicolás\AppData\Local\Macromedia
2014-08-27 11:17 - 2014-08-27 11:17 - 00000000 ____D () C:\Users\Nicolás\AppData\Local\Mozilla
2014-08-27 11:17 - 2014-03-11 13:42 - 00000000 ____D () C:\Users\Nicolás\AppData\Roaming\Mozilla
2014-08-26 14:56 - 2014-08-26 14:56 - 00000000 ____D () C:\ProgramData\Mozilla
2014-08-25 15:10 - 2014-08-25 15:10 - 00000000 ____D () C:\Users\Nicolás\AppData\Roaming\Colibri Games
2014-08-25 15:10 - 2014-08-25 15:10 - 00000000 ____D () C:\ProgramData\Colibri Games
2014-08-24 01:13 - 2014-08-24 01:13 - 00000000 ____D () C:\ProgramData\Age of Empires 3
2014-08-22 21:42 - 2014-08-28 08:04 - 04148224 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 13:53 - 2013-11-29 02:09 - 00000000 ____D () C:\Users\Nicolás\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-08-20 14:24 - 2013-08-22 12:36 - 00000000 ____D () C:\Windows\rescache
2014-08-19 14:58 - 2014-08-18 13:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2014-08-19 13:33 - 2013-11-29 06:11 - 00000878 _____ () C:\Users\Nicolás\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-08-18 18:17 - 2014-04-22 10:34 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-18 17:27 - 2013-11-30 22:28 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-18 17:23 - 2013-11-30 22:28 - 99218768 ____N (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-18 12:49 - 2014-08-18 12:49 - 00000000 ____D () C:\Users\Nicolás\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dream Tale - The Golden Keys
2014-08-16 19:58 - 2014-04-11 11:09 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-08-16 19:58 - 2013-12-03 05:04 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-08-16 18:35 - 2014-08-16 18:35 - 00000000 ____D () C:\ProgramData\ATI
2014-08-16 18:15 - 2014-08-16 18:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity
2014-08-16 15:04 - 2013-12-03 05:04 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-08-16 15:04 - 2013-12-03 05:04 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-08-16 00:00 - 2013-08-22 12:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-15 23:40 - 2014-09-11 12:31 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-15 23:04 - 2014-09-11 12:31 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-15 23:00 - 2014-09-11 12:31 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-15 23:00 - 2014-09-11 12:31 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-15 22:56 - 2014-09-11 12:31 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-15 22:54 - 2014-09-11 12:31 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-15 22:45 - 2014-09-11 12:31 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-15 22:43 - 2014-09-11 12:31 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-15 22:32 - 2014-09-11 12:31 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-15 22:25 - 2014-09-11 12:31 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-15 22:22 - 2014-09-11 12:31 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-15 22:20 - 2014-09-11 12:31 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-15 22:19 - 2014-09-11 12:31 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-15 22:18 - 2014-09-11 12:31 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-15 22:18 - 2014-09-11 12:31 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-15 22:11 - 2014-09-11 12:31 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-15 22:06 - 2014-09-11 12:31 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-15 22:05 - 2014-09-11 12:31 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-15 22:05 - 2014-09-11 12:31 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-15 22:03 - 2014-09-11 12:31 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-15 22:03 - 2014-09-11 12:31 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-15 21:58 - 2014-09-11 12:31 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-15 21:56 - 2014-09-11 12:31 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-15 21:53 - 2014-09-11 12:31 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-15 21:53 - 2014-09-11 12:31 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-15 21:53 - 2014-09-11 12:31 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-15 21:51 - 2014-09-11 12:31 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-15 21:45 - 2014-09-11 12:31 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-15 21:44 - 2014-09-11 12:31 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-15 21:44 - 2014-09-11 12:31 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-15 21:34 - 2014-09-11 12:31 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-15 21:20 - 2014-09-11 12:31 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-15 21:18 - 2014-09-11 12:31 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-15 21:14 - 2014-09-11 12:31 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-15 21:12 - 2014-09-11 12:31 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-15 00:04 - 2014-04-13 17:42 - 00000000 ____D () C:\ProgramData\Ubisoft
2014-08-14 16:40 - 2013-11-29 06:17 - 00000000 ____D () C:\Users\Nicolás\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-14 10:57 - 2013-11-29 06:48 - 00000000 ____D () C:\Users\Nicolás\AppData\Roaming\Skype
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-10 09:33
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by Nicolás at 2014-09-13 14:58:51
Running from D:\User\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.33023 - BitTorrent Inc.)
1.00Patchmenu_maximedia_juannf (HKLM-x32\...\1.00Patchmenu_maximedia_juannf) (Version:  - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1210 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1210 - Adobe Systems Incorporated) Hidden
Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version:  - Ensemble Studios)
AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Nombre de su organización) Hidden
AMD Catalyst Install Manager (HKLM\...\{3FAEEEBE-48F4-84C1-2B49-96AE73E67E3E}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Assassin's Creed Revelations (HKLM-x32\...\Steam App 201870) (Version:  - Ubisoft Montreal)
Batman: Arkham Asylum GOTY Edition (HKLM-x32\...\Steam App 35140) (Version:  - Rocksteady Studios)
Batman: Arkham City GOTY (HKLM-x32\...\Steam App 200260) (Version:  - Rocksteady Studios)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.66.1075 - AB Team, d.o.o.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Chrome Remote Desktop Host (HKLM-x32\...\{7D2C319D-3907-472D-9B55-EC1F240962FC}) (Version: 37.0.2062.28 - Google Inc.)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)
Counter-Strike: Condition Zero (HKLM-x32\...\Steam App 80) (Version:  - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Cuevana Storm versión 0.1b (HKLM-x32\...\{CB7BA2E8-323E-4684-8D96-4A5EAF481D9A}_is1) (Version: 0.1b - Cuevana)
Deadlight (HKLM-x32\...\Steam App 211400) (Version:  - Tequila Works, S.L.)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{BF1E7B7B-8FBB-45C8-B170-214AA0F4F6AE}) (Version:  - Microsoft)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
Dream Tale - The Golden Keys (HKLM-x32\...\Dream Tale - The Golden Keys1.0) (Version: 1.0 - Foxy Games)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.27 - Dropbox, Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
EA SPORTS Game Face Browser Plugin 1.8.0.0 (HKCU\...\EA SPORTS Game Face Browser Plugin) (Version: 1.8.0.0 - Electronic Arts)
EA SPORTS™ FIFA 15 Demo (HKLM-x32\...\{108C0C19-6316-4944-A62F-C744488F8639}) (Version: 1.0.0.0 - Electronic Arts)
Eines de correcció del Microsoft Office 2013: català (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
F1 2013 (HKLM-x32\...\Steam App 223670) (Version:  - Codemasters Birmingham)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
Ferramentas de verificación de Microsoft Office 2013 - Galego (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
Flight Simulator X (HKLM-x32\...\RTMshadow_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version:  - )
Flight Simulator X Service Pack 1 (HKLM-x32\...\SP1shadow_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version:  - )
FreeArc 0.666 (HKLM-x32\...\FreeArc) (Version: 0.666 - Bulat Ziganshin)
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version:  - Greenheart Games)
Gods Will Be Watching (HKLM-x32\...\1207664883_is1) (Version: 2.0.0.1 - GOG.com)
Gone Home (HKLM-x32\...\Steam App 232430) (Version:  - The Fullbright Company)
Google Chrome (HKLM-x32\...\{51020C27-7422-3FBE-9480-4CB1CCC8E2CC}) (Version: 65.156.32827 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Gunpoint (HKLM-x32\...\Steam App 206190) (Version:  - Suspicious Developments)
Gyazo 2.0.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
Hammerwatch (HKLM-x32\...\Steam App 239070) (Version:  - )
Hotline Miami (HKLM-x32\...\Steam App 219150) (Version:  - Dennaton Games)
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
Indie Game: The Movie (HKLM-x32\...\Steam App 207080) (Version:  - BlinkWorks Media)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417065FF}) (Version: 7.0.650 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 2.0 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kinetic Void (HKLM-x32\...\Steam App 227160) (Version:  - Badland Studio)
KMSpico v9.0.5.20131118 (HKLM\...\KMSpico_is1) (Version: 9.0.5.20131118 - )
Lara Croft and the Guardian of Light (HKLM-x32\...\Steam App 35130) (Version:  - Crystal Dynamics)
Longman Pronunciation Dictionary (HKLM-x32\...\NSIS_lpd) (Version:  - )
LUFTRAUSERS (HKLM-x32\...\Steam App 233150) (Version:  - Vlambeer)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.1.5000 - Maxthon International Limited)
Microsoft Access MUI (Spanish) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Spanish) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (Spanish) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Flight Simulator X (x32 Version: 10.0.61355.0 - Microsoft Game Studios) Hidden
Microsoft Flight Simulator X Service Pack 1 (x32 Version: 10.0.61355.0 - Microsoft Game Studios) Hidden
Microsoft Flight Simulator X: Acceleration (HKLM-x32\...\FlightSim_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Flight Simulator X: Acceleration (x32 Version: 10.0.61637.0 - Microsoft Game Studios) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Groove MUI (Spanish) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Spanish) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (Spanish) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Spanish) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Spanish) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Spanish) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Spanish) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office zuzenketa-tresnak 2013 - Euskara (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (Spanish) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Spanish) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Spanish) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Spanish) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{51adbf11-493f-431c-a862-967a0fae2944}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Word MUI (Spanish) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Octoshape Streaming Services (HKCU\...\Octoshape Streaming Services) (Version:  - Octoshape ApS)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Papers, Please (HKLM-x32\...\Steam App 239030) (Version:  - 3909)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PixelJunk Eden (HKLM-x32\...\Steam App 105800) (Version:  - Q-Games, Ltd.)
Plague Inc Evolved v0.7.5 (HKLM-x32\...\Plague Inc Evolved v0.7.50.7.5) (Version: 0.7.5 - Friends in War)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.9 - Power Software Ltd)
Prince of Persia (HKLM-x32\...\{7C11154F-3539-4CB5-979D-EF7913473E53}) (Version: 1.0 - Ubisoft)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Pushbullet version 101 (HKLM-x32\...\{7578F204-49E7-4830-B051-14C23F408BFE}_is1) (Version: 101 - Pushbullet Inc)
QUICKfind server v1.1 (HKLM-x32\...\QUICKfind) (Version:  - IDM)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 5.0.89.0 - Razer Inc.)
Red Orchestra 2: Heroes of Stalingrad - Single Player (HKLM-x32\...\Steam App 236830) (Version:  - )
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2817430) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Visio 2013 (KB2817443) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
SimCity versión 10.0.0.0 (HKLM-x32\...\SimCity_is1) (Version: 10.0.0.0 - Maxis)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Smart Technology Programming Software 7.0.27.13 (HKLM\...\{BD90BC1C-115D-47E1-B85C-07AE182C3AB8}) (Version: 7.0.27.13 - Mad Catz)
Spotify (HKCU\...\Spotify) (Version: 0.9.12.10.g89b2a4fc - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
SteamWorld Dig (HKLM-x32\...\Steam App 252410) (Version:  - Image&amp;Form)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The SIMS 4 Deluxe Edition (HKLM-x32\...\The SIMS 4 Deluxe Edition_is1) (Version: 1.0 - Релиз от R.G. Steamgames)
The Tiny Bang Story (HKLM-x32\...\Steam App 96000) (Version:  - Colibri Games)
Thinking with Time Machine (HKLM-x32\...\Steam App 286080) (Version:  - Stridemann)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version:  - Crystal Dynamics)
TU Go (HKLM-x32\...\{059fb95c-37f7-4751-82e6-03c60d3c9980}) (Version: 1.2.2.27 - Telefonica Digital Ltd.)
TU Go (x32 Version: 1.2.2.27 - Telefonica Digital Ltd.) Hidden
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for Microsoft Excel 2013 (KB2889861) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{F47D9DA0-739D-4FEE-A2CD-16B23382F7EE}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2889861) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{F47D9DA0-739D-4FEE-A2CD-16B23382F7EE}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2889861) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{F47D9DA0-739D-4FEE-A2CD-16B23382F7EE}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2889861) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{F47D9DA0-739D-4FEE-A2CD-16B23382F7EE}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2889861) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{F47D9DA0-739D-4FEE-A2CD-16B23382F7EE}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2881083) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{A519F6FC-54A6-40AE-B93C-407D09B09271}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2889860) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{1AB594AE-C42D-4194-931B-29AD09067631}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2889860) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1AB594AE-C42D-4194-931B-29AD09067631}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2889860) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{1AB594AE-C42D-4194-931B-29AD09067631}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760249) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{8C07AD38-38EB-4332-BCB3-F55A77C927DF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{9BC5FF1D-9626-44D7-BC7F-EB44BD8BDB9F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7C5CEE0F-6823-4BB7-A28F-76FEC14EB6AC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881001) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{31849233-AD8B-42D7-9AE1-74C79C8E8C03}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881009) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7A3EF4FF-A9C8-4F7E-8020-A45F7D319387}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0090-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881039) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{1B208923-2810-414F-82CC-AFFC1B19563F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881081) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6171BC1B-907E-44D4-930A-4AE0D9260E65}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{B8E73381-09B1-4895-ACD0-34385B0F526D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883049) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{1C6260FD-A280-49FE-89D0-CCEC647FBD8E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883052) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{3F3A95FF-9F40-4B19-8227-53DF683B4CF9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883052) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{3F3A95FF-9F40-4B19-8227-53DF683B4CF9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0403-0000-0000000FF1CE}_Office15.PROPLUS_{6A24063A-A8C4-427B-A208-CAB99582C988}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUS_{DA288EB3-648C-433C-88AC-71AEAAFAACF7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 32-Bit Edition (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}_Office15.PROPLUS_{51865C36-97D4-4210-A33E-50BCC8CDDF72}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0416-0000-0000000FF1CE}_Office15.PROPLUS_{E7690DB0-8A81-4933-89F9-8E27C0C7E4A9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 32-Bit Edition (HKLM-x32\...\{90150000-001F-042D-0000-0000000FF1CE}_Office15.PROPLUS_{5D49A18F-1F8C-42AB-AA23-1F2E93C7770D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0456-0000-0000000FF1CE}_Office15.PROPLUS_{4DB19EA4-56A4-4893-9FD3-7B6972424CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{C20FB0E0-31F6-4958-B94D-AEF3CC31FD87}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889862) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{96AE4BBC-69CC-4004-8B53-1F40B2461755}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889862) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{96AE4BBC-69CC-4004-8B53-1F40B2461755}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{90EEAEDF-CD51-4E8C-B781-7A071EC53C36}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{90EEAEDF-CD51-4E8C-B781-7A071EC53C36}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{90EEAEDF-CD51-4E8C-B781-7A071EC53C36}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 32-Bit Edition (HKLM-x32\...\{90150000-00BA-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{90EEAEDF-CD51-4E8C-B781-7A071EC53C36}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{CA0F0611-10FB-47D4-A642-E3BABCC73393}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CA0F0611-10FB-47D4-A642-E3BABCC73393}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 32-Bit Edition (HKLM-x32\...\{90150000-00A1-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{CA0F0611-10FB-47D4-A642-E3BABCC73393}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2881011) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{E2362D6B-C590-4698-A990-35B4A77A294D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2881011) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{E2362D6B-C590-4698-A990-35B4A77A294D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2889847) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{F080A0ED-070F-4E33-833F-CF893968E6A8}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2889847) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{F080A0ED-070F-4E33-833F-CF893968E6A8}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7500AD77-83C6-400B-8B2F-F8E401A7B697}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 32-Bit Edition (HKLM-x32\...\{90150000-0019-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{7500AD77-83C6-400B-8B2F-F8E401A7B697}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{A7CD05CC-CA85-428C-91FD-74A908D126E1}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2883058) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{78F4AB20-5992-425F-BCFB-ECCFF3531F55}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2883058) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{78F4AB20-5992-425F-BCFB-ECCFF3531F55}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2883058) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{78F4AB20-5992-425F-BCFB-ECCFF3531F55}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2883058) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{78F4AB20-5992-425F-BCFB-ECCFF3531F55}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
USB PnP Sound Device (HKLM-x32\...\{942F9AC6-31F5-464A-82D0-89C6390F7E24}) (Version:   -  )
version final de episodio4 (HKLM-x32\...\version final de episodio4) (Version:  - )
version3.0_patch final_Maximedia (HKLM-x32\...\version3.0_patch final_Maximedia) (Version:  - )
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
Volgarr the Viking (HKLM-x32\...\Steam App 247240) (Version:  - Crazy Viking Studios)
VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.0.0.74 - VSO Software)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-3817839899-1924858115-234469675-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Nicolás\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3817839899-1924858115-234469675-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nicolás\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3817839899-1924858115-234469675-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nicolás\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3817839899-1924858115-234469675-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nicolás\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3817839899-1924858115-234469675-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nicolás\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3817839899-1924858115-234469675-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nicolás\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3817839899-1924858115-234469675-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nicolás\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3817839899-1924858115-234469675-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nicolás\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3817839899-1924858115-234469675-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nicolás\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
 
==================== Restore Points  =========================
 
29-08-2014 17:11:29 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
30-08-2014 19:17:37 Installed NBA 2K14
07-09-2014 21:47:44 Se ha instalado DirectX
09-09-2014 21:25:23 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
13-09-2014 15:21:29 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 10:25 - 2014-04-29 16:12 - 00000905 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1               http://www.piriform.com
127.0.0.1 license.piriform.com
 
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {00AA0E27-DB73-4636-96AC-A499FB15426E} - System32\Tasks\Maxthon Update => D:\Program Files (x86)\Maxthon\Bin\mxup.exe [2014-07-31] (Maxthon International ltd.)
Task: {01E4DE12-57E6-42F8-BD48-74FDCDB18DB6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-29] (Google Inc.)
Task: {02344E12-A783-4A86-A3D7-356FB2BEF500} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {08498F40-815A-4365-AB1B-84E08BC3A2F6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {322555FF-108F-4EE4-9E73-695D559DBBE5} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {39E3284E-1426-4691-AC55-071D61083468} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3D512712-8C38-4A2A-9560-283D96CA039A} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {4133BDD8-2E60-4A6A-85B3-D8604768D9EE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {51BDD364-7068-4AC9-A273-1313C5211DEC} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {624EBC00-1FFE-49EB-807A-DFDE69EC7CAB} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2013-11-19] ()
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {7698CACC-CC4C-4E3A-B9F3-49470C4386F9} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {76FCA4B6-0D47-458B-8E2B-59B1C03BEDD5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-29] (Google Inc.)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9701B14E-970E-4E4A-9700-20BCCA884C50} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {986906D2-DE84-4A43-9465-099BCC688396} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-08-18] (Microsoft Corporation)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {BEC36B19-F87B-49D3-B568-907270CBFD59} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {C2DF9625-BA1A-4E77-B6DE-0F3C61681AC2} - System32\Tasks\Microsoft Office 15 Sync Maintenance for HOME-PC-Nicolás Home-PC => D:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe [2014-07-27] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {ECC6B98C-B7CC-4A73-A4AE-06D4CC7909AC} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {F0DE2AFF-DAB7-4E32-97BB-8F4E0B46172B} - \AutoKMS No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-12-03 05:04 - 2014-08-16 15:04 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-02-05 23:49 - 2011-03-02 12:40 - 00164864 _____ () D:\Program Files\WinRAR\rarext.dll
2014-09-10 14:35 - 2012-11-20 16:13 - 00264192 _____ () C:\Program Files (x86)\Razer\Razer Cortex\D3DX8Wrapper.dll
2014-08-29 23:10 - 2014-08-29 23:10 - 00962560 _____ () D:\Program Files (x86)\Origin\platforms\qwindows.dll
2014-08-29 23:10 - 2014-08-29 23:10 - 00024064 _____ () D:\Program Files (x86)\Origin\imageformats\qgif.dll
2014-08-29 23:10 - 2014-08-29 23:10 - 00025088 _____ () D:\Program Files (x86)\Origin\imageformats\qico.dll
2014-08-29 23:10 - 2014-08-29 23:10 - 00217088 _____ () D:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2014-08-29 23:10 - 2014-08-29 23:10 - 00261632 _____ () D:\Program Files (x86)\Origin\imageformats\qmng.dll
2014-08-29 23:10 - 2014-08-29 23:10 - 00019968 _____ () D:\Program Files (x86)\Origin\imageformats\qtga.dll
2014-08-29 23:10 - 2014-08-29 23:10 - 00302592 _____ () D:\Program Files (x86)\Origin\imageformats\qtiff.dll
2014-08-29 23:10 - 2014-08-29 23:10 - 00018944 _____ () D:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2014-08-22 13:34 - 2014-08-21 15:15 - 01171456 _____ () D:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-22 13:34 - 2014-08-21 15:15 - 00332800 _____ () D:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-22 13:34 - 2014-08-21 15:15 - 00442368 _____ () D:\Program Files (x86)\Steam\libavutil-54.dll
2014-09-05 19:30 - 2014-09-03 16:28 - 00774656 _____ () D:\Program Files (x86)\Steam\SDL2.dll
2014-09-11 17:48 - 2014-09-09 19:34 - 02225344 _____ () D:\Program Files (x86)\Steam\video.dll
2014-08-22 13:34 - 2014-08-21 15:15 - 00403968 _____ () D:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-22 13:34 - 2014-08-21 15:15 - 00485888 _____ () D:\Program Files (x86)\Steam\libswscale-3.dll
2014-09-11 17:48 - 2014-09-09 19:34 - 00679616 _____ () D:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-09-11 17:48 - 2014-09-04 20:29 - 34589376 _____ () D:\Program Files (x86)\Steam\bin\libcef.dll
2014-09-11 17:48 - 2014-09-04 20:29 - 00837824 _____ () D:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2014-09-07 15:05 - 2014-07-31 05:36 - 00258944 _____ () D:\Program Files (x86)\Maxthon\bin\Maxzlib.dll
2014-09-07 15:05 - 2014-07-31 05:36 - 00247096 _____ () D:\Program Files (x86)\Maxthon\Addons\Mobile\MxMobile.dll
2014-09-07 15:05 - 2014-07-31 05:36 - 00258944 _____ () D:\Program Files (x86)\Maxthon\Bin\maxzlib.dll
2014-09-07 15:05 - 2014-07-31 05:37 - 00887064 _____ () D:\Program Files (x86)\Maxthon\Core\Webkit\libglesv2.dll
2014-09-07 15:05 - 2014-07-31 05:37 - 00109336 _____ () D:\Program Files (x86)\Maxthon\Core\Webkit\libegl.dll
2014-09-07 15:05 - 2014-07-31 05:37 - 04055504 _____ () D:\Program Files (x86)\Maxthon\Core\Webkit\pdf.dll
2014-09-07 15:05 - 2014-07-31 05:37 - 02128152 _____ () D:\Program Files (x86)\Maxthon\Core\Webkit\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "SaiMfd"
HKLM\...\StartupApproved\Run: => "ProfilerU"
HKLM\...\StartupApproved\Run: => "Zune Launcher"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKCU\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKCU\...\StartupApproved\Run: => "HydraVisionDesktopManager"
HKCU\...\StartupApproved\Run: => "EADM"
HKCU\...\StartupApproved\Run: => "Skype"
HKCU\...\StartupApproved\Run: => "Spotify"
HKCU\...\StartupApproved\Run: => "Spotify Web Helper"
HKCU\...\StartupApproved\Run: => "uTorrent"
HKCU\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_62F5EB9D25715EB0403A0E53D7C81B4C"
HKCU\...\StartupApproved\Run: => "Octoshape Streaming Services"
HKCU\...\StartupApproved\Run: => "TU Go"
HKCU\...\StartupApproved\Run: => "Topkpd"
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/13/2014 00:45:46 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows no puede tener acceso al archivo  por alguna de las siguientes razones:
Hay un problema con la conexión de red, con el disco donde se almacena este archivo o con los controladores
de almacenamiento instalados en este equipo; o bien no se encuentra el disco.
Windows cerró el programa The Sims™ 4 por este error.
 
Programa: The Sims™ 4
Archivo: 
 
El valor del error se muestra en la sección Datos adicionales.
Acción del usuario
1. Abra el archivo de nuevo.
Podría ser solo un problema temporal que se corrige al ejecutar el programa de nuevo.
2.
Si todavía no se puede tener acceso al archivo y 
- Está en la red,
el administrador de red debe comprobar que no exista ningún problema con la red y que es posible ponerse en contacto con el servidor.
- Está en un disco extraíble, como un disquete o un CD-ROM, compruebe que el disco esté insertado en el equipo.
3. Compruebe y repare el sistema de archivos ejecutando CHKDSK. Para ejecutar CHKDSK, haga clic en Inicio y después en Ejecutar; escriba CMD y después haga clic en Aceptar. En el símbolo del sistema, escriba CHKDSK /F y después presione Entrar.
4. Si el problema continúa, restaure el archivo a partir de una copia de seguridad.
5. Compruebe si se pueden abrir otros archivos en el mismo disco. Si no se pueden abrir, el disco podría estar dañado. Si se trata de un disco duro, póngase en contacto con el administrador o con el fabricante del hardware del equipo
para obtener ayuda adicional.
 
Datos adicionales
Valor del error:00000000
Tipo de disco: 0
 
Error: (09/13/2014 00:45:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: TS4.exe, versión: 1.0.677.20, marca de tiempo: 0x540a88b9
Nombre del módulo con errores: TS4.exe, versión: 1.0.677.20, marca de tiempo: 0x540a88b9
Código de excepción: 0xc000001d
Desplazamiento de errores: 0x01a57917
Identificador del proceso con errores: 0xfb4
Hora de inicio de la aplicación con errores: 0xTS4.exe0
Ruta de acceso de la aplicación con errores: TS4.exe1
Ruta de acceso del módulo con errores: TS4.exe2
Identificador del informe: TS4.exe3
Nombre completo del paquete con errores: TS4.exe4
Identificador de aplicación relativa del paquete con errores: TS4.exe5
 
Error: (09/13/2014 00:39:25 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows no puede tener acceso al archivo  por alguna de las siguientes razones:
Hay un problema con la conexión de red, con el disco donde se almacena este archivo o con los controladores
de almacenamiento instalados en este equipo; o bien no se encuentra el disco.
Windows cerró el programa The Sims™ 4 por este error.
 
Programa: The Sims™ 4
Archivo: 
 
El valor del error se muestra en la sección Datos adicionales.
Acción del usuario
1. Abra el archivo de nuevo.
Podría ser solo un problema temporal que se corrige al ejecutar el programa de nuevo.
2.
Si todavía no se puede tener acceso al archivo y 
- Está en la red,
el administrador de red debe comprobar que no exista ningún problema con la red y que es posible ponerse en contacto con el servidor.
- Está en un disco extraíble, como un disquete o un CD-ROM, compruebe que el disco esté insertado en el equipo.
3. Compruebe y repare el sistema de archivos ejecutando CHKDSK. Para ejecutar CHKDSK, haga clic en Inicio y después en Ejecutar; escriba CMD y después haga clic en Aceptar. En el símbolo del sistema, escriba CHKDSK /F y después presione Entrar.
4. Si el problema continúa, restaure el archivo a partir de una copia de seguridad.
5. Compruebe si se pueden abrir otros archivos en el mismo disco. Si no se pueden abrir, el disco podría estar dañado. Si se trata de un disco duro, póngase en contacto con el administrador o con el fabricante del hardware del equipo
para obtener ayuda adicional.
 
Datos adicionales
Valor del error:00000000
Tipo de disco: 0
 
Error: (09/13/2014 00:39:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: TS4.exe, versión: 1.0.677.20, marca de tiempo: 0x540a88b9
Nombre del módulo con errores: TS4.exe, versión: 1.0.677.20, marca de tiempo: 0x540a88b9
Código de excepción: 0xc000001d
Desplazamiento de errores: 0x01a57917
Identificador del proceso con errores: 0x1c0
Hora de inicio de la aplicación con errores: 0xTS4.exe0
Ruta de acceso de la aplicación con errores: TS4.exe1
Ruta de acceso del módulo con errores: TS4.exe2
Identificador del informe: TS4.exe3
Nombre completo del paquete con errores: TS4.exe4
Identificador de aplicación relativa del paquete con errores: TS4.exe5
 
Error: (09/13/2014 01:35:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: Service_KMS.exe, versión: 10.2.1.0, marca de tiempo: 0x528acde9
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0x00000000
Desplazamiento de errores: 0x00007ffeb8d1252c
Identificador del proceso con errores: 0x7dc
Hora de inicio de la aplicación con errores: 0xService_KMS.exe0
Ruta de acceso de la aplicación con errores: Service_KMS.exe1
Ruta de acceso del módulo con errores: Service_KMS.exe2
Identificador del informe: Service_KMS.exe3
Nombre completo del paquete con errores: Service_KMS.exe4
Identificador de aplicación relativa del paquete con errores: Service_KMS.exe5
 
Error: (09/12/2014 04:12:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: Service_KMS.exe, versión: 10.2.1.0, marca de tiempo: 0x528acde9
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0x00000000
Desplazamiento de errores: 0x00007ffd0a69252c
Identificador del proceso con errores: 0x700
Hora de inicio de la aplicación con errores: 0xService_KMS.exe0
Ruta de acceso de la aplicación con errores: Service_KMS.exe1
Ruta de acceso del módulo con errores: Service_KMS.exe2
Identificador del informe: Service_KMS.exe3
Nombre completo del paquete con errores: Service_KMS.exe4
Identificador de aplicación relativa del paquete con errores: Service_KMS.exe5
 
Error: (09/11/2014 07:31:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa wwahost.exe, versión 6.3.9600.17031, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.
 
Identificador de proceso: 46c
 
Hora de inicio: 01cfce0fd21d0364
 
Hora de finalización: 4294967295
 
Ruta de acceso de la aplicación: C:\Windows\system32\wwahost.exe
 
Identificador de informe: 51450753-3a03-11e4-82c8-e3cbc485a82b
 
Nombre completo de paquete con errores: microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe
 
Identificador de aplicación relativa del paquete con errores: Microsoft.WindowsLive.Mail
 
Error: (09/11/2014 07:31:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: HOME-PC)
Description: Se detuvo el paquete microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe+Microsoft.WindowsLive.Mail porque se tardó demasiado en suspender.
 
Error: (09/11/2014 06:21:32 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: El Administrador de ventanas de escritorio detectó un error irrecuperable (0x8898008d)
 
Error: (09/11/2014 04:24:46 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: C:\Windows\System32\winspool.drvSpooler8
 
 
System errors:
=============
Error: (09/13/2014 00:34:33 PM) (Source: DCOM) (EventID: 10016) (User: HOME-PC)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Home-PCNicolásS-1-5-21-3817839899-1924858115-234469675-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (09/13/2014 11:29:42 AM) (Source: DCOM) (EventID: 10016) (User: HOME-PC)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Home-PCNicolásS-1-5-21-3817839899-1924858115-234469675-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (09/13/2014 11:07:26 AM) (Source: Tcpip) (EventID: 4199) (User: )
Description: El sistema ha detectado un conflicto por la dirección IP 192.168.1.67. La dirección 
de hardware de red es A0-F3-C1-0F-9B-29, las operaciones de red en este sistema 
pueden verse afectadas por este problema.
 
Error: (09/13/2014 01:36:29 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (09/13/2014 01:36:20 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Service KMSELDI se terminó de manera inesperada. Esto ha sucedido 1 veces.
 
Error: (09/13/2014 01:33:08 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (09/12/2014 04:13:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Service KMSELDI se terminó de manera inesperada. Esto ha sucedido 1 veces.
 
Error: (09/12/2014 04:05:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Service KMSELDI se terminó de manera inesperada. Esto ha sucedido 1 veces.
 
Error: (09/12/2014 03:37:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Service KMSELDI se terminó de manera inesperada. Esto ha sucedido 1 veces.
 
Error: (09/12/2014 03:33:09 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x80246013: Windows Malicious Software Removal Tool for Windows 8, 8.1 and Windows Server 2012, 2012 R2 x64 Edition - September 2014 (KB890830).
 
 
Microsoft Office Sessions:
=========================
Error: (09/13/2014 00:45:46 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: The Sims™ 4000000000
 
Error: (09/13/2014 00:45:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TS4.exe1.0.677.20540a88b9TS4.exe1.0.677.20540a88b9c000001d01a57917fb401cfcf69c2ce45c9D:\Program Files (x86)\The SIMS 4 Deluxe Edition\Game\Bin\TS4.exeD:\Program Files (x86)\The SIMS 4 Deluxe Edition\Game\Bin\TS4.exe06a12c12-3b5d-11e4-82cc-f85fb36770b9
 
Error: (09/13/2014 00:39:25 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: The Sims™ 4000000000
 
Error: (09/13/2014 00:39:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TS4.exe1.0.677.20540a88b9TS4.exe1.0.677.20540a88b9c000001d01a579171c001cfcf68df7dfe7cD:\Program Files (x86)\The SIMS 4 Deluxe Edition\Game\Bin\TS4.exeD:\Program Files (x86)\The SIMS 4 Deluxe Edition\Game\Bin\TS4.exe238f78d1-3b5c-11e4-82cc-f85fb36770b9
 
Error: (09/13/2014 01:35:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Service_KMS.exe10.2.1.0528acde9unknown0.0.0.0000000000000000000007ffeb8d1252c7dc01cfcf0bfe035323C:\Program Files\KMSpico\Service_KMS.exeunknown6c09683a-3aff-11e4-82cc-f85fb36770b9
 
Error: (09/12/2014 04:12:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Service_KMS.exe10.2.1.0528acde9unknown0.0.0.0000000000000000000007ffd0a69252c70001cfcebd6c6c5e21C:\Program Files\KMSpico\Service_KMS.exeunknownc5f6d3f3-3ab0-11e4-82cb-cf82f7033a17
 
Error: (09/11/2014 07:31:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.1703146c01cfce0fd21d03644294967295C:\Windows\system32\wwahost.exe51450753-3a03-11e4-82c8-e3cbc485a82bmicrosoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbweMicrosoft.WindowsLive.Mail
 
Error: (09/11/2014 07:31:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: HOME-PC)
Description: microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe+Microsoft.WindowsLive.Mail
 
Error: (09/11/2014 06:21:32 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8898008d
 
Error: (09/11/2014 04:24:46 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: C:\Windows\System32\winspool.drvSpooler8
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-09-10 09:38:40.594
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-09-07 19:04:43.785
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-09-07 19:04:43.535
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-09-07 19:02:43.222
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-09-07 19:02:42.831
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-09-07 19:02:12.548
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-09-07 19:02:12.267
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-09-07 19:00:17.666
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-09-07 19:00:17.385
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-09-07 18:59:46.293
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5 CPU M 480 @ 2.67GHz
Percentage of memory in use: 32%
Total physical RAM: 6006.68 MB
Available physical RAM: 4082.15 MB
Total Pagefile: 6966.68 MB
Available Pagefile: 4425.1 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:97.66 GB) (Free:33.75 GB) NTFS
Drive d: () (Fixed) (Total:833.76 GB) (Free:492.27 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 993BA841)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=833.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#4 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:11 AM

Posted 13 September 2014 - 01:22 PM

Ok.


Step 1

Please download this attached Attached File  fixlist.txt   311bytes   7 downloads and save it in the same directory as FRST.
  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.


Step 2

Please download the ESET Online Scanner and save it to your Desktop.
  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start esetsmartinstaller_enu.exe with administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
  • When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
  • Now click on Finish
  • A log file is created at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
    Copy and paste the content of this log file in your next reply.
Note: Do not forget to re-enable your antivirus application after running the above scan!



Step 3

Start FRST with administator privileges.
  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.
    Please copy and paste this log in your next reply.


#5 LanguageSoez

LanguageSoez
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:11 AM

Posted 13 September 2014 - 02:16 PM

Ok.


Step 1

Please download this attached attachicon.giffixlist.txt and save it in the same directory as FRST.

  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.


Step 2

Please download the ESET Online Scanner and save it to your Desktop.
  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start esetsmartinstaller_enu.exe with administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
  • When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
  • Now click on Finish
  • A log file is created at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
    Copy and paste the content of this log file in your next reply.
Note: Do not forget to re-enable your antivirus application after running the above scan!



Step 3

Start FRST with administator privileges.
  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.
    Please copy and paste this log in your next reply.

 

THANKS! step 2 was unnecessary. I applied the Fixlist and when rebooted the Popup didn't show up!



#6 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:11 AM

Posted 13 September 2014 - 02:37 PM

Step 2 would be a general check up if anything else is found.

#7 LanguageSoez

LanguageSoez
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:11 AM

Posted 13 September 2014 - 05:27 PM

Step 2 would be a general check up if anything else is found.

Well, just need to know that i cant donate. So, thanks a lot. I really apreciate your time.



#8 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:11 AM

Posted 19 September 2014 - 03:31 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users