Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help in removing Go Save


  • This topic is locked This topic is locked
15 replies to this topic

#1 ddourojeanni

ddourojeanni

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:10 PM

Posted 27 September 2014 - 04:59 PM

Hi

 

Yesterday I noticed that a program called GoSaVe was installed in my computer. I had never seen it before and suspected something strange. I tried to uninstall it but nothing happened.  Now, I have adds appearing in every web page I visit using chorme. I have read the posts in which you guys have already helped other people deal with this problem.  I tried to do it by myself using the various scanners and tools mentioned here and in other places but nothing has worked.

 

So I was wondering I could get your help.

Thanks

 

Diego

 

 



BC AdBot (Login to Remove)

 


m

#2 pystryker

pystryker

  • Malware Response Team
  • 730 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:10 PM

Posted 27 September 2014 - 08:39 PM

Hello and welcome to Bleeping Computer! My nickname is Pystryker :) , and I will be helping you with your issue today.


Before we get started, I have a few things I need to go over with you
  • If you are receiving help for this issue at another forum, please let me know so I can close this thread.
  • Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process.
  • Please do not attach your logs or put them inside code/quote tags. Do a Copy/Paste of the entire contents of the log file and submit it inside your post unless directed otherwise.
  • At the top of your post, please click on the "Follow this topic" button and make sure that the "Received notification" box is checked and set to "Instantly" This will send an email to you as soon as I reply to your topic, allowing us to solve your problem faster.
  • If any of your security programs give you a warning about any tool I ask you to use, please do not worry. All the links and tools I provide to you will be safe.
  • Please read through my instructions carefully and completely before executing them. I will lay the instructions out in a step by step order to make them easy to follow.
  • Please make sure that all the programs I ask you to download are downloaded to and run from your Desktop.
  • Please make sure you (if you are able) to print out these instructions so that you will be able to refer to them while working on your machine. Part of the solution(s) to your problem may involve us working in Safe Mode and you will need them to go by.
  • Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.
  • This is a complicated process. It requires several steps, patience, and careful following of my instructions in the order they are given to diagnose your problems to get your machine back in working order.
  • Please stay with me until the end of all steps and procedures and I declare your system clean. Just because there is a lack of symptoms does not indicate a clean machine. I promise to do the same for you.
  • Please make sure you reply within 3 days to my responses, if there is no reply within 3 days, the topic will be closed and you will need to request the topic be reopened.
  • Before we get started, please remember we will do our best to get your machine repaired. However, there are some cases where the only solution is a reformat and reinstall of the operating system. This is a worst case scenario though.
  • It is impossible for me to know what interactions may happen between your computer's software and the tools we will use to clean your machine. Therefore, I highly recommend you backup any critical personal files on your machine before we start.
  • If possible, please have your original Windows installation disks handy, just in case.
  • If you have any questions at all, please don't hesitate to ask. There's no such thing as a stupid question when dealing with malware.
  • If you are unsure of an instruction I give you, or if something unexepected occurs, Do NOT proceed! Stop and ask for clarification of the instruction or tell me what occurred.
  • Please remember, the fixes are for your machine and your machine ONLY! Do not use these fixes on any other machine, each fix is tailor made for your system only. Using a fix on another machine can and will cause serious damage.
  • Once we have cleaned your machine, we'll have some cleanup and prevention steps to go through. We will also provide you with some information about how to reduce your chances of infection and get some protections in place to help defend you against this in the future
  • Please be patient while I am analyzing your logs. I know you are probably scared and very frustrated with this problem, but I am a volunteer and sometimes life does get in the way. :)
Now, let's get started, shall we? :thumbsup:


Hello, let's get a look at your system and see what's going on. :)


Step 1: Scan with Farbar's Recovery Scan Tool (FRST)


Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Place a check in the box marked Addition.txt

    farbarmainpanel_zps77bf9e25.jpg
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
Step 2: Scan with aswMBR
  • Please download aswMBR.exe to your desktop.
  • Double click the file to run it.
  • It will ask if you want to download the latest Avast! virus definitions, please answer yes.
aswmbrscan_zpsdc05b0f9.jpg
  • Click the Scan button to begin the scan.
If your computer supports Virtualization Technology, select Yes to use it for rootkit detection.


aswmbrsavelog_zps1aeef48e.jpg
  • Once the scan has finished, click on Save Log, save it to your desktop as asw.txt, and please post it in your next reply.
  • Click Exit
Things I need to see in your next post:


FRST Log

Addition.txt Log

aswMBR Log

I close my topics if there is no response after 3 days. Please PM a moderator or myself to reopen your topic.

Please PM me only if I'm helping you with your computer issues and I have not responded in 2 days. Please remember, I'm a volunteer and sometimes life does get in the way. :)

Please stay with me until I declare your machine clean. Absence of symptoms does not ensure your machine is clean.

If you'd like to make a donation via Paypal, please click here.





#3 ddourojeanni

ddourojeanni
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:10 PM

Posted 29 September 2014 - 10:18 AM

Hello Pystryker
 
I am sending the information you asked for:
 
FRST Log
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-09-2014
Ran by Casa (administrator) on PC on 29-09-2014 09:45:01
Running from C:\Users\Diego\Desktop
Loaded Profile: Casa (Available profiles: Casa)
Platform: Windows 8.1 Single Language (X64) OS Language: Español (España, internacional)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
(Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(cyberlink) C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6334096 2012-10-17] (Realtek semiconductor)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13260944 2012-11-19] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1253520 2012-11-19] (Realtek Semiconductor)
HKLM\...\Run: [SynLenovoGestureMgr] => C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [665400 2012-11-29] (Synaptics)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-08-10] (Lenovo)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2013-02-23] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191544 2013-02-23] (Lenovo(beijing) Limited)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3008824 2012-11-29] (Synaptics Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-18] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [78352 2012-05-22] (cyberlink)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [37624 2014-07-24] (Panda Security, S.L.)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1537199372-2125508624-3690468392-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22734160 2014-08-08] (Google)
HKU\S-1-5-21-1537199372-2125508624-3690468392-1002\...\Run: [eM Client] => C:\Program Files (x86)\eM Client\MailClient.exe [15513896 2014-08-04] (eM Client, Inc.)
Startup: C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Supervisar alertas de tinta - HP Deskjet 1510 series.lnk
ShortcutTarget: Supervisar alertas de tinta - HP Deskjet 1510 series.lnk -> C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: SugarSyncBackedUp -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncPending -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncRoot -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncShared -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
BootExecute: autocheck autochk * PCloudBroom64.exe \systemroot\system32\BroomData.bit
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - {C64095BA-8AB8-4A7A-8E97-70106849B508} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKLM-x32 - {C64095BA-8AB8-4A7A-8E97-70106849B508} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 190.113.220.54 190.113.220.51
 
FireFox:
========
FF ProfilePath: C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\1kl9yc95.default
FF Homepage: www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
 
Chrome: 
=======
CHR HomePage: Default -> 
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchKeyword: Default -> 96763BD21FFA51620086352B3C527E232ADDB98A8B969474A13A559BCBAF9539
CHR DefaultSearchProvider: Default -> 3F6E0D54586D204E50965C711C4C4A94C3DBE5CE672608E5E8432B31FE5910BF
CHR DefaultSearchURL: Default -> E8410EF82FED5940D7208C1A824562A9285C79ECE06EB51A8421D320ABB7D190
CHR Profile: C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Angry Birds) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-09-14]
CHR Extension: (GioSave) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fimladocahmilaijpfnkhijdomcoaahb [2014-09-23]
CHR Extension: (Google Wallet) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-14]
CHR Extension: (GioSave) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fimladocahmilaijpfnkhijdomcoaahb\2.0 [2014-09-23]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Diego\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-09-23]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
S2 CLKMSVC10_3A60B698; C:\Program Files (x86)\Lenovo\PowerDVD10\NavFilter\kmsvc.exe [243728 2012-05-23] (CyberLink)
R2 Intel® Wireless Bluetooth® 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-08-18] (LENOVO INCORPORATED.)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-08-14] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [141560 2014-07-24] (Panda Security, S.L.)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-08-14] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [61688 2014-07-23] (Panda Security, S.L.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2014-07-24] (Panda Security, S.L.)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-21] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-08-14] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-08-14] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
R3 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-08-14] (Disc Soft Ltd)
U5 GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240 2012-08-21] (GEAR Software Inc.)
R3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew00.sys [3345376 2013-10-08] (Intel Corporation)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [96800 2014-06-04] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [162336 2014-06-18] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [112160 2014-06-04] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [115232 2014-06-04] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [47360 2014-01-16] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [95776 2014-06-04] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [70176 2014-06-04] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [125984 2014-06-04] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [306720 2014-06-04] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [169504 2014-06-04] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [115744 2014-06-04] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [261152 2014-06-04] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [109088 2014-06-04] (Panda Security, S.L.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [160800 2014-07-24] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [120352 2014-07-24] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [195616 2014-07-24] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [122400 2014-07-24] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [132128 2014-07-24] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [106016 2014-07-24] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [60400 2014-03-25] (Panda Security, S.L.)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8230160 2012-10-17] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31032 2012-11-29] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-08-14] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-29 09:45 - 2014-09-29 09:45 - 00021985 _____ () C:\Users\Diego\Desktop\FRST.txt
2014-09-29 09:35 - 2014-09-29 09:35 - 05185536 _____ (AVAST Software) C:\Users\Diego\Downloads\aswmbr.exe
2014-09-29 09:35 - 2014-09-29 09:35 - 05185536 _____ (AVAST Software) C:\Users\Diego\Desktop\aswmbr.exe
2014-09-29 09:32 - 2014-09-26 11:28 - 02108928 _____ (Farbar) C:\Users\Diego\Desktop\FRST64.exe
2014-09-27 16:11 - 2014-09-27 16:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-27 16:07 - 2014-09-27 16:11 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Diego\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-27 16:06 - 2014-09-27 16:07 - 00065232 _____ (Malwarebytes) C:\Users\Diego\Downloads\regassassin-setup-1.03.exe
2014-09-27 16:00 - 2014-03-25 08:15 - 00060400 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2014-09-27 15:58 - 2014-09-27 15:58 - 00001602 _____ () C:\WINDOWS\SysWOW64\BroomData.bit
2014-09-27 15:58 - 2013-04-08 16:30 - 00022752 _____ () C:\WINDOWS\system32\PCloudBroom64.exe
2014-09-27 14:59 - 2014-09-27 14:59 - 00854417 _____ () C:\Users\Diego\Downloads\SecurityCheck.exe
2014-09-27 14:37 - 2014-09-27 14:40 - 00001313 _____ () C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
2014-09-27 14:37 - 2014-09-27 14:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2014-09-27 14:34 - 2014-09-27 14:36 - 32453616 _____ (Panda Security ) C:\Users\Diego\Downloads\PandaCloudCleaner.exe
2014-09-27 14:13 - 2014-09-27 16:36 - 00000000 ____D () C:\AdwCleaner
2014-09-27 14:13 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-09-27 14:12 - 2014-09-27 14:12 - 01373475 _____ () C:\Users\Diego\Downloads\AdwCleaner.exe
2014-09-26 11:31 - 2014-09-26 11:31 - 00036352 _____ () C:\Users\Diego\Downloads\Addition.txt
2014-09-26 11:30 - 2014-09-26 11:31 - 00077727 _____ () C:\Users\Diego\Downloads\FRST.txt
2014-09-26 11:29 - 2014-09-29 09:45 - 00000000 ____D () C:\FRST
2014-09-26 11:29 - 2014-08-15 23:08 - 21195616 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-09-26 11:29 - 2014-08-15 23:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-09-26 11:29 - 2014-08-15 23:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-09-26 11:29 - 2014-08-15 22:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-09-26 11:29 - 2014-08-15 22:57 - 02498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-09-26 11:29 - 2014-08-15 22:57 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-09-26 11:29 - 2014-08-15 22:16 - 18722600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-09-26 11:29 - 2014-08-15 22:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-09-26 11:29 - 2014-08-15 22:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-09-26 11:29 - 2014-08-15 20:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-09-26 11:29 - 2014-08-15 20:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2014-09-26 11:29 - 2014-08-15 19:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-09-26 11:29 - 2014-08-15 19:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-09-26 11:29 - 2014-08-15 19:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2014-09-26 11:29 - 2014-08-15 19:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-09-26 11:29 - 2014-08-15 19:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2014-09-26 11:29 - 2014-08-15 19:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-09-26 11:29 - 2014-08-15 19:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-09-26 11:29 - 2014-08-15 19:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-09-26 11:29 - 2014-08-15 19:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-26 11:29 - 2014-08-15 19:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-09-26 11:29 - 2014-08-15 19:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-09-26 11:29 - 2014-08-15 19:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-09-26 11:29 - 2014-08-15 19:20 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-09-26 11:29 - 2014-08-15 19:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-26 11:29 - 2014-08-15 19:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-09-26 11:29 - 2014-08-15 19:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-09-26 11:29 - 2014-08-15 19:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-09-26 11:29 - 2014-08-15 19:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-09-26 11:29 - 2014-08-15 19:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-09-26 11:29 - 2014-08-15 19:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-09-26 11:29 - 2014-08-15 19:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-09-26 11:29 - 2014-08-15 19:11 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-09-26 11:29 - 2014-08-15 19:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-09-26 11:29 - 2014-08-15 19:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-09-26 11:29 - 2014-08-15 19:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-09-26 11:29 - 2014-07-31 18:22 - 00388729 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-09-26 11:28 - 2014-08-28 20:58 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-09-26 11:28 - 2014-08-28 20:32 - 02779136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-09-26 11:28 - 2014-08-28 19:59 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-09-26 11:28 - 2014-08-28 18:56 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-09-26 11:28 - 2014-08-28 18:47 - 02321920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-09-26 11:28 - 2014-08-25 17:27 - 04148736 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-09-26 11:27 - 2014-09-26 11:28 - 02108928 _____ (Farbar) C:\Users\Diego\Downloads\FRST64.exe
2014-09-26 11:24 - 2014-09-26 11:24 - 02347384 _____ (ESET) C:\Users\Diego\Downloads\esetsmartinstaller_enu.exe
2014-09-26 11:15 - 2014-09-26 11:15 - 00180854 _____ () C:\Users\Diego\Documents\cc_20140926_111535.reg
2014-09-26 10:35 - 2014-09-26 10:36 - 03581856 _____ (tuneuppro.com ) C:\Users\Diego\Downloads\setup.exe
2014-09-26 10:07 - 2014-09-26 10:07 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-09-26 09:56 - 2014-09-26 09:57 - 00000022 _____ () C:\Users\Diego\Downloads\_TheHitchhikersGuidetotheGalaxy20051080pBluRayx264WPi203320.zip
2014-09-26 09:55 - 2014-09-29 09:31 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1537199372-2125508624-3690468392-1002
2014-09-26 09:19 - 2014-09-26 09:19 - 00000000 ____D () C:\Users\Diego\AppData\Roaming\Panda Security
2014-09-26 09:18 - 2014-09-27 14:37 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-09-26 09:18 - 2014-09-26 09:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Global Protection 2015
2014-09-26 09:15 - 2014-09-26 09:19 - 00000000 ____D () C:\ProgramData\Panda Security
2014-09-26 09:15 - 2014-09-26 09:15 - 01062880 _____ () C:\Users\Diego\Downloads\InstallGP15.exe
2014-09-26 09:15 - 2014-09-26 09:15 - 01062880 _____ () C:\Users\Diego\Downloads\InstallGP15 (1).exe
2014-09-26 09:08 - 2014-09-26 09:09 - 00000000 ____D () C:\Users\Diego\Documents\Diego
2014-09-25 22:30 - 2014-09-25 22:31 - 00000000 ____D () C:\Users\Diego\Documents\Giannina
2014-09-23 18:27 - 2014-09-23 18:33 - 137425160 _____ () C:\Users\Diego\Downloads\GhostMoney.rar
2014-09-23 18:24 - 2014-09-23 18:24 - 00000282 __RSH () C:\ProgramData\ntuser.pol
2014-09-23 18:24 - 2014-09-23 18:24 - 00000000 ____D () C:\Users\Invitado\AppData\Local\Torch
2014-09-23 18:24 - 2014-09-23 18:24 - 00000000 ____D () C:\Users\Invitado\AppData\Local\Google
2014-09-23 18:24 - 2014-09-23 18:24 - 00000000 ____D () C:\Users\Invitado\AppData\Local\Comodo
2014-09-23 18:24 - 2014-09-23 18:24 - 00000000 ____D () C:\Users\Invitado\AppData\Local\Chromatic Browser
2014-09-23 18:24 - 2014-09-23 18:24 - 00000000 ____D () C:\Users\Invitado
2014-09-23 18:24 - 2014-09-23 18:24 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-09-23 18:24 - 2014-09-23 18:24 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-09-23 18:24 - 2014-09-23 18:24 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-09-23 18:24 - 2014-09-23 18:24 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-09-23 18:24 - 2014-09-23 18:24 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-09-23 18:24 - 2014-09-23 18:24 - 00000000 ____D () C:\Users\Diego\AppData\Local\Comodo
2014-09-23 18:24 - 2014-09-23 18:24 - 00000000 ____D () C:\Users\Administrador\AppData\Local\Torch
2014-09-23 18:24 - 2014-09-23 18:24 - 00000000 ____D () C:\Users\Administrador\AppData\Local\Google
2014-09-23 18:24 - 2014-09-23 18:24 - 00000000 ____D () C:\Users\Administrador\AppData\Local\Comodo
2014-09-23 18:24 - 2014-09-23 18:24 - 00000000 ____D () C:\Users\Administrador\AppData\Local\Chromatic Browser
2014-09-23 18:24 - 2014-09-23 18:24 - 00000000 ____D () C:\Users\Administrador
2014-09-23 18:24 - 2014-09-23 18:24 - 00000000 ____D () C:\ProgramData\c663c01d861d206e
2014-09-23 18:19 - 2014-09-23 18:24 - 110404986 _____ () C:\Users\Diego\Downloads\Millenaire.rar.crdownload
2014-09-23 17:16 - 2014-09-23 17:20 - 00000000 ____D () C:\Users\Diego\AppData\Roaming\GonVisor
2014-09-23 17:13 - 2014-09-23 17:13 - 00000000 ____D () C:\Users\Diego\AppData\Roaming\TempDir
2014-09-23 12:06 - 2014-09-23 12:06 - 00001233 _____ () C:\Users\Diego\AppData\Local\recently-used.xbel
2014-09-23 11:58 - 2014-09-23 12:06 - 00000000 ____D () C:\Users\Diego\.dia
2014-09-23 11:57 - 2014-09-23 11:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dia
2014-09-23 11:57 - 2014-09-23 11:57 - 00000000 ____D () C:\Program Files (x86)\Dia
2014-09-23 11:54 - 2014-09-23 11:55 - 19620143 _____ (The Dia Developers) C:\Users\Diego\Downloads\dia-setup-0.97.2-2-unsigned.exe
2014-09-23 11:52 - 2014-09-23 11:52 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-09-23 11:50 - 2014-09-23 11:51 - 17532696 _____ (Microsoft Corporation) C:\Users\Diego\Downloads\visioviewer.exe
2014-09-23 11:46 - 2014-09-23 11:46 - 00000000 __SHD () C:\Users\Diego\AppData\Local\EmieUserList
2014-09-23 11:46 - 2014-09-23 11:46 - 00000000 __SHD () C:\Users\Diego\AppData\Local\EmieSiteList
2014-09-22 14:35 - 2014-09-22 14:35 - 00002630 _____ () C:\Users\Diego\Downloads\MONOVA.ORG Sonitus_Eco_-_500_Years_Of_Struggle.torrent
2014-09-22 14:09 - 2014-09-22 14:09 - 00006502 _____ () C:\Users\Diego\Downloads\Liquid_Level_Level_Shapes_LP.zip
2014-09-22 14:08 - 2014-09-22 14:08 - 00001424 _____ () C:\Users\Diego\Downloads\Liquid_Level_Level_Shapes_LP_archive.torrent
2014-09-22 14:04 - 2014-09-22 14:04 - 00001466 _____ () C:\Users\Diego\Downloads\Sonitus-Eco-500-Years-Of-Struggle_archive.torrent
2014-09-22 13:44 - 2014-09-22 13:50 - 46652075 _____ () C:\Users\Diego\Downloads\M4n4r4 - k4m45u7r4.rar
2014-09-22 13:44 - 2014-09-22 13:47 - 02416966 _____ () C:\Users\Diego\Downloads\M4n4r4 - G14m0u5 800k.rar
2014-09-22 12:41 - 2014-09-22 17:16 - 00000000 ____D () C:\Users\Diego\AppData\Local\Lenovo
2014-09-22 12:27 - 2014-09-22 12:28 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Lenovo
2014-09-22 12:27 - 2014-09-22 12:27 - 02356592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WudfUpdate_01011.dll
2014-09-22 12:16 - 2014-09-22 12:25 - 12893808 _____ (Lenovo Group Limited ) C:\Users\Diego\Downloads\LeniMPkg.exe
2014-09-19 05:35 - 2014-09-19 05:35 - 00512268 _____ () C:\Users\Diego\Downloads\Monitoreo_Cultivos_Palma.kmz
2014-09-18 20:33 - 2014-09-18 20:33 - 00000000 __RHD () C:\MSOCache
2014-09-18 20:22 - 2014-09-15 06:42 - 129120226 ____N () C:\Users\Diego\Downloads\K1-3.HTAL.rar
2014-09-18 20:22 - 2014-09-15 06:42 - 108627784 ____N () C:\Users\Diego\Downloads\M36413x.howtoarsenio.blogspot.com.rar
2014-09-18 20:22 - 2014-09-15 06:28 - 109356936 ____N () C:\Users\Diego\Downloads\K4-5.HTAL.rar
2014-09-18 20:22 - 2014-09-14 22:37 - 68500678 ____N () C:\Users\Diego\Downloads\c13n_c48r45.howtoarsenio.blogspot.com.rar
2014-09-18 20:22 - 2014-06-29 17:35 - 76996797 ____N () C:\Users\Diego\Downloads\CinquiemeEvangile.rar
2014-09-18 20:22 - 2014-05-21 23:25 - 102869857 ____N () C:\Users\Diego\Downloads\Horace.Silver.And.The.Jazz.Messengers.digztytwo.zip
2014-09-18 20:22 - 2014-05-08 10:22 - 54049764 ____N () C:\Users\Diego\Downloads\kahvi345_lunarblues_and_opaeq-haarp_(mp3).zip
2014-09-18 20:21 - 2014-08-20 15:23 - 167707347 ____N () C:\Users\Diego\Downloads\4d31_814nc4_d05.howtoarsenio.blogspot.com.rar
2014-09-18 20:21 - 2014-07-10 15:26 - 135038992 ____N () C:\Users\Diego\Downloads\N03_2014_D4rr3n_4r0n0fsky_FloydWayne.K0ala.howtoarsenio.blogspot.com.rar
2014-09-18 20:21 - 2014-06-29 18:22 - 21640209 ____N () C:\Users\Diego\Downloads\OrdreDesDragons.part2.rar
2014-09-18 20:21 - 2014-06-29 18:05 - 209715200 ____N () C:\Users\Diego\Downloads\OrdreDesDragons.part1.rar
2014-09-18 20:21 - 2014-05-22 00:32 - 141982380 ____N () C:\Users\Diego\Downloads\THSQ-SFMF-63-4.rar
2014-09-18 20:21 - 2014-04-08 14:08 - 136290762 ____N () C:\Users\Diego\Downloads\Steve Cobby - Saudade.zip
2014-09-18 20:20 - 2014-07-10 18:04 - 149690702 ____N () C:\Users\Diego\Downloads\CBLWoS.rar
2014-09-18 20:20 - 2014-07-01 16:45 - 85952592 ____N () C:\Users\Diego\Downloads\Zenith.rar
2014-09-18 20:20 - 2014-06-29 17:02 - 94326049 ____N () C:\Users\Diego\Downloads\k0m80 DuN3 2.howtoarsenio.blogspot.com.zip
2014-09-18 20:20 - 2014-01-15 06:11 - 159615645 ____N () C:\Users\Diego\Downloads\4850Lu73 W47cHm3n.02.howtoarsenio.blogspot.com.rar
2014-09-18 20:20 - 2014-01-15 06:11 - 149312827 ____N () C:\Users\Diego\Downloads\Howtoarsenio. Long John Silver.rar
2014-09-18 20:20 - 2014-01-15 06:10 - 166077480 ____N () C:\Users\Diego\Downloads\4850Lu73 W47cHm3n.01.howtoarsenio.blogspot.com.rar
2014-09-18 20:19 - 2014-06-29 16:57 - 47355338 ____N () C:\Users\Diego\Downloads\k0m80 DuN3 1.howtoarsenio.blogspot.com.zip
2014-09-18 20:19 - 2014-02-07 09:28 - 79858449 ____N () C:\Users\Diego\Downloads\Jah_Warrior-Dub_from_the_Heart_Part_2_(JWLP_013)-LP-1998-Gully.rar
2014-09-18 20:19 - 2014-02-07 09:28 - 58670170 ____N () C:\Users\Diego\Downloads\Bob Marley - Legend.rar
2014-09-18 20:19 - 2014-01-15 06:10 - 178946962 ____N () C:\Users\Diego\Downloads\ATRX01-16.rar
2014-09-18 20:09 - 2014-06-05 15:23 - 711294976 ____N () C:\Users\Diego\Downloads\mtptemp.pst
2014-09-18 19:47 - 2014-09-18 19:47 - 00024519 _____ () C:\Users\Diego\Downloads\Ricardo Rey Basadre.kmz
2014-09-15 18:49 - 2014-09-15 18:49 - 00001806 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-15 18:49 - 2014-09-15 18:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-15 18:49 - 2014-09-15 18:49 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-15 18:49 - 2014-09-15 18:49 - 00000000 ____D () C:\Program Files\iTunes
2014-09-15 18:49 - 2014-09-15 18:49 - 00000000 ____D () C:\Program Files\iPod
2014-09-15 18:49 - 2014-09-15 18:49 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-15 07:59 - 2014-09-15 08:03 - 120557815 _____ () C:\Users\Diego\Downloads\Panama Global Workshop, 27-28-29.08.14.zip
2014-09-14 17:12 - 2014-09-14 17:12 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-09-14 15:11 - 2014-09-14 15:11 - 00000000 ____D () C:\Users\Diego\AppData\Roaming\OpenOffice
2014-09-14 14:03 - 2014-09-14 14:03 - 00001068 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2014-09-14 14:03 - 2014-09-14 14:03 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2014-09-14 14:02 - 2014-09-14 14:02 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-09-14 13:59 - 2014-09-14 13:59 - 00000000 ____D () C:\Users\Diego\Desktop\OpenOffice 4.1.1 (es) Installation Files
2014-09-14 13:28 - 2014-09-14 13:33 - 130425620 _____ () C:\Users\Diego\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_es.exe
2014-09-14 11:26 - 2014-07-24 10:07 - 07424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-09-14 11:26 - 2014-07-24 04:44 - 16874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-09-14 11:26 - 2014-07-24 04:16 - 12730880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-09-14 11:25 - 2014-07-24 10:28 - 00468288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-09-14 11:25 - 2014-07-24 10:28 - 00419648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-09-14 11:25 - 2014-07-24 10:28 - 00412992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-09-14 11:25 - 2014-07-24 10:28 - 00280384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-09-14 11:25 - 2014-07-24 10:28 - 00143680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2014-09-14 11:25 - 2014-07-24 10:25 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-09-14 11:25 - 2014-07-24 10:23 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-09-14 11:25 - 2014-07-24 10:23 - 00125472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-09-14 11:25 - 2014-07-24 10:20 - 00645592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-09-14 11:25 - 2014-07-24 10:20 - 00263400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-09-14 11:25 - 2014-07-24 10:16 - 02574208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-09-14 11:25 - 2014-07-24 10:16 - 00211216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2014-09-14 11:25 - 2014-07-24 10:07 - 02009920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-09-14 11:25 - 2014-07-24 10:05 - 01660048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-09-14 11:25 - 2014-07-24 10:05 - 01519560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-09-14 11:25 - 2014-07-24 10:05 - 01488008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-09-14 11:25 - 2014-07-24 10:05 - 01356840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-09-14 11:25 - 2014-07-24 10:03 - 02141920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-09-14 11:25 - 2014-07-24 10:03 - 00882136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-09-14 11:25 - 2014-07-24 10:03 - 00818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-09-14 11:25 - 2014-07-24 10:03 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-09-14 11:25 - 2014-07-24 10:03 - 00233888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-09-14 11:25 - 2014-07-24 10:03 - 00205512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2014-09-14 11:25 - 2014-07-24 09:57 - 00475968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-09-14 11:25 - 2014-07-24 08:50 - 00098048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-09-14 11:25 - 2014-07-24 08:48 - 02410976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-09-14 11:25 - 2014-07-24 08:48 - 00180208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2014-09-14 11:25 - 2014-07-24 08:46 - 00477200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-09-14 11:25 - 2014-07-24 08:36 - 02145472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-09-14 11:25 - 2014-07-24 08:36 - 00707536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-09-14 11:25 - 2014-07-24 08:36 - 00674512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-09-14 11:25 - 2014-07-24 08:36 - 00355800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-09-14 11:25 - 2014-07-24 08:36 - 00180720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2014-09-14 11:25 - 2014-07-24 06:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRUM.DLL
2014-09-14 11:25 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDYAK.DLL
2014-09-14 11:25 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTT102.DLL
2014-09-14 11:25 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTAT.DLL
2014-09-14 11:25 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU1.DLL
2014-09-14 11:25 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDBASH.DLL
2014-09-14 11:25 - 2014-07-24 06:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU.DLL
2014-09-14 11:25 - 2014-07-24 06:47 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-09-14 11:25 - 2014-07-24 06:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-09-14 11:25 - 2014-07-24 06:45 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-09-14 11:25 - 2014-07-24 06:44 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-09-14 11:25 - 2014-07-24 06:43 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2014-09-14 11:25 - 2014-07-24 06:42 - 01200640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-09-14 11:25 - 2014-07-24 06:42 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-09-14 11:25 - 2014-07-24 06:42 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2014-09-14 11:25 - 2014-07-24 06:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2014-09-14 11:25 - 2014-07-24 06:41 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2014-09-14 11:25 - 2014-07-24 06:33 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-09-14 11:25 - 2014-07-24 06:33 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-09-14 11:25 - 2014-07-24 06:22 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2014-09-14 11:25 - 2014-07-24 06:06 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2014-09-14 11:25 - 2014-07-24 06:05 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2014-09-14 11:25 - 2014-07-24 06:05 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-09-14 11:25 - 2014-07-24 05:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDYAK.DLL
2014-09-14 11:25 - 2014-07-24 05:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTT102.DLL
2014-09-14 11:25 - 2014-07-24 05:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTAT.DLL
2014-09-14 11:25 - 2014-07-24 05:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRUM.DLL
2014-09-14 11:25 - 2014-07-24 05:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU1.DLL
2014-09-14 11:25 - 2014-07-24 05:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDBASH.DLL
2014-09-14 11:25 - 2014-07-24 05:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU.DLL
2014-09-14 11:25 - 2014-07-24 05:49 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2014-09-14 11:25 - 2014-07-24 05:33 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-09-14 11:25 - 2014-07-24 05:32 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.cpl
2014-09-14 11:25 - 2014-07-24 05:20 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2014-09-14 11:25 - 2014-07-24 05:18 - 01089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2014-09-14 11:25 - 2014-07-24 05:12 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2014-09-14 11:25 - 2014-07-24 05:10 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-09-14 11:25 - 2014-07-24 05:10 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-09-14 11:25 - 2014-07-24 05:10 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-09-14 11:25 - 2014-07-24 05:10 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2014-09-14 11:25 - 2014-07-24 05:09 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-09-14 11:25 - 2014-07-24 05:06 - 00438272 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-09-14 11:25 - 2014-07-24 05:05 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-09-14 11:25 - 2014-07-24 04:53 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2014-09-14 11:25 - 2014-07-24 04:52 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-09-14 11:25 - 2014-07-24 04:42 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl
2014-09-14 11:25 - 2014-07-24 04:40 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2014-09-14 11:25 - 2014-07-24 04:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-09-14 11:25 - 2014-07-24 04:33 - 01741824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2014-09-14 11:25 - 2014-07-24 04:32 - 01048064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2014-09-14 11:25 - 2014-07-24 04:27 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-09-14 11:25 - 2014-07-24 04:27 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-09-14 11:25 - 2014-07-24 04:25 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2014-09-14 11:25 - 2014-07-24 04:24 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-09-14 11:25 - 2014-07-24 04:23 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-09-14 11:25 - 2014-07-24 04:21 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2014-09-14 11:25 - 2014-07-24 04:18 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2014-09-14 11:25 - 2014-07-24 04:14 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-09-14 11:25 - 2014-07-24 04:13 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2014-09-14 11:25 - 2014-07-24 04:12 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-09-14 11:25 - 2014-07-24 04:11 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-09-14 11:25 - 2014-07-24 04:11 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2014-09-14 11:25 - 2014-07-24 04:10 - 00540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2014-09-14 11:25 - 2014-07-24 04:04 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2014-09-14 11:25 - 2014-07-24 04:04 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-09-14 11:25 - 2014-07-24 04:03 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-09-14 11:25 - 2014-07-24 04:02 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-09-14 11:25 - 2014-07-24 03:58 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2014-09-14 11:25 - 2014-07-24 03:53 - 01261056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-09-14 11:25 - 2014-07-24 03:53 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-09-14 11:25 - 2014-07-24 03:49 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-09-14 11:25 - 2014-07-24 03:49 - 01287680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-09-14 11:25 - 2014-07-24 03:49 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-09-14 11:25 - 2014-07-24 03:48 - 00659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-09-14 11:25 - 2014-07-24 03:47 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-09-14 11:25 - 2014-07-24 03:43 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2014-09-14 11:25 - 2014-07-24 03:39 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-09-14 11:25 - 2014-07-24 03:38 - 00371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-09-14 11:25 - 2014-07-24 03:36 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2014-09-14 11:25 - 2014-07-24 03:32 - 01532416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-09-14 11:25 - 2014-07-24 03:30 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-09-14 11:25 - 2014-07-24 03:29 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2014-09-14 11:25 - 2014-07-24 03:28 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2014-09-14 11:25 - 2014-07-24 03:23 - 01404416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2014-09-14 11:25 - 2014-07-24 03:22 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-09-14 11:25 - 2014-07-24 03:21 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-09-14 11:25 - 2014-07-24 03:21 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-09-14 11:25 - 2014-07-24 03:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2014-09-14 11:25 - 2014-07-24 03:19 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-09-14 11:25 - 2014-07-24 03:18 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-09-14 11:25 - 2014-07-24 03:18 - 00795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2014-09-14 11:25 - 2014-07-24 03:18 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-09-14 11:25 - 2014-07-24 03:16 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-09-14 11:25 - 2014-07-24 03:16 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2014-09-14 11:25 - 2014-07-24 03:15 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-09-14 11:25 - 2014-07-24 03:15 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-09-14 11:25 - 2014-07-24 03:15 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2014-09-14 11:25 - 2014-07-24 03:13 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2014-09-14 11:25 - 2014-07-24 03:10 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-09-14 11:25 - 2014-07-24 03:10 - 00889344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-09-14 11:25 - 2014-07-24 03:10 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-09-14 11:25 - 2014-07-24 03:10 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-09-14 11:25 - 2014-07-24 03:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-09-14 11:25 - 2014-07-24 03:08 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2014-09-14 11:25 - 2014-07-24 03:07 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-09-14 11:25 - 2014-07-24 03:06 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-09-14 11:25 - 2014-07-24 03:05 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2014-09-14 11:25 - 2014-07-24 03:04 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-09-14 11:25 - 2014-07-24 03:02 - 03465216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-09-14 11:25 - 2014-07-24 03:01 - 01992192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2014-09-14 11:25 - 2014-07-24 03:00 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-09-14 11:25 - 2014-07-24 02:58 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-09-14 11:25 - 2014-07-24 02:58 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2014-09-14 11:25 - 2014-07-24 02:54 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2014-09-14 11:25 - 2014-07-24 02:50 - 01182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2014-09-14 11:25 - 2014-07-24 02:49 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2014-09-14 11:25 - 2014-07-24 02:47 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-09-14 11:25 - 2014-07-24 02:44 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2014-09-14 11:25 - 2014-07-24 02:43 - 02696704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-09-14 11:25 - 2014-07-24 02:43 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2014-09-14 11:25 - 2014-07-24 02:41 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-09-14 11:25 - 2014-07-24 02:33 - 03360768 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-09-14 11:25 - 2014-07-24 02:28 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-09-14 11:25 - 2014-07-23 23:11 - 00513544 _____ () C:\WINDOWS\SysWOW64\locale.nls
2014-09-14 11:25 - 2014-07-23 23:11 - 00513544 _____ () C:\WINDOWS\system32\locale.nls
2014-09-14 11:25 - 2014-07-12 00:55 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2014-09-14 11:25 - 2014-07-12 00:23 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-09-14 11:25 - 2014-07-11 23:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2014-09-14 11:25 - 2014-07-11 23:33 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-09-14 11:25 - 2014-07-11 23:13 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-09-14 11:25 - 2014-07-04 07:59 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-09-14 11:25 - 2014-07-04 05:29 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2014-09-14 11:25 - 2014-07-04 05:20 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-09-14 11:25 - 2014-07-04 05:06 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2014-09-14 11:25 - 2014-07-04 05:00 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-09-14 11:25 - 2014-07-04 04:30 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2014-09-14 11:25 - 2014-07-04 04:27 - 00474112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2014-09-14 11:25 - 2014-06-27 01:22 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-09-14 11:25 - 2014-06-25 19:32 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-09-14 11:25 - 2014-06-25 19:29 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2014-09-14 11:25 - 2014-06-19 18:37 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-09-14 11:25 - 2014-06-18 21:13 - 00310080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-09-14 11:25 - 2014-06-14 01:03 - 02389504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-09-14 11:25 - 2014-06-14 00:46 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-09-14 11:25 - 2014-06-07 07:46 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-09-14 11:25 - 2014-06-07 05:20 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-09-14 11:25 - 2014-06-05 09:00 - 01118040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-09-14 11:25 - 2014-06-05 05:18 - 01018368 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-09-14 11:25 - 2014-06-05 04:42 - 00889856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-09-14 11:25 - 2014-05-31 00:00 - 01463808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2014-09-14 11:25 - 2014-05-30 23:18 - 01319936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2014-09-14 11:25 - 2014-05-29 01:23 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-09-14 11:25 - 2014-05-29 00:25 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-09-14 11:25 - 2014-05-29 00:20 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-09-14 11:25 - 2014-05-28 23:36 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-09-14 11:25 - 2014-05-26 02:26 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2014-09-14 11:25 - 2014-05-10 05:12 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2014-09-14 11:25 - 2014-05-10 03:46 - 00335680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2014-09-14 11:25 - 2014-05-05 23:41 - 00486744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-09-14 11:25 - 2014-05-05 19:55 - 00391000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-09-14 11:25 - 2014-03-24 21:27 - 00160600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2014-09-14 11:25 - 2014-03-24 21:27 - 00123920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2014-09-14 11:25 - 2014-03-24 20:20 - 00128568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2014-09-14 11:25 - 2014-03-24 20:20 - 00127544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2014-09-14 11:13 - 2014-08-23 02:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-09-14 11:13 - 2014-08-23 02:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-09-14 11:13 - 2014-08-23 01:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-09-14 11:13 - 2014-08-23 00:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-09-14 11:13 - 2014-08-22 23:44 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-09-14 11:13 - 2014-08-22 23:34 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-09-14 11:13 - 2014-08-22 23:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-09-14 11:13 - 2014-08-22 23:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-09-14 11:13 - 2014-08-22 23:20 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-09-14 11:12 - 2014-07-29 20:56 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-09-14 11:12 - 2014-07-29 00:22 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2014-09-14 11:07 - 2014-08-14 19:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-09-14 11:00 - 2014-09-29 09:38 - 00000838 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-09-14 11:00 - 2014-09-14 11:00 - 00003726 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-09-14 10:55 - 2014-09-13 21:05 - 160246522 ____N () C:\Users\Diego\Downloads\V1L7R16N-0-5.rar
2014-09-14 10:55 - 2014-09-13 21:01 - 120196304 ____N () C:\Users\Diego\Downloads\V1L7R16N-6-10.rar
2014-09-14 10:55 - 2014-09-13 20:59 - 113731984 ____N () C:\Users\Diego\Downloads\V4l3r14n_20-23.howtoarsenio.blogspot.com.rar
2014-09-14 10:54 - 2014-09-13 21:05 - 208005343 ____N () C:\Users\Diego\Downloads\V1L7R16N-11-19.rar
2014-09-14 10:46 - 2014-09-02 15:06 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-09-14 10:46 - 2014-09-02 15:06 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-12 15:49 - 2014-08-15 21:40 - 23591424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-09-12 15:49 - 2014-08-15 21:04 - 17455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-09-12 15:49 - 2014-08-15 21:00 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-09-12 15:49 - 2014-08-15 21:00 - 02793984 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-09-12 15:49 - 2014-08-15 20:56 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-09-12 15:49 - 2014-08-15 20:54 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-09-12 15:49 - 2014-08-15 20:45 - 04232704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-09-12 15:49 - 2014-08-15 20:43 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-09-12 15:49 - 2014-08-15 20:32 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-09-12 15:49 - 2014-08-15 20:25 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-09-12 15:49 - 2014-08-15 20:22 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-09-12 15:49 - 2014-08-15 20:20 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-09-12 15:49 - 2014-08-15 20:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-09-12 15:49 - 2014-08-15 20:18 - 02185728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-09-12 15:49 - 2014-08-15 20:18 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-09-12 15:49 - 2014-08-15 20:11 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-09-12 15:49 - 2014-08-15 20:06 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-09-12 15:49 - 2014-08-15 20:05 - 00727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-09-12 15:49 - 2014-08-15 20:05 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-09-12 15:49 - 2014-08-15 20:03 - 02104832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-09-12 15:49 - 2014-08-15 20:03 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-09-12 15:49 - 2014-08-15 19:58 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-12 15:49 - 2014-08-15 19:56 - 02310656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-09-12 15:49 - 2014-08-15 19:53 - 13588480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-09-12 15:49 - 2014-08-15 19:53 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-09-12 15:49 - 2014-08-15 19:53 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-09-12 15:49 - 2014-08-15 19:51 - 11769856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-09-12 15:49 - 2014-08-15 19:45 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-09-12 15:49 - 2014-08-15 19:44 - 02014208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-09-12 15:49 - 2014-08-15 19:44 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-09-12 15:49 - 2014-08-15 19:34 - 01447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-09-12 15:49 - 2014-08-15 19:20 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-09-12 15:49 - 2014-08-15 19:18 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-09-12 15:49 - 2014-08-15 19:14 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-09-12 15:49 - 2014-08-15 19:12 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-09-11 16:36 - 2014-09-11 16:37 - 00000029 _____ () C:\Users\Diego\Desktop\office.txt
2014-09-11 16:32 - 2014-09-11 16:32 - 00002159 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-09-11 16:32 - 2014-09-11 16:32 - 00002159 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-09-11 16:32 - 2014-09-11 16:32 - 00000000 ___RD () C:\Users\Diego\SkyDrive
2014-09-11 16:32 - 2014-09-11 16:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive
2014-09-11 16:31 - 2014-09-11 16:31 - 00000000 ____D () C:\ProgramData\Microsoft SkyDrive
2014-09-11 16:28 - 2014-09-27 15:05 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-11 16:28 - 2014-09-11 16:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-09-11 10:01 - 2014-08-01 19:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-09-11 09:55 - 2014-09-29 09:44 - 00000000 ____D () C:\Users\Diego\AppData\Roaming\eM Client
2014-09-11 09:55 - 2014-09-11 09:55 - 00000989 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eM Client.lnk
2014-09-11 09:55 - 2014-09-11 09:55 - 00000000 ____D () C:\Program Files (x86)\eM Client
2014-09-11 09:54 - 2014-09-11 09:54 - 15028224 _____ () C:\Users\Diego\Downloads\setup.msi
2014-09-11 09:51 - 2014-09-11 09:51 - 01242312 _____ (Microsoft Corporation) C:\Users\Diego\Downloads\wlsetup-web.exe
2014-09-11 09:47 - 2014-09-11 09:51 - 96379392 _____ () C:\Users\Diego\Downloads\zdesktop_7_2_5_ga_b12038_20140417012326_win32.msi
2014-09-11 09:46 - 2014-07-23 22:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2014-09-11 09:46 - 2014-07-23 22:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-09-11 09:41 - 2014-09-11 09:45 - 88588766 _____ () C:\Users\Diego\Downloads\avvepo7557dat.zip
2014-09-11 09:34 - 2014-09-11 09:34 - 00000000 ____D () C:\WINDOWS\AutoKMS
2014-09-11 09:26 - 2014-09-11 09:26 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit
2014-09-11 09:22 - 2014-09-11 09:22 - 00000000 ____D () C:\Users\Diego\AppData\Roaming\WinRAR
2014-09-11 09:20 - 2014-09-11 09:22 - 36923809 _____ () C:\Users\Diego\Downloads\Microsoft Toolkit 2.4.3.rar
2014-09-10 16:35 - 2014-09-10 16:35 - 00002243 _____ () C:\Users\Public\Desktop\Google Earth.lnk
2014-09-10 16:35 - 2014-09-10 16:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2014-09-10 16:31 - 2014-09-10 16:31 - 00895120 _____ (Google Inc.) C:\Users\Diego\Downloads\GoogleEarthSetup.exe
2014-09-09 12:00 - 2014-09-09 12:00 - 00000169 _____ () C:\Users\Diego\Downloads\bavivo19990623_fresco.ram
2014-09-05 15:58 - 2014-09-23 18:35 - 00000000 ____D () C:\Users\Diego\Documents\Comics
2014-09-04 14:38 - 2014-09-04 14:38 - 00062736 _____ () C:\Users\Diego\Downloads\CUADRO DE USOS.xlsx
2014-09-02 19:24 - 2014-09-02 19:24 - 00013312 ___SH () C:\Users\Diego\Downloads\Thumbs.db
2014-09-02 10:22 - 2014-09-02 10:23 - 12309787 _____ () C:\Users\Diego\Downloads\PNUD_palma-2014-09-02.zip
2014-09-02 10:21 - 2014-09-02 10:22 - 10447799 _____ () C:\Users\Diego\Downloads\Documentos_RSPO_-_Mesa_Ambiental.zip
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-29 09:44 - 2014-08-14 13:37 - 00000000 ___RD () C:\Users\Diego\Google Drive
2014-09-29 09:38 - 2014-08-21 16:27 - 01151521 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-29 09:37 - 2014-08-14 12:36 - 00001102 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-29 09:27 - 2014-03-18 05:04 - 01833224 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-09-29 09:27 - 2014-03-18 04:31 - 00812192 _____ () C:\WINDOWS\system32\perfh00A.dat
2014-09-29 09:27 - 2014-03-18 04:31 - 00167450 _____ () C:\WINDOWS\system32\perfc00A.dat
2014-09-29 09:00 - 2014-08-14 12:36 - 00001098 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-29 09:00 - 2013-08-22 09:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-29 08:59 - 2014-08-14 23:18 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-27 17:56 - 2013-08-22 08:25 - 01310720 ___SH () C:\WINDOWS\system32\config\BBI
2014-09-27 17:38 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-09-27 17:00 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-09-27 16:37 - 2014-08-25 08:00 - 00654776 _____ () C:\WINDOWS\PFRO.log
2014-09-26 17:18 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-09-26 13:33 - 2013-08-22 09:44 - 00552696 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-09-26 13:31 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-09-26 13:31 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-09-26 11:29 - 2012-07-26 02:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-09-26 09:49 - 2014-08-14 17:14 - 00000000 ___DC () C:\WINDOWS\Panther
2014-09-26 09:36 - 2014-08-14 12:26 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-25 22:32 - 2014-08-14 23:25 - 00000000 ____D () C:\Users\Diego
2014-09-25 22:02 - 2014-08-21 16:27 - 00004748 _____ () C:\WINDOWS\setupact.log
2014-09-25 22:01 - 2014-08-14 12:52 - 00000000 ____D () C:\Program Files\Google
2014-09-25 22:01 - 2014-08-14 12:36 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-23 18:24 - 2014-08-14 12:36 - 00000000 ____D () C:\Users\Diego\AppData\Local\Google
2014-09-23 18:24 - 2013-08-22 10:36 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2014-09-23 18:24 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy
2014-09-23 13:37 - 2014-08-14 12:52 - 00002212 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-23 12:20 - 2014-08-13 10:38 - 00000000 ____D () C:\Users\Diego\AppData\Local\Packages
2014-09-23 11:52 - 2013-02-23 12:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-09-22 17:16 - 2013-02-23 13:03 - 00000000 ____D () C:\ProgramData\Lenovo
2014-09-22 14:45 - 2014-08-14 13:17 - 00000000 ____D () C:\Users\Diego\AppData\Roaming\uTorrent
2014-09-22 12:40 - 2013-02-23 12:57 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2014-09-22 12:37 - 2013-02-23 12:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2014-09-22 12:26 - 2013-02-23 13:03 - 00000000 ____D () C:\Program Files\Lenovo
2014-09-20 12:21 - 2013-02-23 13:03 - 00000000 ____D () C:\ProgramData\McAfee
2014-09-19 09:15 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-09-19 07:09 - 2014-08-21 08:41 - 00000000 ____D () C:\Users\Diego\Documents\Plantillas personalizadas de Office
2014-09-18 19:39 - 2012-07-26 03:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-09-18 19:37 - 2012-07-26 00:37 - 00000000 ____D () C:\Users\Default.migrated
2014-09-18 19:35 - 2014-08-17 15:19 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-15 12:46 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-09-15 12:44 - 2014-08-21 10:06 - 00000000 ____D () C:\Program Files\WinRAR
2014-09-15 12:41 - 2014-03-18 04:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-15 12:41 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-09-15 12:41 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-15 12:41 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-15 12:41 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2014-09-15 12:41 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\InputMethod
2014-09-15 12:41 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-09-15 12:41 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-09-15 08:30 - 2014-08-14 18:13 - 00000000 ____D () C:\Users\Diego\AppData\Local\Microsoft Help
2014-09-14 11:01 - 2014-08-21 10:06 - 00000000 ____D () C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-14 11:01 - 2014-08-21 10:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-12 15:50 - 2014-08-14 17:10 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-09-12 15:50 - 2014-08-14 17:10 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-09-12 15:50 - 2014-08-14 17:10 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-09-12 15:50 - 2014-08-14 17:10 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-09-12 15:50 - 2014-08-14 17:10 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-09-12 15:50 - 2014-08-14 17:10 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-09-12 15:50 - 2014-08-14 16:58 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-09-12 15:49 - 2014-08-14 17:10 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-09-12 15:49 - 2014-08-14 17:10 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-09-11 16:39 - 2014-08-17 14:31 - 00000000 ____D () C:\ProgramData\Adobe
2014-09-11 15:50 - 2014-08-14 13:27 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-09-11 15:46 - 2014-08-14 13:27 - 101694776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-09-11 15:44 - 2014-08-14 18:13 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-11 15:42 - 2014-03-18 04:45 - 00000000 ____D () C:\WINDOWS\ShellNew
2014-09-11 15:38 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-09-11 15:38 - 2012-07-26 00:26 - 00000076 _____ () C:\WINDOWS\win.ini
2014-09-11 10:19 - 2014-08-17 14:34 - 00000000 ____D () C:\Users\Diego\AppData\Roaming\Apple Computer
2014-09-10 19:56 - 2014-08-14 18:10 - 00000000 ____D () C:\Users\Diego\AppData\Roaming\DAEMON Tools Lite
2014-09-08 12:17 - 2014-08-19 17:15 - 00000000 ____D () C:\Users\Diego\Documents\Archivos de Outlook
 
Some content of TEMP:
====================
C:\Users\Diego\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-23 12:34
 
==================== End Of Log ============================

 

Addition.txt Log

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-09-2014

Ran by Casa at 2014-09-29 09:45:58
Running from C:\Users\Diego\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Panda Global Protection 2015 (Enabled - Up to date) {5FD6C936-849B-5CE2-14BA-709E1D6FD1DA}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Global Protection 2015 (Enabled - Up to date) {E4B728D2-A2A1-536C-2E0A-4BEC66E89B67}
FW: Panda Firewall (Enabled) {67ED4813-CEF4-5DBA-3FE5-D9ABE3BC96A1}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32891 - BitTorrent Inc.)
Actualización de NVIDIA 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Amazon Browser App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.0 - Amazon)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bullzip PDF Printer 10.7.0.2277 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.7.0.2277 - Bullzip)
calibre 64bit (HKLM\...\{5F63ABE2-91EB-489E-9F33-EBFBB6CE0DC9}) (Version: 1.48.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
ComicRack v0.9.175 (HKLM\...\ComicRack) (Version: v0.9.175 - cYo Soft)
Compatibilidad con Aplicaciones de Apple (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (x32 Version: 1.6.26.00 - Lenovo Group Limited) Hidden
Dependency Package Update (x32 Version: 1.6.30.00 - Lenovo Group Limited) Hidden
Dia (sólo eliminar) (HKLM-x32\...\Dia) (Version:  - )
eM Client (HKLM-x32\...\{82AA05E0-C204-4057-A5B2-014F43A280C1}) (Version: 6.0.20648.0 - eM Client Inc.)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.4 - Lenovo)
Energy Management (x32 Version: 8.0.2.4 - Lenovo) Hidden
Estudio para la mejora del producto HP Deskjet 1510 series (HKLM\...\{38301407-D314-40A2-8FA8-7100C540A7A3}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Guía del usuario (x32 Version: 1.0.0.9 - Lenovo) Hidden
HP Deskjet 1510 series Ayuda (HKLM-x32\...\{6E20FBAA-BCB2-4429-A9A9-C8EED1254BE4}) (Version: 30.0.0 - Hewlett Packard)
HP Deskjet 1510 series Software básico del dispositivo (HKLM\...\{9E6C7D1F-E0A1-4B79-818A-B14691111354}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® PRO/Wireless Driver (Version: 16.01.5000.0577 - Intel Corporation) Hidden
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.01.5000.0269 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.71.1 - JMicron Technology Corp.)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.29.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10192 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.0710 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.0710 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4331.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.4331.52 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3127 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3127 - CyberLink Corp.) Hidden
Microsoft Office Hogar y Estudiantes 2013 - es-es (HKLM\...\HomeStudentRetail - es-es) (Version: 15.0.4649.1003 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visio Viewer 2010 (HKLM-x32\...\{95140000-0052-0C0A-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
NVIDIA Controlador de 3D Vision 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Controlador de audio HD 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA ShadowPlay 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Software del sistema PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.0.9 - Lenovo)
OpenOffice 4.1.1 (HKLM-x32\...\{EFC97BC6-345A-4861-ACD5-0D3181252924}) (Version: 4.11.9775 - Apache Software Foundation)
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.0.105 - Panda Security)
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.03 - Panda Security)
Panda Devices Agent (x32 Version: 1.05.00 - Panda Security) Hidden
Panda Global Protection 2015 (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 15.00.01.0000 - Panda Security)
Panda Global Protection 2015 (Version: 7.23.00.0000 - Panda Security) Hidden
Panel de control de NVIDIA 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
Paquete de controladores de Windows - Lenovo (ACPIVPC) System  (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Paquete de controladores de Windows - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.9109 - CyberLink Corp.)
Qualcomm Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.12 - Qualcomm Atheros Communications Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6788 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Software Intel® PROSet/Wireless (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.4.0 - Synaptics Incorporated)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.9 - Lenovo)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1537199372-2125508624-3690468392-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Diego\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points  =========================
 
22-09-2014 22:26:39 Punto de control programado
26-09-2014 14:26:27 avast! antivirus system restore point
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {36AD9EE0-0B7D-4982-94AB-1999DC0154F9} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {49EFA553-E843-48B7-8CA5-0C40733484E7} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-08-18] ()
Task: {55E80EDA-CC30-465D-8C16-9A57A5212521} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-14] (Adobe Systems Incorporated)
Task: {66CCBD9A-C9F0-43CB-99DA-6C2811437D41} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-08-12] (Microsoft Corporation)
Task: {67E4E8FD-D889-40C4-9F84-FB890F2BF0AC} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {760FE2B6-1624-4180-865B-6B6F7F928CC0} - \AutoKMS No Task File <==== ATTENTION
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7DACE90C-91CB-4A40-8413-F3A0E4480878} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-09-11] (Microsoft Corporation)
Task: {7DB47831-053C-4F88-84FE-A39CE4026696} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8B168D1F-6DF0-4AE8-A9BD-D202CE4DB8D4} - \CCleanerSkipUAC No Task File <==== ATTENTION
Task: {8C1D6A4D-CA9C-44D2-9FDC-50E0AD3FAE1D} - \GoogleUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {99648C21-2715-457A-88D9-C163D9B764C7} - \MirageAgent No Task File <==== ATTENTION
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A3827F4F-3104-4C8B-9900-5B73776376C4} - \HPCustParticipation HP Deskjet 1510 series No Task File <==== ATTENTION
Task: {A9B3B428-59F5-4EF9-8FBB-B8C8836AF07A} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {BAAD5FB0-137D-4003-AD82-4477ED85C80A} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {BC249F6B-48FD-4687-900B-7E273407B89B} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {CF364559-BD5B-4D5F-BD4C-582E20F2902F} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D0E1335B-CAE7-4796-987D-9158A9A21489} - \Synaptics TouchPad Enhancements No Task File <==== ATTENTION
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E7C8A97E-213A-4CE2-979C-8075169691AC} - \Microsoft OneDrive Auto Update Task-S-1-5-21-1537199372-2125508624-3690468392-1002 No Task File <==== ATTENTION
Task: {F882FDAF-5284-4C9C-81F9-177F6D9D83D3} - \GoogleUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {FC840882-4BE4-43A3-924E-9070515F4F38} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-08-18] (Lenovo)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-08-14 23:18 - 2014-07-02 13:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-09-26 09:06 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-04-12 12:23 - 2013-04-12 12:23 - 00612664 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2014-09-29 09:00 - 2014-09-29 09:00 - 00098816 _____ () C:\Users\Diego\AppData\Local\Temp\_MEI46882\win32api.pyd
2014-09-29 09:00 - 2014-09-29 09:00 - 00110080 _____ () C:\Users\Diego\AppData\Local\Temp\_MEI46882\pywintypes27.dll
2014-09-29 09:00 - 2014-09-29 09:00 - 00364544 _____ () C:\Users\Diego\AppData\Local\Temp\_MEI46882\pythoncom27.dll
2014-09-29 09:00 - 2014-09-29 09:00 - 00045568 _____ () C:\Users\Diego\AppData\Local\Temp\_MEI46882\_socket.pyd
2014-09-29 09:00 - 2014-09-29 09:00 - 01160704 _____ () C:\Users\Diego\AppData\Local\Temp\_MEI46882\_ssl.pyd
2014-09-29 09:00 - 2014-09-29 09:00 - 00320512 _____ () C:\Users\Diego\AppData\Local\Temp\_MEI46882\win32com.shell.shell.pyd
2014-09-29 09:00 - 2014-09-29 09:00 - 00713216 _____ () C:\Users\Diego\AppData\Local\Temp\_MEI46882\_hashlib.pyd
2014-09-29 09:00 - 2014-09-29 09:00 - 01175040 _____ () C:\Users\Diego\AppData\Local\Temp\_MEI46882\wx._core_.pyd
2014-09-29 09:00 - 2014-09-29 09:00 - 00805888 _____ () C:\Users\Diego\AppData\Local\Temp\_MEI46882\wx._gdi_.pyd
2014-09-29 09:00 - 2014-09-29 09:00 - 00811008 _____ () C:\Users\Diego\AppData\Local\Temp\_MEI46882\wx._windows_.pyd
2014-09-29 09:00 - 2014-09-29 09:00 - 01062400 _____ () C:\Users\Diego\AppData\Local\Temp\_MEI46882\wx._controls_.pyd
2014-09-29 09:00 - 2014-09-29 09:00 - 00735232 _____ () C:\Users\Diego\AppData\Local\Temp\_MEI46882\wx._misc_.pyd
2014-09-29 09:00 - 2014-09-29 09:00 - 00128512 _____ () C:\Users\Diego\AppData\Local\Temp\_MEI46882\_elementtree.pyd
2014-09-29 09:00 - 2014-09-29 09:00 - 00127488 _____ () C:\Users\Diego\AppData\Local\Temp\_MEI46882\pyexpat.pyd
2014-09-29 09:00 - 2014-09-29 09:00 - 00557056 _____ () C:\Users\Diego\AppData\Local\Temp\_MEI46882\pysqlite2._sqlite.pyd
2014-09-29 09:00 - 2014-09-29 09:00 - 00007168 _____ () C:\Users\Diego\AppData\Local\Temp\_MEI46882\hashobjs_ext.pyd
2014-09-29 09:00 - 2014-09-29 09:00 - 00087552 _____ () C:\Users\Diego\AppData\Local\Temp\_MEI46882\_ctypes.pyd
2014-09-29 09:00 - 2014-09-29 09:00 - 00119808 _____ () C:\Users\Diego\AppData\Local\Temp\_MEI46882\win32file.pyd
2014-09-29 09:00 - 2014-09-29 09:00 - 00108544 _____ () C:\Users\Diego\AppData\Local\Temp\_MEI46882\win32security.pyd
2014-09-29 09:00 - 2014-09-29 09:00 - 00018432 _____ () C:\Users\Diego\AppData\Local\Temp\_MEI46882\win32event.pyd
2014-09-29 09:00 - 2014-09-29 09:00 - 00038912 _____ () C:\Users\Diego\AppData\Local\Temp\_MEI46882\win32inet.pyd
2014-09-29 09:00 - 2014-09-29 09:00 - 00070656 _____ () C:\Users\Diego\AppData\Local\Temp\_MEI46882\wx._html2.pyd
2014-09-29 09:00 - 2014-09-29 09:00 - 00167936 _____ () C:\Users\Diego\AppData\Local\Temp\_MEI46882\win32gui.pyd
2014-09-29 09:00 - 2014-09-29 09:00 - 00011264 _____ () C:\Users\Diego\AppData\Local\Temp\_MEI46882\win32crypt.pyd
2014-09-29 09:00 - 2014-09-29 09:00 - 00027136 _____ () C:\Users\Diego\AppData\Local\Temp\_MEI46882\_multiprocessing.pyd
2014-09-29 09:00 - 2014-09-29 09:00 - 00686080 _____ () C:\Users\Diego\AppData\Local\Temp\_MEI46882\unicodedata.pyd
2014-09-29 09:00 - 2014-09-29 09:00 - 00122368 _____ () C:\Users\Diego\AppData\Local\Temp\_MEI46882\wx._wizard.pyd
2014-09-29 09:00 - 2014-09-29 09:00 - 00010240 _____ () C:\Users\Diego\AppData\Local\Temp\_MEI46882\select.pyd
2014-09-29 09:00 - 2014-09-29 09:00 - 00024064 _____ () C:\Users\Diego\AppData\Local\Temp\_MEI46882\win32pipe.pyd
2014-09-29 09:00 - 2014-09-29 09:00 - 00025600 _____ () C:\Users\Diego\AppData\Local\Temp\_MEI46882\win32pdh.pyd
2014-09-29 09:00 - 2014-09-29 09:00 - 00525640 _____ () C:\Users\Diego\AppData\Local\Temp\_MEI46882\windows._lib_cacheinvalidation.pyd
2014-09-29 09:00 - 2014-09-29 09:00 - 00035840 _____ () C:\Users\Diego\AppData\Local\Temp\_MEI46882\win32process.pyd
2014-09-29 09:00 - 2014-09-29 09:00 - 00017408 _____ () C:\Users\Diego\AppData\Local\Temp\_MEI46882\win32profile.pyd
2014-09-29 09:00 - 2014-09-29 09:00 - 00022528 _____ () C:\Users\Diego\AppData\Local\Temp\_MEI46882\win32ts.pyd
2014-09-29 09:00 - 2014-09-29 09:00 - 00078336 _____ () C:\Users\Diego\AppData\Local\Temp\_MEI46882\wx._animate.pyd
2014-09-11 16:26 - 2014-09-11 16:26 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\544b34ebc440f32749933c327353aa78\PSIClient.ni.dll
2013-02-23 12:28 - 2012-06-25 04:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\Users\Diego\OneDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run32: => "YouCam Tray"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "YouCam Mirage"
 
========================= Accounts: ==========================
 
Administrador (S-1-5-21-1537199372-2125508624-3690468392-500 - Disabled - Status: Degraded)
Casa (S-1-5-21-1537199372-2125508624-3690468392-1002 - Enabled - Status: OK) => C:\Users\Diego
HomeGroupUser$ (S-1-5-21-1537199372-2125508624-3690468392-1006 - Enabled - Status: OK)
Invitado (S-1-5-21-1537199372-2125508624-3690468392-501 - Disabled - Status: Degraded)
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/29/2014 09:21:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AcroRd32.exe, versión: 11.0.9.29, marca de tiempo: 0x5412b4b3
Nombre del módulo con errores: AcroRd32.dll, versión: 11.0.9.29, marca de tiempo: 0x5412b4a0
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00445f31
Identificador del proceso con errores: 0x6a0
Hora de inicio de la aplicación con errores: 0xAcroRd32.exe0
Ruta de acceso de la aplicación con errores: AcroRd32.exe1
Ruta de acceso del módulo con errores: AcroRd32.exe2
Identificador del informe: AcroRd32.exe3
Nombre completo del paquete con errores: AcroRd32.exe4
Identificador de aplicación relativa del paquete con errores: AcroRd32.exe5
 
Error: (09/27/2014 04:00:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: PCloudCleaner.exe, versión: 1.0.0.1533, marca de tiempo: 0x00000000
Nombre del módulo con errores: ntdll.dll, versión: 6.3.9600.17278, marca de tiempo: 0x53eeb4a3
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0001d4f1
Identificador del proceso con errores: 0x72c
Hora de inicio de la aplicación con errores: 0xPCloudCleaner.exe0
Ruta de acceso de la aplicación con errores: PCloudCleaner.exe1
Ruta de acceso del módulo con errores: PCloudCleaner.exe2
Identificador del informe: PCloudCleaner.exe3
Nombre completo del paquete con errores: PCloudCleaner.exe4
Identificador de aplicación relativa del paquete con errores: PCloudCleaner.exe5
 
Error: (09/27/2014 03:04:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: OfficeClickToRun.exe, versión: 15.0.4649.1000, marca de tiempo: 0x53e9ab97
Nombre del módulo con errores: StreamServer.dll, versión: 15.0.4649.1001, marca de tiempo: 0x53f2c873
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000007998
Identificador del proceso con errores: 0x844
Hora de inicio de la aplicación con errores: 0xOfficeClickToRun.exe0
Ruta de acceso de la aplicación con errores: OfficeClickToRun.exe1
Ruta de acceso del módulo con errores: OfficeClickToRun.exe2
Identificador del informe: OfficeClickToRun.exe3
Nombre completo del paquete con errores: OfficeClickToRun.exe4
Identificador de aplicación relativa del paquete con errores: OfficeClickToRun.exe5
 
Error: (09/27/2014 02:00:41 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Error en el archivo de manifiesto o directiva "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" en la línea C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (09/26/2014 02:35:41 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Error en el archivo de manifiesto o directiva "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" en la línea C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (09/26/2014 02:35:40 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Error en el archivo de manifiesto o directiva "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" en la línea C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (09/26/2014 01:23:09 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Error en el archivo de manifiesto o directiva "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" en la línea C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (09/26/2014 01:23:07 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Error en el archivo de manifiesto o directiva "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" en la línea C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (09/26/2014 11:40:23 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Error en el archivo de manifiesto o directiva "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" en la línea C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (09/26/2014 11:35:27 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Error en el archivo de manifiesto o directiva "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" en la línea C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
 
System errors:
=============
Error: (09/29/2014 09:00:14 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Error en la llamada ScRegSetValueExW para FailureActions con el error siguiente: 
%%5
 
Error: (09/27/2014 04:55:35 PM) (Source: DCOM) (EventID: 10010) (User: PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (09/27/2014 04:55:04 PM) (Source: DCOM) (EventID: 10010) (User: PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (09/27/2014 04:38:23 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Error en la llamada ScRegSetValueExW para FailureActions con el error siguiente: 
%%5
 
Error: (09/27/2014 04:37:27 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio Superfetch se cerró con el siguiente error: 
%%1062
 
Error: (09/27/2014 04:00:31 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Error en la llamada ScRegSetValueExW para FailureActions con el error siguiente: 
%%5
 
Error: (09/27/2014 04:00:14 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\System32\DRIVERS\PSKMAD.sys
 
Error: (09/27/2014 03:05:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Servicio Hacer clic y ejecutar de Microsoft Office terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.
 
Error: (09/27/2014 02:20:16 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Error en la llamada ScRegSetValueExW para FailureActions con el error siguiente: 
%%5
 
Error: (09/26/2014 01:35:13 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: El servicio Panda Product Service no respondió después de iniciar.
 
 
Microsoft Office Sessions:
=========================
Error: (09/29/2014 09:21:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: AcroRd32.exe11.0.9.295412b4b3AcroRd32.dll11.0.9.295412b4a0c000000500445f316a001cfdbf021cc7ff9C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exeC:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.dlle24cd4e2-47e3-11e4-be93-6036ddfd6d34
 
Error: (09/27/2014 04:00:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: PCloudCleaner.exe1.0.0.153300000000ntdll.dll6.3.9600.1727853eeb4a3c00000050001d4f172c01cfda95f3aca50cC:\Program Files (x86)\Panda Security\Panda Cloud Cleaner\PCloudCleaner.exeC:\WINDOWS\SYSTEM32\ntdll.dll53302b07-4689-11e4-be91-6036ddfd6d34
 
Error: (09/27/2014 03:04:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OfficeClickToRun.exe15.0.4649.100053e9ab97StreamServer.dll15.0.4649.100153f2c873c0000005000000000000799884401cfda87f977802eC:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exeC:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll8e577411-4681-11e4-be90-6036ddfd6d34
 
Error: (09/27/2014 02:00:41 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
 
Error: (09/26/2014 02:35:41 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Diego\Downloads\esetsmartinstaller_enu.exe
 
Error: (09/26/2014 02:35:40 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Diego\Downloads\esetsmartinstaller_enu.exe
 
Error: (09/26/2014 01:23:09 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Diego\Downloads\esetsmartinstaller_enu.exe
 
Error: (09/26/2014 01:23:07 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Diego\Downloads\esetsmartinstaller_enu.exe
 
Error: (09/26/2014 11:40:23 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Diego\Downloads\esetsmartinstaller_enu.exe
 
Error: (09/26/2014 11:35:27 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Diego\Downloads\esetsmartinstaller_enu.exe
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-09-10 19:26:07.000
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-3630QM CPU @ 2.40GHz
Percentage of memory in use: 10%
Total physical RAM: 16331.28 MB
Available physical RAM: 14569.08 MB
Total Pagefile: 18763.28 MB
Available Pagefile: 16830.48 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
 
==================== Drives ================================
 
Drive c: (Windows8_OS) (Fixed) (Total:883.74 GB) (Free:807.5 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:21.5 GB) NTFS
Drive j: (Apollo M100) (Fixed) (Total:931.51 GB) (Free:687.84 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7F3FCDC7)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 30B42A8C)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
 
aswMBR Log 
 
aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-09-29 09:58:03
-----------------------------
09:58:03.783    OS Version: Windows x64 6.2.9200 
09:58:03.784    Number of processors: 8 586 0x3A09
09:58:03.784    ComputerName: PC  UserName: 
09:58:05.424    Initialize success
09:58:05.533    VM: initialized successfully
09:58:05.556    VM: Intel CPU BiosDisabled 
09:58:21.322    VM: disk I/O iaStorA.sys
10:16:57.151    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000034
10:16:57.155    Disk 0 Vendor: ST1000LM024_HN-M101MBB 2AR10001 Size: 953869MB BusType: 11
10:16:57.391    Disk 0 MBR read successfully
10:16:57.396    Disk 0 MBR scan
10:16:57.400    Disk 0 unknown MBR code
10:16:57.404    Disk 0 Partition 1 00     EE          GPT           2097151 MB offset 1
10:16:57.429    Disk 0 scanning C:\WINDOWS\system32\drivers
10:17:05.694    Service scanning
10:17:23.360    Modules scanning
10:17:23.371    Disk 0 trace - called modules:
10:17:23.405    ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll iaStorA.sys 
10:17:23.415    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe000237a4670]
10:17:23.422    3 CLASSPNP.SYS[fffff8011b20227b] -> nt!IofCallDriver -> \Device\00000034[0xffffe00021640060]
10:17:23.430    Scan finished successfully
10:17:36.483    Disk 0 MBR has been saved successfully to "C:\Users\Diego\Desktop\MBR.dat"
10:17:36.487    The log file has been saved successfully to "C:\Users\Diego\Desktop\aswMBR.txt"


#4 pystryker

pystryker

  • Malware Response Team
  • 730 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:10 PM

Posted 29 September 2014 - 08:15 PM

Hello, thank you for the logs, let's get started. :)


Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.


Step 1: P2P Warning and Chrome Extension Removal


The Dangers of P2P Programs

I noticed that you have a P2P file sharing program on your computer . I cannot stress highly enough the danger in using these types of programs. P2P programs are one of the major avenues of infection these days. The files downloaded with these programs are more likely than not infected with trojans, malware, rootkits, etc.

You run the risk of getting an infection that can compromise your sensitive data, such as financial records, personal information, etc. That is just the infection aspect of using P2P programs. You also run the risk of possible arrest, fines, or in severe cases, jail time for illegal downloading of copyrighted material.

Here are some information sources about the dangers of P2P programs:

FBI - Peer to Peer Scams

USA Today Artticle on P2P Programs

File Sharing Infects 500,000 Computers

I very much recommend you uninstall this program from your machine. If not, I can guarantee you will be back needing help with your machine again. The risks of infections from content downloaded with P2P programs far outweigh any benefit of using them.

It is, of course, your choice as to whether or not you remove the program from your machine. It is my duty though, to point out how dangerous it is to use these programs. However, I must request that you do not use it while we are cleaning your machine.


Remove Chrome Extensions

There is an extension in Chrome that need to be removed, please follow the instructions below to remove it.

Start Chrome and type this into the address bar: chrome:extensions

This will display a page of all the installed extensions. Please remove any extension named GioSave by clicking the trash can icon by it.


Step 2: Fix with Farbar's Recovery Scan Tool
  • Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
  • Right-click in the open notepad and select Paste).
  • Save it on the desktop as fixlist.txt

Start
HKLM-x32\...\Run: [] => [X]
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fimladocahmilaijpfnkhijdomcoaahb\2.0
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fimladocahmilaijpfnkhijdomcoaahb
Emptytemp:
Hosts:
Task: {760FE2B6-1624-4180-865B-6B6F7F928CC0} - \AutoKMS No Task File <==== ATTENTION
Task: {8B168D1F-6DF0-4AE8-A9BD-D202CE4DB8D4} - \CCleanerSkipUAC No Task File <==== ATTENTION
Task: {8C1D6A4D-CA9C-44D2-9FDC-50E0AD3FAE1D} - \GoogleUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {99648C21-2715-457A-88D9-C163D9B764C7} - \MirageAgent No Task File <==== ATTENTION
Task: {A3827F4F-3104-4C8B-9900-5B73776376C4} - \HPCustParticipation HP Deskjet 1510 series No Task File <==== ATTENTION
Task: {D0E1335B-CAE7-4796-987D-9158A9A21489} - \Synaptics TouchPad Enhancements No Task File <==== ATTENTION
Task: {E7C8A97E-213A-4CE2-979C-8075169691AC} - \Microsoft OneDrive Auto Update Task-S-1-5-21-1537199372-2125508624-3690468392-1002 No Task File <==== ATTENTION
Task: {F882FDAF-5284-4C9C-81F9-177F6D9D83D3} - \GoogleUpdateTaskMachineCore No Task File <==== ATTENTION
End


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.


Run FRST and press the Fix button just once and wait. The tool will make a log on the desktop (Fixlog.txt) please post it in your next reply.


Step 3: Junkware Removal Tool


thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 4: AdwCleaner


Download ADWcleaner by clicking here. Please save it to your Desktop


adwcleaner2_zps680e0e15.jpg
  • Double click (Vista and 7 Users)right click the adwcleaner.exe file and click Run as Adminstrator and accept the UAC prompt to run AdwCleaner
  • Close any open windows or browsers.
  • Pause your Anti-Virus program if it is running.
  • Once it starts, click on the Scan button.
  • Let the scan complete itself. This may take a few minutes.
  • Once the scan has finished, it will say "Pending, uncheck elements you don't want to remove.", don't worry about unchecking anything and then click the Clean button. When finished, it will ask to reboot. Please reboot.
  • When the machine has rebooted, a log will be produced. Please copy/paste that in your next reply. Here's how:
    • Click the Report button and the log will open. Copy and Paste the contents of the log file into your next reply.
    This report is also saved at C:\AdwCleaner[R0].txt
Step 5: Fresh FRST Scan
  • Start Farbar's Recovery Scan Tool and press the Scan button.
  • FRST will scan your system and produce one log this time. Please post it in your next reply.
Things I need to see in your next post:

Please post each of these logs as a separate reply in this thread.


Fixlog.txt Log

Junkware Removal Tool Log

AdwCleaner Log

Fresh FRST Log

Question: How is the machine running?

I close my topics if there is no response after 3 days. Please PM a moderator or myself to reopen your topic.

Please PM me only if I'm helping you with your computer issues and I have not responded in 2 days. Please remember, I'm a volunteer and sometimes life does get in the way. :)

Please stay with me until I declare your machine clean. Absence of symptoms does not ensure your machine is clean.

If you'd like to make a donation via Paypal, please click here.





#5 ddourojeanni

ddourojeanni
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:10 PM

Posted 30 September 2014 - 02:40 PM

Hello

 

I have followed your instructions and in the following replies I will post the logs you asked for.

 

Fixlog.txt Log

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 26-09-2014

Ran by Casa at 2014-09-30 14:18:28 Run:1
Running from C:\Users\Diego\Desktop
Loaded Profile: Casa (Available profiles: Casa)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [] => [X]
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fimladocahmilaijpfnkhijdomcoaahb\2.0
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fimladocahmilaijpfnkhijdomcoaahb
Emptytemp:
Hosts:
Task: {760FE2B6-1624-4180-865B-6B6F7F928CC0} - \AutoKMS No Task File <==== ATTENTION
Task: {8B168D1F-6DF0-4AE8-A9BD-D202CE4DB8D4} - \CCleanerSkipUAC No Task File <==== ATTENTION
Task: {8C1D6A4D-CA9C-44D2-9FDC-50E0AD3FAE1D} - \GoogleUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {99648C21-2715-457A-88D9-C163D9B764C7} - \MirageAgent No Task File <==== ATTENTION
Task: {A3827F4F-3104-4C8B-9900-5B73776376C4} - \HPCustParticipation HP Deskjet 1510 series No Task File <==== ATTENTION
Task: {D0E1335B-CAE7-4796-987D-9158A9A21489} - \Synaptics TouchPad Enhancements No Task File <==== ATTENTION
Task: {E7C8A97E-213A-4CE2-979C-8075169691AC} - \Microsoft OneDrive Auto Update Task-S-1-5-21-1537199372-2125508624-3690468392-1002 No Task File <==== ATTENTION
Task: {F882FDAF-5284-4C9C-81F9-177F6D9D83D3} - \GoogleUpdateTaskMachineCore No Task File <==== ATTENTION
End
*****************
 
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SkyDrive1" => Key not found.
"HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SkyDrive2" => Key not found.
"HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SkyDrive3" => Key not found.
"HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key deleted successfully.
"HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}" => Key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SkyDrive1" => Key not found.
"HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" => Key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SkyDrive2" => Key not found.
"HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" => Key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SkyDrive3" => Key not found.
"HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}" => Key not found.
C:\WINDOWS\system32\GroupPolicy\Machine => Moved successfully.
C:\WINDOWS\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => Key not found.
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fimladocahmilaijpfnkhijdomcoaahb\2.0 => Moved successfully.
C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fimladocahmilaijpfnkhijdomcoaahb => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{760FE2B6-1624-4180-865B-6B6F7F928CC0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{760FE2B6-1624-4180-865B-6B6F7F928CC0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8B168D1F-6DF0-4AE8-A9BD-D202CE4DB8D4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B168D1F-6DF0-4AE8-A9BD-D202CE4DB8D4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8C1D6A4D-CA9C-44D2-9FDC-50E0AD3FAE1D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C1D6A4D-CA9C-44D2-9FDC-50E0AD3FAE1D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{99648C21-2715-457A-88D9-C163D9B764C7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{99648C21-2715-457A-88D9-C163D9B764C7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MirageAgent" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A3827F4F-3104-4C8B-9900-5B73776376C4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A3827F4F-3104-4C8B-9900-5B73776376C4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPCustParticipation HP Deskjet 1510 series" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D0E1335B-CAE7-4796-987D-9158A9A21489}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0E1335B-CAE7-4796-987D-9158A9A21489}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Synaptics TouchPad Enhancements" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E7C8A97E-213A-4CE2-979C-8075169691AC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E7C8A97E-213A-4CE2-979C-8075169691AC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft OneDrive Auto Update Task-S-1-5-21-1537199372-2125508624-3690468392-1002" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F882FDAF-5284-4C9C-81F9-177F6D9D83D3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F882FDAF-5284-4C9C-81F9-177F6D9D83D3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => Key deleted successfully.
EmptyTemp: => Removed 1.5 GB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====


#6 ddourojeanni

ddourojeanni
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:10 PM

Posted 30 September 2014 - 02:41 PM

2nd log

 

Junkware Removal Tool Log

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu
Version: 6.2.3 (09.27.2014:1)
OS: Windows 8.1 Single Language x64
Ran by Casa on 30/09/2014 at 14:25:31.50
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Users\Diego\AppData\Roaming\tempdir"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30/09/2014 at 14:27:45.45
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#7 ddourojeanni

ddourojeanni
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:10 PM

Posted 30 September 2014 - 02:44 PM

3rd log

 

AdwCleaner Log

 

# AdwCleaner v3.310 - Reporte Creado 30/09/2014 en 14:29:51

# Actualizado 12/09/2014 por Xplode
# Sistema Operativo : Windows 8.1 Single Language  (64 bits)
# Nombre de usuario : Casa - PC
# Ejecutado desde : C:\Users\Diego\Desktop\AdwCleaner.exe
# Opción : Escanear
 
***** [ Servicios ] *****
 
 
***** [ Archivos / Carpetas ] *****
 
 
***** [ Tareas ] *****
 
 
***** [ Accesos directos ] *****
 
 
***** [ Registro ] *****
 
 
***** [ Navegadores ] *****
 
-\\ Internet Explorer v11.0.9600.17278
 
 
-\\ Mozilla Firefox v
 
[ Archivo : C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\1kl9yc95.default\prefs.js ]
 
 
[ Archivo : C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\1kl9yc95.default\prefs.js ]
 
 
[ Archivo : C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\1kl9yc95.default\prefs.js ]
 
 
[ Archivo : C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\1kl9yc95.default\prefs.js ]
 
 
[ Archivo : C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\1kl9yc95.default\prefs.js ]
 
 
[ Archivo : C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\1kl9yc95.default\prefs.js ]
 
 
[ Archivo : C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\1kl9yc95.default\prefs.js ]
 
 
[ Archivo : C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\1kl9yc95.default\prefs.js ]
 
 
[ Archivo : C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\1kl9yc95.default\prefs.js ]
 
 
[ Archivo : C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\1kl9yc95.default\prefs.js ]
 
 
[ Archivo : C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\1kl9yc95.default\prefs.js ]
 
 
[ Archivo : C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\1kl9yc95.default\prefs.js ]
 
 
[ Archivo : C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\1kl9yc95.default\prefs.js ]
 
 
[ Archivo : C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\1kl9yc95.default\prefs.js ]
 
 
[ Archivo : C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\1kl9yc95.default\prefs.js ]
 
 
[ Archivo : C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\1kl9yc95.default\prefs.js ]
 
 
[ Archivo : C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\1kl9yc95.default\prefs.js ]
 
 
-\\ Google Chrome v37.0.2062.120
 
[ Archivo : C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ Archivo : C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ Archivo : C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ Archivo : C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ Archivo : C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ Archivo : C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ Archivo : C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ Archivo : C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ Archivo : C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ Archivo : C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ Archivo : C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ Archivo : C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ Archivo : C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ Archivo : C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ Archivo : C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ Archivo : C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [5131 octets] - [27/09/2014 14:13:12]
AdwCleaner[R1].txt - [4059 octets] - [27/09/2014 16:32:15]
AdwCleaner[R2].txt - [3917 octets] - [30/09/2014 14:29:51]
AdwCleaner[S0].txt - [5069 octets] - [27/09/2014 14:16:23]
AdwCleaner[S1].txt - [4118 octets] - [27/09/2014 16:35:43]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [4097 octets] ##########


#8 ddourojeanni

ddourojeanni
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:10 PM

Posted 30 September 2014 - 02:46 PM

4th log

Fresh FRST Log

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-09-2014

Ran by Casa (administrator) on PC on 30-09-2014 14:33:48
Running from C:\Users\Diego\Desktop
Loaded Profile: Casa (Available profiles: Casa)
Platform: Windows 8.1 Single Language (X64) OS Language: Español (España, internacional)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17246_none_fa4ae8e99b1f603c\TiWorker.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
(Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(eM Client, Inc.) C:\Program Files (x86)\eM Client\MailClient.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe
(Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6334096 2012-10-17] (Realtek semiconductor)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13260944 2012-11-19] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1253520 2012-11-19] (Realtek Semiconductor)
HKLM\...\Run: [SynLenovoGestureMgr] => C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [665400 2012-11-29] (Synaptics)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-08-10] (Lenovo)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2013-02-23] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191544 2013-02-23] (Lenovo(beijing) Limited)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3008824 2012-11-29] (Synaptics Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-18] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [78352 2012-05-22] (cyberlink)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [37624 2014-07-24] (Panda Security, S.L.)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1537199372-2125508624-3690468392-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22734160 2014-08-08] (Google)
HKU\S-1-5-21-1537199372-2125508624-3690468392-1002\...\Run: [eM Client] => C:\Program Files (x86)\eM Client\MailClient.exe [15513896 2014-08-04] (eM Client, Inc.)
Startup: C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Supervisar alertas de tinta - HP Deskjet 1510 series.lnk
ShortcutTarget: Supervisar alertas de tinta - HP Deskjet 1510 series.lnk -> C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: SugarSyncBackedUp -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncPending -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncRoot -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncShared -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
BootExecute: autocheck autochk * PCloudBroom64.exe \systemroot\system32\BroomData.bit
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - {C64095BA-8AB8-4A7A-8E97-70106849B508} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKLM-x32 - {C64095BA-8AB8-4A7A-8E97-70106849B508} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 190.113.220.54 190.113.220.51
 
FireFox:
========
FF ProfilePath: C:\Users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\1kl9yc95.default
FF Homepage: www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
 
Chrome: 
=======
CHR HomePage: Default -> 
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchKeyword: Default -> 96763BD21FFA51620086352B3C527E232ADDB98A8B969474A13A559BCBAF9539
CHR DefaultSearchProvider: Default -> 3F6E0D54586D204E50965C711C4C4A94C3DBE5CE672608E5E8432B31FE5910BF
CHR DefaultSearchURL: Default -> E8410EF82FED5940D7208C1A824562A9285C79ECE06EB51A8421D320ABB7D190
CHR Profile: C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Angry Birds) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-09-14]
CHR Extension: (Google Wallet) - C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-14]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Diego\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-09-23]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
S2 CLKMSVC10_3A60B698; C:\Program Files (x86)\Lenovo\PowerDVD10\NavFilter\kmsvc.exe [243728 2012-05-23] (CyberLink)
R2 Intel® Wireless Bluetooth® 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-08-18] (LENOVO INCORPORATED.)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-08-14] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [141560 2014-07-24] (Panda Security, S.L.)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-08-14] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [61688 2014-07-23] (Panda Security, S.L.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2014-07-24] (Panda Security, S.L.)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-21] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-08-14] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-08-14] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
R3 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-08-14] (Disc Soft Ltd)
U5 GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240 2012-08-21] (GEAR Software Inc.)
R3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew00.sys [3345376 2013-10-08] (Intel Corporation)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [96800 2014-06-04] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [162336 2014-06-18] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [112160 2014-06-04] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [115232 2014-06-04] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [47360 2014-01-16] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [95776 2014-06-04] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [70176 2014-06-04] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [125984 2014-06-04] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [306720 2014-06-04] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [169504 2014-06-04] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [115744 2014-06-04] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [261152 2014-06-04] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [109088 2014-06-04] (Panda Security, S.L.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [160800 2014-07-24] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [120352 2014-07-24] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [195616 2014-07-24] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [122400 2014-07-24] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [132128 2014-07-24] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [106016 2014-07-24] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [60400 2014-03-25] (Panda Security, S.L.)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8230160 2012-10-17] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31032 2012-11-29] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-08-14] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-30 14:27 - 2014-09-30 14:27 - 00000704 _____ () C:\Users\Diego\Desktop\JRT.txt
2014-09-30 14:25 - 2014-09-30 14:25 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-09-30 14:24 - 2014-09-30 14:24 - 01699276 _____ (Thisisu) C:\Users\Diego\Downloads\JRT.exe
2014-09-30 13:03 - 2014-03-25 08:15 - 00060400 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2014-09-29 18:51 - 2014-09-29 18:52 - 07296416 _____ (ASCOMP Software GmbH ) C:\Users\Diego\Downloads\bkmaker.exe
2014-09-29 18:24 - 2014-09-29 18:24 - 01264400 _____ (Softland) C:\Users\Diego\Downloads\fbsetup.exe
2014-09-29 17:15 - 2014-09-29 17:15 - 00000000 ____D () C:\Users\Diego\AppData\Local\Amazon_Services_LLC
2014-09-29 17:14 - 2014-09-29 17:14 - 00000000 ____D () C:\Users\Diego\Documents\Password Depot
2014-09-29 17:14 - 2014-09-29 17:14 - 00000000 ____D () C:\Users\Diego\AppData\Roaming\AceBIT
2014-09-29 12:03 - 2009-08-13 18:07 - 00729424 _____ (WeOnlyDo Software) C:\WINDOWS\SysWOW64\wodSFTP.dll
2014-09-29 12:03 - 2009-08-13 18:07 - 00672024 _____ (WeOnlyDo! COM) C:\WINDOWS\SysWOW64\wodKeys.dll
2014-09-29 10:17 - 2014-09-29 10:17 - 00001503 _____ () C:\Users\Diego\Desktop\aswMBR.txt
2014-09-29 10:17 - 2014-09-29 10:17 - 00000512 _____ () C:\Users\Diego\Desktop\MBR.dat
2014-09-29 09:45 - 2014-09-30 14:33 - 00021333 _____ () C:\Users\Diego\Desktop\FRST.txt
2014-09-29 09:45 - 2014-09-29 09:46 - 00042611 _____ () C:\Users\Diego\Desktop\Addition.txt
2014-09-29 09:35 - 2014-09-29 09:35 - 05185536 _____ (AVAST Software) C:\Users\Diego\Downloads\aswmbr.exe
2014-09-29 09:35 - 2014-09-29 09:35 - 05185536 _____ (AVAST Software) C:\Users\Diego\Desktop\aswmbr.exe
2014-09-29 09:32 - 2014-09-26 11:28 - 02108928 _____ (Farbar) C:\Users\Diego\Desktop\FRST64.exe
2014-09-27 16:11 - 2014-09-27 16:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-27 16:07 - 2014-09-27 16:11 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Diego\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-27 16:06 - 2014-09-27 16:07 - 00065232 _____ (Malwarebytes) C:\Users\Diego\Downloads\regassassin-setup-1.03.exe
2014-09-27 15:58 - 2014-09-27 15:58 - 00001602 _____ () C:\WINDOWS\SysWOW64\BroomData.bit
2014-09-27 15:58 - 2013-04-08 16:30 - 00022752 _____ () C:\WINDOWS\system32\PCloudBroom64.exe
2014-09-27 14:59 - 2014-09-27 14:59 - 00854417 _____ () C:\Users\Diego\Downloads\SecurityCheck.exe
2014-09-27 14:37 - 2014-09-29 12:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2014-09-27 14:37 - 2014-09-27 14:40 - 00001313 _____ () C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
2014-09-27 14:34 - 2014-09-27 14:36 - 32453616 _____ (Panda Security ) C:\Users\Diego\Downloads\PandaCloudCleaner.exe
2014-09-27 14:13 - 2014-09-30 14:31 - 00000000 ____D () C:\AdwCleaner
2014-09-27 14:13 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-09-27 14:12 - 2014-09-27 14:12 - 01373475 _____ () C:\Users\Diego\Desktop\AdwCleaner.exe
2014-09-26 11:31 - 2014-09-26 11:31 - 00036352 _____ () C:\Users\Diego\Downloads\Addition.txt
2014-09-26 11:30 - 2014-09-26 11:31 - 00077727 _____ () C:\Users\Diego\Downloads\FRST.txt
2014-09-26 11:29 - 2014-09-30 14:33 - 00000000 ____D () C:\FRST
2014-09-26 11:29 - 2014-08-15 23:08 - 21195616 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-09-26 11:29 - 2014-08-15 23:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-09-26 11:29 - 2014-08-15 23:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-09-26 11:29 - 2014-08-15 22:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-09-26 11:29 - 2014-08-15 22:57 - 02498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-09-26 11:29 - 2014-08-15 22:57 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-09-26 11:29 - 2014-08-15 22:16 - 18722600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-09-26 11:29 - 2014-08-15 22:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-09-26 11:29 - 2014-08-15 22:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-09-26 11:29 - 2014-08-15 20:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-09-26 11:29 - 2014-08-15 20:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2014-09-26 11:29 - 2014-08-15 19:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-09-26 11:29 - 2014-08-15 19:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-09-26 11:29 - 2014-08-15 19:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2014-09-26 11:29 - 2014-08-15 19:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-09-26 11:29 - 2014-08-15 19:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2014-09-26 11:29 - 2014-08-15 19:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-09-26 11:29 - 2014-08-15 19:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-09-26 11:29 - 2014-08-15 19:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-09-26 11:29 - 2014-08-15 19:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-26 11:29 - 2014-08-15 19:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-09-26 11:29 - 2014-08-15 19:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-09-26 11:29 - 2014-08-15 19:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-09-26 11:29 - 2014-08-15 19:20 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-09-26 11:29 - 2014-08-15 19:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-26 11:29 - 2014-08-15 19:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-09-26 11:29 - 2014-08-15 19:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-09-26 11:29 - 2014-08-15 19:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-09-26 11:29 - 2014-08-15 19:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-09-26 11:29 - 2014-08-15 19:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-09-26 11:29 - 2014-08-15 19:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-09-26 11:29 - 2014-08-15 19:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-09-26 11:29 - 2014-08-15 19:11 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-09-26 11:29 - 2014-08-15 19:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-09-26 11:29 - 2014-08-15 19:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-09-26 11:29 - 2014-08-15 19:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-09-26 11:29 - 2014-07-31 18:22 - 00388729 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-09-26 11:28 - 2014-08-28 20:58 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-09-26 11:28 - 2014-08-28 20:32 - 02779136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-09-26 11:28 - 2014-08-28 19:59 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-09-26 11:28 - 2014-08-28 18:56 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-09-26 11:28 - 2014-08-28 18:47 - 02321920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-09-26 11:28 - 2014-08-25 17:27 - 04148736 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-09-26 11:27 - 2014-09-26 11:28 - 02108928 _____ (Farbar) C:\Users\Diego\Downloads\FRST64.exe
2014-09-26 11:24 - 2014-09-26 11:24 - 02347384 _____ (ESET) C:\Users\Diego\Downloads\esetsmartinstaller_enu.exe
2014-09-26 11:15 - 2014-09-26 11:15 - 00180854 _____ () C:\Users\Diego\Documents\cc_20140926_111535.reg
2014-09-26 10:35 - 2014-09-26 10:36 - 03581856 _____ (tuneuppro.com ) C:\Users\Diego\Downloads\setup.exe
2014-09-26 10:07 - 2014-09-26 10:07 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-09-26 09:56 - 2014-09-26 09:57 - 00000022 _____ () C:\Users\Diego\Downloads\_TheHitchhikersGuidetotheGalaxy20051080pBluRayx264WPi203320.zip
2014-09-26 09:55 - 2014-09-30 14:31 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1537199372-2125508624-3690468392-1002
2014-09-26 09:19 - 2014-09-26 09:19 - 00000000 ____D () C:\Users\Diego\AppData\Roaming\Panda Security
2014-09-26 09:18 - 2014-09-29 12:02 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-09-26 09:18 - 2014-09-26 09:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Global Protection 2015
2014-09-26 09:15 - 2014-09-26 09:19 - 00000000 ____D () C:\ProgramData\Panda Security
2014-09-26 09:15 - 2014-09-26 09:15 - 01062880 _____ () C:\Users\Diego\Downloads\InstallGP15.exe
2014-09-26 09:15 - 2014-09-26 09:15 - 01062880 _____ () C:\Users\Diego\Downloads\InstallGP15 (1).exe
2014-09-26 09:08 - 2014-09-26 09:09 - 00000000 ____D () C:\Users\Diego\Documents\Diego
2014-09-25 22:30 - 2014-09-25 22:31 - 00000000 ____D () C:\Users\Diego\Documents\Giannina
2014-09-23 18:27 - 2014-09-23 18:33 - 137425160 _____ () C:\Users\Diego\Downloads\GhostMoney.rar
2014-09-23 18:24 - 2014-09-30 14:20 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-09-23 18:24 - 2014-09-23 18:24 - 00000000 ____D () C:\Users\Invitado\AppData\Local\Torch
2014-09-23 18:24 - 2014-09-23 18:24 - 00000000 ____D () C:\Users\Invitado\AppData\Local\Google
2014-09-23 18:24 - 2014-09-23 18:24 - 00000000 ____D () C:\Users\Invitado\AppData\Local\Comodo
2014-09-23 18:24 - 2014-09-23 18:24 - 00000000 ____D () C:\Users\Invitado\AppData\Local\Chromatic Browser
2014-09-23 18:24 - 2014-09-23 18:24 - 00000000 ____D () C:\Users\Invitado
2014-09-23 18:24 - 2014-09-23 18:24 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-09-23 18:24 - 2014-09-23 18:24 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-09-23 18:24 - 2014-09-23 18:24 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-09-23 18:24 - 2014-09-23 18:24 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-09-23 18:24 - 2014-09-23 18:24 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-09-23 18:24 - 2014-09-23 18:24 - 00000000 ____D () C:\Users\Diego\AppData\Local\Comodo
2014-09-23 18:24 - 2014-09-23 18:24 - 00000000 ____D () C:\Users\Administrador\AppData\Local\Torch
2014-09-23 18:24 - 2014-09-23 18:24 - 00000000 ____D () C:\Users\Administrador\AppData\Local\Google
2014-09-23 18:24 - 2014-09-23 18:24 - 00000000 ____D () C:\Users\Administrador\AppData\Local\Comodo
2014-09-23 18:24 - 2014-09-23 18:24 - 00000000 ____D () C:\Users\Administrador\AppData\Local\Chromatic Browser
2014-09-23 18:24 - 2014-09-23 18:24 - 00000000 ____D () C:\Users\Administrador
2014-09-23 18:24 - 2014-09-23 18:24 - 00000000 ____D () C:\ProgramData\c663c01d861d206e
2014-09-23 18:19 - 2014-09-23 18:24 - 110404986 _____ () C:\Users\Diego\Downloads\Millenaire.rar.crdownload
2014-09-23 17:16 - 2014-09-23 17:20 - 00000000 ____D () C:\Users\Diego\AppData\Roaming\GonVisor
2014-09-23 12:06 - 2014-09-23 12:06 - 00001233 _____ () C:\Users\Diego\AppData\Local\recently-used.xbel
2014-09-23 11:58 - 2014-09-23 12:06 - 00000000 ____D () C:\Users\Diego\.dia
2014-09-23 11:57 - 2014-09-23 11:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dia
2014-09-23 11:57 - 2014-09-23 11:57 - 00000000 ____D () C:\Program Files (x86)\Dia
2014-09-23 11:54 - 2014-09-23 11:55 - 19620143 _____ (The Dia Developers) C:\Users\Diego\Downloads\dia-setup-0.97.2-2-unsigned.exe
2014-09-23 11:52 - 2014-09-23 11:52 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-09-23 11:50 - 2014-09-23 11:51 - 17532696 _____ (Microsoft Corporation) C:\Users\Diego\Downloads\visioviewer.exe
2014-09-23 11:46 - 2014-09-23 11:46 - 00000000 __SHD () C:\Users\Diego\AppData\Local\EmieUserList
2014-09-23 11:46 - 2014-09-23 11:46 - 00000000 __SHD () C:\Users\Diego\AppData\Local\EmieSiteList
2014-09-22 14:35 - 2014-09-22 14:35 - 00002630 _____ () C:\Users\Diego\Downloads\MONOVA.ORG Sonitus_Eco_-_500_Years_Of_Struggle.torrent
2014-09-22 14:09 - 2014-09-22 14:09 - 00006502 _____ () C:\Users\Diego\Downloads\Liquid_Level_Level_Shapes_LP.zip
2014-09-22 14:08 - 2014-09-22 14:08 - 00001424 _____ () C:\Users\Diego\Downloads\Liquid_Level_Level_Shapes_LP_archive.torrent
2014-09-22 14:04 - 2014-09-22 14:04 - 00001466 _____ () C:\Users\Diego\Downloads\Sonitus-Eco-500-Years-Of-Struggle_archive.torrent
2014-09-22 13:44 - 2014-09-22 13:50 - 46652075 _____ () C:\Users\Diego\Downloads\M4n4r4 - k4m45u7r4.rar
2014-09-22 12:41 - 2014-09-22 17:16 - 00000000 ____D () C:\Users\Diego\AppData\Local\Lenovo
2014-09-22 12:27 - 2014-09-22 12:28 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Lenovo
2014-09-22 12:27 - 2014-09-22 12:27 - 02356592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WudfUpdate_01011.dll
2014-09-22 12:16 - 2014-09-22 12:25 - 12893808 _____ (Lenovo Group Limited ) C:\Users\Diego\Downloads\LeniMPkg.exe
2014-09-19 05:35 - 2014-09-19 05:35 - 00512268 _____ () C:\Users\Diego\Downloads\Monitoreo_Cultivos_Palma.kmz
2014-09-18 20:33 - 2014-09-18 20:33 - 00000000 __RHD () C:\MSOCache
2014-09-18 20:22 - 2014-09-15 06:42 - 129120226 ____N () C:\Users\Diego\Downloads\K1-3.HTAL.rar
2014-09-18 20:22 - 2014-09-15 06:42 - 108627784 ____N () C:\Users\Diego\Downloads\M36413x.howtoarsenio.blogspot.com.rar
2014-09-18 20:22 - 2014-09-15 06:28 - 109356936 ____N () C:\Users\Diego\Downloads\K4-5.HTAL.rar
2014-09-18 20:22 - 2014-09-14 22:37 - 68500678 ____N () C:\Users\Diego\Downloads\c13n_c48r45.howtoarsenio.blogspot.com.rar
2014-09-18 20:22 - 2014-06-29 17:35 - 76996797 ____N () C:\Users\Diego\Downloads\CinquiemeEvangile.rar
2014-09-18 20:22 - 2014-05-21 23:25 - 102869857 ____N () C:\Users\Diego\Downloads\Horace.Silver.And.The.Jazz.Messengers.digztytwo.zip
2014-09-18 20:22 - 2014-05-08 10:22 - 54049764 ____N () C:\Users\Diego\Downloads\kahvi345_lunarblues_and_opaeq-haarp_(mp3).zip
2014-09-18 20:21 - 2014-08-20 15:23 - 167707347 ____N () C:\Users\Diego\Downloads\4d31_814nc4_d05.howtoarsenio.blogspot.com.rar
2014-09-18 20:21 - 2014-07-10 15:26 - 135038992 ____N () C:\Users\Diego\Downloads\N03_2014_D4rr3n_4r0n0fsky_FloydWayne.K0ala.howtoarsenio.blogspot.com.rar
2014-09-18 20:21 - 2014-06-29 18:22 - 21640209 ____N () C:\Users\Diego\Downloads\OrdreDesDragons.part2.rar
2014-09-18 20:21 - 2014-06-29 18:05 - 209715200 ____N () C:\Users\Diego\Downloads\OrdreDesDragons.part1.rar
2014-09-18 20:21 - 2014-05-22 00:32 - 141982380 ____N () C:\Users\Diego\Downloads\THSQ-SFMF-63-4.rar
2014-09-18 20:21 - 2014-04-08 14:08 - 136290762 ____N () C:\Users\Diego\Downloads\Steve Cobby - Saudade.zip
2014-09-18 20:20 - 2014-07-10 18:04 - 149690702 ____N () C:\Users\Diego\Downloads\CBLWoS.rar
2014-09-18 20:20 - 2014-07-01 16:45 - 85952592 ____N () C:\Users\Diego\Downloads\Zenith.rar
2014-09-18 20:20 - 2014-06-29 17:02 - 94326049 ____N () C:\Users\Diego\Downloads\k0m80 DuN3 2.howtoarsenio.blogspot.com.zip
2014-09-18 20:20 - 2014-01-15 06:11 - 159615645 ____N () C:\Users\Diego\Downloads\4850Lu73 W47cHm3n.02.howtoarsenio.blogspot.com.rar
2014-09-18 20:20 - 2014-01-15 06:11 - 149312827 ____N () C:\Users\Diego\Downloads\Howtoarsenio. Long John Silver.rar
2014-09-18 20:20 - 2014-01-15 06:10 - 166077480 ____N () C:\Users\Diego\Downloads\4850Lu73 W47cHm3n.01.howtoarsenio.blogspot.com.rar
2014-09-18 20:19 - 2014-06-29 16:57 - 47355338 ____N () C:\Users\Diego\Downloads\k0m80 DuN3 1.howtoarsenio.blogspot.com.zip
2014-09-18 20:19 - 2014-02-07 09:28 - 79858449 ____N () C:\Users\Diego\Downloads\Jah_Warrior-Dub_from_the_Heart_Part_2_(JWLP_013)-LP-1998-Gully.rar
2014-09-18 20:19 - 2014-02-07 09:28 - 58670170 ____N () C:\Users\Diego\Downloads\Bob Marley - Legend.rar
2014-09-18 20:19 - 2014-01-15 06:10 - 178946962 ____N () C:\Users\Diego\Downloads\ATRX01-16.rar
2014-09-18 20:09 - 2014-06-05 15:23 - 711294976 ____N () C:\Users\Diego\Downloads\mtptemp.pst
2014-09-18 19:47 - 2014-09-18 19:47 - 00024519 _____ () C:\Users\Diego\Downloads\Ricardo Rey Basadre.kmz
2014-09-15 18:49 - 2014-09-15 18:49 - 00001806 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-15 18:49 - 2014-09-15 18:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-15 18:49 - 2014-09-15 18:49 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-15 18:49 - 2014-09-15 18:49 - 00000000 ____D () C:\Program Files\iTunes
2014-09-15 18:49 - 2014-09-15 18:49 - 00000000 ____D () C:\Program Files\iPod
2014-09-15 18:49 - 2014-09-15 18:49 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-15 07:59 - 2014-09-15 08:03 - 120557815 _____ () C:\Users\Diego\Downloads\Panama Global Workshop, 27-28-29.08.14.zip
2014-09-14 17:12 - 2014-09-14 17:12 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-09-14 15:11 - 2014-09-14 15:11 - 00000000 ____D () C:\Users\Diego\AppData\Roaming\OpenOffice
2014-09-14 14:03 - 2014-09-14 14:03 - 00001068 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2014-09-14 14:03 - 2014-09-14 14:03 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2014-09-14 14:02 - 2014-09-14 14:02 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-09-14 13:59 - 2014-09-14 13:59 - 00000000 ____D () C:\Users\Diego\Desktop\OpenOffice 4.1.1 (es) Installation Files
2014-09-14 13:28 - 2014-09-14 13:33 - 130425620 _____ () C:\Users\Diego\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_es.exe
2014-09-14 11:26 - 2014-07-24 10:07 - 07424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-09-14 11:26 - 2014-07-24 04:44 - 16874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-09-14 11:26 - 2014-07-24 04:16 - 12730880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-09-14 11:25 - 2014-07-24 10:28 - 00468288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-09-14 11:25 - 2014-07-24 10:28 - 00419648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-09-14 11:25 - 2014-07-24 10:28 - 00412992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-09-14 11:25 - 2014-07-24 10:28 - 00280384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-09-14 11:25 - 2014-07-24 10:28 - 00143680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2014-09-14 11:25 - 2014-07-24 10:25 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-09-14 11:25 - 2014-07-24 10:23 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-09-14 11:25 - 2014-07-24 10:23 - 00125472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-09-14 11:25 - 2014-07-24 10:20 - 00645592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-09-14 11:25 - 2014-07-24 10:20 - 00263400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-09-14 11:25 - 2014-07-24 10:16 - 02574208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-09-14 11:25 - 2014-07-24 10:16 - 00211216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2014-09-14 11:25 - 2014-07-24 10:07 - 02009920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-09-14 11:25 - 2014-07-24 10:05 - 01660048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-09-14 11:25 - 2014-07-24 10:05 - 01519560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-09-14 11:25 - 2014-07-24 10:05 - 01488008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-09-14 11:25 - 2014-07-24 10:05 - 01356840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-09-14 11:25 - 2014-07-24 10:03 - 02141920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-09-14 11:25 - 2014-07-24 10:03 - 00882136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-09-14 11:25 - 2014-07-24 10:03 - 00818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-09-14 11:25 - 2014-07-24 10:03 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-09-14 11:25 - 2014-07-24 10:03 - 00233888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-09-14 11:25 - 2014-07-24 10:03 - 00205512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2014-09-14 11:25 - 2014-07-24 09:57 - 00475968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-09-14 11:25 - 2014-07-24 08:50 - 00098048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-09-14 11:25 - 2014-07-24 08:48 - 02410976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-09-14 11:25 - 2014-07-24 08:48 - 00180208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2014-09-14 11:25 - 2014-07-24 08:46 - 00477200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-09-14 11:25 - 2014-07-24 08:36 - 02145472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-09-14 11:25 - 2014-07-24 08:36 - 00707536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-09-14 11:25 - 2014-07-24 08:36 - 00674512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-09-14 11:25 - 2014-07-24 08:36 - 00355800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-09-14 11:25 - 2014-07-24 08:36 - 00180720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2014-09-14 11:25 - 2014-07-24 06:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRUM.DLL
2014-09-14 11:25 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDYAK.DLL
2014-09-14 11:25 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTT102.DLL
2014-09-14 11:25 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTAT.DLL
2014-09-14 11:25 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU1.DLL
2014-09-14 11:25 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDBASH.DLL
2014-09-14 11:25 - 2014-07-24 06:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU.DLL
2014-09-14 11:25 - 2014-07-24 06:47 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-09-14 11:25 - 2014-07-24 06:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-09-14 11:25 - 2014-07-24 06:45 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-09-14 11:25 - 2014-07-24 06:44 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-09-14 11:25 - 2014-07-24 06:43 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2014-09-14 11:25 - 2014-07-24 06:42 - 01200640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-09-14 11:25 - 2014-07-24 06:42 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-09-14 11:25 - 2014-07-24 06:42 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2014-09-14 11:25 - 2014-07-24 06:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2014-09-14 11:25 - 2014-07-24 06:41 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2014-09-14 11:25 - 2014-07-24 06:33 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-09-14 11:25 - 2014-07-24 06:33 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-09-14 11:25 - 2014-07-24 06:22 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2014-09-14 11:25 - 2014-07-24 06:06 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2014-09-14 11:25 - 2014-07-24 06:05 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2014-09-14 11:25 - 2014-07-24 06:05 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-09-14 11:25 - 2014-07-24 05:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDYAK.DLL
2014-09-14 11:25 - 2014-07-24 05:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTT102.DLL
2014-09-14 11:25 - 2014-07-24 05:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTAT.DLL
2014-09-14 11:25 - 2014-07-24 05:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRUM.DLL
2014-09-14 11:25 - 2014-07-24 05:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU1.DLL
2014-09-14 11:25 - 2014-07-24 05:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDBASH.DLL
2014-09-14 11:25 - 2014-07-24 05:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU.DLL
2014-09-14 11:25 - 2014-07-24 05:49 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2014-09-14 11:25 - 2014-07-24 05:33 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-09-14 11:25 - 2014-07-24 05:32 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.cpl
2014-09-14 11:25 - 2014-07-24 05:20 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2014-09-14 11:25 - 2014-07-24 05:18 - 01089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2014-09-14 11:25 - 2014-07-24 05:12 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2014-09-14 11:25 - 2014-07-24 05:10 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-09-14 11:25 - 2014-07-24 05:10 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-09-14 11:25 - 2014-07-24 05:10 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-09-14 11:25 - 2014-07-24 05:10 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2014-09-14 11:25 - 2014-07-24 05:09 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-09-14 11:25 - 2014-07-24 05:06 - 00438272 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-09-14 11:25 - 2014-07-24 05:05 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-09-14 11:25 - 2014-07-24 04:53 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2014-09-14 11:25 - 2014-07-24 04:52 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-09-14 11:25 - 2014-07-24 04:42 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl
2014-09-14 11:25 - 2014-07-24 04:40 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2014-09-14 11:25 - 2014-07-24 04:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-09-14 11:25 - 2014-07-24 04:33 - 01741824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2014-09-14 11:25 - 2014-07-24 04:32 - 01048064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2014-09-14 11:25 - 2014-07-24 04:27 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-09-14 11:25 - 2014-07-24 04:27 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-09-14 11:25 - 2014-07-24 04:25 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2014-09-14 11:25 - 2014-07-24 04:24 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-09-14 11:25 - 2014-07-24 04:23 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-09-14 11:25 - 2014-07-24 04:21 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2014-09-14 11:25 - 2014-07-24 04:18 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2014-09-14 11:25 - 2014-07-24 04:14 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-09-14 11:25 - 2014-07-24 04:13 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2014-09-14 11:25 - 2014-07-24 04:12 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-09-14 11:25 - 2014-07-24 04:11 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-09-14 11:25 - 2014-07-24 04:11 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2014-09-14 11:25 - 2014-07-24 04:10 - 00540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2014-09-14 11:25 - 2014-07-24 04:04 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2014-09-14 11:25 - 2014-07-24 04:04 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-09-14 11:25 - 2014-07-24 04:03 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-09-14 11:25 - 2014-07-24 04:02 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-09-14 11:25 - 2014-07-24 03:58 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2014-09-14 11:25 - 2014-07-24 03:53 - 01261056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-09-14 11:25 - 2014-07-24 03:53 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-09-14 11:25 - 2014-07-24 03:49 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-09-14 11:25 - 2014-07-24 03:49 - 01287680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-09-14 11:25 - 2014-07-24 03:49 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-09-14 11:25 - 2014-07-24 03:48 - 00659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-09-14 11:25 - 2014-07-24 03:47 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-09-14 11:25 - 2014-07-24 03:43 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2014-09-14 11:25 - 2014-07-24 03:39 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-09-14 11:25 - 2014-07-24 03:38 - 00371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-09-14 11:25 - 2014-07-24 03:36 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2014-09-14 11:25 - 2014-07-24 03:32 - 01532416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-09-14 11:25 - 2014-07-24 03:30 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-09-14 11:25 - 2014-07-24 03:29 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2014-09-14 11:25 - 2014-07-24 03:28 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2014-09-14 11:25 - 2014-07-24 03:23 - 01404416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2014-09-14 11:25 - 2014-07-24 03:22 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-09-14 11:25 - 2014-07-24 03:21 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-09-14 11:25 - 2014-07-24 03:21 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-09-14 11:25 - 2014-07-24 03:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2014-09-14 11:25 - 2014-07-24 03:19 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-09-14 11:25 - 2014-07-24 03:18 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-09-14 11:25 - 2014-07-24 03:18 - 00795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2014-09-14 11:25 - 2014-07-24 03:18 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-09-14 11:25 - 2014-07-24 03:16 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-09-14 11:25 - 2014-07-24 03:16 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2014-09-14 11:25 - 2014-07-24 03:15 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-09-14 11:25 - 2014-07-24 03:15 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-09-14 11:25 - 2014-07-24 03:15 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2014-09-14 11:25 - 2014-07-24 03:13 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2014-09-14 11:25 - 2014-07-24 03:10 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-09-14 11:25 - 2014-07-24 03:10 - 00889344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-09-14 11:25 - 2014-07-24 03:10 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-09-14 11:25 - 2014-07-24 03:10 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-09-14 11:25 - 2014-07-24 03:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-09-14 11:25 - 2014-07-24 03:08 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2014-09-14 11:25 - 2014-07-24 03:07 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-09-14 11:25 - 2014-07-24 03:06 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-09-14 11:25 - 2014-07-24 03:05 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2014-09-14 11:25 - 2014-07-24 03:04 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-09-14 11:25 - 2014-07-24 03:02 - 03465216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-09-14 11:25 - 2014-07-24 03:01 - 01992192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2014-09-14 11:25 - 2014-07-24 03:00 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-09-14 11:25 - 2014-07-24 02:58 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-09-14 11:25 - 2014-07-24 02:58 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2014-09-14 11:25 - 2014-07-24 02:54 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2014-09-14 11:25 - 2014-07-24 02:50 - 01182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2014-09-14 11:25 - 2014-07-24 02:49 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2014-09-14 11:25 - 2014-07-24 02:47 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-09-14 11:25 - 2014-07-24 02:44 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2014-09-14 11:25 - 2014-07-24 02:43 - 02696704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-09-14 11:25 - 2014-07-24 02:43 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2014-09-14 11:25 - 2014-07-24 02:41 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-09-14 11:25 - 2014-07-24 02:33 - 03360768 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-09-14 11:25 - 2014-07-24 02:28 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-09-14 11:25 - 2014-07-23 23:11 - 00513544 _____ () C:\WINDOWS\SysWOW64\locale.nls
2014-09-14 11:25 - 2014-07-23 23:11 - 00513544 _____ () C:\WINDOWS\system32\locale.nls
2014-09-14 11:25 - 2014-07-12 00:55 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2014-09-14 11:25 - 2014-07-12 00:23 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-09-14 11:25 - 2014-07-11 23:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2014-09-14 11:25 - 2014-07-11 23:33 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-09-14 11:25 - 2014-07-11 23:13 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-09-14 11:25 - 2014-07-04 07:59 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-09-14 11:25 - 2014-07-04 05:29 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2014-09-14 11:25 - 2014-07-04 05:20 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-09-14 11:25 - 2014-07-04 05:06 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2014-09-14 11:25 - 2014-07-04 05:00 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-09-14 11:25 - 2014-07-04 04:30 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2014-09-14 11:25 - 2014-07-04 04:27 - 00474112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2014-09-14 11:25 - 2014-06-27 01:22 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-09-14 11:25 - 2014-06-25 19:32 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-09-14 11:25 - 2014-06-25 19:29 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2014-09-14 11:25 - 2014-06-19 18:37 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-09-14 11:25 - 2014-06-18 21:13 - 00310080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-09-14 11:25 - 2014-06-14 01:03 - 02389504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-09-14 11:25 - 2014-06-14 00:46 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-09-14 11:25 - 2014-06-07 07:46 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-09-14 11:25 - 2014-06-07 05:20 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-09-14 11:25 - 2014-06-05 09:00 - 01118040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-09-14 11:25 - 2014-06-05 05:18 - 01018368 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-09-14 11:25 - 2014-06-05 04:42 - 00889856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-09-14 11:25 - 2014-05-31 00:00 - 01463808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2014-09-14 11:25 - 2014-05-30 23:18 - 01319936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2014-09-14 11:25 - 2014-05-29 01:23 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-09-14 11:25 - 2014-05-29 00:25 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-09-14 11:25 - 2014-05-29 00:20 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-09-14 11:25 - 2014-05-28 23:36 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-09-14 11:25 - 2014-05-26 02:26 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2014-09-14 11:25 - 2014-05-10 05:12 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2014-09-14 11:25 - 2014-05-10 03:46 - 00335680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2014-09-14 11:25 - 2014-05-05 23:41 - 00486744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-09-14 11:25 - 2014-05-05 19:55 - 00391000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-09-14 11:25 - 2014-03-24 21:27 - 00160600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2014-09-14 11:25 - 2014-03-24 21:27 - 00123920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2014-09-14 11:25 - 2014-03-24 20:20 - 00128568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2014-09-14 11:25 - 2014-03-24 20:20 - 00127544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2014-09-14 11:13 - 2014-08-23 02:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-09-14 11:13 - 2014-08-23 02:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-09-14 11:13 - 2014-08-23 01:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-09-14 11:13 - 2014-08-23 00:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-09-14 11:13 - 2014-08-22 23:44 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-09-14 11:13 - 2014-08-22 23:34 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-09-14 11:13 - 2014-08-22 23:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-09-14 11:13 - 2014-08-22 23:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-09-14 11:13 - 2014-08-22 23:20 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-09-14 11:12 - 2014-07-29 20:56 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-09-14 11:12 - 2014-07-29 00:22 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2014-09-14 11:07 - 2014-08-14 19:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-09-14 11:00 - 2014-09-30 13:38 - 00000838 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-09-14 11:00 - 2014-09-14 11:00 - 00003726 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-09-14 10:55 - 2014-09-13 21:05 - 160246522 ____N () C:\Users\Diego\Downloads\V1L7R16N-0-5.rar
2014-09-14 10:55 - 2014-09-13 21:01 - 120196304 ____N () C:\Users\Diego\Downloads\V1L7R16N-6-10.rar
2014-09-14 10:55 - 2014-09-13 20:59 - 113731984 ____N () C:\Users\Diego\Downloads\V4l3r14n_20-23.howtoarsenio.blogspot.com.rar
2014-09-14 10:54 - 2014-09-13 21:05 - 208005343 ____N () C:\Users\Diego\Downloads\V1L7R16N-11-19.rar
2014-09-14 10:46 - 2014-09-02 15:06 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-09-14 10:46 - 2014-09-02 15:06 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-12 15:49 - 2014-08-15 21:40 - 23591424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-09-12 15:49 - 2014-08-15 21:04 - 17455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-09-12 15:49 - 2014-08-15 21:00 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-09-12 15:49 - 2014-08-15 21:00 - 02793984 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-09-12 15:49 - 2014-08-15 20:56 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-09-12 15:49 - 2014-08-15 20:54 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-09-12 15:49 - 2014-08-15 20:45 - 04232704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-09-12 15:49 - 2014-08-15 20:43 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-09-12 15:49 - 2014-08-15 20:32 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-09-12 15:49 - 2014-08-15 20:25 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-09-12 15:49 - 2014-08-15 20:22 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-09-12 15:49 - 2014-08-15 20:20 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-09-12 15:49 - 2014-08-15 20:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-09-12 15:49 - 2014-08-15 20:18 - 02185728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-09-12 15:49 - 2014-08-15 20:18 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-09-12 15:49 - 2014-08-15 20:11 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-09-12 15:49 - 2014-08-15 20:06 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-09-12 15:49 - 2014-08-15 20:05 - 00727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-09-12 15:49 - 2014-08-15 20:05 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-09-12 15:49 - 2014-08-15 20:03 - 02104832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-09-12 15:49 - 2014-08-15 20:03 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-09-12 15:49 - 2014-08-15 19:58 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-12 15:49 - 2014-08-15 19:56 - 02310656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-09-12 15:49 - 2014-08-15 19:53 - 13588480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-09-12 15:49 - 2014-08-15 19:53 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-09-12 15:49 - 2014-08-15 19:53 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-09-12 15:49 - 2014-08-15 19:51 - 11769856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-09-12 15:49 - 2014-08-15 19:45 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-09-12 15:49 - 2014-08-15 19:44 - 02014208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-09-12 15:49 - 2014-08-15 19:44 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-09-12 15:49 - 2014-08-15 19:34 - 01447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-09-12 15:49 - 2014-08-15 19:20 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-09-12 15:49 - 2014-08-15 19:18 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-09-12 15:49 - 2014-08-15 19:14 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-09-12 15:49 - 2014-08-15 19:12 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-09-11 16:36 - 2014-09-11 16:37 - 00000029 _____ () C:\Users\Diego\Desktop\office.txt
2014-09-11 16:32 - 2014-09-11 16:32 - 00002159 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-09-11 16:32 - 2014-09-11 16:32 - 00002159 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-09-11 16:32 - 2014-09-11 16:32 - 00000000 ___RD () C:\Users\Diego\SkyDrive
2014-09-11 16:32 - 2014-09-11 16:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive
2014-09-11 16:31 - 2014-09-11 16:31 - 00000000 ____D () C:\ProgramData\Microsoft SkyDrive
2014-09-11 16:28 - 2014-09-27 15:05 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-11 16:28 - 2014-09-11 16:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-09-11 10:01 - 2014-08-01 19:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-09-11 09:55 - 2014-09-30 14:33 - 00000000 ____D () C:\Users\Diego\AppData\Roaming\eM Client
2014-09-11 09:55 - 2014-09-11 09:55 - 00000989 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eM Client.lnk
2014-09-11 09:55 - 2014-09-11 09:55 - 00000000 ____D () C:\Program Files (x86)\eM Client
2014-09-11 09:54 - 2014-09-11 09:54 - 15028224 _____ () C:\Users\Diego\Downloads\setup.msi
2014-09-11 09:51 - 2014-09-11 09:51 - 01242312 _____ (Microsoft Corporation) C:\Users\Diego\Downloads\wlsetup-web.exe
2014-09-11 09:47 - 2014-09-11 09:51 - 96379392 _____ () C:\Users\Diego\Downloads\zdesktop_7_2_5_ga_b12038_20140417012326_win32.msi
2014-09-11 09:46 - 2014-07-23 22:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2014-09-11 09:46 - 2014-07-23 22:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-09-11 09:41 - 2014-09-11 09:45 - 88588766 _____ () C:\Users\Diego\Downloads\avvepo7557dat.zip
2014-09-11 09:34 - 2014-09-11 09:34 - 00000000 ____D () C:\WINDOWS\AutoKMS
2014-09-11 09:26 - 2014-09-11 09:26 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit
2014-09-11 09:22 - 2014-09-11 09:22 - 00000000 ____D () C:\Users\Diego\AppData\Roaming\WinRAR
2014-09-11 09:20 - 2014-09-11 09:22 - 36923809 _____ () C:\Users\Diego\Downloads\Microsoft Toolkit 2.4.3.rar
2014-09-10 16:35 - 2014-09-10 16:35 - 00002243 _____ () C:\Users\Public\Desktop\Google Earth.lnk
2014-09-10 16:35 - 2014-09-10 16:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2014-09-10 16:31 - 2014-09-10 16:31 - 00895120 _____ (Google Inc.) C:\Users\Diego\Downloads\GoogleEarthSetup.exe
2014-09-09 12:00 - 2014-09-09 12:00 - 00000169 _____ () C:\Users\Diego\Downloads\bavivo19990623_fresco.ram
2014-09-05 15:58 - 2014-09-23 18:35 - 00000000 ____D () C:\Users\Diego\Documents\Comics
2014-09-04 14:38 - 2014-09-04 14:38 - 00062736 _____ () C:\Users\Diego\Downloads\CUADRO DE USOS.xlsx
2014-09-02 19:24 - 2014-09-02 19:24 - 00013312 ___SH () C:\Users\Diego\Downloads\Thumbs.db
2014-09-02 10:22 - 2014-09-02 10:23 - 12309787 _____ () C:\Users\Diego\Downloads\PNUD_palma-2014-09-02.zip
2014-09-02 10:21 - 2014-09-02 10:22 - 10447799 _____ () C:\Users\Diego\Downloads\Documentos_RSPO_-_Mesa_Ambiental.zip
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-30 14:33 - 2014-08-14 13:37 - 00000000 ___RD () C:\Users\Diego\Google Drive
2014-09-30 14:32 - 2014-08-25 08:00 - 00669630 _____ () C:\WINDOWS\PFRO.log
2014-09-30 14:32 - 2014-08-14 23:18 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-30 14:32 - 2013-08-22 09:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-30 14:31 - 2014-08-21 16:27 - 01537173 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-30 14:31 - 2013-08-22 08:25 - 01310720 ___SH () C:\WINDOWS\system32\config\BBI
2014-09-30 14:20 - 2014-08-14 12:36 - 00001102 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-30 14:20 - 2014-08-14 12:36 - 00001098 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-30 14:18 - 2013-08-22 10:36 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2014-09-30 14:14 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-09-30 13:09 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-09-30 08:10 - 2014-08-14 13:17 - 00000000 ____D () C:\Users\Diego\AppData\Roaming\uTorrent
2014-09-29 17:15 - 2014-08-13 10:38 - 00000000 ____D () C:\Users\Diego\AppData\Local\Packages
2014-09-29 09:27 - 2014-03-18 05:04 - 01833224 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-09-29 09:27 - 2014-03-18 04:31 - 00812192 _____ () C:\WINDOWS\system32\perfh00A.dat
2014-09-29 09:27 - 2014-03-18 04:31 - 00167450 _____ () C:\WINDOWS\system32\perfc00A.dat
2014-09-27 17:38 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-09-26 13:33 - 2013-08-22 09:44 - 00552696 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-09-26 13:31 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-09-26 13:31 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-09-26 11:29 - 2012-07-26 02:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-09-26 09:49 - 2014-08-14 17:14 - 00000000 ___DC () C:\WINDOWS\Panther
2014-09-26 09:36 - 2014-08-14 12:26 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-25 22:32 - 2014-08-14 23:25 - 00000000 ____D () C:\Users\Diego
2014-09-25 22:02 - 2014-08-21 16:27 - 00004748 _____ () C:\WINDOWS\setupact.log
2014-09-25 22:01 - 2014-08-14 12:52 - 00000000 ____D () C:\Program Files\Google
2014-09-25 22:01 - 2014-08-14 12:36 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-23 18:24 - 2014-08-14 12:36 - 00000000 ____D () C:\Users\Diego\AppData\Local\Google
2014-09-23 18:24 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy
2014-09-23 13:37 - 2014-08-14 12:52 - 00002212 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-23 11:52 - 2013-02-23 12:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-09-22 17:16 - 2013-02-23 13:03 - 00000000 ____D () C:\ProgramData\Lenovo
2014-09-22 12:40 - 2013-02-23 12:57 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2014-09-22 12:37 - 2013-02-23 12:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2014-09-22 12:26 - 2013-02-23 13:03 - 00000000 ____D () C:\Program Files\Lenovo
2014-09-20 12:21 - 2013-02-23 13:03 - 00000000 ____D () C:\ProgramData\McAfee
2014-09-19 09:15 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-09-19 07:09 - 2014-08-21 08:41 - 00000000 ____D () C:\Users\Diego\Documents\Plantillas personalizadas de Office
2014-09-18 19:39 - 2012-07-26 03:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-09-18 19:37 - 2012-07-26 00:37 - 00000000 ____D () C:\Users\Default.migrated
2014-09-18 19:35 - 2014-08-17 15:19 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-15 12:46 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-09-15 12:44 - 2014-08-21 10:06 - 00000000 ____D () C:\Program Files\WinRAR
2014-09-15 12:41 - 2014-03-18 04:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-15 12:41 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-09-15 12:41 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-15 12:41 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-15 12:41 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2014-09-15 12:41 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\InputMethod
2014-09-15 12:41 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-09-15 12:41 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-09-15 08:30 - 2014-08-14 18:13 - 00000000 ____D () C:\Users\Diego\AppData\Local\Microsoft Help
2014-09-14 11:01 - 2014-08-21 10:06 - 00000000 ____D () C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-14 11:01 - 2014-08-21 10:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-12 15:50 - 2014-08-14 17:10 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-09-12 15:50 - 2014-08-14 17:10 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-09-12 15:50 - 2014-08-14 17:10 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-09-12 15:50 - 2014-08-14 17:10 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-09-12 15:50 - 2014-08-14 17:10 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-09-12 15:50 - 2014-08-14 17:10 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-09-12 15:50 - 2014-08-14 16:58 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-09-12 15:49 - 2014-08-14 17:10 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-09-12 15:49 - 2014-08-14 17:10 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-09-11 16:39 - 2014-08-17 14:31 - 00000000 ____D () C:\ProgramData\Adobe
2014-09-11 15:50 - 2014-08-14 13:27 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-09-11 15:46 - 2014-08-14 13:27 - 101694776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-09-11 15:44 - 2014-08-14 18:13 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-11 15:42 - 2014-03-18 04:45 - 00000000 ____D () C:\WINDOWS\ShellNew
2014-09-11 15:38 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-09-11 15:38 - 2012-07-26 00:26 - 00000076 _____ () C:\WINDOWS\win.ini
2014-09-11 10:19 - 2014-08-17 14:34 - 00000000 ____D () C:\Users\Diego\AppData\Roaming\Apple Computer
2014-09-10 19:56 - 2014-08-14 18:10 - 00000000 ____D () C:\Users\Diego\AppData\Roaming\DAEMON Tools Lite
2014-09-08 12:17 - 2014-08-19 17:15 - 00000000 ____D () C:\Users\Diego\Documents\Archivos de Outlook
 
Some content of TEMP:
====================
C:\Users\Diego\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-23 12:34
 
==================== End Of Log ============================

The computer seems to be running fine. Thanks a lot!!



#9 pystryker

pystryker

  • Malware Response Team
  • 730 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:10 PM

Posted 30 September 2014 - 02:58 PM

The computer seems to be running fine. Thanks a lot!!


You're welcome. :) Stay with me, we still have a bit further to go before your machine is fully clean. I'll have further instructions this evening.

Edited by pystryker, 30 September 2014 - 02:58 PM.

I close my topics if there is no response after 3 days. Please PM a moderator or myself to reopen your topic.

Please PM me only if I'm helping you with your computer issues and I have not responded in 2 days. Please remember, I'm a volunteer and sometimes life does get in the way. :)

Please stay with me until I declare your machine clean. Absence of symptoms does not ensure your machine is clean.

If you'd like to make a donation via Paypal, please click here.





#10 pystryker

pystryker

  • Malware Response Team
  • 730 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:10 PM

Posted 30 September 2014 - 07:49 PM

Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.


Step 1: Scan with Malwarebytes


Please download Malwarebytes Anti-Malware to your desktop
Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

MBAMsettings_zpsb6b9ada0.jpg

Go back to the Dashboard and select Scan Now

MBAMScan_zps8ba7d192.jpg

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

MBAMReboot_zps9089ab30.jpg

MBAMLog_zpsade07f42.jpg

On completion of the scan (or after the reboot), start MBAM,

Click History, then Application Logs, then check the Select box by the first Scan Log in the list.

Click View, then click Export, select text file and save to the desktop as MBAM.txt and post in your next reply.



Step 2: Scan with ESET Online Scanner


Please note: You can use Internet Explorer or Firefox for this step. Either browser used will have to be ran in admin mode.

Right click on either the Internet Explorer icon or the Firefox icon in the Start Menu or Quick Launch Bar on the Task bar and select Run as Administrator from the menu.

If you use Firefox, you will be prompted to download esetsmartinstaller_enu.exe. Please do so, then double click it to install it.

Please click on this link and then click the ESET Online Scanner bar ---->esetbar_zps93905f48.jpg
  • Select the option YES, I accept the Terms of Use then click on Start
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked.
  • Make sure that the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
  • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology
  • Now click on Start
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • Now click on Finish
  • Use notepad to open the logfile located at C:\Program Files(x86)\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.
Step 3: SecurityCheck Scan


Download Security Checksecuritycheck_zpsb7736812.jpg by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • NOTE: If SecurityCheck aborts and you get the following message: UNSUPPORTED OPERATING SYSTEM! ABORTED! try rebooting the system and then run SecurityCheck again.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Things I need to see in your next post:

Please post each log as a separate reply to this thread
  • ESET Scan Log
  • MBAM Log
  • SecurityCheck Log

I close my topics if there is no response after 3 days. Please PM a moderator or myself to reopen your topic.

Please PM me only if I'm helping you with your computer issues and I have not responded in 2 days. Please remember, I'm a volunteer and sometimes life does get in the way. :)

Please stay with me until I declare your machine clean. Absence of symptoms does not ensure your machine is clean.

If you'd like to make a donation via Paypal, please click here.





#11 ddourojeanni

ddourojeanni
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:10 PM

Posted 01 October 2014 - 09:57 AM

Hello:

 

ESET Scan Log

 

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=d71213571ea520448b6ae9ce272f9780
# engine=20376
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-10-01 02:48:55
# local_time=2014-10-01 09:48:55 (-0500, Hora est. Pacífico, Sudamérica)
# country="Peru"
# lang=1033
# osver=6.2.9200 NT 
# compatibility_mode_1='Panda Cloud Antivirus'
# compatibility_mode=1552 16777213 75 93 0 197449309 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 4035009 36134628 0 0
# scanned=308659
# found=3
# cleaned=0
# scan_time=48736
sh=11D8A229145A4B4706E3F6E2E53EC917FD0CD4BA ft=0 fh=0000000000000000 vn="ACAD/Medre.A worm" ac=I fn="J:\Antamina\DD Diego\Mis Documentos\Programa Infraestructura\Pozo tubular Huarmey\Expediente Técnico Pozo Huarmey Modificado 15 Agosto 2013\Planos revisados.zip"
sh=932E042070F1567ED5A116E98E3C04D7D07E0681 ft=1 fh=3bf8f6c29b1c29c3 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="J:\Diego\Downloads\ccsetup409-1.exe"
sh=F7511D8F7E2D032A517A400EEA63374798FF4BB0 ft=1 fh=ec17a1732fd24011 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="J:\Diego\Downloads\rcsetup149.exe"

Next, 

  • MBAM Log

Malwarebytes Anti-Malware

www.malwarebytes.org
 
Scan Date: 30/09/2014
Scan Time: 08:02:33 p.m.
Logfile: MBAM.txt
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.10.01.01
Rootkit Database: v2014.09.19.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Casa
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 370462
Time Elapsed: 8 min, 45 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#12 ddourojeanni

ddourojeanni
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:10 PM

Posted 01 October 2014 - 10:01 AM

SecurityCheck Log

 

Results of screen317's Security Check version 0.99.87  

   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Panda Global Protection 2015   
Windows Defender               
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Panda Cloud Cleaner   
 Java 7 Update 67  
 Adobe Flash Player 15.0.0.152  
 Adobe Reader XI  
 Google Chrome 37.0.2062.103  
 Google Chrome 37.0.2062.120  
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 


#13 pystryker

pystryker

  • Malware Response Team
  • 730 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:10 PM

Posted 01 October 2014 - 07:44 PM

Let's get rid of the remnants that ESET found.

Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.


Step1: Fix with FRST
  • Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
  • Right-click in the open notepad and select Paste).
  • Save it on the desktop as fixlist.txt

Start
J:\Antamina\DD Diego\Mis Documentos\Programa Infraestructura\Pozo tubular Huarmey\Expediente Técnico Pozo Huarmey Modificado 15 Agosto 2013\Planos revisados.zip
J:\Diego\Downloads\ccsetup409-1.exe
J:\Diego\Downloads\rcsetup149.exe
End


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.


Run FRST and press the Fix button just once and wait. The tool will make a log on the desktop (Fixlog.txt) please post it in your next reply.

Things I need to see in your next post:

Fixlog.txt Log

I close my topics if there is no response after 3 days. Please PM a moderator or myself to reopen your topic.

Please PM me only if I'm helping you with your computer issues and I have not responded in 2 days. Please remember, I'm a volunteer and sometimes life does get in the way. :)

Please stay with me until I declare your machine clean. Absence of symptoms does not ensure your machine is clean.

If you'd like to make a donation via Paypal, please click here.





#14 ddourojeanni

ddourojeanni
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:10 PM

Posted 02 October 2014 - 03:27 PM

Hello Pystriker

 

Here is the log you asked for:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 26-09-2014
Ran by Casa at 2014-10-02 15:24:07 Run:2
Running from C:\Users\Diego\Desktop
Loaded Profile: Casa (Available profiles: Casa)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
Start
J:\Antamina\DD Diego\Mis Documentos\Programa Infraestructura\Pozo tubular Huarmey\Expediente Técnico Pozo Huarmey Modificado 15 Agosto 2013\Planos revisados.zip
J:\Diego\Downloads\ccsetup409-1.exe
J:\Diego\Downloads\rcsetup149.exe
End
 
 
*****************
 
J:\Antamina\DD Diego\Mis Documentos\Programa Infraestructura\Pozo tubular Huarmey\Expediente Técnico Pozo Huarmey Modificado 15 Agosto 2013\Planos revisados.zip => Moved successfully.
J:\Diego\Downloads\ccsetup409-1.exe => Moved successfully.
J:\Diego\Downloads\rcsetup149.exe => Moved successfully.
 
==== End of Fixlog ====


#15 pystryker

pystryker

  • Malware Response Team
  • 730 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:10 PM

Posted 02 October 2014 - 07:26 PM

Hello :)

Great news, your logs are CLEAN! :thumbsup: :) but we still have a few things we need to address namely:
  • I need to remove the tools we installed on your machine.
  • I also have some tips and information to help protect you in the future.
Step 1: Tool Removal with Delfix and Creation of a clean restore point
  • Download Delfix from here
  • Ensure Remove disinfection tools is ticked
    Also tick:
    • Create registry backup
    • Purge system restore
    delfix.jpg
  • Click Run
The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply.

You can uninstall ESET Online Scanner at this time.

I recommend keeping Malwarebytes Anti-Malware installed. Make sure to update it and run it at least once a week. If it finds things such as PUP's (Potentially Unwanted Programs) you can delete those with no worries. However, if it finds something like a trojan, come see us.


Step 2: Tips, Information, and Optional Installation of UnChecky


Watch what you open in your emails. If you get an email from an unknown source with any attached files, do not open it.

Be careful of the websites you visit.

When installing new programs, don't be "click happy" and click through the screens. Many programs come with adware in them and are set to install them by default. Several programs require that you uncheck or select no to prevent the installation. Take you time and read each screen as you go. :)

To help protect yourself while on the web, I recommend you read How did I get infected in the first place?

Installation of Unchecky

This is a very good little program that will automatically uncheck any boxes during a software installation. This helps prevent the software from installing any malware that is by default checked while the program is being installed.

Click here to be taken to Unchecky.com

Click the very large Download button.

Click Save

Once downloaded, double click the program (Vista, Win 7, and 8, right click and Run as Administrator)

Once open, click the Install button.


unchecky1_zps667e512d.jpg


Then click Finish

unchecky2_zpsca4e7d0d.jpg


Unchecky is now installed and will help you keep unwanted check boxes unchecked. :thumbsup:

I close my topics if there is no response after 3 days. Please PM a moderator or myself to reopen your topic.

Please PM me only if I'm helping you with your computer issues and I have not responded in 2 days. Please remember, I'm a volunteer and sometimes life does get in the way. :)

Please stay with me until I declare your machine clean. Absence of symptoms does not ensure your machine is clean.

If you'd like to make a donation via Paypal, please click here.








0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users