Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unable to connect to the proxy server


  • This topic is locked This topic is locked
44 replies to this topic

#1 Rufo100

Rufo100

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:07:41 PM

Posted 09 October 2014 - 04:24 PM

Hello there:

 

Whoever you are thanks a lot,  to take the time to help me.

 

I have a pc windows 8.1, 64 bits, seems that i have security problem, i can't use internet explorer, i can't use google earth, or Chrome, just Firefox. I have run avira, malwarebytes and they haven't fixed the problem , help please.Attached File  malware.txt   1.02KB   3 downloads



BC AdBot (Login to Remove)

 


#2 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,158 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:08:41 AM

Posted 10 October 2014 - 10:22 PM

Hello Rufo100 and welcome to BleepingComputer!       :)

 

My name is Sirawit and I'm here to help you.

 

Please note that I'm currently in training and my fixes need to be check for approval first, that may delay our fix a bit, but I will normally reply back in 24 hours.

 

If I don't reply after 2 days, feel free to PM me.       :)

==========================================================================

Some points for you to keep in mind:

  • Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planned. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.
  • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Do not attach logs or use code boxes, just copy and paste the text.
  • Periodically update me on the condition of your computer, and provide detail in every post.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • Once things seem to be working again, please do not abandon the thread. I will give an "all-clean" message at the very end with some additional information on how to stay malware-free.
  • Lastly, I would like to remind you that most members here are volunteers, and sometimes "real life" can get in the way of our malware hunt. I will notify you if I know I will need to be away for longer than 48 hours.

==========================================================================


Farbar Recovery Scan Tool (FRST)

  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop.
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should.
  • Double click the icon.
  • Click Yes to the disclaimer.
  • Make sure the Addition.txt box is checked.
  • Click Scan and allow the program to run.
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen.
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#3 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,158 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:08:41 AM

Posted 13 October 2014 - 09:10 PM

It had been three days since my last reply. Are you still there?

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#4 Rufo100

Rufo100
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:07:41 PM

Posted 14 October 2014 - 06:43 PM

Thank you very much and I'm very sorry for the delay, I was away, but I'm back. Here is what i got.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-10-2014
Ran by Usuario1 (administrator) on HOME on 14-10-2014 18:35:42
Running from C:\Users\Usuario1\Desktop
Loaded Profiles: Usuario1 &  (Available profiles: Usuario1)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Acresso Software Inc.) C:\Program Files (x86)\ArcGIS\License10.0\bin\lmgrd.exe
(Acresso Software Inc.) C:\Program Files (x86)\ArcGIS\License10.0\bin\lmgrd.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Acresso Software Inc.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
() C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(ESRI) C:\Program Files (x86)\ArcGIS\License10.0\bin\ARCGIS.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(BitTorrent Inc.) C:\Users\Usuario1\AppData\Roaming\uTorrent\uTorrent.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHLL.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-11-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\RunOnce: [EasyTuneVI] => C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe [40960 2012-07-09] ()
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001\...\Run: [uTorrent] => C:\Users\Usuario1\AppData\Roaming\uTorrent\uTorrent.exe [1859152 2014-08-01] (BitTorrent Inc.)
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001\...\Run: [Epson Stylus TX230] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLL.EXE [232448 2011-01-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001\...\Run: [EPSON3302EF (Epson Stylus TX230)] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLL.EXE [232448 2011-01-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001\...\Run: [GoogleChromeAutoLaunch_799DBF94D1A449045C5C3D51CA15ABA5] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808 2014-09-22] (Google Inc.)
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [uTorrent] => C:\Users\Usuario1\AppData\Roaming\uTorrent\uTorrent.exe [1859152 2014-08-01] (BitTorrent Inc.)
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Epson Stylus TX230] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLL.EXE [232448 2011-01-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EPSON3302EF (Epson Stylus TX230)] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLL.EXE [232448 2011-01-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_799DBF94D1A449045C5C3D51CA15ABA5] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808 2014-09-22] (Google Inc.)
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {32c94a1e-1b53-11e4-825e-1c6f658a24ab} - "K:\AurLaunch\LaunchScreen.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (Tonec Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.prodigy.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0912050E1FADCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es-MX
SearchScopes: HKCU - DefaultScope {8761DCE9-7B12-46A3-BFDF-D915F9758713} URL = https://mx.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=811891&p={searchTerms}
SearchScopes: HKCU - {8761DCE9-7B12-46A3-BFDF-D915F9758713} URL = https://mx.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=811891&p={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO: PrivDog Extension -> {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} -> C:\Program Files\AdTrustMedia\PrivDog\2.2.0.14\trustedads.dll (AdTrustMedia)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{79297320-0A40-4C04-B507-9C0489284F32}: [NameServer] 162.221.181.52,107.155.112.105,185.61.148.223,8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Usuario1\AppData\Roaming\Mozilla\Firefox\Profiles\4vk3sf5t.default
FF Keyword.URL: https://mx.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=811891&p=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF SearchPlugin: C:\Users\Usuario1\AppData\Roaming\Mozilla\Firefox\Profiles\4vk3sf5t.default\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\drae.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-es.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-es.xml
FF Extension: Avira Browser Safety - C:\Users\Usuario1\AppData\Roaming\Mozilla\Firefox\Profiles\4vk3sf5t.default\Extensions\abs@avira.com [2014-09-30]
FF Extension: Roomy Bookmarks Toolbar - C:\Users\Usuario1\AppData\Roaming\Mozilla\Firefox\Profiles\4vk3sf5t.default\Extensions\ALone-live@ya.ru.xpi [2014-09-17]
FF Extension: Duplicate in Tab Context Menu - C:\Users\Usuario1\AppData\Roaming\Mozilla\Firefox\Profiles\4vk3sf5t.default\Extensions\DuplicateInTabContext@schuzak.jp.xpi [2014-09-06]
FF Extension: GDrive Panel - C:\Users\Usuario1\AppData\Roaming\Mozilla\Firefox\Profiles\4vk3sf5t.default\Extensions\gdrivepanel@alejandrobrizuela.com.ar.xpi [2014-08-19]
FF Extension: Save as PDF - C:\Users\Usuario1\AppData\Roaming\Mozilla\Firefox\Profiles\4vk3sf5t.default\Extensions\save-as-pdf-ff@pdfcrowd.com.xpi [2014-09-06]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Usuario1\AppData\Roaming\Mozilla\Firefox\Profiles\4vk3sf5t.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2014-08-02]
FF Extension: Adblock Plus - C:\Users\Usuario1\AppData\Roaming\Mozilla\Firefox\Profiles\4vk3sf5t.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-02]
FF HKCU\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Usuario1\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Usuario1\AppData\Roaming\IDM\idmmzcc5 [2014-08-03]
FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Usuario1\AppData\Roaming\IDM\idmmzcc5

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "https://google.com.mx/", "hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN", "hxxp://mx.yahoo.com?fr=fpc-comodo", "hxxp://search.b1.org/?bsrc=hmcor&chid=c162341", "", "hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=MX&userid=7b0fe9a4-8181-425b-b12a-3002bec783b9&searchtype=hp&installDate=26/04/2013", "hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=MX&userid=7b0fe9a4-8181-425b-b12a-3002bec783b9&searchtype=hp&installDate=26/04/2013"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dewey Bookmarks) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aahpfefkmihhdabllidnlipghcjgpkdm [2014-08-05]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2014-07-31]
CHR Extension: (Instant Notifications for Gmail) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\adlgnpfgagimgadbaboilkbdnhbpegmd [2014-07-31]
CHR Extension: (Torrent Search) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\afbpdhiclgghnffhkinjikglgmolhpee [2014-07-31]
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2014-07-31]
CHR Extension: (iStoryBooks) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\anbmgijcnihjphndkjglleofcnohhkkl [2014-07-31]
CHR Extension: (Google Docs) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-31]
CHR Extension: (Google Drive) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-31]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-26]
CHR Extension: (Keeper Web App) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnglfciifmgnafcgkkngkeopldlialb [2014-07-31]
CHR Extension: (4Shared Assistant) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blimndomboblbleeepfbhonajddgnpic [2014-07-31]
CHR Extension: (YouTube) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-31]
CHR Extension: (DuckDuckGo for Chrome) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao [2014-07-31]
CHR Extension: (TOEFL Essay Practice) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ceeicgdpllljlklonpkbhjighniifjij [2014-07-31]
CHR Extension: (Adblock Plus) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-31]
CHR Extension: (Ratings Preview for YouTube™) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbhdenfmgbagncdmgbholejjpmmiank [2014-07-31]
CHR Extension: (Anatomy 3D) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknbmnbaidbnmgbgmjhkegbcoegddeen [2014-07-31]
CHR Extension: (Google Search) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-31]
CHR Extension: (Flag for Chrome) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpojpfdiliekbbiplijcphappgcgjfn [2014-07-31]
CHR Extension: (Read Later Fast) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\decdfngdidijkdjgbknlnepdljfaepji [2014-07-31]
CHR Extension: (Google Calendar) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-07-31]
CHR Extension: (WordLayer Vocabulary) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\eljchjdhchemgkgaofhodhdkfnalpdhp [2014-07-31]
CHR Extension: (Common Core Math 1-6 by Sokikom) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\eombmpplkjplkhbgaochnmgkhlnkmomb [2014-07-31]
CHR Extension: (Avira Browser Safety) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-09-26]
CHR Extension: (AdBlock) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-21]
CHR Extension: (Planner 5D) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjfkgdpkecnmfcgfpfibpcnkeakahllc [2014-07-31]
CHR Extension: (Save to Google Drive) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2014-07-31]
CHR Extension: (Isoball 3) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajlkcpgcnbhfhpdeooockfaincfkjjj [2014-07-31]
CHR Extension: (IDM Integration Module) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2014-08-03]
CHR Extension: (MeeGenius! Children's Books) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhfhmaajajcjoijfaceafiembkmhcddc [2014-07-31]
CHR Extension: (Word Joust) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jijjjopeepgneiiamhahbmlnhcomdbml [2014-07-31]
CHR Extension: (Coordinates) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kahliknbfelbmndacbdademgailcockh [2014-07-31]
CHR Extension: (SparkChess 7) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\khgabmflimjjbclkmljlpmgaleanedem [2014-07-31]
CHR Extension: (Save as PDF) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdjmbiefanbdgnkcikhllpmjnnllbbc [2014-07-31]
CHR Extension: (BugMeNot Lite) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb [2014-07-31]
CHR Extension: (Google Maps) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-07-31]
CHR Extension: (3D Solar System Web) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdaaepplopehigjgkolniddiadbbkphd [2014-07-31]
CHR Extension: (English vocabulary) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgmklfohhllfpjjmjejencmaodgiknmj [2014-07-31]
CHR Extension: (Quick Note) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok [2014-07-31]
CHR Extension: (Google Play Books) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2014-07-31]
CHR Extension: (Do It (Tomorrow)) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfagjoblnoeagfhfhohcdklnddjaiglo [2014-07-31]
CHR Extension: (Google Wallet) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-31]
CHR Extension: (Click&Clean App) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2014-07-31]
CHR Extension: (Learn Portuguese Free - PortuguesePod101.com) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pehhnjcaajmakfljacomgihcjdekaonf [2014-07-31]
CHR Extension: (English Adventure 1) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflfajjbomhaicconbmnnnmndifemadh [2014-07-31]
CHR Extension: (Weather Underground) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej [2014-07-31]
CHR Extension: (Gmail) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-31]
CHR Extension: (Google Similar Pages) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjnfggphgdjblhfjaphkjhfpiiekbbej [2014-07-31]
CHR Extension: (Browser QuickLinks) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\plpjogfhobhpdcmcblieglnoooccfcmm [2014-07-31]
CHR Extension: (Learn Alphabet and Numbers) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\podikmghblokmmdgoilcnnpgogaocoal [2014-07-31]
CHR HKLM-x32\...\Chrome\Extension: [cmaiofennmphjldldcpphcechfnnohja] - C:\Program Files (x86)\AdTrustMedia\PrivDog\PrivDog_chrome.crx []
CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-05-15]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-11-16] (Advanced Micro Devices, Inc.) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-14] (Avira Operations GmbH & Co. KG)
R2 ArcGIS License Manager; C:\Program Files (x86)\ArcGIS\License10.0\bin\lmgrd.exe [1500424 2008-11-06] (Acresso Software Inc.)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-10-09] (SurfRight B.V.)
S3 ICCS; C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-21] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-08-15] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-08-04] (Disc Soft Ltd)
R3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-10-14] ()
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
S3 WinDivert1.1; \??\C:\Program Files\KMSpico\WinDivert.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-14 18:35 - 2014-10-14 18:36 - 00028022 _____ () C:\Users\Usuario1\Desktop\FRST.txt
2014-10-14 18:35 - 2014-10-14 18:35 - 00000000 ____D () C:\FRST
2014-10-14 18:32 - 2014-10-14 18:32 - 02110464 _____ (Farbar) C:\Users\Usuario1\Desktop\FRST64.exe
2014-10-14 16:43 - 2014-10-14 16:43 - 00000794 _____ () C:\Windows\setupact.log
2014-10-14 16:43 - 2014-10-14 16:43 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-09 21:06 - 2014-10-09 21:09 - 18587865 _____ () C:\Users\Usuario1\Downloads\Como hacer un circuito de fuerza.flv
2014-10-09 19:41 - 2014-10-09 19:45 - 27421464 _____ () C:\Users\Usuario1\Downloads\Instalación Eléctrica Residencial (Servicio Monofásico 110 volts).flv
2014-10-09 19:01 - 2014-10-09 19:02 - 17037873 _____ () C:\Users\Usuario1\Downloads\Como controlar una lámpara con dos apagadores de escalera (Método de Corto Circuito) 2da Parte.flv
2014-10-09 16:21 - 2014-10-09 16:21 - 00001049 _____ () C:\Users\Usuario1\Desktop\malware.txt
2014-10-09 11:01 - 2014-10-09 11:01 - 00001909 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-10-09 11:01 - 2014-10-09 11:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-10-09 11:01 - 2014-10-09 11:01 - 00000000 ____D () C:\Program Files\HitmanPro
2014-10-06 16:16 - 2014-10-06 16:23 - 229957003 _____ () C:\Users\Usuario1\Downloads\math-e222-L01-20030915.flv
2014-09-29 13:53 - 2014-09-29 13:53 - 00411078 ____R () C:\Users\Usuario1\Downloads\Cleland, John - Fanny Hill (r1.0 EPL).epub
2014-09-28 13:14 - 2014-09-28 13:15 - 00280576 _____ () C:\Windows\Minidump\092814-26328-01.dmp
2014-09-28 13:14 - 2014-09-28 13:14 - 532430974 _____ () C:\Windows\MEMORY.DMP
2014-09-28 13:13 - 2014-10-09 11:06 - 00000548 _____ () C:\Windows\system32\.crusader
2014-09-28 13:07 - 2014-09-28 13:07 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-09-28 10:34 - 2014-09-28 10:34 - 00687452 _____ () C:\Users\Usuario1\Downloads\Payno Manuel Bandidos de R+¡o Fr+¡o.pdb
2014-09-28 09:17 - 2014-09-28 09:17 - 00000000 ____D () C:\Windows\ERUNT
2014-09-28 08:52 - 2014-10-09 11:13 - 00000000 ____D () C:\AdwCleaner
2014-09-27 13:29 - 2014-09-27 19:24 - 00000000 ____D () C:\Mapas
2014-09-27 12:45 - 2014-09-27 12:45 - 00000000 ____D () C:\e14d32
2014-09-27 12:45 - 2014-09-27 12:45 - 00000000 ____D () C:\e14d22
2014-09-27 11:29 - 2014-09-27 12:23 - 00000000 ____D () C:\Users\Usuario1\Desktop\Mapas
2014-09-27 11:07 - 2014-10-09 11:14 - 00006486 _____ () C:\Windows\PFRO.log
2014-09-27 09:38 - 2014-10-09 15:09 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-27 09:38 - 2014-09-27 09:38 - 00001118 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-27 09:38 - 2014-09-27 09:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-27 09:38 - 2014-09-27 09:38 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-27 09:38 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-27 09:38 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-27 09:38 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-27 09:33 - 2014-09-27 09:33 - 00041540 _____ () C:\Users\Usuario1\Documents\cc_20140927_093302.reg
2014-09-26 14:20 - 2014-09-26 14:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-26 14:20 - 2014-09-26 14:20 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-26 14:20 - 2014-09-26 14:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-26 14:18 - 2014-08-25 17:27 - 04148736 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-26 14:18 - 2014-08-15 23:08 - 21195616 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-26 14:18 - 2014-08-15 23:08 - 01507648 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-09-26 14:18 - 2014-08-15 23:01 - 01710184 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-09-26 14:18 - 2014-08-15 22:58 - 01112512 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-09-26 14:18 - 2014-08-15 22:57 - 02498880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-09-26 14:18 - 2014-08-15 22:57 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-09-26 14:18 - 2014-08-15 22:16 - 18722600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-09-26 14:18 - 2014-08-15 22:16 - 01205976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-09-26 14:18 - 2014-08-15 22:03 - 01467384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-09-26 14:18 - 2014-08-15 20:31 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-09-26 14:18 - 2014-08-15 20:04 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2014-09-26 14:18 - 2014-08-15 19:58 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2014-09-26 14:18 - 2014-08-15 19:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2014-09-26 14:18 - 2014-08-15 19:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll
2014-09-26 14:18 - 2014-08-15 19:45 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2014-09-26 14:18 - 2014-08-15 19:43 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2014-09-26 14:18 - 2014-08-15 19:43 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2014-09-26 14:18 - 2014-08-15 19:31 - 00914432 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-09-26 14:18 - 2014-08-15 19:31 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
2014-09-26 14:18 - 2014-08-15 19:29 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-26 14:18 - 2014-08-15 19:23 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-09-26 14:18 - 2014-08-15 19:22 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-09-26 14:18 - 2014-08-15 19:22 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-09-26 14:18 - 2014-08-15 19:20 - 00921600 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-09-26 14:18 - 2014-08-15 19:19 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-26 14:18 - 2014-08-15 19:18 - 04758528 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-09-26 14:18 - 2014-08-15 19:17 - 08757760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-09-26 14:18 - 2014-08-15 19:14 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-09-26 14:18 - 2014-08-15 19:13 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-09-26 14:18 - 2014-08-15 19:13 - 05902848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-09-26 14:18 - 2014-08-15 19:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-09-26 14:18 - 2014-08-15 19:11 - 00920064 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-09-26 14:18 - 2014-08-15 19:11 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-09-26 14:18 - 2014-08-15 19:10 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-09-26 14:18 - 2014-08-15 19:08 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-09-26 14:18 - 2014-08-15 19:07 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-09-26 14:18 - 2014-07-31 18:22 - 00388729 _____ () C:\Windows\system32\ApnDatabase.xml
2014-09-26 14:17 - 2014-08-28 20:58 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-09-26 14:17 - 2014-08-28 20:32 - 02779136 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-09-26 14:17 - 2014-08-28 19:59 - 03117568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-09-26 14:17 - 2014-08-28 18:56 - 02646016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-26 14:17 - 2014-08-28 18:47 - 02321920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-09-26 13:00 - 2014-10-14 08:41 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-09-26 08:14 - 2014-06-23 18:08 - 01601992 _____ (Avira Operations GmbH & Co. KG) C:\Users\Usuario1\Desktop\fusebundle.exe
2014-09-26 08:14 - 2013-03-13 12:45 - 00001337 _____ () C:\Users\Usuario1\Desktop\fusebundle.conf
2014-09-26 00:13 - 2014-09-26 00:20 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-26 00:13 - 2014-09-26 00:19 - 00001153 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-26 00:12 - 2014-09-26 00:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-26 00:12 - 2014-09-26 00:12 - 00002086 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-09-26 00:12 - 2014-09-26 00:12 - 00000000 ____D () C:\Users\Usuario1\AppData\Roaming\Avira
2014-09-26 00:11 - 2014-10-14 08:41 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-09-26 00:11 - 2014-10-14 08:41 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-09-26 00:11 - 2014-09-26 00:19 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-26 00:11 - 2014-09-26 00:13 - 00000000 ____D () C:\ProgramData\Avira
2014-09-26 00:11 - 2014-08-15 14:47 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-09-25 23:06 - 2014-09-25 23:06 - 00000000 ____D () C:\Windows\pss
2014-09-25 09:43 - 2014-09-25 10:46 - 00000000 ____D () C:\Users\Usuario1\Desktop\GPSClass
2014-09-24 20:39 - 2014-09-24 20:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-24 20:38 - 2014-09-26 13:55 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit
2014-09-24 12:40 - 2014-09-24 12:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
2014-09-24 12:37 - 2014-09-24 12:37 - 00000000 ____D () C:\AMD
2014-09-24 10:02 - 2014-09-24 10:50 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-09-24 10:02 - 2014-09-24 09:52 - 11194928 _____ (SurfRight B.V.) C:\Users\Usuario1\Desktop\HitmanPro_x64.exe
2014-09-24 09:20 - 2014-09-24 09:20 - 09447761 _____ () C:\Users\Usuario1\Downloads\Dierks Bentley - Come A Little Closer.mp4
2014-09-23 12:25 - 2014-09-23 18:48 - 14114082 _____ () C:\Users\Usuario1\Downloads\escalerar3a.skb
2014-09-23 12:04 - 2014-09-24 00:15 - 14090525 _____ () C:\Users\Usuario1\Downloads\escalerar3a.skp
2014-09-23 12:01 - 2014-09-23 12:02 - 13765021 _____ () C:\Users\Usuario1\Downloads\escalerar3.skp
2014-09-22 13:29 - 2014-09-22 13:29 - 00002216 _____ () C:\Users\Public\Desktop\Style Builder 2.lnk
2014-09-22 13:29 - 2014-09-22 13:29 - 00002130 _____ () C:\Users\Public\Desktop\LayOut 3.lnk
2014-09-22 13:29 - 2014-09-22 13:29 - 00002041 _____ () C:\Users\Public\Desktop\Google SketchUp 8.lnk
2014-09-22 13:29 - 2014-09-22 13:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google SketchUp 8
2014-09-20 20:25 - 2014-09-20 20:28 - 00000000 ____D () C:\Users\Usuario1\Desktop\musica3
2014-09-18 15:49 - 2014-09-18 18:03 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-09-18 15:49 - 2014-09-18 18:02 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-18 15:49 - 2014-09-18 15:49 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-09-17 23:51 - 2014-09-17 23:51 - 00000000 ____D () C:\HuexoapaUsoSuelo
2014-09-16 13:30 - 2014-10-14 17:45 - 01514020 _____ () C:\Windows\WindowsUpdate.log
2014-09-16 13:07 - 2014-09-16 13:07 - 00030436 _____ () C:\Users\Usuario1\Documents\cc_20140916_130723.reg
2014-09-15 08:04 - 2014-10-14 08:39 - 00000004 _____ () C:\Windows\SysWOW64\GVTunner.ref
2014-09-14 09:47 - 2014-07-24 10:07 - 07424320 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-09-14 09:47 - 2014-07-24 10:03 - 02141920 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-09-14 09:47 - 2014-07-24 08:36 - 02145472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-09-14 09:47 - 2014-07-24 04:44 - 16874496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-09-14 09:47 - 2014-07-24 04:16 - 12730880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-09-14 09:47 - 2014-07-24 03:53 - 01261056 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-09-14 09:47 - 2014-07-24 03:32 - 01532416 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-09-14 09:47 - 2014-07-24 03:21 - 01231872 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2014-09-14 09:47 - 2014-07-24 02:43 - 02696704 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-09-14 09:47 - 2014-07-24 02:28 - 01600000 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2014-09-14 09:47 - 2014-06-14 01:03 - 02389504 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-14 09:47 - 2014-06-14 00:46 - 02071552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-14 09:46 - 2014-07-24 10:28 - 00468288 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-09-14 09:46 - 2014-07-24 10:28 - 00419648 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-09-14 09:46 - 2014-07-24 10:28 - 00412992 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-09-14 09:46 - 2014-07-24 10:28 - 00280384 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2014-09-14 09:46 - 2014-07-24 10:28 - 00143680 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-09-14 09:46 - 2014-07-24 10:25 - 00054752 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-14 09:46 - 2014-07-24 10:23 - 01519488 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-09-14 09:46 - 2014-07-24 10:23 - 00125472 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2014-09-14 09:46 - 2014-07-24 10:20 - 00645592 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-09-14 09:46 - 2014-07-24 10:20 - 00263400 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2014-09-14 09:46 - 2014-07-24 10:16 - 02574208 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-09-14 09:46 - 2014-07-24 10:16 - 00211216 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2014-09-14 09:46 - 2014-07-24 10:07 - 02009920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-09-14 09:46 - 2014-07-24 10:05 - 01660048 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-09-14 09:46 - 2014-07-24 10:05 - 01519560 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-09-14 09:46 - 2014-07-24 10:05 - 01488008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-09-14 09:46 - 2014-07-24 10:05 - 01356840 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-09-14 09:46 - 2014-07-24 10:03 - 00882136 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-09-14 09:46 - 2014-07-24 10:03 - 00818624 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2014-09-14 09:46 - 2014-07-24 10:03 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-09-14 09:46 - 2014-07-24 10:03 - 00233888 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-09-14 09:46 - 2014-07-24 10:03 - 00205512 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll
2014-09-14 09:46 - 2014-07-24 09:57 - 00475968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-09-14 09:46 - 2014-07-24 08:50 - 00098048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-09-14 09:46 - 2014-07-24 08:48 - 02410976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-09-14 09:46 - 2014-07-24 08:48 - 00180208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe
2014-09-14 09:46 - 2014-07-24 08:46 - 00477200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-09-14 09:46 - 2014-07-24 08:36 - 00707536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-09-14 09:46 - 2014-07-24 08:36 - 00674512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-09-14 09:46 - 2014-07-24 08:36 - 00355800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2014-09-14 09:46 - 2014-07-24 08:36 - 00180720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll
2014-09-14 09:46 - 2014-07-24 06:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDRUM.DLL
2014-09-14 09:46 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-09-14 09:46 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-09-14 09:46 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-09-14 09:46 - 2014-07-24 06:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-09-14 09:46 - 2014-07-24 06:46 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-09-14 09:46 - 2014-07-24 06:45 - 00076800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-09-14 09:46 - 2014-07-24 06:44 - 00674816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-09-14 09:46 - 2014-07-24 06:43 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-09-14 09:46 - 2014-07-24 06:42 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-09-14 09:46 - 2014-07-24 06:42 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NdisImPlatform.sys
2014-09-14 09:46 - 2014-07-24 06:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2014-09-14 09:46 - 2014-07-24 06:33 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-09-14 09:46 - 2014-07-24 06:33 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-09-14 09:46 - 2014-07-24 06:06 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\iasnap.dll
2014-09-14 09:46 - 2014-07-24 06:05 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
2014-09-14 09:46 - 2014-07-24 06:05 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-09-14 09:46 - 2014-07-24 05:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-09-14 09:46 - 2014-07-24 05:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRUM.DLL
2014-09-14 09:46 - 2014-07-24 05:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-09-14 09:46 - 2014-07-24 05:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-09-14 09:46 - 2014-07-24 05:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-09-14 09:46 - 2014-07-24 05:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersGPExt.dll
2014-09-14 09:46 - 2014-07-24 05:33 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-09-14 09:46 - 2014-07-24 05:32 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
2014-09-14 09:46 - 2014-07-24 05:20 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2014-09-14 09:46 - 2014-07-24 05:18 - 01089024 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-09-14 09:46 - 2014-07-24 05:12 - 00878592 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2014-09-14 09:46 - 2014-07-24 05:10 - 01844224 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2014-09-14 09:46 - 2014-07-24 05:10 - 00834560 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-09-14 09:46 - 2014-07-24 05:10 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-09-14 09:46 - 2014-07-24 05:10 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasnap.dll
2014-09-14 09:46 - 2014-07-24 05:09 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-09-14 09:46 - 2014-07-24 05:06 - 00438272 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2014-09-14 09:46 - 2014-07-24 05:05 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2014-09-14 09:46 - 2014-07-24 04:58 - 00785408 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2014-09-14 09:46 - 2014-07-24 04:54 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll
2014-09-14 09:46 - 2014-07-24 04:53 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2014-09-14 09:46 - 2014-07-24 04:52 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2014-09-14 09:46 - 2014-07-24 04:42 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2014-09-14 09:46 - 2014-07-24 04:40 - 00557056 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll
2014-09-14 09:46 - 2014-07-24 04:39 - 00770048 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2014-09-14 09:46 - 2014-07-24 04:33 - 01741824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2014-09-14 09:46 - 2014-07-24 04:32 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2014-09-14 09:46 - 2014-07-24 04:27 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-09-14 09:46 - 2014-07-24 04:27 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-09-14 09:46 - 2014-07-24 04:25 - 00832512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
2014-09-14 09:46 - 2014-07-24 04:24 - 01817088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2014-09-14 09:46 - 2014-07-24 04:23 - 00328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2014-09-14 09:46 - 2014-07-24 04:21 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-09-14 09:46 - 2014-07-24 04:18 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wlansvcpal.dll
2014-09-14 09:46 - 2014-07-24 04:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2014-09-14 09:46 - 2014-07-24 04:12 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2014-09-14 09:46 - 2014-07-24 04:11 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-09-14 09:46 - 2014-07-24 04:11 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2014-09-14 09:46 - 2014-07-24 04:10 - 00540672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2014-09-14 09:46 - 2014-07-24 04:04 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll
2014-09-14 09:46 - 2014-07-24 04:04 - 00183808 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
2014-09-14 09:46 - 2014-07-24 04:03 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-09-14 09:46 - 2014-07-24 04:02 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-09-14 09:46 - 2014-07-24 03:58 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
2014-09-14 09:46 - 2014-07-24 03:53 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2014-09-14 09:46 - 2014-07-24 03:49 - 01361408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-09-14 09:46 - 2014-07-24 03:49 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2014-09-14 09:46 - 2014-07-24 03:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2014-09-14 09:46 - 2014-07-24 03:48 - 00659968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2014-09-14 09:46 - 2014-07-24 03:47 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2014-09-14 09:46 - 2014-07-24 03:43 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshbth.dll
2014-09-14 09:46 - 2014-07-24 03:39 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2014-09-14 09:46 - 2014-07-24 03:38 - 00371200 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-09-14 09:46 - 2014-07-24 03:30 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2014-09-14 09:46 - 2014-07-24 03:29 - 00439296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2014-09-14 09:46 - 2014-07-24 03:28 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2014-09-14 09:46 - 2014-07-24 03:23 - 01404416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2014-09-14 09:46 - 2014-07-24 03:22 - 00487936 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-09-14 09:46 - 2014-07-24 03:21 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-09-14 09:46 - 2014-07-24 03:20 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2014-09-14 09:46 - 2014-07-24 03:19 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-09-14 09:46 - 2014-07-24 03:18 - 01144320 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2014-09-14 09:46 - 2014-07-24 03:18 - 00795136 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-09-14 09:46 - 2014-07-24 03:16 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
2014-09-14 09:46 - 2014-07-24 03:16 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2014-09-14 09:46 - 2014-07-24 03:15 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-09-14 09:46 - 2014-07-24 03:15 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2014-09-14 09:46 - 2014-07-24 03:15 - 00432128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2014-09-14 09:46 - 2014-07-24 03:10 - 01029632 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-09-14 09:46 - 2014-07-24 03:10 - 00889344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-09-14 09:46 - 2014-07-24 03:10 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-09-14 09:46 - 2014-07-24 03:10 - 00371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-09-14 09:46 - 2014-07-24 03:08 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2014-09-14 09:46 - 2014-07-24 03:08 - 00162816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2014-09-14 09:46 - 2014-07-24 03:07 - 01705472 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-14 09:46 - 2014-07-24 03:05 - 00448000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2014-09-14 09:46 - 2014-07-24 03:04 - 00667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-09-14 09:46 - 2014-07-24 03:02 - 03465216 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-14 09:46 - 2014-07-24 03:01 - 01992192 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-09-14 09:46 - 2014-07-24 02:58 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2014-09-14 09:46 - 2014-07-24 02:58 - 00288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2014-09-14 09:46 - 2014-07-24 02:54 - 01290752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-09-14 09:46 - 2014-07-24 02:50 - 01182208 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2014-09-14 09:46 - 2014-07-24 02:49 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2014-09-14 09:46 - 2014-07-24 02:47 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2014-09-14 09:46 - 2014-07-24 02:44 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
2014-09-14 09:46 - 2014-07-24 02:43 - 00200192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2014-09-14 09:46 - 2014-07-24 02:41 - 00459264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2014-09-14 09:46 - 2014-07-24 02:33 - 03360768 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-09-14 09:46 - 2014-07-23 23:11 - 00513544 _____ () C:\Windows\SysWOW64\locale.nls
2014-09-14 09:46 - 2014-07-23 23:11 - 00513544 _____ () C:\Windows\system32\locale.nls
2014-09-14 09:46 - 2014-07-12 00:55 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll
2014-09-14 09:46 - 2014-07-12 00:23 - 00436224 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-09-14 09:46 - 2014-07-11 23:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll
2014-09-14 09:46 - 2014-07-11 23:33 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-09-14 09:46 - 2014-07-11 23:13 - 01417216 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-14 09:46 - 2014-07-04 07:59 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-09-14 09:46 - 2014-07-04 05:29 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll
2014-09-14 09:46 - 2014-07-04 05:20 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2014-09-14 09:46 - 2014-07-04 05:06 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
2014-09-14 09:46 - 2014-07-04 05:00 - 01351168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2014-09-14 09:46 - 2014-07-04 04:30 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2014-09-14 09:46 - 2014-07-04 04:27 - 00474112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2014-09-14 09:46 - 2014-06-27 01:22 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-09-14 09:46 - 2014-06-25 19:32 - 01029632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-09-14 09:46 - 2014-06-25 19:29 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
2014-09-14 09:46 - 2014-06-19 18:37 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-09-14 09:46 - 2014-06-18 21:13 - 00310080 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-09-14 09:46 - 2014-06-07 07:46 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2014-09-14 09:46 - 2014-06-07 05:20 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2014-09-14 09:46 - 2014-06-05 09:00 - 01118040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-09-14 09:46 - 2014-06-05 05:18 - 01018368 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
2014-09-14 09:46 - 2014-06-05 04:42 - 00889856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
2014-09-14 09:46 - 2014-05-31 00:00 - 01463808 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2014-09-14 09:46 - 2014-05-30 23:18 - 01319936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2014-09-14 09:46 - 2014-05-29 01:23 - 00427008 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-09-14 09:46 - 2014-05-29 00:25 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-09-14 09:46 - 2014-05-29 00:20 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-09-14 09:46 - 2014-05-28 23:36 - 00344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-09-14 09:46 - 2014-05-26 02:26 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2014-09-14 09:46 - 2014-05-10 05:12 - 00387896 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2014-09-14 09:46 - 2014-05-10 03:46 - 00335680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2014-09-14 09:46 - 2014-05-05 23:41 - 00486744 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2014-09-14 09:46 - 2014-05-05 19:55 - 00391000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2014-09-14 09:46 - 2014-03-24 21:27 - 00160600 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2014-09-14 09:46 - 2014-03-24 21:27 - 00123920 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2014-09-14 09:46 - 2014-03-24 20:20 - 00128568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2014-09-14 09:46 - 2014-03-24 20:20 - 00127544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2014-09-14 09:45 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTT102.DLL
2014-09-14 09:45 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-09-14 09:45 - 2014-07-24 06:47 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-09-14 09:45 - 2014-07-24 06:22 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2014-09-14 09:45 - 2014-07-24 05:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTT102.DLL
2014-09-14 09:45 - 2014-07-24 05:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-09-14 09:45 - 2014-07-24 04:14 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2014-09-14 09:45 - 2014-07-24 03:36 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
2014-09-14 09:45 - 2014-07-24 03:18 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-09-14 09:45 - 2014-07-24 03:13 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2014-09-14 09:45 - 2014-07-24 03:06 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-09-14 09:45 - 2014-07-24 03:00 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2014-09-14 09:23 - 2014-08-23 02:48 - 02374784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-09-14 09:23 - 2014-08-23 02:13 - 02084520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-09-14 09:23 - 2014-08-22 23:34 - 13423104 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-09-14 09:23 - 2014-08-22 23:33 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-09-14 09:23 - 2014-08-22 23:20 - 11818496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-09-14 09:22 - 2014-08-23 01:10 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-09-14 09:22 - 2014-08-23 00:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-09-14 09:22 - 2014-08-22 23:44 - 02860032 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-09-14 09:22 - 2014-08-22 23:31 - 01038336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-09-14 08:57 - 2014-07-29 20:56 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2014-09-14 08:57 - 2014-07-29 00:22 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2014-09-14 08:44 - 2014-08-14 19:36 - 00146752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-14 18:32 - 2014-08-01 08:52 - 00000000 ____D () C:\Users\Usuario1\AppData\Roaming\uTorrent
2014-10-14 18:11 - 2014-08-02 10:28 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-14 18:04 - 2014-09-03 22:59 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-14 18:00 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\sru
2014-10-14 17:23 - 2014-07-31 19:37 - 00000000 ____D () C:\Users\Usuario1\AppData\Roaming\ClassicShell
2014-10-14 17:01 - 2014-07-31 19:17 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-14 16:52 - 2014-08-03 00:49 - 00000000 ____D () C:\Users\Usuario1\AppData\Roaming\DMCache
2014-10-14 15:40 - 2014-07-31 19:25 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{A296206B-BF14-4832-8EFC-EDA871D75F99}
2014-10-14 15:15 - 2014-08-02 17:09 - 20647936 ___SH () C:\Users\Usuario1\Documents\Thumbs.db
2014-10-14 11:23 - 2014-07-31 19:25 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2189552084-2033204020-3239810638-1001
2014-10-14 09:02 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-14 08:52 - 2014-08-02 21:52 - 00005028 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Home-Usuario1 Home
2014-10-14 08:41 - 2014-09-03 23:02 - 00002201 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-14 08:41 - 2014-09-03 22:59 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-14 08:39 - 2014-08-12 20:47 - 00000000 ___RD () C:\Users\Usuario1\OneDrive
2014-10-14 08:39 - 2014-08-04 23:50 - 00030528 _____ () C:\Windows\GVTDrv64.sys
2014-10-14 08:39 - 2014-08-04 23:47 - 00025640 _____ (Windows ® Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-10-13 20:41 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-10-10 18:00 - 2014-08-01 11:40 - 00000330 _____ () C:\Windows\Tasks\Flash Update.job
2014-10-10 14:53 - 2014-07-31 23:34 - 00000000 ____D () C:\Users\Usuario1\AppData\Roaming\vlc
2014-10-09 11:14 - 2013-08-22 09:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-09 11:13 - 2013-08-22 08:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-10-06 16:12 - 2014-08-01 12:47 - 00337408 ___SH () C:\Users\Usuario1\Desktop\Thumbs.db
2014-10-06 13:48 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-10-06 12:47 - 2014-08-01 12:34 - 00000000 ____D () C:\ProgramData\EPSON
2014-10-02 17:12 - 2014-08-03 00:49 - 00000000 ____D () C:\Users\Usuario1\AppData\Roaming\IDM
2014-09-30 22:57 - 2014-08-21 16:38 - 00000000 _____ () C:\Windows\SysWOW64\router.xml
2014-09-29 12:01 - 2014-08-10 12:00 - 00000000 ____D () C:\Users\Usuario1\Downloads\Computer Gadget & Tablet Magazines - August 9 2014 (True PDF)
2014-09-29 12:01 - 2014-08-06 21:44 - 00132608 ___SH () C:\Users\Usuario1\Downloads\Thumbs.db
2014-09-29 12:01 - 2014-07-31 19:20 - 00000000 ____D () C:\Users\Usuario1\AppData\Local\Packages
2014-09-28 18:24 - 2014-07-31 19:18 - 00000000 ____D () C:\Users\Usuario1
2014-09-28 18:14 - 2014-08-05 12:24 - 00000000 ____D () C:\Program Files\Blender Foundation
2014-09-28 13:14 - 2014-09-07 08:25 - 00000000 ____D () C:\Windows\Minidump
2014-09-28 13:03 - 2014-09-08 21:50 - 00000000 ____D () C:\ProgramData\TP-LINK
2014-09-28 13:03 - 2014-08-01 12:33 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-28 10:12 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\rescache
2014-09-27 13:39 - 2014-09-06 17:16 - 00000000 ____D () C:\Tlapashp
2014-09-27 12:46 - 2014-08-03 00:49 - 00000000 ____D () C:\Users\Usuario1\Downloads\Compressed
2014-09-27 11:22 - 2014-08-11 09:00 - 00000000 ____D () C:\Users\Usuario1\Desktop\SAS.Planet.Release.131111
2014-09-26 15:16 - 2014-07-31 21:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2014-09-26 14:26 - 2013-08-22 09:44 - 00540752 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-26 14:22 - 2013-08-22 10:36 - 00000000 ___RD () C:\Windows\ToastData
2014-09-26 14:22 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\WinStore
2014-09-26 14:18 - 2013-08-22 10:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-09-26 00:06 - 2014-07-31 20:47 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-25 11:32 - 2014-08-02 10:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-24 12:40 - 2014-08-01 15:02 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-09-24 12:39 - 2014-08-01 15:03 - 00000000 ____D () C:\ProgramData\AMD
2014-09-22 13:29 - 2014-07-31 20:04 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-18 18:02 - 2014-08-01 11:46 - 00000085 _____ () C:\Windows\wininit.ini
2014-09-18 17:45 - 2014-08-01 12:33 - 00000950 _____ () C:\Users\Public\Desktop\EPSON Scan.lnk
2014-09-16 14:34 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\Speech
2014-09-14 22:52 - 2013-08-22 14:11 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-14 22:52 - 2013-08-22 10:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-09-14 22:52 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-14 22:52 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-14 22:52 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
2014-09-14 22:52 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod
2014-09-14 22:52 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\setup
2014-09-14 22:52 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-09-14 22:52 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\oobe
2014-09-14 13:23 - 2014-08-01 09:21 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-09-14 13:23 - 2014-08-01 09:17 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-14 11:04 - 2014-08-05 10:03 - 00025640 _____ (Windows ® Server 2003 DDK provider) C:\Windows\etdrv.sys

Some content of TEMP:
====================
C:\Users\Usuario1\AppData\Local\Temp\avgnt.exe
C:\Users\Usuario1\AppData\Local\Temp\HitmanPro.exe
C:\Users\Usuario1\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-03 13:40

==================== End Of Log ============================

 

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-10-2014
Ran by Usuario1 at 2014-10-14 18:37:03
Running from C:\Users\Usuario1\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32354 - BitTorrent Inc.)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{A731A859-7426-DEB6-80A3-E6A2508DC85A}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
ArcGIS Desktop 10 (HKLM-x32\...\ArcGIS Desktop 10) (Version: 10.0.2414 - Environmental Systems Research Institute, Inc.)
ArcGIS Desktop 10 (x32 Version: 10.0.2414 - Environmental Systems Research Institute, Inc.) Hidden
ArcGIS License Manager 10 (HKLM-x32\...\ArcGIS License Manager 10) (Version: 10.0.2414 - Environmental Systems Research Institute, Inc.)
ArcGIS License Manager 10 (x32 Version: 10.0.2414 - Environmental Systems Research Institute, Inc.) Hidden
Auslogics Duplicate File Finder (HKLM-x32\...\{6845255F-15CC-4DD1-94D5-D38F370118B3}_is1) (Version: 3.5.4.0 - Auslogics Labs Pty Ltd)
Avira (HKLM-x32\...\{70e83cd8-4bd5-4039-ab5a-6b94a8abb641}) (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira)
Brain Workshop 4.8.1 (HKLM-x32\...\Brain Workshop_is1) (Version: 4.8.1 - Paul Hoskinson & Jonathan Toomim)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0806.1213.19931 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9719DFA1-7CB0-422E-98AE-C77FD3426BE8}) (Version:  - Microsoft)
Easy Tune 6 B13.1211.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B13.1211.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Eines de correcció del Microsoft Office 2013: català (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON TX230 Series Printer Uninstall (HKLM\...\EPSON TX230 Series) (Version:  - SEIKO EPSON Corporation)
Ferramentas de verificación de Microsoft Office 2013 - Galego (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.1.618 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Earth (HKLM-x32\...\{A2264E8F-1649-11E3-8BED-B8AC6F98CCE3}) (Version: 7.1.2.2019 - Google)
Google SketchUp Pro 8 (HKLM-x32\...\{5AA2BF91-440A-49E8-A2F4-A5CE4F94606D}) (Version: 3.0.3198 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.225 - SurfRight B.V.)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Access MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office zuzenketa-tresnak 2013 - Euskara (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Word MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.3 (x86 es-ES) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 es-ES)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
OziExplorer 3.95 (HKLM-x32\...\OziExplorer 3.95_is1) (Version:  - )
PrivDog (HKLM-x32\...\PrivDog) (Version: 2.2.0.14 - privdog.com)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
SAP2000 16 (HKLM-x32\...\{76898544-7B92-4942-B257-F19F474929AB}) (Version: 16.0.0 - Computers and Structures, Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Software Updater (HKLM-x32\...\{6DFBE8A2-CDBF-453E-B34C-32F202FCEE4C}) (Version: 4.2.1 - SEIKO EPSON CORPORATION)
TELL ME MORE (HKLM-x32\...\TMM90) (Version:  - )
Update for Microsoft Excel 2013 (KB2889861) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6A34D28A-A780-405D-BF1A-F054542A37C8}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2889861) 64-Bit Edition (HKLM\...\{90150000-0016-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{6A34D28A-A780-405D-BF1A-F054542A37C8}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2889861) 64-Bit Edition (HKLM\...\{90150000-0018-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{6A34D28A-A780-405D-BF1A-F054542A37C8}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2889861) 64-Bit Edition (HKLM\...\{90150000-001B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{6A34D28A-A780-405D-BF1A-F054542A37C8}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2889861) 64-Bit Edition (HKLM\...\{90150000-00C1-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{6A34D28A-A780-405D-BF1A-F054542A37C8}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2881083) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{5274B9DA-BC82-4400-9B7D-1CC2BDF7BBE5}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2889860) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{75FECCEB-66B8-4376-8A25-6137D30D3C93}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2889860) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{75FECCEB-66B8-4376-8A25-6137D30D3C93}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2889860) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{75FECCEB-66B8-4376-8A25-6137D30D3C93}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760249) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{7A4AB8E1-C091-4BD3-B308-844BA6EE752A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0016-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D692E9FF-84BF-4F44-A0EA-D58ECE0D538E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881001) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{DF1B7B95-4A86-4605-A628-556394B5580A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881009) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3033838D-15E0-4199-8CBD-A7F2057AE653}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0016-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0090-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881039) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C675FC43-E413-49A7-B3DC-44967B4FE22D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881081) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3BE27413-9FFE-4AB1-9013-344E111E718F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E919ACF4-A1D7-4CAA-A103-5EB115563721}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883049) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{39D9DAC1-16A7-430A-B2F3-4D3D000454D0}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0403-1000-0000000FF1CE}_Office15.PROPLUS_{EA528E89-5C30-44C2-8EBA-FEA7B4F73E22}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F9C35D99-CA8E-4D17-B785-66AC654D5664}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{18C53DCB-FA98-4A7B-BC2E-6DA30D4E4901}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}_Office15.PROPLUS_{49B25930-F28E-4693-B6B9-F94885693F16}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-042D-1000-0000000FF1CE}_Office15.PROPLUS_{2538C77B-1287-40B6-9C13-B9B8D9D0963D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0456-1000-0000000FF1CE}_Office15.PROPLUS_{9FD97A64-17E8-4D0B-8328-A28EA46090C9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{6E2862B8-C10A-4FD0-9B82-8D9761301AAA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889848) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A9D59DD4-0591-447A-AEEB-DC1FEE5502BF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889848) 64-Bit Edition (HKLM\...\{90150000-006E-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{A9D59DD4-0591-447A-AEEB-DC1FEE5502BF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889848) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A9D59DD4-0591-447A-AEEB-DC1FEE5502BF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889862) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CC0535B0-340B-4740-A63D-DBBE389DC83A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889862) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CC0535B0-340B-4740-A63D-DBBE389DC83A}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-00BA-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-00C1-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00A1-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2881011) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{679E6BE6-50D5-4D94-A10E-CB4FE1C5695B}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2881011) 64-Bit Edition (HKLM\...\{90150000-001A-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{679E6BE6-50D5-4D94-A10E-CB4FE1C5695B}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2889847) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{7F1008C2-8C87-497F-B6D8-56B53DA0FAB3}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2889847) 64-Bit Edition (HKLM\...\{90150000-0018-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{7F1008C2-8C87-497F-B6D8-56B53DA0FAB3}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0019-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2889852) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{01839F84-E94C-4E47-BEBE-95DF9CAE5FF3}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2889852) 64-Bit Edition (HKLM\...\{90150000-001A-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{01839F84-E94C-4E47-BEBE-95DF9CAE5FF3}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2889852) 64-Bit Edition (HKLM\...\{90150000-001B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{01839F84-E94C-4E47-BEBE-95DF9CAE5FF3}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2889852) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{01839F84-E94C-4E47-BEBE-95DF9CAE5FF3}) (Version:  - Microsoft)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

28-09-2014 18:03:24 Removed TP-LINK Wireless Configuration Utility and Driver
09-10-2014 16:06:01 Checkpoint by HitmanPro

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0191642D-BBD5-48FB-8F91-690C272DC0F9} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {041E7532-87A5-4F1C-BE7D-5D76526763B7} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {085F6CF3-FB9A-4130-9020-D10A70D5FE7E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-09-11] (Microsoft Corporation)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1921399D-BB51-438B-B9C2-7F85A769133E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-03] (Google Inc.)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {262B4C49-E9A8-4996-B420-F01B095DD3C4} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3DCE00AC-49BC-41B9-B663-3B12C38020DB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {42E5AF11-C11C-4391-87E0-CEEDF3AA8B73} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5AC14BC1-82DB-408D-9985-C6AC583036F9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated)
Task: {69F5FCCA-5AFE-4350-92BE-B12E7E3967F7} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9EC364D9-8B3A-425C-8DFC-BD5A84A02503} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A9727A53-FD3E-41EE-9092-4671372F43AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-03] (Google Inc.)
Task: {AAA1BA6C-0A41-4AAC-A045-ECFC62576380} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {B5802072-D76F-4189-8BBA-06E4AB7423AD} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Home-Usuario1 Home => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2014-07-27] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E68F4E13-7EFE-4CD6-BB11-5C24EA6854A9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F1C1E75A-3D9D-458B-BBF0-E18F6CB34B97} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {FBE6D35E-7281-4048-A678-3A3CF0D0DF4B} - System32\Tasks\Flash Update => Wscript.exe //nologo //B C:\Windows\update.js
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Flash Update.job => C:\Windows\system32\wscript.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-11-16 16:27 - 2012-11-16 16:27 - 00211968 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-03-05 16:03 - 2012-03-05 16:03 - 00677376 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-02-16 14:53 - 2012-02-16 14:53 - 03642880 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2012-11-16 16:27 - 2012-11-16 16:27 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2012-01-13 14:04 - 2012-01-13 14:04 - 00219760 _____ () C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
2014-08-27 15:00 - 2014-08-27 15:00 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00066864 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2013-11-14 10:32 - 2013-11-14 10:32 - 02887751 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Normal.dll
2013-11-05 11:07 - 2013-11-05 11:07 - 00651327 _____ () C:\Program Files (x86)\GIGABYTE\ET6\work.dll
2013-11-06 17:59 - 2013-11-06 17:59 - 01335358 _____ () C:\Program Files (x86)\GIGABYTE\ET6\HM.dll
2013-03-23 10:59 - 2013-03-23 10:59 - 01433674 _____ () C:\Program Files (x86)\GIGABYTE\ET6\GVTunner.dll
2003-02-14 14:11 - 2003-02-14 14:11 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Sound.dll
2013-11-01 10:29 - 2013-11-01 10:29 - 01318984 _____ () C:\Program Files (x86)\GIGABYTE\ET6\AMD8.dll
2013-09-13 15:26 - 2013-09-13 15:26 - 01331266 _____ () C:\Program Files (x86)\GIGABYTE\ET6\SF.dll
2008-05-07 15:22 - 2008-05-07 15:22 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\ET6\CIAMIB.dll
2012-05-08 15:01 - 2012-05-08 15:01 - 00069632 _____ () C:\Program Files (x86)\GIGABYTE\ET6\GPTT.dll
2011-10-18 09:26 - 2011-10-18 09:26 - 00024576 _____ () C:\Program Files (x86)\GIGABYTE\ET6\STT.dll
2013-11-05 13:12 - 2013-11-05 13:12 - 01499200 _____ () C:\Program Files (x86)\GIGABYTE\ET6\OCK.dll
2012-11-27 15:03 - 2012-11-27 15:03 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\ET6\ycc.dll
2013-05-24 00:50 - 2013-05-24 00:50 - 03860520 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Platform.dll
2010-06-24 15:50 - 2010-06-24 15:50 - 00094208 _____ () C:\Program Files (x86)\GIGABYTE\ET6\IccLibDll.dll
2011-03-01 19:00 - 2011-03-01 19:00 - 00126976 _____ () C:\Program Files (x86)\GIGABYTE\ET6\StabilityLib.dll
2013-05-24 00:50 - 2013-05-24 00:50 - 00579616 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Device.dll
2013-12-09 17:21 - 2013-12-09 17:21 - 00311296 _____ () C:\Program Files (x86)\GIGABYTE\ET6\MFCCPU.DLL
2014-09-24 21:06 - 2014-09-22 23:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
2014-09-24 21:06 - 2014-09-22 23:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll
2014-09-24 21:06 - 2014-09-22 23:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
2014-09-24 21:06 - 2014-09-22 23:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
2014-09-24 21:06 - 2014-09-22 23:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll
2014-09-24 20:39 - 2014-09-24 20:39 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-09-26 00:13 - 2014-08-27 15:00 - 00052472 _____ () C:\Users\Usuario1\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Usuario1\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-2189552084-2033204020-3239810638-500 - Administrator - Disabled)
Guest (S-1-5-21-2189552084-2033204020-3239810638-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2189552084-2033204020-3239810638-1003 - Limited - Enabled)
Usuario1 (S-1-5-21-2189552084-2033204020-3239810638-1001 - Administrator - Enabled) => C:\Users\Usuario1

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/14/2014 08:42:05 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (10/14/2014 08:42:05 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/13/2014 08:42:10 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=TimerEvent

Error: (10/13/2014 08:41:49 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/13/2014 08:41:41 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=2

Error: (10/13/2014 08:41:33 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/10/2014 08:16:52 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/10/2014 01:27:47 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/10/2014 01:27:42 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (10/10/2014 01:27:36 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable


System errors:
=============
Error: (10/14/2014 02:21:38 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer USER-HP
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{6027A33E-58C5-42F1-BEA2-2A19FEFB0510}.
The master browser is stopping or an election is being forced.

Error: (10/14/2014 00:43:14 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer USER-HP
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{6027A33E-58C5-42F1-BEA2-2A19FEFB0510}.
The master browser is stopping or an election is being forced.

Error: (10/14/2014 08:39:41 AM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: )
Description: Encrypted volume check: Volume information on M: cannot be read.

Error: (10/13/2014 08:39:05 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP      :1d" could not be registered on the interface with IP address 192.168.1.71.
The computer with the IP address 192.168.1.79 did not allow the name to be claimed by
this computer.

Error: (10/10/2014 01:25:04 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP      :1d" could not be registered on the interface with IP address 192.168.1.65.
The computer with the IP address 192.168.1.66 did not allow the name to be claimed by
this computer.

Error: (10/09/2014 00:04:38 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer ALE-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{79297320-0A40-4C04-B507-9C0489284F32}.
The master browser is stopping or an election is being forced.

Error: (10/09/2014 11:13:47 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AMD FUEL Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (10/09/2014 11:08:55 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The HitmanPro 3.7 Crusader (Boot) service terminated with the following service-specific error:
%%0

Error: (10/09/2014 11:06:55 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AMD FUEL Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (10/09/2014 11:06:32 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for DeleteFlag with the following error:
%%5


Microsoft Office Sessions:
=========================
Error: (10/14/2014 08:42:05 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (10/14/2014 08:42:05 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/13/2014 08:42:10 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=TimerEvent

Error: (10/13/2014 08:41:49 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/13/2014 08:41:41 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=2

Error: (10/13/2014 08:41:33 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/10/2014 08:16:52 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/10/2014 01:27:47 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/10/2014 01:27:42 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (10/10/2014 01:27:36 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable


CodeIntegrity Errors:
===================================
  Date: 2014-09-26 12:54:25.083
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-26 12:47:37.850
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-26 12:32:46.658
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-26 07:43:02.125
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-26 00:57:47.673
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-26 00:26:11.652
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-26 00:08:41.752
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-26 00:01:58.843
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-25 23:53:49.306
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-25 23:49:35.906
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: AMD Phenom™ II X4 955 Processor
Percentage of memory in use: 36%
Total physical RAM: 7677.55 MB
Available physical RAM: 4865.89 MB
Total Pagefile: 15357.55 MB
Available Pagefile: 11661.79 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:297.75 GB) (Free:200.15 GB) NTFS
Drive i: (RUFO1) (Removable) (Total:11.02 GB) (Free:0.49 GB) FAT32
Drive k: (DV_L900EN10) (CDROM) (Total:3.08 GB) (Free:0 GB) CDFS
Drive l: (RUF7) (Removable) (Total:14.53 GB) (Free:3.43 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: E642E3F8)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=297.7 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (Size: 14.5 GB) (Disk ID: 0006F932)
Partition 1: (Active) - (Size=11 GB) - (Type=0C)
Partition 2: (Not Active) - (Size=3.5 GB) - (Type=05)

========================================================
Disk: 6 (MBR Code: Windows XP) (Size: 14.5 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=14.5 GB) - (Type=0C)

==================== End Of Log ============================



#5 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,158 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:08:41 AM

Posted 16 October 2014 - 04:17 AM

Hi rufo100.

 

:step1: Going over your logs I noticed that you have uTorrent installed.

  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall uTorrent, however that choice is up to you. If you choose to remove these programs, you can do so viaStart > Control Panel > Add/Remove Programs.

If you wish to keep it, please do not use it until your computer is cleaned.

 

-----------------

 

:step2: Please download DeFogger and save it to your desktop.

  • Once downloaded, double-click on the DeFogger icon to start the tool.
  • The application window will appear.
  • You should now click on the Disable button to disable your CD Emulation drivers.
  • When it prompts you whether or not you want to continue, please click on the Yes button to continue.
  • When the program has completed you will see a Finished! message. Click on the OK button to exit the program.
  • If CD Emulation programs are present and have been disabled, DeFogger will now ask you to reboot the machine. Please allow it to do so by clicking on the OK button.

---------------

 

:step3: Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database, please wait a bit.
  • Click on I agree button.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

-------------

 

:step4: thisisujrt.gif  Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

------------

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#6 Rufo100

Rufo100
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:07:41 PM

Posted 16 October 2014 - 09:17 AM

Hello Sirawit:

 

Here is what it happened:

 

On the step 2

 

defogger, after the Finished! message, I  clicked OK button to exit the program, but it didn't asked me to reboot my machine, I have win8.1 though.

¿Should I continue with the process?

 

 

 

 

 

 

 

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 09:09 on 16/10/2014 (Usuario1)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-



#7 Rufo100

Rufo100
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:07:41 PM

Posted 16 October 2014 - 06:31 PM

Ok, I went ahead and I ran the others two. Here is what I got:

 

# AdwCleaner v4.000 - Report created 16/10/2014 at 18:12:04
# DB v
# Updated 12/10/2014 by Xplode
# Operating System : Windows 8.1 Pro  (64 bits)
# Username : Usuario1 - HOME
# Running from : C:\Users\Usuario1\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17278


-\\ Mozilla Firefox v33.0 (x86 es-ES)


-\\ Google Chrome v37.0.2062.124

Deleted [Search Provider] : hxxp://searchab.com/?aff=7&uid=08456068-7d50-11e2-99f3-1c6f658a24ab&q={searchTerms}

*************************

AdwCleaner[R0].txt - [1304 octets] - [28/09/2014 08:52:26]
AdwCleaner[R1].txt - [1052 octets] - [30/09/2014 10:42:33]
AdwCleaner[R2].txt - [1173 octets] - [30/09/2014 22:45:43]
AdwCleaner[R3].txt - [1293 octets] - [01/10/2014 21:10:53]
AdwCleaner[R4].txt - [1414 octets] - [03/10/2014 13:14:51]
AdwCleaner[R5].txt - [1474 octets] - [04/10/2014 09:43:58]
AdwCleaner[R6].txt - [1594 octets] - [06/10/2014 13:07:01]
AdwCleaner[R7].txt - [1714 octets] - [09/10/2014 11:11:58]
AdwCleaner[R8].txt - [1652 octets] - [16/10/2014 18:01:56]
AdwCleaner[S0].txt - [1373 octets] - [28/09/2014 09:09:37]
AdwCleaner[S1].txt - [1114 octets] - [30/09/2014 10:43:52]
AdwCleaner[S2].txt - [1235 octets] - [30/09/2014 22:55:13]
AdwCleaner[S3].txt - [1355 octets] - [01/10/2014 21:12:16]
AdwCleaner[S4].txt - [1535 octets] - [04/10/2014 09:44:58]
AdwCleaner[S5].txt - [1655 octets] - [06/10/2014 13:08:41]
AdwCleaner[S6].txt - [1775 octets] - [09/10/2014 11:13:21]
AdwCleaner[S7].txt - [1679 octets] - [16/10/2014 18:12:04]

########## EOF - C:\AdwCleaner\AdwCleaner[S7].txt - [1739 octets] ##########
 

 

 

 

 

 

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.14.2014:1)
OS: Windows 8.1 Pro x64
Ran by Usuario1 on 16/10/2014 at 18:22:48.28
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] "C:\Windows\wininit.ini"



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Usuario1\AppData\Roaming\mozilla\firefox\profiles\4vk3sf5t.default\minidumps [5 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16/10/2014 at 18:24:55.33
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#8 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,158 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:08:41 AM

Posted 17 October 2014 - 02:18 AM

Hi Rufo100.

 

Please download Malwarebytes Anti-Malware photo.jpg?sz=48 and save it to your desktop.

  • Double-click on the setup file (mbam-setup.exe), then click on Run to install.
  • Malwarebytes will automatically open to it's Dashboard. If you have never run this version, you should see a red note at the top indicating "A scan has never been run on your system"

    malwarebytes-anti-malware-fix-now.jpg
    .
  • Click on Update Now to download the current database definitions, then click the Scan Now >> button.
    .
  • If you have run this version before, you should see a green note at the top indicating "Your system is fully protected".
  • You will be prompted to update Malwarebytes...click on the Update Now button.

    malwarebytes-anti-malware-2-0-update-now
    .
  • The THREAT SCAN will automatically begin.

    malwarebytes-anti-malware-scan.jpg
    .
  • When the scan has completed, the results will be displayed. Click on Quarantine All, then click on Apply Actions.

    malwarebytes-anti-malware-potential-thre
    .
  • To complete any actions taken you will be prompted to restart your computer...click on YesFailure to reboot normally will prevent Malwarebytes from removing all the malware.

    mbam4_zps490948cc.png
    .
  • After rebooting the computer, copy and paste the mbam.log in your next reply.

.
To retrieve the Malwarebytes Anti-Malware 2.0 scan log information (Method 1)

  • Open Malwarebytes Anti-Malware.
  • Click the History Tab at the top and select Application Logs.
  • Select (check) the box next to Scan Log. Choose the most current scan.
  • Click the View button.
  • Click Copy to Clipboard at the bottom...come back to this thread, click Add Reply, then right-click and choose Paste.
  • Alternatively, you can click Export and save the log as a .txt file on your Desktop or another location.
  • Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

To retrieve the Malwarebytes Anti-Malware 2.0 scan log information (Method 2)

  • Open Malwarebytes Anti-Malware.
  • Click the Scan Tab at the top.
  • Click the View detailed log link on the right.
  • Click Copy to Clipboard at the bottom...come back to this thread, click Add Reply, then right-click and choose Paste.
  • Alternatively, you can click Export and save the log as a .txt file on your Desktop or another location.
  • Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

Logs are named by the date of scan in the following format: mbam-log-yyyy-mm-dd and automatically saved to the following locations:
-- XP: C:\Documents and Settings\<Username>\Application Data\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-yyyy-mm-dd
-- Vista, Windows 7/8: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-yyyy-mm-dd

 

-----------------

 

After you finished running MBAM, please create new log file with FRST again.

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#9 Rufo100

Rufo100
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:07:41 PM

Posted 17 October 2014 - 08:16 AM

Hi Sirawit:

 

Here is what I got:

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 17/10/2014
Scan Time: 07:42:30 a. m.
Logfile:
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.10.17.04
Rootkit Database: v2014.10.15.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Usuario1

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 332699
Time Elapsed: 15 min, 29 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

 

 

 

 

 

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-10-2014
Ran by Usuario1 (administrator) on HOME on 17-10-2014 08:12:13
Running from C:\Users\Usuario1\Desktop
Loaded Profiles: Usuario1 &  (Available profiles: Usuario1)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Acresso Software Inc.) C:\Program Files (x86)\ArcGIS\License10.0\bin\lmgrd.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Acresso Software Inc.) C:\Program Files (x86)\ArcGIS\License10.0\bin\lmgrd.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Acresso Software Inc.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
() C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(ESRI) C:\Program Files (x86)\ArcGIS\License10.0\bin\ARCGIS.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(BitTorrent Inc.) C:\Users\Usuario1\AppData\Roaming\uTorrent\uTorrent.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHLL.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Farbar) C:\Users\Usuario1\Desktop\FRST64_2.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-11-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\RunOnce: [EasyTuneVI] => C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe [40960 2012-07-09] ()
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001\...\Run: [uTorrent] => C:\Users\Usuario1\AppData\Roaming\uTorrent\uTorrent.exe [1859152 2014-08-01] (BitTorrent Inc.)
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001\...\Run: [Epson Stylus TX230] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLL.EXE [232448 2011-01-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001\...\Run: [EPSON3302EF (Epson Stylus TX230)] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLL.EXE [232448 2011-01-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001\...\Run: [GoogleChromeAutoLaunch_799DBF94D1A449045C5C3D51CA15ABA5] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808 2014-09-22] (Google Inc.)
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [uTorrent] => C:\Users\Usuario1\AppData\Roaming\uTorrent\uTorrent.exe [1859152 2014-08-01] (BitTorrent Inc.)
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Epson Stylus TX230] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLL.EXE [232448 2011-01-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EPSON3302EF (Epson Stylus TX230)] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLL.EXE [232448 2011-01-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_799DBF94D1A449045C5C3D51CA15ABA5] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808 2014-09-22] (Google Inc.)
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [uTorrent] => C:\Users\Usuario1\AppData\Roaming\uTorrent\uTorrent.exe [1859152 2014-08-01] (BitTorrent Inc.)
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Epson Stylus TX230] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLL.EXE [232448 2011-01-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [EPSON3302EF (Epson Stylus TX230)] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLL.EXE [232448 2011-01-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [GoogleChromeAutoLaunch_799DBF94D1A449045C5C3D51CA15ABA5] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808 2014-09-22] (Google Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (Tonec Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.prodigy.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0912050E1FADCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es-MX
SearchScopes: HKCU - {8761DCE9-7B12-46A3-BFDF-D915F9758713} URL = https://mx.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=811891&p={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO: PrivDog Extension -> {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} -> C:\Program Files\AdTrustMedia\PrivDog\2.2.0.14\trustedads.dll (AdTrustMedia)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{79297320-0A40-4C04-B507-9C0489284F32}: [NameServer] 162.221.181.52,107.155.112.105,185.61.148.223,8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Usuario1\AppData\Roaming\Mozilla\Firefox\Profiles\4vk3sf5t.default
FF Keyword.URL: https://mx.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=811891&p=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF SearchPlugin: C:\Users\Usuario1\AppData\Roaming\Mozilla\Firefox\Profiles\4vk3sf5t.default\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\drae.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-es.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-es.xml
FF Extension: Avira Browser Safety - C:\Users\Usuario1\AppData\Roaming\Mozilla\Firefox\Profiles\4vk3sf5t.default\Extensions\abs@avira.com [2014-09-30]
FF Extension: Roomy Bookmarks Toolbar - C:\Users\Usuario1\AppData\Roaming\Mozilla\Firefox\Profiles\4vk3sf5t.default\Extensions\ALone-live@ya.ru.xpi [2014-09-17]
FF Extension: Duplicate in Tab Context Menu - C:\Users\Usuario1\AppData\Roaming\Mozilla\Firefox\Profiles\4vk3sf5t.default\Extensions\DuplicateInTabContext@schuzak.jp.xpi [2014-09-06]
FF Extension: GDrive Panel - C:\Users\Usuario1\AppData\Roaming\Mozilla\Firefox\Profiles\4vk3sf5t.default\Extensions\gdrivepanel@alejandrobrizuela.com.ar.xpi [2014-08-19]
FF Extension: Save as PDF - C:\Users\Usuario1\AppData\Roaming\Mozilla\Firefox\Profiles\4vk3sf5t.default\Extensions\save-as-pdf-ff@pdfcrowd.com.xpi [2014-09-06]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Usuario1\AppData\Roaming\Mozilla\Firefox\Profiles\4vk3sf5t.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2014-08-02]
FF Extension: Adblock Plus - C:\Users\Usuario1\AppData\Roaming\Mozilla\Firefox\Profiles\4vk3sf5t.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-02]
FF HKCU\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Usuario1\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Usuario1\AppData\Roaming\IDM\idmmzcc5 [2014-08-03]
FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Usuario1\AppData\Roaming\IDM\idmmzcc5

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "https://google.com.mx/", "hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN", "hxxp://mx.yahoo.com?fr=fpc-comodo", "hxxp://search.b1.org/?bsrc=hmcor&chid=c162341", "", "hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=MX&userid=7b0fe9a4-8181-425b-b12a-3002bec783b9&searchtype=hp&installDate=26/04/2013", "hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=MX&userid=7b0fe9a4-8181-425b-b12a-3002bec783b9&searchtype=hp&installDate=26/04/2013"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dewey Bookmarks) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aahpfefkmihhdabllidnlipghcjgpkdm [2014-08-05]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2014-07-31]
CHR Extension: (Instant Notifications for Gmail) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\adlgnpfgagimgadbaboilkbdnhbpegmd [2014-07-31]
CHR Extension: (Torrent Search) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\afbpdhiclgghnffhkinjikglgmolhpee [2014-07-31]
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2014-07-31]
CHR Extension: (iStoryBooks) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\anbmgijcnihjphndkjglleofcnohhkkl [2014-07-31]
CHR Extension: (Google Docs) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-31]
CHR Extension: (Google Drive) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-31]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-26]
CHR Extension: (Keeper Web App) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnglfciifmgnafcgkkngkeopldlialb [2014-07-31]
CHR Extension: (4Shared Assistant) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blimndomboblbleeepfbhonajddgnpic [2014-07-31]
CHR Extension: (YouTube) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-31]
CHR Extension: (DuckDuckGo for Chrome) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao [2014-07-31]
CHR Extension: (TOEFL Essay Practice) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ceeicgdpllljlklonpkbhjighniifjij [2014-07-31]
CHR Extension: (Adblock Plus) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-31]
CHR Extension: (Ratings Preview for YouTube™) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbhdenfmgbagncdmgbholejjpmmiank [2014-07-31]
CHR Extension: (Anatomy 3D) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknbmnbaidbnmgbgmjhkegbcoegddeen [2014-07-31]
CHR Extension: (Google Search) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-31]
CHR Extension: (Flag for Chrome) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpojpfdiliekbbiplijcphappgcgjfn [2014-07-31]
CHR Extension: (Read Later Fast) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\decdfngdidijkdjgbknlnepdljfaepji [2014-07-31]
CHR Extension: (Google Calendar) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-07-31]
CHR Extension: (WordLayer Vocabulary) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\eljchjdhchemgkgaofhodhdkfnalpdhp [2014-07-31]
CHR Extension: (Common Core Math 1-6 by Sokikom) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\eombmpplkjplkhbgaochnmgkhlnkmomb [2014-07-31]
CHR Extension: (Avira Browser Safety) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-09-26]
CHR Extension: (AdBlock) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-21]
CHR Extension: (Planner 5D) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjfkgdpkecnmfcgfpfibpcnkeakahllc [2014-07-31]
CHR Extension: (Save to Google Drive) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2014-07-31]
CHR Extension: (Isoball 3) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajlkcpgcnbhfhpdeooockfaincfkjjj [2014-07-31]
CHR Extension: (IDM Integration Module) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2014-08-03]
CHR Extension: (MeeGenius! Children's Books) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhfhmaajajcjoijfaceafiembkmhcddc [2014-07-31]
CHR Extension: (Word Joust) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jijjjopeepgneiiamhahbmlnhcomdbml [2014-07-31]
CHR Extension: (Coordinates) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kahliknbfelbmndacbdademgailcockh [2014-07-31]
CHR Extension: (SparkChess 7) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\khgabmflimjjbclkmljlpmgaleanedem [2014-07-31]
CHR Extension: (Save as PDF) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdjmbiefanbdgnkcikhllpmjnnllbbc [2014-07-31]
CHR Extension: (BugMeNot Lite) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb [2014-07-31]
CHR Extension: (Google Maps) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-07-31]
CHR Extension: (3D Solar System Web) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdaaepplopehigjgkolniddiadbbkphd [2014-07-31]
CHR Extension: (English vocabulary) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgmklfohhllfpjjmjejencmaodgiknmj [2014-07-31]
CHR Extension: (Quick Note) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok [2014-07-31]
CHR Extension: (Google Play Books) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2014-07-31]
CHR Extension: (Do It (Tomorrow)) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfagjoblnoeagfhfhohcdklnddjaiglo [2014-07-31]
CHR Extension: (Google Wallet) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-31]
CHR Extension: (Click&Clean App) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2014-07-31]
CHR Extension: (Learn Portuguese Free - PortuguesePod101.com) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pehhnjcaajmakfljacomgihcjdekaonf [2014-07-31]
CHR Extension: (English Adventure 1) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflfajjbomhaicconbmnnnmndifemadh [2014-07-31]
CHR Extension: (Weather Underground) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej [2014-07-31]
CHR Extension: (Gmail) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-31]
CHR Extension: (Google Similar Pages) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjnfggphgdjblhfjaphkjhfpiiekbbej [2014-07-31]
CHR Extension: (Browser QuickLinks) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\plpjogfhobhpdcmcblieglnoooccfcmm [2014-07-31]
CHR Extension: (Learn Alphabet and Numbers) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\podikmghblokmmdgoilcnnpgogaocoal [2014-07-31]
CHR HKLM-x32\...\Chrome\Extension: [cmaiofennmphjldldcpphcechfnnohja] - C:\Program Files (x86)\AdTrustMedia\PrivDog\PrivDog_chrome.crx []
CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-05-15]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-11-16] (Advanced Micro Devices, Inc.) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-14] (Avira Operations GmbH & Co. KG)
R2 ArcGIS License Manager; C:\Program Files (x86)\ArcGIS\License10.0\bin\lmgrd.exe [1500424 2008-11-06] (Acresso Software Inc.)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
S3 ICCS; C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-21] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-08-15] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-08-04] (Disc Soft Ltd)
R3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-10-17] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-10-17] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
S3 WinDivert1.1; \??\C:\Program Files\KMSpico\WinDivert.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-17 08:12 - 2014-10-17 08:12 - 00028882 _____ () C:\Users\Usuario1\Desktop\FRST.txt
2014-10-17 08:05 - 2014-10-17 08:05 - 02112000 _____ (Farbar) C:\Users\Usuario1\Desktop\FRST64_2.exe
2014-10-17 07:38 - 2014-10-17 07:42 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-17 07:37 - 2014-10-17 07:41 - 00001118 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-17 07:37 - 2014-10-17 07:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-17 07:37 - 2014-10-17 07:41 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-17 07:37 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-17 07:37 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-17 07:37 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-17 07:35 - 2014-10-17 07:35 - 17305656 _____ (Malwarebytes Corporation ) C:\Users\Usuario1\Desktop\mbam-setup.exe
2014-10-16 19:47 - 2014-10-16 19:47 - 00000000 ____D () C:\Program Files (x86)\ESRI
2014-10-16 18:24 - 2014-10-16 18:24 - 00000812 _____ () C:\Users\Usuario1\Desktop\JRT.txt
2014-10-16 18:20 - 2014-10-16 18:20 - 01705698 _____ (Thisisu) C:\Users\Usuario1\Desktop\JRT_2.exe
2014-10-16 17:59 - 2014-10-16 18:00 - 01976320 _____ () C:\Users\Usuario1\Desktop\AdwCleaner.exe
2014-10-16 17:54 - 2014-10-16 17:57 - 37771486 _____ () C:\Users\Usuario1\Downloads\Como ajustar un desviador delantero de bicicleta.mp4
2014-10-16 17:54 - 2014-10-16 17:56 - 36434031 _____ () C:\Users\Usuario1\Downloads\Como ajustar un cambio trasero de bicicleta.mp4
2014-10-16 10:41 - 2014-09-27 17:25 - 04183040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 10:41 - 2014-09-03 19:10 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-10-16 10:41 - 2014-09-03 18:57 - 00921600 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-10-16 10:41 - 2014-09-03 18:49 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-10-16 10:40 - 2014-09-25 17:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 10:40 - 2014-09-25 17:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-16 10:40 - 2014-09-25 17:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-16 10:40 - 2014-09-25 17:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-16 10:40 - 2014-09-25 17:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-16 10:40 - 2014-09-25 17:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 10:40 - 2014-09-18 21:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 10:40 - 2014-09-18 20:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-16 10:40 - 2014-09-18 20:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 10:40 - 2014-09-18 20:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 10:40 - 2014-09-18 20:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-16 10:40 - 2014-09-18 20:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 10:40 - 2014-09-18 20:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-16 10:40 - 2014-09-18 20:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-16 10:40 - 2014-09-18 20:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-16 10:40 - 2014-09-18 20:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 10:40 - 2014-09-18 19:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-16 10:40 - 2014-09-18 19:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 10:40 - 2014-09-18 19:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-16 10:40 - 2014-09-18 19:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 10:40 - 2014-09-18 19:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 10:40 - 2014-09-18 19:42 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 10:40 - 2014-09-18 19:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 10:40 - 2014-09-18 19:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-16 10:40 - 2014-09-18 19:20 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-16 10:40 - 2014-09-18 19:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 10:40 - 2014-09-18 18:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-16 10:40 - 2014-09-18 18:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-16 10:40 - 2014-09-18 18:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-16 10:40 - 2014-09-18 18:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-16 10:40 - 2014-09-07 22:15 - 00054752 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-10-16 10:40 - 2014-09-07 20:46 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-10-16 10:40 - 2014-09-07 20:46 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-10-16 10:40 - 2014-09-07 19:08 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-10-16 10:40 - 2014-09-07 19:07 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-10-16 10:40 - 2014-09-07 19:05 - 03448320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-10-16 10:40 - 2014-09-07 19:04 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-10-16 10:40 - 2014-09-07 19:04 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-10-16 10:40 - 2014-09-07 19:03 - 01702400 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-10-16 10:40 - 2014-09-07 19:03 - 00839680 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-10-16 10:40 - 2014-09-07 18:59 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-10-16 10:40 - 2014-09-07 18:59 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-10-16 10:40 - 2014-09-07 18:56 - 00672256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-10-16 10:40 - 2014-09-07 18:56 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-10-16 10:39 - 2014-10-09 17:16 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-16 10:39 - 2014-10-08 17:09 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-16 10:39 - 2014-09-18 20:24 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-16 10:39 - 2014-09-13 01:29 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-16 10:39 - 2014-09-13 00:49 - 00068608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-16 10:39 - 2014-09-03 19:12 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 10:39 - 2014-09-03 19:01 - 00514048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-16 10:38 - 2014-09-13 01:02 - 02779648 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 10:38 - 2014-09-13 00:30 - 03117568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-16 09:08 - 2014-10-16 09:41 - 00000478 _____ () C:\Users\Usuario1\Desktop\defogger_disable.log
2014-10-16 09:08 - 2014-10-16 09:08 - 00000168 _____ () C:\Users\Usuario1\defogger_reenable
2014-10-16 09:06 - 2014-10-16 09:06 - 00050477 _____ () C:\Users\Usuario1\Desktop\Defogger.exe
2014-10-15 19:33 - 2014-10-15 21:11 - 00000000 ____D () C:\Users\Usuario1\Downloads\Fun with Dick and Jane (2005)
2014-10-14 22:51 - 2014-10-14 22:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-14 21:12 - 2014-10-14 21:15 - 00000000 ____D () C:\Users\Usuario1\Downloads\Liar Liar (1997)
2014-10-14 18:35 - 2014-10-17 08:12 - 00000000 ____D () C:\FRST
2014-10-14 16:43 - 2014-10-14 16:43 - 00000794 _____ () C:\Windows\setupact.log
2014-10-14 16:43 - 2014-10-14 16:43 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-09 21:06 - 2014-10-09 21:09 - 18587865 _____ () C:\Users\Usuario1\Downloads\Como hacer un circuito de fuerza.flv
2014-10-09 19:41 - 2014-10-09 19:45 - 27421464 _____ () C:\Users\Usuario1\Downloads\Instalación Eléctrica Residencial (Servicio Monofásico 110 volts).flv
2014-10-09 19:01 - 2014-10-09 19:02 - 17037873 _____ () C:\Users\Usuario1\Downloads\Como controlar una lámpara con dos apagadores de escalera (Método de Corto Circuito) 2da Parte.flv
2014-10-09 16:21 - 2014-10-09 16:21 - 00001049 _____ () C:\Users\Usuario1\Desktop\malware.txt
2014-10-06 16:16 - 2014-10-06 16:23 - 229957003 _____ () C:\Users\Usuario1\Downloads\math-e222-L01-20030915.flv
2014-09-28 13:14 - 2014-09-28 13:15 - 00280576 _____ () C:\Windows\Minidump\092814-26328-01.dmp
2014-09-28 13:14 - 2014-09-28 13:14 - 532430974 _____ () C:\Windows\MEMORY.DMP
2014-09-28 13:13 - 2014-10-09 11:06 - 00000548 _____ () C:\Windows\system32\.crusader
2014-09-28 10:34 - 2014-09-28 10:34 - 00687452 _____ () C:\Users\Usuario1\Downloads\Payno Manuel Bandidos de R+¡o Fr+¡o.pdb
2014-09-28 09:17 - 2014-09-28 09:17 - 00000000 ____D () C:\Windows\ERUNT
2014-09-28 08:52 - 2014-10-16 18:12 - 00000000 ____D () C:\AdwCleaner
2014-09-27 13:29 - 2014-09-27 19:24 - 00000000 ____D () C:\Mapas
2014-09-27 12:45 - 2014-09-27 12:45 - 00000000 ____D () C:\e14d32
2014-09-27 12:45 - 2014-09-27 12:45 - 00000000 ____D () C:\e14d22
2014-09-27 11:29 - 2014-09-27 12:23 - 00000000 ____D () C:\Users\Usuario1\Desktop\Mapas
2014-09-27 11:07 - 2014-10-16 18:15 - 00007414 _____ () C:\Windows\PFRO.log
2014-09-27 09:33 - 2014-09-27 09:33 - 00041540 _____ () C:\Users\Usuario1\Documents\cc_20140927_093302.reg
2014-09-26 14:20 - 2014-09-26 14:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-26 14:20 - 2014-09-26 14:20 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-26 14:20 - 2014-09-26 14:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-26 14:18 - 2014-08-15 23:08 - 21195616 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-26 14:18 - 2014-08-15 23:08 - 01507648 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-09-26 14:18 - 2014-08-15 23:01 - 01710184 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-09-26 14:18 - 2014-08-15 22:58 - 01112512 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-09-26 14:18 - 2014-08-15 22:57 - 02498880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-09-26 14:18 - 2014-08-15 22:57 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-09-26 14:18 - 2014-08-15 22:16 - 18722600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-09-26 14:18 - 2014-08-15 22:16 - 01205976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-09-26 14:18 - 2014-08-15 22:03 - 01467384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-09-26 14:18 - 2014-08-15 20:31 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-09-26 14:18 - 2014-08-15 20:04 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2014-09-26 14:18 - 2014-08-15 19:58 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2014-09-26 14:18 - 2014-08-15 19:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2014-09-26 14:18 - 2014-08-15 19:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll
2014-09-26 14:18 - 2014-08-15 19:45 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2014-09-26 14:18 - 2014-08-15 19:43 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2014-09-26 14:18 - 2014-08-15 19:43 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2014-09-26 14:18 - 2014-08-15 19:31 - 00914432 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-09-26 14:18 - 2014-08-15 19:31 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
2014-09-26 14:18 - 2014-08-15 19:29 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-26 14:18 - 2014-08-15 19:23 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-09-26 14:18 - 2014-08-15 19:22 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-09-26 14:18 - 2014-08-15 19:22 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-09-26 14:18 - 2014-08-15 19:19 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-26 14:18 - 2014-08-15 19:18 - 04758528 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-09-26 14:18 - 2014-08-15 19:17 - 08757760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-09-26 14:18 - 2014-08-15 19:14 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-09-26 14:18 - 2014-08-15 19:13 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-09-26 14:18 - 2014-08-15 19:13 - 05902848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-09-26 14:18 - 2014-08-15 19:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-09-26 14:18 - 2014-08-15 19:11 - 00920064 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-09-26 14:18 - 2014-08-15 19:10 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-09-26 14:18 - 2014-08-15 19:08 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-09-26 14:18 - 2014-08-15 19:07 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-09-26 14:18 - 2014-07-31 18:22 - 00388729 _____ () C:\Windows\system32\ApnDatabase.xml
2014-09-26 14:17 - 2014-08-28 20:58 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-09-26 14:17 - 2014-08-28 18:56 - 02646016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-26 14:17 - 2014-08-28 18:47 - 02321920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-09-26 13:00 - 2014-10-14 08:41 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-09-26 08:14 - 2014-06-23 18:08 - 01601992 _____ (Avira Operations GmbH & Co. KG) C:\Users\Usuario1\Desktop\fusebundle.exe
2014-09-26 08:14 - 2013-03-13 12:45 - 00001337 _____ () C:\Users\Usuario1\Desktop\fusebundle.conf
2014-09-26 00:13 - 2014-09-26 00:20 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-26 00:13 - 2014-09-26 00:19 - 00001153 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-26 00:12 - 2014-09-26 00:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-26 00:12 - 2014-09-26 00:12 - 00002086 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-09-26 00:12 - 2014-09-26 00:12 - 00000000 ____D () C:\Users\Usuario1\AppData\Roaming\Avira
2014-09-26 00:11 - 2014-10-14 08:41 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-09-26 00:11 - 2014-10-14 08:41 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-09-26 00:11 - 2014-09-26 00:19 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-26 00:11 - 2014-09-26 00:13 - 00000000 ____D () C:\ProgramData\Avira
2014-09-26 00:11 - 2014-08-15 14:47 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-09-25 23:06 - 2014-09-25 23:06 - 00000000 ____D () C:\Windows\pss
2014-09-25 09:43 - 2014-09-25 10:46 - 00000000 ____D () C:\Users\Usuario1\Desktop\GPSClass
2014-09-24 20:38 - 2014-09-26 13:55 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit
2014-09-24 12:40 - 2014-09-24 12:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
2014-09-24 12:37 - 2014-09-24 12:37 - 00000000 ____D () C:\AMD
2014-09-24 10:02 - 2014-09-24 10:50 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-09-24 09:20 - 2014-09-24 09:20 - 09447761 _____ () C:\Users\Usuario1\Downloads\Dierks Bentley - Come A Little Closer.mp4
2014-09-23 12:25 - 2014-09-23 18:48 - 14114082 _____ () C:\Users\Usuario1\Downloads\escalerar3a.skb
2014-09-23 12:04 - 2014-09-24 00:15 - 14090525 _____ () C:\Users\Usuario1\Downloads\escalerar3a.skp
2014-09-23 12:01 - 2014-09-23 12:02 - 13765021 _____ () C:\Users\Usuario1\Downloads\escalerar3.skp
2014-09-22 13:29 - 2014-09-22 13:29 - 00002216 _____ () C:\Users\Public\Desktop\Style Builder 2.lnk
2014-09-22 13:29 - 2014-09-22 13:29 - 00002130 _____ () C:\Users\Public\Desktop\LayOut 3.lnk
2014-09-22 13:29 - 2014-09-22 13:29 - 00002041 _____ () C:\Users\Public\Desktop\Google SketchUp 8.lnk
2014-09-22 13:29 - 2014-09-22 13:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google SketchUp 8
2014-09-20 20:25 - 2014-09-20 20:28 - 00000000 ____D () C:\Users\Usuario1\Desktop\musica3
2014-09-18 15:49 - 2014-09-18 18:03 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-09-18 15:49 - 2014-09-18 18:02 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-18 15:49 - 2014-09-18 15:49 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-09-17 23:51 - 2014-09-17 23:51 - 00000000 ____D () C:\HuexoapaUsoSuelo

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-17 08:11 - 2014-08-02 10:28 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-17 08:09 - 2014-08-01 08:52 - 00000000 ____D () C:\Users\Usuario1\AppData\Roaming\uTorrent
2014-10-17 08:04 - 2014-09-03 22:59 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-17 08:04 - 2014-08-03 00:49 - 00000000 ____D () C:\Users\Usuario1\AppData\Roaming\DMCache
2014-10-17 08:03 - 2014-08-03 00:49 - 00000000 ____D () C:\Users\Usuario1\AppData\Roaming\IDM
2014-10-17 08:00 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\sru
2014-10-17 07:59 - 2014-07-31 19:37 - 00000000 ____D () C:\Users\Usuario1\AppData\Roaming\ClassicShell
2014-10-17 07:52 - 2014-09-16 13:30 - 01745790 _____ () C:\Windows\WindowsUpdate.log
2014-10-17 07:46 - 2014-07-31 19:25 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2189552084-2033204020-3239810638-1001
2014-10-17 07:41 - 2014-08-02 21:52 - 00005028 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Home-Usuario1 Home
2014-10-17 07:32 - 2014-07-31 19:25 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{A296206B-BF14-4832-8EFC-EDA871D75F99}
2014-10-17 07:31 - 2014-09-03 23:02 - 00002201 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-17 07:30 - 2014-09-03 22:59 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-17 07:28 - 2014-09-15 08:04 - 00000004 _____ () C:\Windows\SysWOW64\GVTunner.ref
2014-10-17 07:28 - 2014-08-12 20:47 - 00000000 ___RD () C:\Users\Usuario1\OneDrive
2014-10-17 07:28 - 2014-08-04 23:50 - 00030528 _____ () C:\Windows\GVTDrv64.sys
2014-10-17 07:28 - 2014-08-04 23:47 - 00025640 _____ (Windows ® Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-10-16 18:16 - 2013-08-22 09:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-16 18:15 - 2013-08-22 09:44 - 00541528 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-16 18:14 - 2014-08-02 10:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-16 18:14 - 2013-08-22 08:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-10-16 18:13 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-10-16 18:13 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\FileManager
2014-10-16 18:13 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\Camera
2014-10-16 12:21 - 2014-08-01 09:21 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-10-16 12:21 - 2014-08-01 09:17 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-16 12:21 - 2013-08-22 08:25 - 00000167 _____ () C:\Windows\win.ini
2014-10-16 12:20 - 2013-08-22 10:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-10-16 12:18 - 2014-07-31 20:11 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 12:10 - 2014-07-31 20:11 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-16 12:09 - 2014-07-31 21:29 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-16 11:45 - 2014-07-31 19:17 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-16 09:08 - 2014-07-31 19:18 - 00000000 ____D () C:\Users\Usuario1
2014-10-15 22:52 - 2014-07-31 23:34 - 00000000 ____D () C:\Users\Usuario1\AppData\Roaming\vlc
2014-10-15 18:00 - 2014-08-01 11:40 - 00000330 _____ () C:\Windows\Tasks\Flash Update.job
2014-10-14 15:15 - 2014-08-02 17:09 - 20647936 ___SH () C:\Users\Usuario1\Documents\Thumbs.db
2014-10-14 09:02 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-13 20:41 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-10-06 16:12 - 2014-08-01 12:47 - 00337408 ___SH () C:\Users\Usuario1\Desktop\Thumbs.db
2014-10-06 13:48 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-10-06 12:47 - 2014-08-01 12:34 - 00000000 ____D () C:\ProgramData\EPSON
2014-09-30 22:57 - 2014-08-21 16:38 - 00000000 _____ () C:\Windows\SysWOW64\router.xml
2014-09-29 17:45 - 2013-08-22 10:38 - 00706016 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-29 17:45 - 2013-08-22 10:38 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-29 12:01 - 2014-08-10 12:00 - 00000000 ____D () C:\Users\Usuario1\Downloads\Computer Gadget & Tablet Magazines - August 9 2014 (True PDF)
2014-09-29 12:01 - 2014-08-06 21:44 - 00132608 ___SH () C:\Users\Usuario1\Downloads\Thumbs.db
2014-09-29 12:01 - 2014-07-31 19:20 - 00000000 ____D () C:\Users\Usuario1\AppData\Local\Packages
2014-09-28 18:14 - 2014-08-05 12:24 - 00000000 ____D () C:\Program Files\Blender Foundation
2014-09-28 13:14 - 2014-09-07 08:25 - 00000000 ____D () C:\Windows\Minidump
2014-09-28 13:03 - 2014-09-08 21:50 - 00000000 ____D () C:\ProgramData\TP-LINK
2014-09-28 13:03 - 2014-08-01 12:33 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-28 10:12 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\rescache
2014-09-27 13:39 - 2014-09-06 17:16 - 00000000 ____D () C:\Tlapashp
2014-09-27 12:46 - 2014-08-03 00:49 - 00000000 ____D () C:\Users\Usuario1\Downloads\Compressed
2014-09-27 11:22 - 2014-08-11 09:00 - 00000000 ____D () C:\Users\Usuario1\Desktop\SAS.Planet.Release.131111
2014-09-26 15:16 - 2014-07-31 21:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2014-09-26 14:22 - 2013-08-22 10:36 - 00000000 ___RD () C:\Windows\ToastData
2014-09-26 14:22 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\WinStore
2014-09-26 00:06 - 2014-07-31 20:47 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-24 12:40 - 2014-08-01 15:02 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-09-24 12:39 - 2014-08-01 15:03 - 00000000 ____D () C:\ProgramData\AMD
2014-09-22 13:29 - 2014-07-31 20:04 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-18 17:45 - 2014-08-01 12:33 - 00000950 _____ () C:\Users\Public\Desktop\EPSON Scan.lnk

Some content of TEMP:
====================
C:\Users\Usuario1\AppData\Local\Temp\avgnt.exe
C:\Users\Usuario1\AppData\Local\Temp\HitmanPro.exe
C:\Users\Usuario1\AppData\Local\Temp\Quarantine.exe
C:\Users\Usuario1\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-03 13:40

==================== End Of Log ============================

 

 

 

 

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-10-2014
Ran by Usuario1 at 2014-10-17 08:12:56
Running from C:\Users\Usuario1\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32354 - BitTorrent Inc.)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{A731A859-7426-DEB6-80A3-E6A2508DC85A}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
ArcGIS Desktop 10 (HKLM-x32\...\ArcGIS Desktop 10) (Version: 10.0.2414 - Environmental Systems Research Institute, Inc.)
ArcGIS Desktop 10 (x32 Version: 10.0.2414 - Environmental Systems Research Institute, Inc.) Hidden
ArcGIS License Manager 10 (HKLM-x32\...\ArcGIS License Manager 10) (Version: 10.0.2414 - Environmental Systems Research Institute, Inc.)
ArcGIS License Manager 10 (x32 Version: 10.0.2414 - Environmental Systems Research Institute, Inc.) Hidden
Auslogics Duplicate File Finder (HKLM-x32\...\{6845255F-15CC-4DD1-94D5-D38F370118B3}_is1) (Version: 3.5.4.0 - Auslogics Labs Pty Ltd)
Avira (HKLM-x32\...\{70e83cd8-4bd5-4039-ab5a-6b94a8abb641}) (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira)
Brain Workshop 4.8.1 (HKLM-x32\...\Brain Workshop_is1) (Version: 4.8.1 - Paul Hoskinson & Jonathan Toomim)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0806.1213.19931 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{B6FBF358-6B5E-4DE4-8BC5-892C87BBD3B4}) (Version:  - Microsoft)
Easy Tune 6 B13.1211.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B13.1211.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Eines de correcció del Microsoft Office 2013: català (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON TX230 Series Printer Uninstall (HKLM\...\EPSON TX230 Series) (Version:  - SEIKO EPSON Corporation)
Ferramentas de verificación de Microsoft Office 2013 - Galego (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.1.618 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Earth (HKLM-x32\...\{A2264E8F-1649-11E3-8BED-B8AC6F98CCE3}) (Version: 7.1.2.2019 - Google)
Google SketchUp Pro 8 (HKLM-x32\...\{5AA2BF91-440A-49E8-A2F4-A5CE4F94606D}) (Version: 3.0.3198 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Access MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office zuzenketa-tresnak 2013 - Euskara (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Word MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Mozilla Firefox 33.0 (x86 es-ES) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 es-ES)) (Version: 33.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
OziExplorer 3.95 (HKLM-x32\...\OziExplorer 3.95_is1) (Version:  - )
PrivDog (HKLM-x32\...\PrivDog) (Version: 2.2.0.14 - privdog.com)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
SAP2000 16 (HKLM-x32\...\{76898544-7B92-4942-B257-F19F474929AB}) (Version: 16.0.0 - Computers and Structures, Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Software Updater (HKLM-x32\...\{6DFBE8A2-CDBF-453E-B34C-32F202FCEE4C}) (Version: 4.2.1 - SEIKO EPSON CORPORATION)
TELL ME MORE (HKLM-x32\...\TMM90) (Version:  - )
Update for Microsoft Excel 2013 (KB2889941) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EFD6026A-1531-4678-B51B-1A10C3F51CEE}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2889941) 64-Bit Edition (HKLM\...\{90150000-0016-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{EFD6026A-1531-4678-B51B-1A10C3F51CEE}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2889941) 64-Bit Edition (HKLM\...\{90150000-0018-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{EFD6026A-1531-4678-B51B-1A10C3F51CEE}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2889941) 64-Bit Edition (HKLM\...\{90150000-001B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{EFD6026A-1531-4678-B51B-1A10C3F51CEE}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2889941) 64-Bit Edition (HKLM\...\{90150000-00C1-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{EFD6026A-1531-4678-B51B-1A10C3F51CEE}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2881083) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{5274B9DA-BC82-4400-9B7D-1CC2BDF7BBE5}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2889929) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{FC4C557E-7664-453D-8A55-5D414069E0F5}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2889929) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{FC4C557E-7664-453D-8A55-5D414069E0F5}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2889929) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{FC4C557E-7664-453D-8A55-5D414069E0F5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760249) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{7A4AB8E1-C091-4BD3-B308-844BA6EE752A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760371) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{25DEA344-FF6F-41BD-B88F-5242BB8E80E1}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881001) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{DF1B7B95-4A86-4605-A628-556394B5580A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881004) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AC8BEB81-5B5E-4503-B1F4-7781F4642E46}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881004) 64-Bit Edition (HKLM\...\{90150000-0016-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{AC8BEB81-5B5E-4503-B1F4-7781F4642E46}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881009) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3033838D-15E0-4199-8CBD-A7F2057AE653}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881012) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0DC71935-8DEE-4621-A223-23FD1552E567}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0016-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0090-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881039) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C675FC43-E413-49A7-B3DC-44967B4FE22D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E919ACF4-A1D7-4CAA-A103-5EB115563721}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883049) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{39D9DAC1-16A7-430A-B2F3-4D3D000454D0}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0403-1000-0000000FF1CE}_Office15.PROPLUS_{EA528E89-5C30-44C2-8EBA-FEA7B4F73E22}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F9C35D99-CA8E-4D17-B785-66AC654D5664}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{18C53DCB-FA98-4A7B-BC2E-6DA30D4E4901}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}_Office15.PROPLUS_{49B25930-F28E-4693-B6B9-F94885693F16}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-042D-1000-0000000FF1CE}_Office15.PROPLUS_{2538C77B-1287-40B6-9C13-B9B8D9D0963D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0456-1000-0000000FF1CE}_Office15.PROPLUS_{9FD97A64-17E8-4D0B-8328-A28EA46090C9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{6E2862B8-C10A-4FD0-9B82-8D9761301AAA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883095) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EADBF225-163E-406B-B11A-26ECCCAB5A0E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889848) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A9D59DD4-0591-447A-AEEB-DC1FEE5502BF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889848) 64-Bit Edition (HKLM\...\{90150000-006E-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{A9D59DD4-0591-447A-AEEB-DC1FEE5502BF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889848) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A9D59DD4-0591-447A-AEEB-DC1FEE5502BF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889940) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{36772E16-D3FA-440E-B001-0BEB2B1FCE47}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889942) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C22AE0C4-590E-46FF-9E21-37F45B84ADDD}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889942) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C22AE0C4-590E-46FF-9E21-37F45B84ADDD}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB3000731) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{2245C7DD-6984-40C8-AD2C-C1CC6F049C91}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB3000731) 64-Bit Edition (HKLM\...\{90150000-00BA-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{2245C7DD-6984-40C8-AD2C-C1CC6F049C91}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB3000731) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{2245C7DD-6984-40C8-AD2C-C1CC6F049C91}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB3000731) 64-Bit Edition (HKLM\...\{90150000-00C1-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{2245C7DD-6984-40C8-AD2C-C1CC6F049C91}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2883059) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BA62716F-904B-4668-A792-A41C1D806416}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2883059) 64-Bit Edition (HKLM\...\{90150000-00A1-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{BA62716F-904B-4668-A792-A41C1D806416}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2883059) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BA62716F-904B-4668-A792-A41C1D806416}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2986204) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{2CB96A7D-CBFE-4028-ACE8-31C3925D3D46}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2986204) 64-Bit Edition (HKLM\...\{90150000-001A-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{2CB96A7D-CBFE-4028-ACE8-31C3925D3D46}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2889847) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{7F1008C2-8C87-497F-B6D8-56B53DA0FAB3}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2889847) 64-Bit Edition (HKLM\...\{90150000-0018-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{7F1008C2-8C87-497F-B6D8-56B53DA0FAB3}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0019-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2889852) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{01839F84-E94C-4E47-BEBE-95DF9CAE5FF3}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2889852) 64-Bit Edition (HKLM\...\{90150000-001A-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{01839F84-E94C-4E47-BEBE-95DF9CAE5FF3}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2889852) 64-Bit Edition (HKLM\...\{90150000-001B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{01839F84-E94C-4E47-BEBE-95DF9CAE5FF3}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2889852) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{01839F84-E94C-4E47-BEBE-95DF9CAE5FF3}) (Version:  - Microsoft)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

09-10-2014 16:06:01 Checkpoint by HitmanPro
15-10-2014 12:40:15 Checkpoint by HitmanPro

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0191642D-BBD5-48FB-8F91-690C272DC0F9} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {041E7532-87A5-4F1C-BE7D-5D76526763B7} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {09EA41B9-9D3E-4EC3-B1B2-7BAF5C7C14C4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-10-16] (Microsoft Corporation)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1921399D-BB51-438B-B9C2-7F85A769133E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-03] (Google Inc.)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {262B4C49-E9A8-4996-B420-F01B095DD3C4} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3DCE00AC-49BC-41B9-B663-3B12C38020DB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {42E5AF11-C11C-4391-87E0-CEEDF3AA8B73} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5AC14BC1-82DB-408D-9985-C6AC583036F9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated)
Task: {69F5FCCA-5AFE-4350-92BE-B12E7E3967F7} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9EC364D9-8B3A-425C-8DFC-BD5A84A02503} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A9727A53-FD3E-41EE-9092-4671372F43AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-03] (Google Inc.)
Task: {AAA1BA6C-0A41-4AAC-A045-ECFC62576380} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {B5802072-D76F-4189-8BBA-06E4AB7423AD} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Home-Usuario1 Home => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2014-07-27] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E68F4E13-7EFE-4CD6-BB11-5C24EA6854A9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F1C1E75A-3D9D-458B-BBF0-E18F6CB34B97} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {FBE6D35E-7281-4048-A678-3A3CF0D0DF4B} - System32\Tasks\Flash Update => Wscript.exe //nologo //B C:\Windows\update.js
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Flash Update.job => C:\Windows\system32\wscript.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-11-16 16:27 - 2012-11-16 16:27 - 00211968 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-03-05 16:03 - 2012-03-05 16:03 - 00677376 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-02-16 14:53 - 2012-02-16 14:53 - 03642880 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2012-11-16 16:27 - 2012-11-16 16:27 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2012-01-13 14:04 - 2012-01-13 14:04 - 00219760 _____ () C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
2014-08-27 15:00 - 2014-08-27 15:00 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00066864 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2013-11-14 10:32 - 2013-11-14 10:32 - 02887751 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Normal.dll
2013-11-05 11:07 - 2013-11-05 11:07 - 00651327 _____ () C:\Program Files (x86)\GIGABYTE\ET6\work.dll
2013-11-06 17:59 - 2013-11-06 17:59 - 01335358 _____ () C:\Program Files (x86)\GIGABYTE\ET6\HM.dll
2013-03-23 10:59 - 2013-03-23 10:59 - 01433674 _____ () C:\Program Files (x86)\GIGABYTE\ET6\GVTunner.dll
2003-02-14 14:11 - 2003-02-14 14:11 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Sound.dll
2013-11-01 10:29 - 2013-11-01 10:29 - 01318984 _____ () C:\Program Files (x86)\GIGABYTE\ET6\AMD8.dll
2013-09-13 15:26 - 2013-09-13 15:26 - 01331266 _____ () C:\Program Files (x86)\GIGABYTE\ET6\SF.dll
2008-05-07 15:22 - 2008-05-07 15:22 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\ET6\CIAMIB.dll
2012-05-08 15:01 - 2012-05-08 15:01 - 00069632 _____ () C:\Program Files (x86)\GIGABYTE\ET6\GPTT.dll
2011-10-18 09:26 - 2011-10-18 09:26 - 00024576 _____ () C:\Program Files (x86)\GIGABYTE\ET6\STT.dll
2013-11-05 13:12 - 2013-11-05 13:12 - 01499200 _____ () C:\Program Files (x86)\GIGABYTE\ET6\OCK.dll
2012-11-27 15:03 - 2012-11-27 15:03 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\ET6\ycc.dll
2013-05-24 00:50 - 2013-05-24 00:50 - 03860520 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Platform.dll
2010-06-24 15:50 - 2010-06-24 15:50 - 00094208 _____ () C:\Program Files (x86)\GIGABYTE\ET6\IccLibDll.dll
2011-03-01 19:00 - 2011-03-01 19:00 - 00126976 _____ () C:\Program Files (x86)\GIGABYTE\ET6\StabilityLib.dll
2013-05-24 00:50 - 2013-05-24 00:50 - 00579616 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Device.dll
2013-12-09 17:21 - 2013-12-09 17:21 - 00311296 _____ () C:\Program Files (x86)\GIGABYTE\ET6\MFCCPU.DLL
2014-09-24 21:06 - 2014-09-22 23:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
2014-09-24 21:06 - 2014-09-22 23:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll
2014-09-26 00:13 - 2014-08-27 15:00 - 00052472 _____ () C:\Users\Usuario1\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-09-24 21:06 - 2014-09-22 23:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
2014-09-24 21:06 - 2014-09-22 23:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
2014-09-24 21:06 - 2014-09-22 23:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll
2014-10-14 22:51 - 2014-10-14 22:51 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Usuario1\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-2189552084-2033204020-3239810638-500 - Administrator - Disabled)
Guest (S-1-5-21-2189552084-2033204020-3239810638-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2189552084-2033204020-3239810638-1003 - Limited - Enabled)
Usuario1 (S-1-5-21-2189552084-2033204020-3239810638-1001 - Administrator - Enabled) => C:\Users\Usuario1

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/17/2014 07:31:21 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/17/2014 07:31:16 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=3

Error: (10/17/2014 07:31:07 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/16/2014 10:31:52 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/16/2014 10:31:46 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=2

Error: (10/16/2014 10:31:38 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/16/2014 09:05:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HOME)
Description: Activation of app Microsoft.Reader_8wekyb3d8bbwe!Microsoft.Reader failed with error: -2144927151 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (10/16/2014 08:19:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HOME)
Description: Activation of app Microsoft.Reader_8wekyb3d8bbwe!Microsoft.Reader failed with error: -2144927151 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (10/16/2014 08:06:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HOME)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Calendar failed with error: -2144927151 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (10/16/2014 08:06:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HOME)
Description: Activation of app Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927151 See the Microsoft-Windows-TWinUI/Operational log for additional information.


System errors:
=============

Microsoft Office Sessions:
=========================
Error: (10/17/2014 07:31:21 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/17/2014 07:31:16 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=3

Error: (10/17/2014 07:31:07 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/16/2014 10:31:52 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/16/2014 10:31:46 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=2

Error: (10/16/2014 10:31:38 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/16/2014 09:05:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HOME)
Description: Microsoft.Reader_8wekyb3d8bbwe!Microsoft.Reader-2144927151

Error: (10/16/2014 08:19:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HOME)
Description: Microsoft.Reader_8wekyb3d8bbwe!Microsoft.Reader-2144927151

Error: (10/16/2014 08:06:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HOME)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Calendar-2144927151

Error: (10/16/2014 08:06:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HOME)
Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2144927151


CodeIntegrity Errors:
===================================
  Date: 2014-09-26 12:54:25.083
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-26 12:47:37.850
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-26 12:32:46.658
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-26 07:43:02.125
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-26 00:57:47.673
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-26 00:26:11.652
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-26 00:08:41.752
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-26 00:01:58.843
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-25 23:53:49.306
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-25 23:49:35.906
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: AMD Phenom™ II X4 955 Processor
Percentage of memory in use: 31%
Total physical RAM: 7677.55 MB
Available physical RAM: 5283.29 MB
Total Pagefile: 15357.55 MB
Available Pagefile: 11997.85 MB
Total Virtual: 131072 MB
Available Virtual: 131071.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:297.75 GB) (Free:203.22 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: E642E3F8)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=297.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================



#10 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,158 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:08:41 AM

Posted 18 October 2014 - 11:10 PM

Hi Rufo100.

 

We need to remove programs using "Programs and Features"

Click the "Start" orb on the taskbar, and then click the "Control Panel" button.

  • If you use Category mode, click on Uninstall a Program.
  • If you use Icons mode, click on Program and Features.

A list of programs installed will be "populated" (this may take a bit of time).
If they exist, uninstall the following by clicking on the below entries and selecting "Remove":

PrivDog

Additional instructions can be found here if needed.

 

---------------------

 

We need to run a fix with FRST:

  • Please download the attached fixlist.txt file and save it to the same location as FRST
    Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
    txt.gif  fixlist.txt   537bytes   1 downloads
  • Run FRST.exe/FRST64.exe and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply

==========

 

I'd like us to scan your machine with ESET OnlineScan

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

---------------------

 

After you have run above tools, please create new FRST log and post it here.

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#11 Rufo100

Rufo100
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:07:41 PM

Posted 19 October 2014 - 09:46 AM

Hello Sirawit:

 

I couldn't download the fixlist.txt, I got this error message:

 

 

Sorry, you don't have permission for that!

#12 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,158 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:08:41 AM

Posted 19 October 2014 - 09:46 PM

Hi Rufo100.

 

Try this one: 

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#13 Rufo100

Rufo100
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:07:41 PM

Posted 20 October 2014 - 08:37 AM

Hi Sirawit:

 

I ran FRST64; but I couldn't run ESET OnlineScan I got this message: Can not get update. Is proxy configured?

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-10-2014
Ran by Usuario1 (administrator) on HOME on 20-10-2014 08:16:58
Running from C:\Users\Usuario1\Desktop
Loaded Profiles: Usuario1 &  (Available profiles: Usuario1)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Acresso Software Inc.) C:\Program Files (x86)\ArcGIS\License10.0\bin\lmgrd.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Acresso Software Inc.) C:\Program Files (x86)\ArcGIS\License10.0\bin\lmgrd.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Acresso Software Inc.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
(ESRI) C:\Program Files (x86)\ArcGIS\License10.0\bin\ARCGIS.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(BitTorrent Inc.) C:\Users\Usuario1\AppData\Roaming\uTorrent\uTorrent.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHLL.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe
(Farbar) C:\Users\Usuario1\Desktop\FRST64_2.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-11-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\RunOnce: [EasyTuneVI] => C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe [40960 2012-07-09] ()
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001\...\Run: [uTorrent] => C:\Users\Usuario1\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2014-10-19] (BitTorrent Inc.)
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001\...\Run: [Epson Stylus TX230] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLL.EXE [232448 2011-01-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001\...\Run: [EPSON3302EF (Epson Stylus TX230)] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLL.EXE [232448 2011-01-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001\...\Run: [GoogleChromeAutoLaunch_799DBF94D1A449045C5C3D51CA15ABA5] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [854344 2014-10-09] (Google Inc.)
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [uTorrent] => C:\Users\Usuario1\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2014-10-19] (BitTorrent Inc.)
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Epson Stylus TX230] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLL.EXE [232448 2011-01-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EPSON3302EF (Epson Stylus TX230)] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLL.EXE [232448 2011-01-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_799DBF94D1A449045C5C3D51CA15ABA5] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [854344 2014-10-09] (Google Inc.)
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [uTorrent] => C:\Users\Usuario1\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2014-10-19] (BitTorrent Inc.)
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Epson Stylus TX230] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLL.EXE [232448 2011-01-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [EPSON3302EF (Epson Stylus TX230)] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLL.EXE [232448 2011-01-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [GoogleChromeAutoLaunch_799DBF94D1A449045C5C3D51CA15ABA5] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [854344 2014-10-09] (Google Inc.)
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\Run: [uTorrent] => C:\Users\Usuario1\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2014-10-19] (BitTorrent Inc.)
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\Run: [Epson Stylus TX230] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLL.EXE [232448 2011-01-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\Run: [EPSON3302EF (Epson Stylus TX230)] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLL.EXE [232448 2011-01-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\Run: [GoogleChromeAutoLaunch_799DBF94D1A449045C5C3D51CA15ABA5] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [854344 2014-10-09] (Google Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (Tonec Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.prodigy.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0912050E1FADCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es-MX
SearchScopes: HKCU - {8761DCE9-7B12-46A3-BFDF-D915F9758713} URL = https://mx.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=811891&p={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO: PrivDog Extension -> {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} -> C:\Program Files\AdTrustMedia\PrivDog\2.2.0.14\trustedads.dll (AdTrustMedia)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{79297320-0A40-4C04-B507-9C0489284F32}: [NameServer] 162.221.181.52,107.155.112.105,185.61.148.223,8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Usuario1\AppData\Roaming\Mozilla\Firefox\Profiles\4vk3sf5t.default
FF Keyword.URL: https://mx.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=811891&p=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF SearchPlugin: C:\Users\Usuario1\AppData\Roaming\Mozilla\Firefox\Profiles\4vk3sf5t.default\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\drae.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-es.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-es.xml
FF Extension: Avira Browser Safety - C:\Users\Usuario1\AppData\Roaming\Mozilla\Firefox\Profiles\4vk3sf5t.default\Extensions\abs@avira.com [2014-09-30]
FF Extension: Roomy Bookmarks Toolbar - C:\Users\Usuario1\AppData\Roaming\Mozilla\Firefox\Profiles\4vk3sf5t.default\Extensions\ALone-live@ya.ru.xpi [2014-09-17]
FF Extension: Duplicate in Tab Context Menu - C:\Users\Usuario1\AppData\Roaming\Mozilla\Firefox\Profiles\4vk3sf5t.default\Extensions\DuplicateInTabContext@schuzak.jp.xpi [2014-09-06]
FF Extension: GDrive Panel - C:\Users\Usuario1\AppData\Roaming\Mozilla\Firefox\Profiles\4vk3sf5t.default\Extensions\gdrivepanel@alejandrobrizuela.com.ar.xpi [2014-08-19]
FF Extension: Save as PDF - C:\Users\Usuario1\AppData\Roaming\Mozilla\Firefox\Profiles\4vk3sf5t.default\Extensions\save-as-pdf-ff@pdfcrowd.com.xpi [2014-09-06]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Usuario1\AppData\Roaming\Mozilla\Firefox\Profiles\4vk3sf5t.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2014-08-02]
FF Extension: Adblock Plus - C:\Users\Usuario1\AppData\Roaming\Mozilla\Firefox\Profiles\4vk3sf5t.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-02]
FF HKCU\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Usuario1\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Usuario1\AppData\Roaming\IDM\idmmzcc5 [2014-08-03]
FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Usuario1\AppData\Roaming\IDM\idmmzcc5

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "https://google.com.mx/", "hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN", "hxxp://mx.yahoo.com?fr=fpc-comodo", "hxxp://search.b1.org/?bsrc=hmcor&chid=c162341", "", "hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=MX&userid=7b0fe9a4-8181-425b-b12a-3002bec783b9&searchtype=hp&installDate=26/04/2013", "hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=MX&userid=7b0fe9a4-8181-425b-b12a-3002bec783b9&searchtype=hp&installDate=26/04/2013"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dewey Bookmarks) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aahpfefkmihhdabllidnlipghcjgpkdm [2014-08-05]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2014-07-31]
CHR Extension: (Instant Notifications for Gmail) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\adlgnpfgagimgadbaboilkbdnhbpegmd [2014-07-31]
CHR Extension: (Torrent Search) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\afbpdhiclgghnffhkinjikglgmolhpee [2014-07-31]
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2014-07-31]
CHR Extension: (iStoryBooks) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\anbmgijcnihjphndkjglleofcnohhkkl [2014-07-31]
CHR Extension: (Google Docs) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-31]
CHR Extension: (Google Drive) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-31]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-26]
CHR Extension: (Keeper Web App) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnglfciifmgnafcgkkngkeopldlialb [2014-07-31]
CHR Extension: (4Shared Assistant) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blimndomboblbleeepfbhonajddgnpic [2014-07-31]
CHR Extension: (YouTube) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-31]
CHR Extension: (DuckDuckGo for Chrome) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao [2014-07-31]
CHR Extension: (TOEFL Essay Practice) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ceeicgdpllljlklonpkbhjighniifjij [2014-07-31]
CHR Extension: (Adblock Plus) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-31]
CHR Extension: (Ratings Preview for YouTube™) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbhdenfmgbagncdmgbholejjpmmiank [2014-07-31]
CHR Extension: (Anatomy 3D) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknbmnbaidbnmgbgmjhkegbcoegddeen [2014-07-31]
CHR Extension: (Google Search) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-31]
CHR Extension: (Flag for Chrome) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpojpfdiliekbbiplijcphappgcgjfn [2014-07-31]
CHR Extension: (Read Later Fast) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\decdfngdidijkdjgbknlnepdljfaepji [2014-07-31]
CHR Extension: (Google Calendar) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-07-31]
CHR Extension: (WordLayer Vocabulary) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\eljchjdhchemgkgaofhodhdkfnalpdhp [2014-07-31]
CHR Extension: (Common Core Math 1-6 by Sokikom) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\eombmpplkjplkhbgaochnmgkhlnkmomb [2014-07-31]
CHR Extension: (Avira Browser Safety) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-09-26]
CHR Extension: (AdBlock) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-21]
CHR Extension: (Planner 5D) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjfkgdpkecnmfcgfpfibpcnkeakahllc [2014-07-31]
CHR Extension: (Save to Google Drive) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2014-07-31]
CHR Extension: (Isoball 3) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajlkcpgcnbhfhpdeooockfaincfkjjj [2014-07-31]
CHR Extension: (IDM Integration Module) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2014-08-03]
CHR Extension: (MeeGenius! Children's Books) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhfhmaajajcjoijfaceafiembkmhcddc [2014-07-31]
CHR Extension: (Word Joust) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jijjjopeepgneiiamhahbmlnhcomdbml [2014-07-31]
CHR Extension: (Coordinates) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kahliknbfelbmndacbdademgailcockh [2014-07-31]
CHR Extension: (SparkChess 7) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\khgabmflimjjbclkmljlpmgaleanedem [2014-07-31]
CHR Extension: (Save as PDF) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdjmbiefanbdgnkcikhllpmjnnllbbc [2014-07-31]
CHR Extension: (BugMeNot Lite) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb [2014-07-31]
CHR Extension: (Google Maps) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-07-31]
CHR Extension: (3D Solar System Web) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdaaepplopehigjgkolniddiadbbkphd [2014-07-31]
CHR Extension: (English vocabulary) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgmklfohhllfpjjmjejencmaodgiknmj [2014-07-31]
CHR Extension: (Quick Note) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok [2014-07-31]
CHR Extension: (Google Play Books) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2014-07-31]
CHR Extension: (Do It (Tomorrow)) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfagjoblnoeagfhfhohcdklnddjaiglo [2014-07-31]
CHR Extension: (Google Wallet) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-31]
CHR Extension: (Click&Clean App) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2014-07-31]
CHR Extension: (Learn Portuguese Free - PortuguesePod101.com) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pehhnjcaajmakfljacomgihcjdekaonf [2014-07-31]
CHR Extension: (English Adventure 1) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflfajjbomhaicconbmnnnmndifemadh [2014-07-31]
CHR Extension: (Weather Underground) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej [2014-07-31]
CHR Extension: (Gmail) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-31]
CHR Extension: (Google Similar Pages) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjnfggphgdjblhfjaphkjhfpiiekbbej [2014-07-31]
CHR Extension: (Browser QuickLinks) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\plpjogfhobhpdcmcblieglnoooccfcmm [2014-07-31]
CHR Extension: (Learn Alphabet and Numbers) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\podikmghblokmmdgoilcnnpgogaocoal [2014-07-31]
CHR HKLM-x32\...\Chrome\Extension: [cmaiofennmphjldldcpphcechfnnohja] - C:\Program Files (x86)\AdTrustMedia\PrivDog\PrivDog_chrome.crx []
CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-05-15]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-11-16] (Advanced Micro Devices, Inc.) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-14] (Avira Operations GmbH & Co. KG)
R2 ArcGIS License Manager; C:\Program Files (x86)\ArcGIS\License10.0\bin\lmgrd.exe [1500424 2008-11-06] (Acresso Software Inc.)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
S3 ICCS; C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-21] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-08-15] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-08-04] (Disc Soft Ltd)
R3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-10-20] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-10-20] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
S3 WinDivert1.1; \??\C:\Program Files\KMSpico\WinDivert.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-20 08:16 - 2014-10-20 08:17 - 00029916 _____ () C:\Users\Usuario1\Desktop\FRST.txt
2014-10-20 08:02 - 2014-10-20 08:02 - 00000537 _____ () C:\Users\Usuario1\Desktop\fixlist.txt
2014-10-18 13:25 - 2014-10-18 13:26 - 05433149 _____ () C:\Users\Usuario1\Downloads\Acometida casa habitacion.flv
2014-10-18 13:18 - 2014-10-18 13:19 - 02667697 _____ () C:\Users\Usuario1\Downloads\Instalacion de Centro de carga.flv
2014-10-18 13:09 - 2014-10-18 13:09 - 04202314 _____ () C:\Users\Usuario1\Downloads\Instalacion del Termomagnetico.mp4
2014-10-17 08:05 - 2014-10-17 08:05 - 02112000 _____ (Farbar) C:\Users\Usuario1\Desktop\FRST64_2.exe
2014-10-17 07:38 - 2014-10-20 07:58 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-17 07:37 - 2014-10-17 07:41 - 00001118 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-17 07:37 - 2014-10-17 07:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-17 07:37 - 2014-10-17 07:41 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-17 07:37 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-17 07:37 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-17 07:37 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-17 07:35 - 2014-10-17 07:35 - 17305656 _____ (Malwarebytes Corporation ) C:\Users\Usuario1\Desktop\mbam-setup.exe
2014-10-16 19:47 - 2014-10-16 19:47 - 00000000 ____D () C:\Program Files (x86)\ESRI
2014-10-16 18:24 - 2014-10-16 18:24 - 00000812 _____ () C:\Users\Usuario1\Desktop\JRT.txt
2014-10-16 18:20 - 2014-10-16 18:20 - 01705698 _____ (Thisisu) C:\Users\Usuario1\Desktop\JRT_2.exe
2014-10-16 17:59 - 2014-10-16 18:00 - 01976320 _____ () C:\Users\Usuario1\Desktop\AdwCleaner.exe
2014-10-16 17:54 - 2014-10-16 17:57 - 37771486 _____ () C:\Users\Usuario1\Downloads\Como ajustar un desviador delantero de bicicleta.mp4
2014-10-16 17:54 - 2014-10-16 17:56 - 36434031 _____ () C:\Users\Usuario1\Downloads\Como ajustar un cambio trasero de bicicleta.mp4
2014-10-16 10:41 - 2014-09-27 17:25 - 04183040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 10:41 - 2014-09-03 19:10 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-10-16 10:41 - 2014-09-03 18:57 - 00921600 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-10-16 10:41 - 2014-09-03 18:49 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-10-16 10:40 - 2014-09-25 17:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 10:40 - 2014-09-25 17:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-16 10:40 - 2014-09-25 17:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-16 10:40 - 2014-09-25 17:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-16 10:40 - 2014-09-25 17:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-16 10:40 - 2014-09-25 17:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 10:40 - 2014-09-18 21:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 10:40 - 2014-09-18 20:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-16 10:40 - 2014-09-18 20:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 10:40 - 2014-09-18 20:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 10:40 - 2014-09-18 20:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-16 10:40 - 2014-09-18 20:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 10:40 - 2014-09-18 20:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-16 10:40 - 2014-09-18 20:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-16 10:40 - 2014-09-18 20:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-16 10:40 - 2014-09-18 20:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 10:40 - 2014-09-18 19:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-16 10:40 - 2014-09-18 19:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 10:40 - 2014-09-18 19:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-16 10:40 - 2014-09-18 19:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 10:40 - 2014-09-18 19:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 10:40 - 2014-09-18 19:42 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 10:40 - 2014-09-18 19:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 10:40 - 2014-09-18 19:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-16 10:40 - 2014-09-18 19:20 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-16 10:40 - 2014-09-18 19:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 10:40 - 2014-09-18 18:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-16 10:40 - 2014-09-18 18:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-16 10:40 - 2014-09-18 18:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-16 10:40 - 2014-09-18 18:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-16 10:40 - 2014-09-07 22:15 - 00054752 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-10-16 10:40 - 2014-09-07 20:46 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-10-16 10:40 - 2014-09-07 20:46 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-10-16 10:40 - 2014-09-07 19:08 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-10-16 10:40 - 2014-09-07 19:07 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-10-16 10:40 - 2014-09-07 19:05 - 03448320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-10-16 10:40 - 2014-09-07 19:04 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-10-16 10:40 - 2014-09-07 19:04 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-10-16 10:40 - 2014-09-07 19:03 - 01702400 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-10-16 10:40 - 2014-09-07 19:03 - 00839680 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-10-16 10:40 - 2014-09-07 18:59 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-10-16 10:40 - 2014-09-07 18:59 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-10-16 10:40 - 2014-09-07 18:56 - 00672256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-10-16 10:40 - 2014-09-07 18:56 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-10-16 10:39 - 2014-10-09 17:16 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-16 10:39 - 2014-10-08 17:09 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-16 10:39 - 2014-09-18 20:24 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-16 10:39 - 2014-09-13 01:29 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-16 10:39 - 2014-09-13 00:49 - 00068608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-16 10:39 - 2014-09-03 19:12 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 10:39 - 2014-09-03 19:01 - 00514048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-16 10:38 - 2014-09-13 01:02 - 02779648 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 10:38 - 2014-09-13 00:30 - 03117568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-16 09:08 - 2014-10-16 09:41 - 00000478 _____ () C:\Users\Usuario1\Desktop\defogger_disable.log
2014-10-16 09:08 - 2014-10-16 09:08 - 00000168 _____ () C:\Users\Usuario1\defogger_reenable
2014-10-16 09:06 - 2014-10-16 09:06 - 00050477 _____ () C:\Users\Usuario1\Desktop\Defogger.exe
2014-10-15 19:33 - 2014-10-15 21:11 - 00000000 ____D () C:\Users\Usuario1\Downloads\Fun with Dick and Jane (2005)
2014-10-14 22:51 - 2014-10-14 22:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-14 21:12 - 2014-10-14 21:15 - 00000000 ____D () C:\Users\Usuario1\Downloads\Liar Liar (1997)
2014-10-14 18:35 - 2014-10-20 08:17 - 00000000 ____D () C:\FRST
2014-10-14 16:43 - 2014-10-14 16:43 - 00000794 _____ () C:\Windows\setupact.log
2014-10-14 16:43 - 2014-10-14 16:43 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-09 21:06 - 2014-10-09 21:09 - 18587865 _____ () C:\Users\Usuario1\Downloads\Como hacer un circuito de fuerza.flv
2014-10-09 19:41 - 2014-10-09 19:45 - 27421464 _____ () C:\Users\Usuario1\Downloads\Instalación Eléctrica Residencial (Servicio Monofásico 110 volts).flv
2014-10-09 19:01 - 2014-10-09 19:02 - 17037873 _____ () C:\Users\Usuario1\Downloads\Como controlar una lámpara con dos apagadores de escalera (Método de Corto Circuito) 2da Parte.flv
2014-10-06 16:16 - 2014-10-06 16:23 - 229957003 _____ () C:\Users\Usuario1\Downloads\math-e222-L01-20030915.flv
2014-09-28 13:14 - 2014-09-28 13:15 - 00280576 _____ () C:\Windows\Minidump\092814-26328-01.dmp
2014-09-28 13:14 - 2014-09-28 13:14 - 532430974 _____ () C:\Windows\MEMORY.DMP
2014-09-28 13:13 - 2014-10-09 11:06 - 00000548 _____ () C:\Windows\system32\.crusader
2014-09-28 10:34 - 2014-09-28 10:34 - 00687452 _____ () C:\Users\Usuario1\Downloads\Payno Manuel Bandidos de R+¡o Fr+¡o.pdb
2014-09-28 09:17 - 2014-09-28 09:17 - 00000000 ____D () C:\Windows\ERUNT
2014-09-28 08:52 - 2014-10-16 18:12 - 00000000 ____D () C:\AdwCleaner
2014-09-27 13:29 - 2014-09-27 19:24 - 00000000 ____D () C:\Mapas
2014-09-27 12:45 - 2014-09-27 12:45 - 00000000 ____D () C:\e14d32
2014-09-27 12:45 - 2014-09-27 12:45 - 00000000 ____D () C:\e14d22
2014-09-27 11:29 - 2014-09-27 12:23 - 00000000 ____D () C:\Users\Usuario1\Desktop\Mapas
2014-09-27 11:07 - 2014-10-16 18:15 - 00007414 _____ () C:\Windows\PFRO.log
2014-09-27 09:33 - 2014-09-27 09:33 - 00041540 _____ () C:\Users\Usuario1\Documents\cc_20140927_093302.reg
2014-09-26 14:20 - 2014-09-26 14:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-26 14:20 - 2014-09-26 14:20 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-26 14:20 - 2014-09-26 14:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-26 14:18 - 2014-08-15 23:08 - 21195616 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-26 14:18 - 2014-08-15 23:08 - 01507648 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-09-26 14:18 - 2014-08-15 23:01 - 01710184 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-09-26 14:18 - 2014-08-15 22:58 - 01112512 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-09-26 14:18 - 2014-08-15 22:57 - 02498880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-09-26 14:18 - 2014-08-15 22:57 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-09-26 14:18 - 2014-08-15 22:16 - 18722600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-09-26 14:18 - 2014-08-15 22:16 - 01205976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-09-26 14:18 - 2014-08-15 22:03 - 01467384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-09-26 14:18 - 2014-08-15 20:31 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-09-26 14:18 - 2014-08-15 20:04 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2014-09-26 14:18 - 2014-08-15 19:58 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2014-09-26 14:18 - 2014-08-15 19:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2014-09-26 14:18 - 2014-08-15 19:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll
2014-09-26 14:18 - 2014-08-15 19:45 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2014-09-26 14:18 - 2014-08-15 19:43 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2014-09-26 14:18 - 2014-08-15 19:43 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2014-09-26 14:18 - 2014-08-15 19:31 - 00914432 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-09-26 14:18 - 2014-08-15 19:31 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
2014-09-26 14:18 - 2014-08-15 19:29 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-26 14:18 - 2014-08-15 19:23 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-09-26 14:18 - 2014-08-15 19:22 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-09-26 14:18 - 2014-08-15 19:22 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-09-26 14:18 - 2014-08-15 19:19 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-26 14:18 - 2014-08-15 19:18 - 04758528 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-09-26 14:18 - 2014-08-15 19:17 - 08757760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-09-26 14:18 - 2014-08-15 19:14 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-09-26 14:18 - 2014-08-15 19:13 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-09-26 14:18 - 2014-08-15 19:13 - 05902848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-09-26 14:18 - 2014-08-15 19:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-09-26 14:18 - 2014-08-15 19:11 - 00920064 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-09-26 14:18 - 2014-08-15 19:10 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-09-26 14:18 - 2014-08-15 19:08 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-09-26 14:18 - 2014-08-15 19:07 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-09-26 14:18 - 2014-07-31 18:22 - 00388729 _____ () C:\Windows\system32\ApnDatabase.xml
2014-09-26 14:17 - 2014-08-28 20:58 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-09-26 14:17 - 2014-08-28 18:56 - 02646016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-26 14:17 - 2014-08-28 18:47 - 02321920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-09-26 13:00 - 2014-10-14 08:41 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-09-26 08:14 - 2014-06-23 18:08 - 01601992 _____ (Avira Operations GmbH & Co. KG) C:\Users\Usuario1\Desktop\fusebundle.exe
2014-09-26 08:14 - 2013-03-13 12:45 - 00001337 _____ () C:\Users\Usuario1\Desktop\fusebundle.conf
2014-09-26 00:13 - 2014-09-26 00:20 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-26 00:13 - 2014-09-26 00:19 - 00001153 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-26 00:12 - 2014-09-26 00:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-26 00:12 - 2014-09-26 00:12 - 00002086 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-09-26 00:12 - 2014-09-26 00:12 - 00000000 ____D () C:\Users\Usuario1\AppData\Roaming\Avira
2014-09-26 00:11 - 2014-10-14 08:41 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-09-26 00:11 - 2014-10-14 08:41 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-09-26 00:11 - 2014-09-26 00:19 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-26 00:11 - 2014-09-26 00:13 - 00000000 ____D () C:\ProgramData\Avira
2014-09-26 00:11 - 2014-08-15 14:47 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-09-25 23:06 - 2014-09-25 23:06 - 00000000 ____D () C:\Windows\pss
2014-09-25 09:43 - 2014-09-25 10:46 - 00000000 ____D () C:\Users\Usuario1\Desktop\GPSClass
2014-09-24 20:38 - 2014-09-26 13:55 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit
2014-09-24 12:40 - 2014-09-24 12:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
2014-09-24 12:37 - 2014-09-24 12:37 - 00000000 ____D () C:\AMD
2014-09-24 10:02 - 2014-09-24 10:50 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-09-24 09:20 - 2014-09-24 09:20 - 09447761 _____ () C:\Users\Usuario1\Downloads\Dierks Bentley - Come A Little Closer.mp4
2014-09-23 12:25 - 2014-09-23 18:48 - 14114082 _____ () C:\Users\Usuario1\Downloads\escalerar3a.skb
2014-09-23 12:04 - 2014-09-24 00:15 - 14090525 _____ () C:\Users\Usuario1\Downloads\escalerar3a.skp
2014-09-23 12:01 - 2014-09-23 12:02 - 13765021 _____ () C:\Users\Usuario1\Downloads\escalerar3.skp
2014-09-22 13:29 - 2014-09-22 13:29 - 00002216 _____ () C:\Users\Public\Desktop\Style Builder 2.lnk
2014-09-22 13:29 - 2014-09-22 13:29 - 00002130 _____ () C:\Users\Public\Desktop\LayOut 3.lnk
2014-09-22 13:29 - 2014-09-22 13:29 - 00002041 _____ () C:\Users\Public\Desktop\Google SketchUp 8.lnk
2014-09-22 13:29 - 2014-09-22 13:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google SketchUp 8
2014-09-20 20:25 - 2014-09-20 20:28 - 00000000 ____D () C:\Users\Usuario1\Desktop\musica3

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-20 08:14 - 2014-08-01 08:52 - 00000000 ____D () C:\Users\Usuario1\AppData\Roaming\uTorrent
2014-10-20 08:11 - 2014-08-02 10:28 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-20 08:10 - 2014-07-31 19:37 - 00000000 ____D () C:\Users\Usuario1\AppData\Roaming\ClassicShell
2014-10-20 08:09 - 2014-09-03 22:59 - 00001054 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-20 08:09 - 2014-09-03 22:59 - 00001050 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-20 08:04 - 2014-09-03 22:59 - 00004026 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-20 08:04 - 2014-09-03 22:59 - 00003790 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-20 08:03 - 2014-07-31 19:25 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2189552084-2033204020-3239810638-1001
2014-10-20 08:02 - 2014-08-02 21:52 - 00005028 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Home-Usuario1 Home
2014-10-20 08:01 - 2014-09-03 23:02 - 00002201 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-20 08:01 - 2014-07-31 19:25 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{A296206B-BF14-4832-8EFC-EDA871D75F99}
2014-10-20 08:00 - 2014-09-16 13:30 - 01999861 _____ () C:\Windows\WindowsUpdate.log
2014-10-20 08:00 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\sru
2014-10-20 07:58 - 2014-09-15 08:04 - 00000004 _____ () C:\Windows\SysWOW64\GVTunner.ref
2014-10-20 07:58 - 2014-08-12 20:47 - 00000000 ___RD () C:\Users\Usuario1\OneDrive
2014-10-20 07:58 - 2014-08-04 23:50 - 00030528 _____ () C:\Windows\GVTDrv64.sys
2014-10-20 07:58 - 2014-08-04 23:47 - 00025640 _____ (Windows ® Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-10-19 15:23 - 2014-08-03 00:49 - 00000000 ____D () C:\Users\Usuario1\AppData\Roaming\DMCache
2014-10-19 13:18 - 2014-08-01 09:21 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-10-19 13:18 - 2014-08-01 09:17 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-18 18:46 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-10-18 08:56 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-10-17 18:00 - 2014-08-01 11:40 - 00000330 _____ () C:\Windows\Tasks\Flash Update.job
2014-10-17 17:24 - 2014-07-31 23:34 - 00000000 ____D () C:\Users\Usuario1\AppData\Roaming\vlc
2014-10-17 08:03 - 2014-08-03 00:49 - 00000000 ____D () C:\Users\Usuario1\AppData\Roaming\IDM
2014-10-16 18:16 - 2013-08-22 09:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-16 18:15 - 2013-08-22 09:44 - 00541528 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-16 18:14 - 2014-08-02 10:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-16 18:14 - 2013-08-22 08:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-10-16 18:13 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-10-16 18:13 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\FileManager
2014-10-16 18:13 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\Camera
2014-10-16 12:21 - 2013-08-22 08:25 - 00000167 _____ () C:\Windows\win.ini
2014-10-16 12:20 - 2013-08-22 10:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-10-16 12:18 - 2014-07-31 20:11 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 12:10 - 2014-07-31 20:11 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-16 12:09 - 2014-07-31 21:29 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-16 11:45 - 2014-07-31 19:17 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-16 09:08 - 2014-07-31 19:18 - 00000000 ____D () C:\Users\Usuario1
2014-10-14 15:15 - 2014-08-02 17:09 - 20647936 ___SH () C:\Users\Usuario1\Documents\Thumbs.db
2014-10-14 09:02 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-06 16:12 - 2014-08-01 12:47 - 00337408 ___SH () C:\Users\Usuario1\Desktop\Thumbs.db
2014-10-06 13:48 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-10-06 12:47 - 2014-08-01 12:34 - 00000000 ____D () C:\ProgramData\EPSON
2014-09-30 22:57 - 2014-08-21 16:38 - 00000000 _____ () C:\Windows\SysWOW64\router.xml
2014-09-29 17:45 - 2013-08-22 10:38 - 00706016 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-29 17:45 - 2013-08-22 10:38 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-29 12:01 - 2014-08-10 12:00 - 00000000 ____D () C:\Users\Usuario1\Downloads\Computer Gadget & Tablet Magazines - August 9 2014 (True PDF)
2014-09-29 12:01 - 2014-08-06 21:44 - 00132608 ___SH () C:\Users\Usuario1\Downloads\Thumbs.db
2014-09-29 12:01 - 2014-07-31 19:20 - 00000000 ____D () C:\Users\Usuario1\AppData\Local\Packages
2014-09-28 18:14 - 2014-08-05 12:24 - 00000000 ____D () C:\Program Files\Blender Foundation
2014-09-28 13:14 - 2014-09-07 08:25 - 00000000 ____D () C:\Windows\Minidump
2014-09-28 13:03 - 2014-09-08 21:50 - 00000000 ____D () C:\ProgramData\TP-LINK
2014-09-28 13:03 - 2014-08-01 12:33 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-28 10:12 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\rescache
2014-09-27 13:39 - 2014-09-06 17:16 - 00000000 ____D () C:\Tlapashp
2014-09-27 12:46 - 2014-08-03 00:49 - 00000000 ____D () C:\Users\Usuario1\Downloads\Compressed
2014-09-27 11:22 - 2014-08-11 09:00 - 00000000 ____D () C:\Users\Usuario1\Desktop\SAS.Planet.Release.131111
2014-09-26 15:16 - 2014-07-31 21:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2014-09-26 14:22 - 2013-08-22 10:36 - 00000000 ___RD () C:\Windows\ToastData
2014-09-26 14:22 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\WinStore
2014-09-26 00:06 - 2014-07-31 20:47 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-24 12:40 - 2014-08-01 15:02 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-09-24 12:39 - 2014-08-01 15:03 - 00000000 ____D () C:\ProgramData\AMD
2014-09-22 13:29 - 2014-07-31 20:04 - 00000000 ____D () C:\Program Files (x86)\Google

Some content of TEMP:
====================
C:\Users\Usuario1\AppData\Local\Temp\avgnt.exe
C:\Users\Usuario1\AppData\Local\Temp\HitmanPro.exe
C:\Users\Usuario1\AppData\Local\Temp\Quarantine.exe
C:\Users\Usuario1\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-17 15:56

==================== End Of Log ============================

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-10-2014
Ran by Usuario1 at 2014-10-20 08:17:39
Running from C:\Users\Usuario1\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34309 - BitTorrent Inc.)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{A731A859-7426-DEB6-80A3-E6A2508DC85A}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
ArcGIS Desktop 10 (HKLM-x32\...\ArcGIS Desktop 10) (Version: 10.0.2414 - Environmental Systems Research Institute, Inc.)
ArcGIS Desktop 10 (x32 Version: 10.0.2414 - Environmental Systems Research Institute, Inc.) Hidden
ArcGIS License Manager 10 (HKLM-x32\...\ArcGIS License Manager 10) (Version: 10.0.2414 - Environmental Systems Research Institute, Inc.)
ArcGIS License Manager 10 (x32 Version: 10.0.2414 - Environmental Systems Research Institute, Inc.) Hidden
Auslogics Duplicate File Finder (HKLM-x32\...\{6845255F-15CC-4DD1-94D5-D38F370118B3}_is1) (Version: 3.5.4.0 - Auslogics Labs Pty Ltd)
Avira (HKLM-x32\...\{70e83cd8-4bd5-4039-ab5a-6b94a8abb641}) (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira)
Brain Workshop 4.8.1 (HKLM-x32\...\Brain Workshop_is1) (Version: 4.8.1 - Paul Hoskinson & Jonathan Toomim)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0806.1213.19931 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{B6FBF358-6B5E-4DE4-8BC5-892C87BBD3B4}) (Version:  - Microsoft)
Easy Tune 6 B13.1211.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B13.1211.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Eines de correcció del Microsoft Office 2013: català (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON TX230 Series Printer Uninstall (HKLM\...\EPSON TX230 Series) (Version:  - SEIKO EPSON Corporation)
Ferramentas de verificación de Microsoft Office 2013 - Galego (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.1.618 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Earth (HKLM-x32\...\{A2264E8F-1649-11E3-8BED-B8AC6F98CCE3}) (Version: 7.1.2.2019 - Google)
Google SketchUp Pro 8 (HKLM-x32\...\{5AA2BF91-440A-49E8-A2F4-A5CE4F94606D}) (Version: 3.0.3198 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Access MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office zuzenketa-tresnak 2013 - Euskara (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Word MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Mozilla Firefox 33.0 (x86 es-ES) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 es-ES)) (Version: 33.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
OziExplorer 3.95 (HKLM-x32\...\OziExplorer 3.95_is1) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
SAP2000 16 (HKLM-x32\...\{76898544-7B92-4942-B257-F19F474929AB}) (Version: 16.0.0 - Computers and Structures, Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Software Updater (HKLM-x32\...\{6DFBE8A2-CDBF-453E-B34C-32F202FCEE4C}) (Version: 4.2.1 - SEIKO EPSON CORPORATION)
TELL ME MORE (HKLM-x32\...\TMM90) (Version:  - )
Update for Microsoft Excel 2013 (KB2889941) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EFD6026A-1531-4678-B51B-1A10C3F51CEE}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2889941) 64-Bit Edition (HKLM\...\{90150000-0016-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{EFD6026A-1531-4678-B51B-1A10C3F51CEE}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2889941) 64-Bit Edition (HKLM\...\{90150000-0018-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{EFD6026A-1531-4678-B51B-1A10C3F51CEE}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2889941) 64-Bit Edition (HKLM\...\{90150000-001B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{EFD6026A-1531-4678-B51B-1A10C3F51CEE}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2889941) 64-Bit Edition (HKLM\...\{90150000-00C1-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{EFD6026A-1531-4678-B51B-1A10C3F51CEE}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2881083) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{5274B9DA-BC82-4400-9B7D-1CC2BDF7BBE5}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2889929) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{FC4C557E-7664-453D-8A55-5D414069E0F5}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2889929) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{FC4C557E-7664-453D-8A55-5D414069E0F5}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2889929) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{FC4C557E-7664-453D-8A55-5D414069E0F5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760249) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{7A4AB8E1-C091-4BD3-B308-844BA6EE752A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760371) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{25DEA344-FF6F-41BD-B88F-5242BB8E80E1}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881001) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{DF1B7B95-4A86-4605-A628-556394B5580A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881004) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AC8BEB81-5B5E-4503-B1F4-7781F4642E46}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881004) 64-Bit Edition (HKLM\...\{90150000-0016-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{AC8BEB81-5B5E-4503-B1F4-7781F4642E46}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881009) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3033838D-15E0-4199-8CBD-A7F2057AE653}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881012) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0DC71935-8DEE-4621-A223-23FD1552E567}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0016-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0090-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881039) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C675FC43-E413-49A7-B3DC-44967B4FE22D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E919ACF4-A1D7-4CAA-A103-5EB115563721}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883049) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{39D9DAC1-16A7-430A-B2F3-4D3D000454D0}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0403-1000-0000000FF1CE}_Office15.PROPLUS_{EA528E89-5C30-44C2-8EBA-FEA7B4F73E22}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F9C35D99-CA8E-4D17-B785-66AC654D5664}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{18C53DCB-FA98-4A7B-BC2E-6DA30D4E4901}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}_Office15.PROPLUS_{49B25930-F28E-4693-B6B9-F94885693F16}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-042D-1000-0000000FF1CE}_Office15.PROPLUS_{2538C77B-1287-40B6-9C13-B9B8D9D0963D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0456-1000-0000000FF1CE}_Office15.PROPLUS_{9FD97A64-17E8-4D0B-8328-A28EA46090C9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{6E2862B8-C10A-4FD0-9B82-8D9761301AAA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883095) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EADBF225-163E-406B-B11A-26ECCCAB5A0E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889927) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0A84CF05-F164-471D-8AFB-AC4C7FF7CA71}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889927) 64-Bit Edition (HKLM\...\{90150000-006E-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{0A84CF05-F164-471D-8AFB-AC4C7FF7CA71}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889927) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0A84CF05-F164-471D-8AFB-AC4C7FF7CA71}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889940) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{36772E16-D3FA-440E-B001-0BEB2B1FCE47}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889942) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C22AE0C4-590E-46FF-9E21-37F45B84ADDD}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889942) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C22AE0C4-590E-46FF-9E21-37F45B84ADDD}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB3000731) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{2245C7DD-6984-40C8-AD2C-C1CC6F049C91}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB3000731) 64-Bit Edition (HKLM\...\{90150000-00BA-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{2245C7DD-6984-40C8-AD2C-C1CC6F049C91}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB3000731) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{2245C7DD-6984-40C8-AD2C-C1CC6F049C91}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB3000731) 64-Bit Edition (HKLM\...\{90150000-00C1-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{2245C7DD-6984-40C8-AD2C-C1CC6F049C91}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2883059) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BA62716F-904B-4668-A792-A41C1D806416}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2883059) 64-Bit Edition (HKLM\...\{90150000-00A1-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{BA62716F-904B-4668-A792-A41C1D806416}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2883059) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BA62716F-904B-4668-A792-A41C1D806416}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2986204) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{2CB96A7D-CBFE-4028-ACE8-31C3925D3D46}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2986204) 64-Bit Edition (HKLM\...\{90150000-001A-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{2CB96A7D-CBFE-4028-ACE8-31C3925D3D46}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2889847) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{7F1008C2-8C87-497F-B6D8-56B53DA0FAB3}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2889847) 64-Bit Edition (HKLM\...\{90150000-0018-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{7F1008C2-8C87-497F-B6D8-56B53DA0FAB3}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0019-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2889939) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9FB1FB2E-AF3B-435F-BEBD-E6B0E89753F2}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2889939) 64-Bit Edition (HKLM\...\{90150000-001A-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{9FB1FB2E-AF3B-435F-BEBD-E6B0E89753F2}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2889939) 64-Bit Edition (HKLM\...\{90150000-001B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{9FB1FB2E-AF3B-435F-BEBD-E6B0E89753F2}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2889939) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{9FB1FB2E-AF3B-435F-BEBD-E6B0E89753F2}) (Version:  - Microsoft)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

09-10-2014 16:06:01 Checkpoint by HitmanPro
15-10-2014 12:40:15 Checkpoint by HitmanPro
19-10-2014 18:15:02 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0191642D-BBD5-48FB-8F91-690C272DC0F9} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {041E7532-87A5-4F1C-BE7D-5D76526763B7} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1921399D-BB51-438B-B9C2-7F85A769133E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-03] (Google Inc.)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {262B4C49-E9A8-4996-B420-F01B095DD3C4} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3DCE00AC-49BC-41B9-B663-3B12C38020DB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {42E5AF11-C11C-4391-87E0-CEEDF3AA8B73} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5AC14BC1-82DB-408D-9985-C6AC583036F9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated)
Task: {69F5FCCA-5AFE-4350-92BE-B12E7E3967F7} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {76C8AFA0-4449-4147-81DD-6588561A9D95} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-10-16] (Microsoft Corporation)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9EC364D9-8B3A-425C-8DFC-BD5A84A02503} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A9727A53-FD3E-41EE-9092-4671372F43AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-03] (Google Inc.)
Task: {AAA1BA6C-0A41-4AAC-A045-ECFC62576380} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {B5802072-D76F-4189-8BBA-06E4AB7423AD} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Home-Usuario1 Home => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2014-07-27] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E68F4E13-7EFE-4CD6-BB11-5C24EA6854A9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F1C1E75A-3D9D-458B-BBF0-E18F6CB34B97} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {FBE6D35E-7281-4048-A678-3A3CF0D0DF4B} - System32\Tasks\Flash Update => Wscript.exe //nologo //B C:\Windows\update.js
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Flash Update.job => C:\Windows\system32\wscript.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-11-16 16:27 - 2012-11-16 16:27 - 00211968 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-03-05 16:03 - 2012-03-05 16:03 - 00677376 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-02-16 14:53 - 2012-02-16 14:53 - 03642880 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2012-11-16 16:27 - 2012-11-16 16:27 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2012-01-13 14:04 - 2012-01-13 14:04 - 00219760 _____ () C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
2014-08-27 15:00 - 2014-08-27 15:00 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00066864 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2013-11-14 10:32 - 2013-11-14 10:32 - 02887751 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Normal.dll
2013-11-05 11:07 - 2013-11-05 11:07 - 00651327 _____ () C:\Program Files (x86)\GIGABYTE\ET6\work.dll
2013-11-06 17:59 - 2013-11-06 17:59 - 01335358 _____ () C:\Program Files (x86)\GIGABYTE\ET6\HM.dll
2013-03-23 10:59 - 2013-03-23 10:59 - 01433674 _____ () C:\Program Files (x86)\GIGABYTE\ET6\GVTunner.dll
2003-02-14 14:11 - 2003-02-14 14:11 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Sound.dll
2013-11-01 10:29 - 2013-11-01 10:29 - 01318984 _____ () C:\Program Files (x86)\GIGABYTE\ET6\AMD8.dll
2013-09-13 15:26 - 2013-09-13 15:26 - 01331266 _____ () C:\Program Files (x86)\GIGABYTE\ET6\SF.dll
2008-05-07 15:22 - 2008-05-07 15:22 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\ET6\CIAMIB.dll
2012-05-08 15:01 - 2012-05-08 15:01 - 00069632 _____ () C:\Program Files (x86)\GIGABYTE\ET6\GPTT.dll
2011-10-18 09:26 - 2011-10-18 09:26 - 00024576 _____ () C:\Program Files (x86)\GIGABYTE\ET6\STT.dll
2013-11-05 13:12 - 2013-11-05 13:12 - 01499200 _____ () C:\Program Files (x86)\GIGABYTE\ET6\OCK.dll
2012-11-27 15:03 - 2012-11-27 15:03 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\ET6\ycc.dll
2013-05-24 00:50 - 2013-05-24 00:50 - 03860520 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Platform.dll
2010-06-24 15:50 - 2010-06-24 15:50 - 00094208 _____ () C:\Program Files (x86)\GIGABYTE\ET6\IccLibDll.dll
2011-03-01 19:00 - 2011-03-01 19:00 - 00126976 _____ () C:\Program Files (x86)\GIGABYTE\ET6\StabilityLib.dll
2013-05-24 00:50 - 2013-05-24 00:50 - 00579616 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Device.dll
2013-12-09 17:21 - 2013-12-09 17:21 - 00311296 _____ () C:\Program Files (x86)\GIGABYTE\ET6\MFCCPU.DLL
2014-09-26 00:13 - 2014-08-27 15:00 - 00052472 _____ () C:\Users\Usuario1\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-10-18 19:07 - 2014-10-09 21:03 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libglesv2.dll
2014-10-18 19:07 - 2014-10-09 21:03 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libegl.dll
2014-10-18 19:07 - 2014-10-09 21:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll
2014-10-18 19:07 - 2014-10-09 21:03 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ffmpegsumo.dll
2014-10-14 22:51 - 2014-10-14 22:51 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Usuario1\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-2189552084-2033204020-3239810638-500 - Administrator - Disabled)
Guest (S-1-5-21-2189552084-2033204020-3239810638-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2189552084-2033204020-3239810638-1003 - Limited - Enabled)
Usuario1 (S-1-5-21-2189552084-2033204020-3239810638-1001 - Administrator - Enabled) => C:\Users\Usuario1

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/20/2014 08:01:19 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/20/2014 08:01:14 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=6

Error: (10/20/2014 08:00:54 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/19/2014 09:34:55 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkQuarantineRetry

Error: (10/19/2014 09:34:43 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/19/2014 09:34:43 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=5

Error: (10/19/2014 01:15:16 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (10/19/2014 07:21:51 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/19/2014 07:21:45 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=4

Error: (10/19/2014 07:21:39 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable


System errors:
=============
Error: (10/19/2014 09:29:56 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMScheduler service.

Error: (10/18/2014 08:46:53 PM) (Source: DCOM) (EventID: 10010) (User: HOME)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (10/17/2014 08:46:41 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer USER-HP
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{79297320-0A40-4C04-B507-9C0489284F32}.
The master browser is stopping or an election is being forced.


Microsoft Office Sessions:
=========================
Error: (10/20/2014 08:01:19 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/20/2014 08:01:14 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=6

Error: (10/20/2014 08:00:54 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/19/2014 09:34:55 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkQuarantineRetry

Error: (10/19/2014 09:34:43 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/19/2014 09:34:43 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=5

Error: (10/19/2014 01:15:16 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.

Error: (10/19/2014 07:21:51 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/19/2014 07:21:45 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=4

Error: (10/19/2014 07:21:39 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable


CodeIntegrity Errors:
===================================
  Date: 2014-09-26 12:54:25.083
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-26 12:47:37.850
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-26 12:32:46.658
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-26 07:43:02.125
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-26 00:57:47.673
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-26 00:26:11.652
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-26 00:08:41.752
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-26 00:01:58.843
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-25 23:53:49.306
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-25 23:49:35.906
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: AMD Phenom™ II X4 955 Processor
Percentage of memory in use: 31%
Total physical RAM: 7677.55 MB
Available physical RAM: 5274.51 MB
Total Pagefile: 15357.55 MB
Available Pagefile: 11945.86 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:297.75 GB) (Free:199.92 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: E642E3F8)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=297.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

 

Thank you.



#14 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,158 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:08:41 AM

Posted 20 October 2014 - 11:02 AM

Hi Rufo100.

 

We'll skip ESET for now.

 

Looks like something hadn't been done correctly, let's redo them.

 

We need to remove programs using "Programs and Features"

Click the "Start" orb on the taskbar, and then click the "Control Panel" button.

  • If you use Category mode, click on Uninstall a Program.
  • If you use Icons mode, click on Program and Features.

A list of programs installed will be "populated" (this may take a bit of time).
If they exist, uninstall the following by clicking on the below entries and selecting "Remove":

PrivDog

Additional instructions can be found here if needed.

 

---------------------

 

We need to run a fix with FRST:

  • Please download the attached fixlist.txt file and save it to the same location as FRST
    Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Run FRST.exe/FRST64.exe and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply

==========

 

After you have run above tools, please create new FRST log and post it here.

 

Thank you.


Edited by Sirawit, 20 October 2014 - 11:02 AM.

If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#15 Rufo100

Rufo100
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:07:41 PM

Posted 20 October 2014 - 01:16 PM

Hi Sirawit:

 

Here's what I got:

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-10-2014
Ran by Usuario1 (administrator) on HOME on 20-10-2014 13:10:34
Running from C:\Users\Usuario1\Desktop
Loaded Profile: Usuario1 (Available profiles: Usuario1)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Acresso Software Inc.) C:\Program Files (x86)\ArcGIS\License10.0\bin\lmgrd.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Acresso Software Inc.) C:\Program Files (x86)\ArcGIS\License10.0\bin\lmgrd.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(ESRI) C:\Program Files (x86)\ArcGIS\License10.0\bin\ARCGIS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Acresso Software Inc.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(BitTorrent Inc.) C:\Users\Usuario1\AppData\Roaming\uTorrent\uTorrent.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHLL.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\Usuario1\Desktop\FRST64_2.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-11-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\RunOnce: [EasyTuneVI] => C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe [40960 2012-07-09] ()
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001\...\Run: [uTorrent] => C:\Users\Usuario1\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2014-10-19] (BitTorrent Inc.)
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001\...\Run: [Epson Stylus TX230] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLL.EXE [232448 2011-01-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001\...\Run: [EPSON3302EF (Epson Stylus TX230)] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLL.EXE [232448 2011-01-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2189552084-2033204020-3239810638-1001\...\Run: [GoogleChromeAutoLaunch_799DBF94D1A449045C5C3D51CA15ABA5] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [854344 2014-10-09] (Google Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (Tonec Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.prodigy.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0912050E1FADCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es-MX
SearchScopes: HKCU - {8761DCE9-7B12-46A3-BFDF-D915F9758713} URL = https://mx.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=811891&p={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO: PrivDog Extension -> {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} -> C:\Program Files\AdTrustMedia\PrivDog\2.2.0.14\trustedads.dll No File
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{79297320-0A40-4C04-B507-9C0489284F32}: [NameServer] 162.221.181.52,107.155.112.105,185.61.148.223,8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Usuario1\AppData\Roaming\Mozilla\Firefox\Profiles\4vk3sf5t.default
FF Keyword.URL: https://mx.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=811891&p=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF SearchPlugin: C:\Users\Usuario1\AppData\Roaming\Mozilla\Firefox\Profiles\4vk3sf5t.default\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\drae.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-es.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-es.xml
FF Extension: Avira Browser Safety - C:\Users\Usuario1\AppData\Roaming\Mozilla\Firefox\Profiles\4vk3sf5t.default\Extensions\abs@avira.com [2014-09-30]
FF Extension: Roomy Bookmarks Toolbar - C:\Users\Usuario1\AppData\Roaming\Mozilla\Firefox\Profiles\4vk3sf5t.default\Extensions\ALone-live@ya.ru.xpi [2014-09-17]
FF Extension: Duplicate in Tab Context Menu - C:\Users\Usuario1\AppData\Roaming\Mozilla\Firefox\Profiles\4vk3sf5t.default\Extensions\DuplicateInTabContext@schuzak.jp.xpi [2014-09-06]
FF Extension: GDrive Panel - C:\Users\Usuario1\AppData\Roaming\Mozilla\Firefox\Profiles\4vk3sf5t.default\Extensions\gdrivepanel@alejandrobrizuela.com.ar.xpi [2014-08-19]
FF Extension: Save as PDF - C:\Users\Usuario1\AppData\Roaming\Mozilla\Firefox\Profiles\4vk3sf5t.default\Extensions\save-as-pdf-ff@pdfcrowd.com.xpi [2014-09-06]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Usuario1\AppData\Roaming\Mozilla\Firefox\Profiles\4vk3sf5t.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2014-08-02]
FF Extension: Adblock Plus - C:\Users\Usuario1\AppData\Roaming\Mozilla\Firefox\Profiles\4vk3sf5t.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-02]
FF HKCU\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Usuario1\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Usuario1\AppData\Roaming\IDM\idmmzcc5 [2014-08-03]
FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Usuario1\AppData\Roaming\IDM\idmmzcc5

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "https://google.com.mx/", "hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN", "hxxp://mx.yahoo.com?fr=fpc-comodo", "hxxp://search.b1.org/?bsrc=hmcor&chid=c162341", "", "hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=MX&userid=7b0fe9a4-8181-425b-b12a-3002bec783b9&searchtype=hp&installDate=26/04/2013", "hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=MX&userid=7b0fe9a4-8181-425b-b12a-3002bec783b9&searchtype=hp&installDate=26/04/2013"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dewey Bookmarks) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aahpfefkmihhdabllidnlipghcjgpkdm [2014-08-05]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2014-07-31]
CHR Extension: (Instant Notifications for Gmail) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\adlgnpfgagimgadbaboilkbdnhbpegmd [2014-07-31]
CHR Extension: (Torrent Search) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\afbpdhiclgghnffhkinjikglgmolhpee [2014-07-31]
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2014-07-31]
CHR Extension: (iStoryBooks) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\anbmgijcnihjphndkjglleofcnohhkkl [2014-07-31]
CHR Extension: (Google Docs) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-31]
CHR Extension: (Google Drive) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-31]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-26]
CHR Extension: (Keeper Web App) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnglfciifmgnafcgkkngkeopldlialb [2014-07-31]
CHR Extension: (4Shared Assistant) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blimndomboblbleeepfbhonajddgnpic [2014-07-31]
CHR Extension: (YouTube) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-31]
CHR Extension: (DuckDuckGo for Chrome) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao [2014-07-31]
CHR Extension: (TOEFL Essay Practice) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ceeicgdpllljlklonpkbhjighniifjij [2014-07-31]
CHR Extension: (Adblock Plus) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-31]
CHR Extension: (Ratings Preview for YouTube™) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbhdenfmgbagncdmgbholejjpmmiank [2014-07-31]
CHR Extension: (Anatomy 3D) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknbmnbaidbnmgbgmjhkegbcoegddeen [2014-07-31]
CHR Extension: (Google Search) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-31]
CHR Extension: (Flag for Chrome) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpojpfdiliekbbiplijcphappgcgjfn [2014-07-31]
CHR Extension: (Read Later Fast) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\decdfngdidijkdjgbknlnepdljfaepji [2014-07-31]
CHR Extension: (Google Calendar) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-07-31]
CHR Extension: (WordLayer Vocabulary) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\eljchjdhchemgkgaofhodhdkfnalpdhp [2014-07-31]
CHR Extension: (Common Core Math 1-6 by Sokikom) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\eombmpplkjplkhbgaochnmgkhlnkmomb [2014-07-31]
CHR Extension: (Avira Browser Safety) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-09-26]
CHR Extension: (AdBlock) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-21]
CHR Extension: (Planner 5D) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjfkgdpkecnmfcgfpfibpcnkeakahllc [2014-07-31]
CHR Extension: (Save to Google Drive) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2014-07-31]
CHR Extension: (Isoball 3) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajlkcpgcnbhfhpdeooockfaincfkjjj [2014-07-31]
CHR Extension: (IDM Integration Module) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2014-08-03]
CHR Extension: (MeeGenius! Children's Books) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhfhmaajajcjoijfaceafiembkmhcddc [2014-07-31]
CHR Extension: (Word Joust) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jijjjopeepgneiiamhahbmlnhcomdbml [2014-07-31]
CHR Extension: (Coordinates) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kahliknbfelbmndacbdademgailcockh [2014-07-31]
CHR Extension: (SparkChess 7) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\khgabmflimjjbclkmljlpmgaleanedem [2014-07-31]
CHR Extension: (Save as PDF) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdjmbiefanbdgnkcikhllpmjnnllbbc [2014-07-31]
CHR Extension: (BugMeNot Lite) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb [2014-07-31]
CHR Extension: (Google Maps) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-07-31]
CHR Extension: (3D Solar System Web) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdaaepplopehigjgkolniddiadbbkphd [2014-07-31]
CHR Extension: (English vocabulary) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgmklfohhllfpjjmjejencmaodgiknmj [2014-07-31]
CHR Extension: (Quick Note) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok [2014-07-31]
CHR Extension: (Google Play Books) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2014-07-31]
CHR Extension: (Do It (Tomorrow)) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfagjoblnoeagfhfhohcdklnddjaiglo [2014-07-31]
CHR Extension: (Google Wallet) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-31]
CHR Extension: (Click&Clean App) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2014-07-31]
CHR Extension: (Learn Portuguese Free - PortuguesePod101.com) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pehhnjcaajmakfljacomgihcjdekaonf [2014-07-31]
CHR Extension: (English Adventure 1) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflfajjbomhaicconbmnnnmndifemadh [2014-07-31]
CHR Extension: (Weather Underground) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej [2014-07-31]
CHR Extension: (Gmail) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-31]
CHR Extension: (Google Similar Pages) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjnfggphgdjblhfjaphkjhfpiiekbbej [2014-07-31]
CHR Extension: (Browser QuickLinks) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\plpjogfhobhpdcmcblieglnoooccfcmm [2014-07-31]
CHR Extension: (Learn Alphabet and Numbers) - C:\Users\Usuario1\AppData\Local\Google\Chrome\User Data\Default\Extensions\podikmghblokmmdgoilcnnpgogaocoal [2014-07-31]
CHR HKLM-x32\...\Chrome\Extension: [cmaiofennmphjldldcpphcechfnnohja] - C:\Program Files (x86)\AdTrustMedia\PrivDog\PrivDog_chrome.crx []
CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-05-15]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-11-16] (Advanced Micro Devices, Inc.) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-14] (Avira Operations GmbH & Co. KG)
R2 ArcGIS License Manager; C:\Program Files (x86)\ArcGIS\License10.0\bin\lmgrd.exe [1500424 2008-11-06] (Acresso Software Inc.)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
S3 ICCS; C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-21] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-08-15] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-08-04] (Disc Soft Ltd)
R3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-10-20] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-10-20] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
S3 WinDivert1.1; \??\C:\Program Files\KMSpico\WinDivert.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-20 13:10 - 2014-10-20 13:10 - 00027047 _____ () C:\Users\Usuario1\Desktop\FRST.txt
2014-10-20 12:38 - 2014-10-20 12:38 - 00000537 _____ () C:\Users\Usuario1\Desktop\fixlist.txt
2014-10-20 08:28 - 2014-10-20 08:28 - 02347384 _____ (ESET) C:\Users\Usuario1\Desktop\esetsmartinstaller_enu_2.exe
2014-10-20 08:23 - 2014-10-20 08:23 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-10-18 13:25 - 2014-10-18 13:26 - 05433149 _____ () C:\Users\Usuario1\Downloads\Acometida casa habitacion.flv
2014-10-18 13:18 - 2014-10-18 13:19 - 02667697 _____ () C:\Users\Usuario1\Downloads\Instalacion de Centro de carga.flv
2014-10-18 13:09 - 2014-10-18 13:09 - 04202314 _____ () C:\Users\Usuario1\Downloads\Instalacion del Termomagnetico.mp4
2014-10-17 08:05 - 2014-10-17 08:05 - 02112000 _____ (Farbar) C:\Users\Usuario1\Desktop\FRST64_2.exe
2014-10-17 07:38 - 2014-10-20 13:08 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-17 07:37 - 2014-10-17 07:41 - 00001118 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-17 07:37 - 2014-10-17 07:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-17 07:37 - 2014-10-17 07:41 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-17 07:37 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-17 07:37 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-17 07:37 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-17 07:35 - 2014-10-17 07:35 - 17305656 _____ (Malwarebytes Corporation ) C:\Users\Usuario1\Desktop\mbam-setup.exe
2014-10-16 19:47 - 2014-10-16 19:47 - 00000000 ____D () C:\Program Files (x86)\ESRI
2014-10-16 18:20 - 2014-10-16 18:20 - 01705698 _____ (Thisisu) C:\Users\Usuario1\Desktop\JRT_2.exe
2014-10-16 17:59 - 2014-10-16 18:00 - 01976320 _____ () C:\Users\Usuario1\Desktop\AdwCleaner.exe
2014-10-16 17:54 - 2014-10-16 17:57 - 37771486 _____ () C:\Users\Usuario1\Downloads\Como ajustar un desviador delantero de bicicleta.mp4
2014-10-16 17:54 - 2014-10-16 17:56 - 36434031 _____ () C:\Users\Usuario1\Downloads\Como ajustar un cambio trasero de bicicleta.mp4
2014-10-16 10:41 - 2014-09-27 17:25 - 04183040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 10:41 - 2014-09-03 19:10 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-10-16 10:41 - 2014-09-03 18:57 - 00921600 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-10-16 10:41 - 2014-09-03 18:49 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-10-16 10:40 - 2014-09-25 17:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 10:40 - 2014-09-25 17:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-16 10:40 - 2014-09-25 17:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-16 10:40 - 2014-09-25 17:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-16 10:40 - 2014-09-25 17:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-16 10:40 - 2014-09-25 17:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 10:40 - 2014-09-18 21:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 10:40 - 2014-09-18 20:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-16 10:40 - 2014-09-18 20:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 10:40 - 2014-09-18 20:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 10:40 - 2014-09-18 20:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-16 10:40 - 2014-09-18 20:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 10:40 - 2014-09-18 20:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-16 10:40 - 2014-09-18 20:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-16 10:40 - 2014-09-18 20:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-16 10:40 - 2014-09-18 20:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 10:40 - 2014-09-18 19:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-16 10:40 - 2014-09-18 19:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 10:40 - 2014-09-18 19:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-16 10:40 - 2014-09-18 19:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 10:40 - 2014-09-18 19:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 10:40 - 2014-09-18 19:42 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 10:40 - 2014-09-18 19:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 10:40 - 2014-09-18 19:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-16 10:40 - 2014-09-18 19:20 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-16 10:40 - 2014-09-18 19:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 10:40 - 2014-09-18 18:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-16 10:40 - 2014-09-18 18:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-16 10:40 - 2014-09-18 18:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-16 10:40 - 2014-09-18 18:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-16 10:40 - 2014-09-07 22:15 - 00054752 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-10-16 10:40 - 2014-09-07 20:46 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-10-16 10:40 - 2014-09-07 20:46 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-10-16 10:40 - 2014-09-07 19:08 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-10-16 10:40 - 2014-09-07 19:07 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-10-16 10:40 - 2014-09-07 19:05 - 03448320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-10-16 10:40 - 2014-09-07 19:04 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-10-16 10:40 - 2014-09-07 19:04 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-10-16 10:40 - 2014-09-07 19:03 - 01702400 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-10-16 10:40 - 2014-09-07 19:03 - 00839680 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-10-16 10:40 - 2014-09-07 18:59 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-10-16 10:40 - 2014-09-07 18:59 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-10-16 10:40 - 2014-09-07 18:56 - 00672256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-10-16 10:40 - 2014-09-07 18:56 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-10-16 10:39 - 2014-10-09 17:16 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-16 10:39 - 2014-10-08 17:09 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-16 10:39 - 2014-09-18 20:24 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-16 10:39 - 2014-09-13 01:29 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-16 10:39 - 2014-09-13 00:49 - 00068608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-16 10:39 - 2014-09-03 19:12 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 10:39 - 2014-09-03 19:01 - 00514048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-16 10:38 - 2014-09-13 01:02 - 02779648 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 10:38 - 2014-09-13 00:30 - 03117568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-16 09:08 - 2014-10-16 09:08 - 00000168 _____ () C:\Users\Usuario1\defogger_reenable
2014-10-16 09:06 - 2014-10-16 09:06 - 00050477 _____ () C:\Users\Usuario1\Desktop\Defogger.exe
2014-10-15 19:33 - 2014-10-15 21:11 - 00000000 ____D () C:\Users\Usuario1\Downloads\Fun with Dick and Jane (2005)
2014-10-14 22:51 - 2014-10-14 22:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-14 21:12 - 2014-10-14 21:15 - 00000000 ____D () C:\Users\Usuario1\Downloads\Liar Liar (1997)
2014-10-14 18:35 - 2014-10-20 13:10 - 00000000 ____D () C:\FRST
2014-10-14 16:43 - 2014-10-14 16:43 - 00000794 _____ () C:\Windows\setupact.log
2014-10-14 16:43 - 2014-10-14 16:43 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-09 21:06 - 2014-10-09 21:09 - 18587865 _____ () C:\Users\Usuario1\Downloads\Como hacer un circuito de fuerza.flv
2014-10-09 19:41 - 2014-10-09 19:45 - 27421464 _____ () C:\Users\Usuario1\Downloads\Instalación Eléctrica Residencial (Servicio Monofásico 110 volts).flv
2014-10-09 19:01 - 2014-10-09 19:02 - 17037873 _____ () C:\Users\Usuario1\Downloads\Como controlar una lámpara con dos apagadores de escalera (Método de Corto Circuito) 2da Parte.flv
2014-10-06 16:16 - 2014-10-06 16:23 - 229957003 _____ () C:\Users\Usuario1\Downloads\math-e222-L01-20030915.flv
2014-09-28 13:14 - 2014-09-28 13:15 - 00280576 _____ () C:\Windows\Minidump\092814-26328-01.dmp
2014-09-28 13:14 - 2014-09-28 13:14 - 532430974 _____ () C:\Windows\MEMORY.DMP
2014-09-28 13:13 - 2014-10-09 11:06 - 00000548 _____ () C:\Windows\system32\.crusader
2014-09-28 10:34 - 2014-09-28 10:34 - 00687452 _____ () C:\Users\Usuario1\Downloads\Payno Manuel Bandidos de R+¡o Fr+¡o.pdb
2014-09-28 09:17 - 2014-09-28 09:17 - 00000000 ____D () C:\Windows\ERUNT
2014-09-28 08:52 - 2014-10-16 18:12 - 00000000 ____D () C:\AdwCleaner
2014-09-27 13:29 - 2014-09-27 19:24 - 00000000 ____D () C:\Mapas
2014-09-27 12:45 - 2014-09-27 12:45 - 00000000 ____D () C:\e14d32
2014-09-27 12:45 - 2014-09-27 12:45 - 00000000 ____D () C:\e14d22
2014-09-27 11:29 - 2014-09-27 12:23 - 00000000 ____D () C:\Users\Usuario1\Desktop\Mapas
2014-09-27 11:07 - 2014-10-16 18:15 - 00007414 _____ () C:\Windows\PFRO.log
2014-09-27 09:33 - 2014-09-27 09:33 - 00041540 _____ () C:\Users\Usuario1\Documents\cc_20140927_093302.reg
2014-09-26 14:20 - 2014-09-26 14:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-26 14:20 - 2014-09-26 14:20 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-26 14:20 - 2014-09-26 14:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-26 14:18 - 2014-08-15 23:08 - 21195616 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-26 14:18 - 2014-08-15 23:08 - 01507648 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-09-26 14:18 - 2014-08-15 23:01 - 01710184 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-09-26 14:18 - 2014-08-15 22:58 - 01112512 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-09-26 14:18 - 2014-08-15 22:57 - 02498880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-09-26 14:18 - 2014-08-15 22:57 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-09-26 14:18 - 2014-08-15 22:16 - 18722600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-09-26 14:18 - 2014-08-15 22:16 - 01205976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-09-26 14:18 - 2014-08-15 22:03 - 01467384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-09-26 14:18 - 2014-08-15 20:31 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-09-26 14:18 - 2014-08-15 20:04 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2014-09-26 14:18 - 2014-08-15 19:58 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2014-09-26 14:18 - 2014-08-15 19:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2014-09-26 14:18 - 2014-08-15 19:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll
2014-09-26 14:18 - 2014-08-15 19:45 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2014-09-26 14:18 - 2014-08-15 19:43 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2014-09-26 14:18 - 2014-08-15 19:43 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2014-09-26 14:18 - 2014-08-15 19:31 - 00914432 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-09-26 14:18 - 2014-08-15 19:31 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
2014-09-26 14:18 - 2014-08-15 19:29 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-26 14:18 - 2014-08-15 19:23 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-09-26 14:18 - 2014-08-15 19:22 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-09-26 14:18 - 2014-08-15 19:22 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-09-26 14:18 - 2014-08-15 19:19 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-26 14:18 - 2014-08-15 19:18 - 04758528 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-09-26 14:18 - 2014-08-15 19:17 - 08757760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-09-26 14:18 - 2014-08-15 19:14 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-09-26 14:18 - 2014-08-15 19:13 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-09-26 14:18 - 2014-08-15 19:13 - 05902848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-09-26 14:18 - 2014-08-15 19:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-09-26 14:18 - 2014-08-15 19:11 - 00920064 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-09-26 14:18 - 2014-08-15 19:10 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-09-26 14:18 - 2014-08-15 19:08 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-09-26 14:18 - 2014-08-15 19:07 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-09-26 14:18 - 2014-07-31 18:22 - 00388729 _____ () C:\Windows\system32\ApnDatabase.xml
2014-09-26 14:17 - 2014-08-28 20:58 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-09-26 14:17 - 2014-08-28 18:56 - 02646016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-26 14:17 - 2014-08-28 18:47 - 02321920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-09-26 13:00 - 2014-10-14 08:41 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-09-26 08:14 - 2014-06-23 18:08 - 01601992 _____ (Avira Operations GmbH & Co. KG) C:\Users\Usuario1\Desktop\fusebundle.exe
2014-09-26 08:14 - 2013-03-13 12:45 - 00001337 _____ () C:\Users\Usuario1\Desktop\fusebundle.conf
2014-09-26 00:13 - 2014-09-26 00:20 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-26 00:13 - 2014-09-26 00:19 - 00001153 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-26 00:12 - 2014-09-26 00:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-26 00:12 - 2014-09-26 00:12 - 00002086 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-09-26 00:12 - 2014-09-26 00:12 - 00000000 ____D () C:\Users\Usuario1\AppData\Roaming\Avira
2014-09-26 00:11 - 2014-10-14 08:41 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-09-26 00:11 - 2014-10-14 08:41 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-09-26 00:11 - 2014-09-26 00:19 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-26 00:11 - 2014-09-26 00:13 - 00000000 ____D () C:\ProgramData\Avira
2014-09-26 00:11 - 2014-08-15 14:47 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-09-25 23:06 - 2014-09-25 23:06 - 00000000 ____D () C:\Windows\pss
2014-09-25 09:43 - 2014-09-25 10:46 - 00000000 ____D () C:\Users\Usuario1\Desktop\GPSClass
2014-09-24 20:38 - 2014-09-26 13:55 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit
2014-09-24 12:40 - 2014-09-24 12:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
2014-09-24 12:37 - 2014-09-24 12:37 - 00000000 ____D () C:\AMD
2014-09-24 10:02 - 2014-09-24 10:50 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-09-24 09:20 - 2014-09-24 09:20 - 09447761 _____ () C:\Users\Usuario1\Downloads\Dierks Bentley - Come A Little Closer.mp4
2014-09-23 12:25 - 2014-09-23 18:48 - 14114082 _____ () C:\Users\Usuario1\Downloads\escalerar3a.skb
2014-09-23 12:04 - 2014-09-24 00:15 - 14090525 _____ () C:\Users\Usuario1\Downloads\escalerar3a.skp
2014-09-23 12:01 - 2014-09-23 12:02 - 13765021 _____ () C:\Users\Usuario1\Downloads\escalerar3.skp
2014-09-22 13:29 - 2014-09-22 13:29 - 00002216 _____ () C:\Users\Public\Desktop\Style Builder 2.lnk
2014-09-22 13:29 - 2014-09-22 13:29 - 00002130 _____ () C:\Users\Public\Desktop\LayOut 3.lnk
2014-09-22 13:29 - 2014-09-22 13:29 - 00002041 _____ () C:\Users\Public\Desktop\Google SketchUp 8.lnk
2014-09-22 13:29 - 2014-09-22 13:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google SketchUp 8
2014-09-20 20:25 - 2014-09-20 20:28 - 00000000 ____D () C:\Users\Usuario1\Desktop\musica3

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-20 13:11 - 2014-08-02 10:28 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-20 13:10 - 2014-08-02 21:52 - 00005028 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Home-Usuario1 Home
2014-10-20 13:09 - 2014-09-03 22:59 - 00001054 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-20 13:09 - 2014-08-12 20:47 - 00000000 ___RD () C:\Users\Usuario1\OneDrive
2014-10-20 13:09 - 2014-08-01 08:52 - 00000000 ____D () C:\Users\Usuario1\AppData\Roaming\uTorrent
2014-10-20 13:09 - 2014-07-31 19:37 - 00000000 ____D () C:\Users\Usuario1\AppData\Roaming\ClassicShell
2014-10-20 13:08 - 2014-09-15 08:04 - 00000004 _____ () C:\Windows\SysWOW64\GVTunner.ref
2014-10-20 13:08 - 2014-09-03 22:59 - 00001050 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-20 13:08 - 2014-08-04 23:50 - 00030528 _____ () C:\Windows\GVTDrv64.sys
2014-10-20 13:08 - 2014-08-04 23:47 - 00025640 _____ (Windows ® Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-10-20 13:07 - 2013-08-22 09:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-20 13:07 - 2013-08-22 08:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-10-20 13:06 - 2014-08-03 00:49 - 00000000 ____D () C:\Users\Usuario1\AppData\Roaming\DMCache
2014-10-20 13:00 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\sru
2014-10-20 10:04 - 2014-07-31 19:25 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2189552084-2033204020-3239810638-1001
2014-10-20 08:24 - 2014-09-16 13:30 - 02003520 _____ () C:\Windows\WindowsUpdate.log
2014-10-20 08:04 - 2014-09-03 22:59 - 00004026 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-20 08:04 - 2014-09-03 22:59 - 00003790 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-20 08:01 - 2014-09-03 23:02 - 00002201 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-20 08:01 - 2014-07-31 19:25 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{A296206B-BF14-4832-8EFC-EDA871D75F99}
2014-10-19 13:18 - 2014-08-01 09:21 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-10-19 13:18 - 2014-08-01 09:17 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-18 18:46 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-10-18 08:56 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-10-17 18:00 - 2014-08-01 11:40 - 00000330 _____ () C:\Windows\Tasks\Flash Update.job
2014-10-17 17:24 - 2014-07-31 23:34 - 00000000 ____D () C:\Users\Usuario1\AppData\Roaming\vlc
2014-10-17 08:03 - 2014-08-03 00:49 - 00000000 ____D () C:\Users\Usuario1\AppData\Roaming\IDM
2014-10-16 18:15 - 2013-08-22 09:44 - 00541528 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-16 18:14 - 2014-08-02 10:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-16 18:13 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-10-16 18:13 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\FileManager
2014-10-16 18:13 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\Camera
2014-10-16 12:21 - 2013-08-22 08:25 - 00000167 _____ () C:\Windows\win.ini
2014-10-16 12:20 - 2013-08-22 10:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-10-16 12:18 - 2014-07-31 20:11 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 12:10 - 2014-07-31 20:11 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-16 12:09 - 2014-07-31 21:29 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-16 11:45 - 2014-07-31 19:17 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-16 09:08 - 2014-07-31 19:18 - 00000000 ____D () C:\Users\Usuario1
2014-10-14 15:15 - 2014-08-02 17:09 - 20647936 ___SH () C:\Users\Usuario1\Documents\Thumbs.db
2014-10-14 09:02 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-06 16:12 - 2014-08-01 12:47 - 00337408 ___SH () C:\Users\Usuario1\Desktop\Thumbs.db
2014-10-06 13:48 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-10-06 12:47 - 2014-08-01 12:34 - 00000000 ____D () C:\ProgramData\EPSON
2014-09-30 22:57 - 2014-08-21 16:38 - 00000000 _____ () C:\Windows\SysWOW64\router.xml
2014-09-29 17:45 - 2013-08-22 10:38 - 00706016 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-29 17:45 - 2013-08-22 10:38 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-29 12:01 - 2014-08-10 12:00 - 00000000 ____D () C:\Users\Usuario1\Downloads\Computer Gadget & Tablet Magazines - August 9 2014 (True PDF)
2014-09-29 12:01 - 2014-08-06 21:44 - 00132608 ___SH () C:\Users\Usuario1\Downloads\Thumbs.db
2014-09-29 12:01 - 2014-07-31 19:20 - 00000000 ____D () C:\Users\Usuario1\AppData\Local\Packages
2014-09-28 18:14 - 2014-08-05 12:24 - 00000000 ____D () C:\Program Files\Blender Foundation
2014-09-28 13:14 - 2014-09-07 08:25 - 00000000 ____D () C:\Windows\Minidump
2014-09-28 13:03 - 2014-09-08 21:50 - 00000000 ____D () C:\ProgramData\TP-LINK
2014-09-28 13:03 - 2014-08-01 12:33 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-28 10:12 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\rescache
2014-09-27 13:39 - 2014-09-06 17:16 - 00000000 ____D () C:\Tlapashp
2014-09-27 12:46 - 2014-08-03 00:49 - 00000000 ____D () C:\Users\Usuario1\Downloads\Compressed
2014-09-27 11:22 - 2014-08-11 09:00 - 00000000 ____D () C:\Users\Usuario1\Desktop\SAS.Planet.Release.131111
2014-09-26 15:16 - 2014-07-31 21:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2014-09-26 14:22 - 2013-08-22 10:36 - 00000000 ___RD () C:\Windows\ToastData
2014-09-26 14:22 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\WinStore
2014-09-26 00:06 - 2014-07-31 20:47 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-24 12:40 - 2014-08-01 15:02 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-09-24 12:39 - 2014-08-01 15:03 - 00000000 ____D () C:\ProgramData\AMD
2014-09-22 13:29 - 2014-07-31 20:04 - 00000000 ____D () C:\Program Files (x86)\Google

Some content of TEMP:
====================
C:\Users\Usuario1\AppData\Local\Temp\avgnt.exe
C:\Users\Usuario1\AppData\Local\Temp\HitmanPro.exe
C:\Users\Usuario1\AppData\Local\Temp\Quarantine.exe
C:\Users\Usuario1\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-17 15:56

==================== End Of Log ============================

 

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-10-2014
Ran by Usuario1 at 2014-10-20 13:11:53
Running from C:\Users\Usuario1\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34309 - BitTorrent Inc.)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{A731A859-7426-DEB6-80A3-E6A2508DC85A}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
ArcGIS Desktop 10 (HKLM-x32\...\ArcGIS Desktop 10) (Version: 10.0.2414 - Environmental Systems Research Institute, Inc.)
ArcGIS Desktop 10 (x32 Version: 10.0.2414 - Environmental Systems Research Institute, Inc.) Hidden
ArcGIS License Manager 10 (HKLM-x32\...\ArcGIS License Manager 10) (Version: 10.0.2414 - Environmental Systems Research Institute, Inc.)
ArcGIS License Manager 10 (x32 Version: 10.0.2414 - Environmental Systems Research Institute, Inc.) Hidden
Auslogics Duplicate File Finder (HKLM-x32\...\{6845255F-15CC-4DD1-94D5-D38F370118B3}_is1) (Version: 3.5.4.0 - Auslogics Labs Pty Ltd)
Avira (HKLM-x32\...\{70e83cd8-4bd5-4039-ab5a-6b94a8abb641}) (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira)
Brain Workshop 4.8.1 (HKLM-x32\...\Brain Workshop_is1) (Version: 4.8.1 - Paul Hoskinson & Jonathan Toomim)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0806.1213.19931 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{B6FBF358-6B5E-4DE4-8BC5-892C87BBD3B4}) (Version:  - Microsoft)
Easy Tune 6 B13.1211.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B13.1211.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Eines de correcció del Microsoft Office 2013: català (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON TX230 Series Printer Uninstall (HKLM\...\EPSON TX230 Series) (Version:  - SEIKO EPSON Corporation)
Ferramentas de verificación de Microsoft Office 2013 - Galego (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.1.618 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Earth (HKLM-x32\...\{A2264E8F-1649-11E3-8BED-B8AC6F98CCE3}) (Version: 7.1.2.2019 - Google)
Google SketchUp Pro 8 (HKLM-x32\...\{5AA2BF91-440A-49E8-A2F4-A5CE4F94606D}) (Version: 3.0.3198 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Access MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office zuzenketa-tresnak 2013 - Euskara (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Word MUI (Spanish) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Mozilla Firefox 33.0 (x86 es-ES) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 es-ES)) (Version: 33.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
OziExplorer 3.95 (HKLM-x32\...\OziExplorer 3.95_is1) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
SAP2000 16 (HKLM-x32\...\{76898544-7B92-4942-B257-F19F474929AB}) (Version: 16.0.0 - Computers and Structures, Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Software Updater (HKLM-x32\...\{6DFBE8A2-CDBF-453E-B34C-32F202FCEE4C}) (Version: 4.2.1 - SEIKO EPSON CORPORATION)
TELL ME MORE (HKLM-x32\...\TMM90) (Version:  - )
Update for Microsoft Excel 2013 (KB2889941) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EFD6026A-1531-4678-B51B-1A10C3F51CEE}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2889941) 64-Bit Edition (HKLM\...\{90150000-0016-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{EFD6026A-1531-4678-B51B-1A10C3F51CEE}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2889941) 64-Bit Edition (HKLM\...\{90150000-0018-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{EFD6026A-1531-4678-B51B-1A10C3F51CEE}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2889941) 64-Bit Edition (HKLM\...\{90150000-001B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{EFD6026A-1531-4678-B51B-1A10C3F51CEE}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2889941) 64-Bit Edition (HKLM\...\{90150000-00C1-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{EFD6026A-1531-4678-B51B-1A10C3F51CEE}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2881083) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{5274B9DA-BC82-4400-9B7D-1CC2BDF7BBE5}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2889929) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{FC4C557E-7664-453D-8A55-5D414069E0F5}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2889929) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{FC4C557E-7664-453D-8A55-5D414069E0F5}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2889929) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{FC4C557E-7664-453D-8A55-5D414069E0F5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760249) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{7A4AB8E1-C091-4BD3-B308-844BA6EE752A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760371) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{25DEA344-FF6F-41BD-B88F-5242BB8E80E1}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881001) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{DF1B7B95-4A86-4605-A628-556394B5580A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881004) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AC8BEB81-5B5E-4503-B1F4-7781F4642E46}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881004) 64-Bit Edition (HKLM\...\{90150000-0016-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{AC8BEB81-5B5E-4503-B1F4-7781F4642E46}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881009) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3033838D-15E0-4199-8CBD-A7F2057AE653}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881012) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0DC71935-8DEE-4621-A223-23FD1552E567}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0016-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0090-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881039) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C675FC43-E413-49A7-B3DC-44967B4FE22D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E919ACF4-A1D7-4CAA-A103-5EB115563721}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883049) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{39D9DAC1-16A7-430A-B2F3-4D3D000454D0}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0403-1000-0000000FF1CE}_Office15.PROPLUS_{EA528E89-5C30-44C2-8EBA-FEA7B4F73E22}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F9C35D99-CA8E-4D17-B785-66AC654D5664}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{18C53DCB-FA98-4A7B-BC2E-6DA30D4E4901}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}_Office15.PROPLUS_{49B25930-F28E-4693-B6B9-F94885693F16}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-042D-1000-0000000FF1CE}_Office15.PROPLUS_{2538C77B-1287-40B6-9C13-B9B8D9D0963D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0456-1000-0000000FF1CE}_Office15.PROPLUS_{9FD97A64-17E8-4D0B-8328-A28EA46090C9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{6E2862B8-C10A-4FD0-9B82-8D9761301AAA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883095) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EADBF225-163E-406B-B11A-26ECCCAB5A0E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889927) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0A84CF05-F164-471D-8AFB-AC4C7FF7CA71}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889927) 64-Bit Edition (HKLM\...\{90150000-006E-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{0A84CF05-F164-471D-8AFB-AC4C7FF7CA71}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889927) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0A84CF05-F164-471D-8AFB-AC4C7FF7CA71}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889940) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{36772E16-D3FA-440E-B001-0BEB2B1FCE47}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889942) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C22AE0C4-590E-46FF-9E21-37F45B84ADDD}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889942) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C22AE0C4-590E-46FF-9E21-37F45B84ADDD}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB3000731) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{2245C7DD-6984-40C8-AD2C-C1CC6F049C91}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB3000731) 64-Bit Edition (HKLM\...\{90150000-00BA-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{2245C7DD-6984-40C8-AD2C-C1CC6F049C91}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB3000731) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{2245C7DD-6984-40C8-AD2C-C1CC6F049C91}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB3000731) 64-Bit Edition (HKLM\...\{90150000-00C1-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{2245C7DD-6984-40C8-AD2C-C1CC6F049C91}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2883059) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BA62716F-904B-4668-A792-A41C1D806416}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2883059) 64-Bit Edition (HKLM\...\{90150000-00A1-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{BA62716F-904B-4668-A792-A41C1D806416}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2883059) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BA62716F-904B-4668-A792-A41C1D806416}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2986204) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{2CB96A7D-CBFE-4028-ACE8-31C3925D3D46}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2986204) 64-Bit Edition (HKLM\...\{90150000-001A-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{2CB96A7D-CBFE-4028-ACE8-31C3925D3D46}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2889847) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{7F1008C2-8C87-497F-B6D8-56B53DA0FAB3}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2889847) 64-Bit Edition (HKLM\...\{90150000-0018-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{7F1008C2-8C87-497F-B6D8-56B53DA0FAB3}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0019-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2889939) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9FB1FB2E-AF3B-435F-BEBD-E6B0E89753F2}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2889939) 64-Bit Edition (HKLM\...\{90150000-001A-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{9FB1FB2E-AF3B-435F-BEBD-E6B0E89753F2}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2889939) 64-Bit Edition (HKLM\...\{90150000-001B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{9FB1FB2E-AF3B-435F-BEBD-E6B0E89753F2}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2889939) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{9FB1FB2E-AF3B-435F-BEBD-E6B0E89753F2}) (Version:  - Microsoft)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

09-10-2014 16:06:01 Checkpoint by HitmanPro
15-10-2014 12:40:15 Checkpoint by HitmanPro
19-10-2014 18:15:02 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0191642D-BBD5-48FB-8F91-690C272DC0F9} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {041E7532-87A5-4F1C-BE7D-5D76526763B7} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1921399D-BB51-438B-B9C2-7F85A769133E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-03] (Google Inc.)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {262B4C49-E9A8-4996-B420-F01B095DD3C4} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3DCE00AC-49BC-41B9-B663-3B12C38020DB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {42E5AF11-C11C-4391-87E0-CEEDF3AA8B73} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5AC14BC1-82DB-408D-9985-C6AC583036F9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated)
Task: {69F5FCCA-5AFE-4350-92BE-B12E7E3967F7} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {76C8AFA0-4449-4147-81DD-6588561A9D95} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-10-16] (Microsoft Corporation)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9EC364D9-8B3A-425C-8DFC-BD5A84A02503} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A9727A53-FD3E-41EE-9092-4671372F43AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-03] (Google Inc.)
Task: {AAA1BA6C-0A41-4AAC-A045-ECFC62576380} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {B5802072-D76F-4189-8BBA-06E4AB7423AD} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Home-Usuario1 Home => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2014-07-27] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E68F4E13-7EFE-4CD6-BB11-5C24EA6854A9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F1C1E75A-3D9D-458B-BBF0-E18F6CB34B97} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {FBE6D35E-7281-4048-A678-3A3CF0D0DF4B} - System32\Tasks\Flash Update => Wscript.exe //nologo //B C:\Windows\update.js
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Flash Update.job => C:\Windows\system32\wscript.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-11-16 16:27 - 2012-11-16 16:27 - 00211968 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-03-05 16:03 - 2012-03-05 16:03 - 00677376 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-02-16 14:53 - 2012-02-16 14:53 - 03642880 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2012-11-16 16:27 - 2012-11-16 16:27 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2012-01-13 14:04 - 2012-01-13 14:04 - 00219760 _____ () C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
2014-09-09 10:48 - 2014-09-09 10:49 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\ErrorReporting.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00066864 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2013-11-14 10:32 - 2013-11-14 10:32 - 02887751 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Normal.dll
2013-11-05 11:07 - 2013-11-05 11:07 - 00651327 _____ () C:\Program Files (x86)\GIGABYTE\ET6\work.dll
2013-11-06 17:59 - 2013-11-06 17:59 - 01335358 _____ () C:\Program Files (x86)\GIGABYTE\ET6\HM.dll
2013-03-23 10:59 - 2013-03-23 10:59 - 01433674 _____ () C:\Program Files (x86)\GIGABYTE\ET6\GVTunner.dll
2003-02-14 14:11 - 2003-02-14 14:11 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Sound.dll
2013-11-01 10:29 - 2013-11-01 10:29 - 01318984 _____ () C:\Program Files (x86)\GIGABYTE\ET6\AMD8.dll
2013-09-13 15:26 - 2013-09-13 15:26 - 01331266 _____ () C:\Program Files (x86)\GIGABYTE\ET6\SF.dll
2008-05-07 15:22 - 2008-05-07 15:22 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\ET6\CIAMIB.dll
2012-05-08 15:01 - 2012-05-08 15:01 - 00069632 _____ () C:\Program Files (x86)\GIGABYTE\ET6\GPTT.dll
2011-10-18 09:26 - 2011-10-18 09:26 - 00024576 _____ () C:\Program Files (x86)\GIGABYTE\ET6\STT.dll
2013-11-05 13:12 - 2013-11-05 13:12 - 01499200 _____ () C:\Program Files (x86)\GIGABYTE\ET6\OCK.dll
2012-11-27 15:03 - 2012-11-27 15:03 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\ET6\ycc.dll
2013-05-24 00:50 - 2013-05-24 00:50 - 03860520 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Platform.dll
2010-06-24 15:50 - 2010-06-24 15:50 - 00094208 _____ () C:\Program Files (x86)\GIGABYTE\ET6\IccLibDll.dll
2011-03-01 19:00 - 2011-03-01 19:00 - 00126976 _____ () C:\Program Files (x86)\GIGABYTE\ET6\StabilityLib.dll
2013-05-24 00:50 - 2013-05-24 00:50 - 00579616 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Device.dll
2013-12-09 17:21 - 2013-12-09 17:21 - 00311296 _____ () C:\Program Files (x86)\GIGABYTE\ET6\MFCCPU.DLL
2014-09-26 00:13 - 2014-08-27 15:00 - 00052472 _____ () C:\Users\Usuario1\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-10-18 19:07 - 2014-10-09 21:03 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libglesv2.dll
2014-10-18 19:07 - 2014-10-09 21:03 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libegl.dll
2014-10-18 19:07 - 2014-10-09 21:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll
2014-10-18 19:07 - 2014-10-09 21:03 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ffmpegsumo.dll
2014-10-14 22:51 - 2014-10-14 22:51 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Usuario1\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-2189552084-2033204020-3239810638-500 - Administrator - Disabled)
Guest (S-1-5-21-2189552084-2033204020-3239810638-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2189552084-2033204020-3239810638-1003 - Limited - Enabled)
Usuario1 (S-1-5-21-2189552084-2033204020-3239810638-1001 - Administrator - Enabled) => C:\Users\Usuario1

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/20/2014 01:10:07 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/20/2014 01:09:29 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (10/20/2014 01:06:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Fuel.Service.exe, version: 1.0.0.0, time stamp: 0x50a6a1b0
Faulting module name: Device.dll, version: 4.1.0.0, time stamp: 0x4f55e10b
Exception code: 0xc0000005
Fault offset: 0x000000000003683b
Faulting process id: 0x600
Faulting application start time: 0xFuel.Service.exe0
Faulting application path: Fuel.Service.exe1
Faulting module path: Fuel.Service.exe2
Report Id: Fuel.Service.exe3
Faulting package full name: Fuel.Service.exe4
Faulting package-relative application ID: Fuel.Service.exe5

Error: (10/20/2014 08:29:34 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (10/20/2014 08:29:33 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (10/20/2014 08:29:30 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (10/20/2014 08:29:30 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (10/20/2014 08:29:05 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (10/20/2014 08:28:58 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (10/20/2014 08:28:58 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.


System errors:
=============
Error: (10/20/2014 01:06:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AMD FUEL Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (10/19/2014 09:29:56 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMScheduler service.

Error: (10/18/2014 08:46:53 PM) (Source: DCOM) (EventID: 10010) (User: HOME)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (10/17/2014 08:46:41 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer USER-HP
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{79297320-0A40-4C04-B507-9C0489284F32}.
The master browser is stopping or an election is being forced.


Microsoft Office Sessions:
=========================
Error: (10/20/2014 01:10:07 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/20/2014 01:09:29 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (10/20/2014 01:06:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fuel.Service.exe1.0.0.050a6a1b0Device.dll4.1.0.04f55e10bc0000005000000000003683b60001cfe9972bd44d78C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exeC:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dllcd0bd9e5-5883-11e4-8296-1c6f658a24ab

Error: (10/20/2014 08:29:34 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Usuario1\Desktop\esetsmartinstaller_enu_2.exe

Error: (10/20/2014 08:29:33 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Usuario1\Desktop\esetsmartinstaller_enu_2.exe

Error: (10/20/2014 08:29:30 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Usuario1\Desktop\esetsmartinstaller_enu_2.exe

Error: (10/20/2014 08:29:30 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Usuario1\Desktop\esetsmartinstaller_enu_2.exe

Error: (10/20/2014 08:29:05 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Usuario1\Desktop\esetsmartinstaller_enu_2.exe

Error: (10/20/2014 08:28:58 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Usuario1\Downloads\Programs\esetsmartinstaller_enu.exe

Error: (10/20/2014 08:28:58 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Usuario1\Downloads\Programs\esetsmartinstaller_enu_2.exe


CodeIntegrity Errors:
===================================
  Date: 2014-09-26 12:54:25.083
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-26 12:47:37.850
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-26 12:32:46.658
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-26 07:43:02.125
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-26 00:57:47.673
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-26 00:26:11.652
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-26 00:08:41.752
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-26 00:01:58.843
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-25 23:53:49.306
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-25 23:49:35.906
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: AMD Phenom™ II X4 955 Processor
Percentage of memory in use: 31%
Total physical RAM: 7677.55 MB
Available physical RAM: 5271.56 MB
Total Pagefile: 15357.55 MB
Available Pagefile: 12474.17 MB
Total Virtual: 131072 MB
Available Virtual: 131071.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:297.75 GB) (Free:199.33 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: E642E3F8)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=297.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

 

Thank you.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users