Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help hardrive no more space file Telemetry


  • This topic is locked This topic is locked
13 replies to this topic

#1 pacoagc

pacoagc

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:46 PM

Posted 10 April 2015 - 06:24 PM

Help, my hardrive is full... Yesterday i was working on a office doc, then when i tried to save the doc, it told me that i didnt had enough space but i knew that i had around 80 gb but when i went to check my hardrive, i had none, so then i used tuneup utilies from avg to check which file was occupying that space, so it appeared to be in "C:\Windows\AppCompat\Appraiser\Telemetry"
 {0dc345bb-bf86-49d1-bff1-5b1df54a5d75}_APPRAISER_Utc.etl with 72.0 GB (77,392,248,832 bytes), and i dont know what it is, and if i can get rid of it
thanks in advance,
p.d. sorry for my english, im not a native english speaker
 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by FranciscoAdrian (administrator) on PACO on 10-04-2015 17:24:50
Running from C:\Users\FranciscoAdrian\Downloads
Loaded Profiles: FranciscoAdrian (Available profiles: FranciscoAdrian & Invitado)
Platform: Windows 8.1 Pro with Media Center (X64) OS Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Aequus Gaming) C:\Program Files (x86)\LSI\LoLSummonerInfo.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWXConfigManager.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
(Spotify Ltd) C:\Users\FranciscoAdrian\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Spotify Ltd) C:\Users\FranciscoAdrian\AppData\Roaming\Spotify\Spotify.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Dolby Laboratories) C:\Program Files (x86)\DolbyAxon\AxonLauncher.exe
() C:\Program Files (x86)\VORAGO\MO-404\mousehid.exe
(Dolby Laboratories) C:\Program Files (x86)\DolbyAxon\Axon.exe
() C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Spotify Ltd) C:\Users\FranciscoAdrian\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Spotify Ltd) C:\Users\FranciscoAdrian\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\FranciscoAdrian\AppData\Roaming\Spotify\Spotify.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\MSM\McSmtFwk.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\mcods.exe
(Aequus Gaming) C:\Program Files (x86)\LSI\LoLSummonerInfo.exe
(Aequus Gaming) C:\Program Files (x86)\LSI\LoLSummonerInfo.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Aequus Gaming) C:\Program Files (x86)\LSI\LoLSummonerInfo.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Aequus Gaming) C:\Program Files (x86)\LSI\LoLSummonerInfo.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13776088 2014-12-11] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2480936 2010-12-15] (Synaptics Incorporated)
HKLM\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17079352 2012-11-11] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191568 2012-11-11] (Lenovo(beijing) Limited)
HKLM\...\Run: [BoxSyncHelper] => C:\Program Files\Box Sync\BoxSyncHelper.exe [393216 2013-06-07] (Box, Inc.)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2606280 2015-03-08] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1391472 2014-12-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1391472 2014-12-11] (Realtek Semiconductor)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [789920 2015-04-10] (Lenovo)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [B2C_AGENT] => C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe [404568 2012-03-28] (LG Electronics)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2011-02-18] (Intel Corporation)
HKLM-x32\...\Run: [GamingMouseG7] => C:\Program Files (x86)\VORAGO\MO-404\mousehid.exe [278528 2012-12-17] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort12reminder] => C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [718248 2015-02-11] (McAfee, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [863960 2015-03-24] (BlueStack Systems, Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\Run: [SkyDrive] => C:\Users\FranciscoAdrian\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2013-08-13] (Microsoft Corporation)
HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\Run: [Facebook Update] => C:\Users\FranciscoAdrian\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2015-02-12] (Facebook Inc.)
HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [26232152 2015-02-19] (Google)
HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe [761064 2014-12-03] (Adobe Systems Incorporated)
HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\Run: [Google Update] => C:\Users\FranciscoAdrian\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-03-06] (Google Inc.)
HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\Run: [Google+ Auto Backup] => C:\Users\FranciscoAdrian\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3754312 2015-02-13] (Google Inc.)
HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\Run: [AxonAutoStart] => C:\Program Files (x86)\DolbyAxon\Axon.exe [4319432 2013-08-02] (Dolby Laboratories)
HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\Run: [Spotify Web Helper] => C:\Users\FranciscoAdrian\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-03-31] (Spotify Ltd)
HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [479744 2014-10-28] (Microsoft Corporation)
HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\Run: [Spotify] => C:\Users\FranciscoAdrian\AppData\Roaming\Spotify\Spotify.exe [7112248 2015-03-31] (Spotify Ltd)
HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\Run: [MurGee.com Auto Clicker] => C:\Program Files (x86)\Auto Clicker\AutoClicker.exe [40960 2011-11-17] (MurGee.com)
HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\MountPoints2: {1e1ff773-523a-11e4-bf19-e89a8f1822eb} - "F:\LaunchU3.exe" -a
HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\MountPoints2: {b9e73054-0bfb-11e3-bebb-e89a8f1822eb} - "E:\setup.exe" 
HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\MountPoints2: {d7197630-b3f9-11e4-bf3c-e89a8f1822eb} - "F:\InstalarOffice.bat" 
HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\MountPoints2: {dc08c7dc-815b-11e3-bedc-e89a8f1822eb} - "E:\setup.exe" 
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [178512 2015-03-13] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [178512 2015-03-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [164568 2015-03-13] (NVIDIA Corporation)
IFEO\AcroRd32.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\adobe air application installer.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\appvlp.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\dtlite.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\excel.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\facebookmessenger.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\groove.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\hamachi-2-ui.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\hd-apkhandler.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\hd-runapp.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\hd-startlauncher.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\hpwucli.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\iastorui.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\infopath.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\isuspm.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\itunes.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\lync.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\msaccess.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\msoev.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\msotd.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\msouc.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\mspub.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\ocpubmgr.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\onenote.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\onenotem.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\outlook.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\paprport.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\powerpnt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\pppagevw.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\scannerwizardu.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\setlang.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\skype.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\spdesign.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\sptdinst-x64.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\teamviewer.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\winword.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\zune.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Box Sync.lnk
ShortcutTarget: Box Sync.lnk -> C:\Program Files\Box Sync\BoxSync.exe (Box, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TDS's Free HCALC 1.1.lnk
ShortcutTarget: TDS's Free HCALC 1.1.lnk -> C:\Program Files (x86)\Tahoe Design Software\HCALC\1.1\HCALC.exe (Tahoe Design Software)
Startup: C:\Users\FranciscoAdrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\FranciscoAdrian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\FranciscoAdrian\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\FranciscoAdrian\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\FranciscoAdrian\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\FranciscoAdrian\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\FranciscoAdrian\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\FranciscoAdrian\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\FranciscoAdrian\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\FranciscoAdrian\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [000BoxDesktopFileLocked] -> {C253B817-3A00-475f-A5A3-6F2DD704B48D} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [000BoxDesktopNotSynced] -> {19ACC806-F7AA-46AA-A80A-726A07CA6637} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [000BoxDesktopNotSyncedCollabs] -> {337D9DE0-3F8B-4430-AF0F-FFC24A95AE8F} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [000BoxDesktopSynced] -> {B7AC9C6D-F15B-4B1A-A88D-F518D13861D9} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [000BoxDesktopSyncedCollab] -> {9E48C232-F601-4E41-BB3E-16CBAF317AA4} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-1249880946-500993554-1577037575-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://prodigy.msn.com/es-mx/?ocid=iehp
SearchScopes: HKU\S-1-5-21-1249880946-500993554-1577037575-1001 -> DefaultScope {F41ADE4E-5B43-4746-BF8D-9FEE0F4F1175} URL = https://mx.search.yahoo.com/search?fr=mcafee&type=B011MX0D20150228&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1249880946-500993554-1577037575-1001 -> {F41ADE4E-5B43-4746-BF8D-9FEE0F4F1175} URL = https://mx.search.yahoo.com/search?fr=mcafee&type=B011MX0D20150228&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-03-11] (McAfee, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
BHO: Hotspot Shield Class -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} ->  No File
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-27] (Oracle Corporation)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-03-11] (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-27] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-03-11] (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-03-11] (McAfee, Inc.)
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.11.0.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-03-11] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-03-11] (McAfee, Inc.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2014-08-28] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-03-11] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-03-11] (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2015-03-03] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-03-03] (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{CEBFE90F-5D24-46D6-A9A2-C13AB5FA0999}: [NameServer] 8.8.8.8,4.4.4.4
 
FireFox:
========
FF ProfilePath: C:\Users\FranciscoAdrian\AppData\Roaming\Mozilla\Firefox\Profiles\35kxu5et.default
FF DefaultSearchEngine: Búsqueda segura
FF SearchEngineOrder.1: Búsqueda segura
FF SelectedSearchEngine: Búsqueda segura
FF Keyword.URL: https://mx.search.yahoo.com/search?fr=mcafee&type=B111MX0D20150228&p=
FF NetworkProxy: "http", "+"
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-25] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-03-03] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-08-28] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-25] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-16] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-27] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-03-03] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-08-28] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2014-08-28] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll [2012-12-06] (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\FranciscoAdrian\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-03-10] (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1249880946-500993554-1577037575-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\FranciscoAdrian\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-1249880946-500993554-1577037575-1001: @tools.google.com/Google Update;version=3 -> C:\Users\FranciscoAdrian\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-1249880946-500993554-1577037575-1001: @tools.google.com/Google Update;version=9 -> C:\Users\FranciscoAdrian\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-1249880946-500993554-1577037575-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\FranciscoAdrian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-05-14] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1249880946-500993554-1577037575-1001: facebook.com/fbDesktopPlugin -> C:\Users\FranciscoAdrian\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll [2013-03-07] (Facebook, Inc.)
FF user.js: detected! => C:\Users\FranciscoAdrian\AppData\Roaming\Mozilla\Firefox\Profiles\35kxu5et.default\user.js [2013-10-27]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-04-01]
FF Extension: Lightbeam - C:\Users\FranciscoAdrian\AppData\Roaming\Mozilla\Firefox\Profiles\35kxu5et.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2013-10-25]
FF Extension: Adblock Plus - C:\Users\FranciscoAdrian\AppData\Roaming\Mozilla\Firefox\Profiles\35kxu5et.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-27]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2015-02-16]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2015-02-28]
FF HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
 
Chrome: 
=======
CHR HomePage: Profile 1 -> hxxp://www.google.com/
CHR StartupUrls: Profile 1 -> "hxxp://www.engadget.com/", "https://www.facebook.com/", "hxxp://www.androidcentral.com/", "hxxp://www.zdnet.com/", "hxxp://www.reddit.com/r/leagueoflegends/", "https://web.whatsapp.com/"
CHR Profile: C:\Users\FranciscoAdrian\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Translate) - C:\Users\FranciscoAdrian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-01-25]
CHR Extension: (Google Slides) - C:\Users\FranciscoAdrian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-25]
CHR Extension: (Google Docs) - C:\Users\FranciscoAdrian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-25]
CHR Extension: (Google Drive) - C:\Users\FranciscoAdrian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-25]
CHR Extension: (Please enter your password) - C:\Users\FranciscoAdrian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2015-01-25]
CHR Extension: (YouTube) - C:\Users\FranciscoAdrian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-25]
CHR Extension: (Promedio UANL) - C:\Users\FranciscoAdrian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfaiajbmbplmnekhjnkaonogommfhfgg [2015-01-25]
CHR Extension: (Google Search) - C:\Users\FranciscoAdrian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-25]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\FranciscoAdrian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\elioihkkcdgakfbahdoddophfngopipi [2015-01-25]
CHR Extension: (Google Sheets) - C:\Users\FranciscoAdrian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-25]
CHR Extension: (SiteAdvisor) - C:\Users\FranciscoAdrian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-02-28]
CHR Extension: (AdBlock) - C:\Users\FranciscoAdrian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-02-21]
CHR Extension: (Bookmark Manager) - C:\Users\FranciscoAdrian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-01-26]
CHR Extension: (Wolfram
Alpha (Official)) - C:\Users\FranciscoAdrian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\icncamkooinmbehmkeilcccmoljfkdhp [2015-01-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\FranciscoAdrian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-09]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\FranciscoAdrian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-01-25]
CHR Extension: (Emma Watson) - C:\Users\FranciscoAdrian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ndanmiophfeglniechlfhgkgdoefoipl [2015-01-25]
CHR Extension: (Graph.tk) - C:\Users\FranciscoAdrian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nkhkaamdeplibnmodcgodlkghphdbahk [2015-01-25]
CHR Extension: (Google Wallet) - C:\Users\FranciscoAdrian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-25]
CHR Extension: (Bitdefender QuickScan) - C:\Users\FranciscoAdrian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2015-04-10]
CHR Extension: (Gmail) - C:\Users\FranciscoAdrian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-25]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-04-02]
CHR HKU\S-1-5-21-1249880946-500993554-1577037575-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-04-02]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2246184 2011-12-15] (Broadcom Corporation.)
S4 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
S4 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433880 2015-03-24] (BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2015-03-24] (BlueStack Systems, Inc.)
S4 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [798424 2015-03-24] (BlueStack Systems, Inc.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
S4 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152328 2015-03-08] (NVIDIA Corporation)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2015-01-12] (Hi-Rez Studios) [File not signed]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-02-11] (McAfee, Inc.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 McAfee SiteAdvisor Service; c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [154856 2015-03-27] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [752232 2015-03-03] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-02-11] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-02-11] (McAfee, Inc.)
R3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [605472 2015-02-27] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-02-11] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-02-11] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-02-17] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [372144 2015-03-01] (McAfee, Inc.)
R3 mfevtp; C:\WINDOWS\system32\mfevtps.exe [250672 2015-02-17] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-08] ()
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878856 2015-03-08] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22916936 2015-03-08] (NVIDIA Corporation)
S4 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2014-12-11] (Realtek Semiconductor)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [994360 2011-10-14] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [399416 2011-10-14] (Secunia)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448464 2015-03-30] (TeamViewer GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2412344 2014-01-28] (TuneUp Software)
S4 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TBear.Maintenance.exe [34240 2015-02-10] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3674864 2014-01-08] (Intel® Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [144600 2015-03-24] (BlueStack Systems)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [68784 2015-02-17] (McAfee, Inc.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (Windows ® Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-01-23] (Disc Soft Ltd)
S3 GM3305Fltr; C:\Windows\system32\drivers\GM3305Fltr.sys [9600 2012-03-28] (LXD Development, Inc.)
S3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2013-11-29] (LogMeIn Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [401736 2015-02-17] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [337888 2015-02-17] (McAfee, Inc.)
R0 mfedisk; C:\Windows\System32\DRIVERS\mfedisk.sys [101872 2015-02-17] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80160 2015-02-13] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [488000 2015-02-17] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [864072 2015-02-17] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [482600 2015-01-16] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [100720 2015-01-16] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340448 2015-02-17] (McAfee, Inc.)
S3 Mkd2Nadr; C:\Windows\System32\drivers\Mkd2Nadr.sys [106584 2010-08-31] (AhnLab, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-03-08] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 RTL8168; C:\Windows\system32\DRIVERS\rtlh64.sys [681688 2015-01-21] (Inventec                                            )
R3 tap-tb-0901; C:\Windows\system32\DRIVERS\tap-tb-0901.sys [38656 2014-10-14] (The OpenVPN Project)
S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2013-06-20] (Anchorfree Inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-18] (TuneUp Software)
S3 USBTINSP; C:\Windows\System32\drivers\tinspusb.sys [142848 2012-04-27] (Texas Instruments)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
S3 cpuz136; \??\C:\WINDOWS\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
S3 GPUZ; \??\C:\WINDOWS\TEMP\GPUZ.sys [X]
S3 NPF; system32\drivers\NPF.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-10 17:24 - 2015-04-10 17:25 - 00046292 _____ () C:\Users\FranciscoAdrian\Downloads\FRST.txt
2015-04-10 17:24 - 2015-04-10 17:25 - 00000000 ____D () C:\FRST
2015-04-10 17:18 - 2015-04-10 17:18 - 02095616 _____ (Farbar) C:\Users\FranciscoAdrian\Downloads\FRST64.exe
2015-04-10 17:11 - 2015-04-10 17:11 - 01402251 _____ () C:\Users\FranciscoAdrian\Downloads\spacesniffer_1_2_0_2.zip
2015-04-10 17:11 - 2015-04-10 17:11 - 00184192 _____ () C:\Users\FranciscoAdrian\Downloads\qsinstaller.exe
2015-04-10 17:11 - 2015-04-10 17:11 - 00000000 ____D () C:\Users\FranciscoAdrian\AppData\Roaming\QuickScan
2015-04-10 08:05 - 2015-04-10 08:05 - 00000000 ____D () C:\Users\FranciscoAdrian\AppData\Local\Downloaded Installations
2015-04-10 07:40 - 2015-04-10 07:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-04-09 03:36 - 2015-03-22 17:45 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-04-09 03:36 - 2015-03-22 17:09 - 01111552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-04-09 03:36 - 2015-03-22 17:09 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-04-09 03:36 - 2015-03-22 17:09 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-04-09 03:36 - 2015-03-22 17:09 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-04-09 03:36 - 2015-03-22 17:09 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-04-09 03:36 - 2015-03-22 17:09 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-04-09 03:36 - 2015-02-20 18:49 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-04-08 04:36 - 2015-04-08 04:37 - 12220448 _____ (Telegram Messenger LLP ) C:\Users\FranciscoAdrian\Downloads\tsetup.0.8.0.exe
2015-04-07 14:33 - 2015-04-07 14:33 - 05378294 _____ () C:\Users\FranciscoAdrian\Downloads\welcome_to_planet_urf.zip
2015-04-07 02:22 - 2015-04-07 02:22 - 01184616 _____ () C:\Users\FranciscoAdrian\Downloads\CheckDisk_mod.exe
2015-04-05 16:51 - 2015-04-05 16:51 - 00000000 ____D () C:\Users\FranciscoAdrian\AppData\Local\MathWorks
2015-04-04 03:26 - 2015-04-04 03:26 - 09955378 _____ () C:\Users\FranciscoAdrian\Downloads\Introduction to Finite Element Analysis Using MATLAB & Abaqus.PlentyofeBooks.net.rar
2015-04-04 03:07 - 2015-01-30 17:29 - 12694808 _____ (Intel Corporation) C:\WINDOWS\system32\igdumd64.dll
2015-04-04 03:07 - 2015-01-30 17:29 - 09007616 _____ (Intel Corporation) C:\WINDOWS\system32\igfxress.dll
2015-04-04 03:07 - 2015-01-30 17:29 - 05375448 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2015-04-04 03:07 - 2015-01-30 17:29 - 01049576 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2015-04-04 03:07 - 2015-01-30 17:29 - 00940360 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2015-04-04 03:07 - 2015-01-30 17:29 - 00530968 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2015-04-04 03:07 - 2015-01-30 17:29 - 00525800 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2015-04-04 03:07 - 2015-01-30 17:29 - 00517224 _____ (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
2015-04-04 03:07 - 2015-01-30 17:29 - 00444520 _____ (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
2015-04-04 03:07 - 2015-01-30 17:29 - 00442880 _____ (Intel Corporation) C:\WINDOWS\system32\igfxdev.dll
2015-04-04 03:07 - 2015-01-30 17:29 - 00440320 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrell.lrc
2015-04-04 03:07 - 2015-01-30 17:29 - 00439808 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrfra.lrc
2015-04-04 03:07 - 2015-01-30 17:29 - 00439808 _____ (Intel Corporation) C:\WINDOWS\system32\igfxresn.lrc
2015-04-04 03:07 - 2015-01-30 17:29 - 00439296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrrus.lrc
2015-04-04 03:07 - 2015-01-30 17:29 - 00439296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrrom.lrc
2015-04-04 03:07 - 2015-01-30 17:29 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrsky.lrc
2015-04-04 03:07 - 2015-01-30 17:29 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrptg.lrc
2015-04-04 03:07 - 2015-01-30 17:29 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrplk.lrc
2015-04-04 03:07 - 2015-01-30 17:29 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrnld.lrc
2015-04-04 03:07 - 2015-01-30 17:29 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrita.lrc
2015-04-04 03:07 - 2015-01-30 17:29 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrhrv.lrc
2015-04-04 03:07 - 2015-01-30 17:29 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrdeu.lrc
2015-04-04 03:07 - 2015-01-30 17:29 - 00438272 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrhun.lrc
2015-04-04 03:07 - 2015-01-30 17:29 - 00438272 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrfin.lrc
2015-04-04 03:07 - 2015-01-30 17:29 - 00438272 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrcsy.lrc
2015-04-04 03:07 - 2015-01-30 17:29 - 00437760 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrtrk.lrc
2015-04-04 03:07 - 2015-01-30 17:29 - 00437760 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrsve.lrc
2015-04-04 03:07 - 2015-01-30 17:29 - 00437760 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrslv.lrc
2015-04-04 03:07 - 2015-01-30 17:29 - 00437760 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrptb.lrc
2015-04-04 03:07 - 2015-01-30 17:29 - 00437760 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrnor.lrc
2015-04-04 03:07 - 2015-01-30 17:29 - 00437248 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrtha.lrc
2015-04-04 03:07 - 2015-01-30 17:29 - 00437248 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrdan.lrc
2015-04-04 03:07 - 2015-01-30 17:29 - 00435712 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrheb.lrc
2015-04-04 03:07 - 2015-01-30 17:29 - 00435712 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrara.lrc
2015-04-04 03:07 - 2015-01-30 17:29 - 00432128 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrjpn.lrc
2015-04-04 03:07 - 2015-01-30 17:29 - 00431104 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrkor.lrc
2015-04-04 03:07 - 2015-01-30 17:29 - 00429056 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrcht.lrc
2015-04-04 03:07 - 2015-01-30 17:29 - 00428544 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrchs.lrc
2015-04-04 03:07 - 2015-01-30 17:29 - 00410624 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTMM.dll
2015-04-04 03:07 - 2015-01-30 17:29 - 00384512 _____ (Intel Corporation) C:\WINDOWS\system32\igfxpph.dll
2015-04-04 03:07 - 2015-01-30 17:29 - 00330752 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxdv32.dll
2015-04-04 03:07 - 2015-01-30 17:29 - 00286208 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrenu.lrc
2015-04-04 03:07 - 2015-01-30 17:29 - 00280680 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2015-04-04 03:07 - 2015-01-30 17:29 - 00256616 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2015-04-04 03:07 - 2015-01-30 17:29 - 00220432 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2015-04-04 03:07 - 2015-01-30 17:29 - 00184352 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2015-04-04 03:07 - 2015-01-30 17:29 - 00173672 _____ (Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
2015-04-04 03:07 - 2015-01-30 17:29 - 00142336 _____ (Intel Corporation) C:\WINDOWS\system32\igfxdo.dll
2015-04-04 03:07 - 2015-01-30 17:29 - 00126976 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcpl.cpl
2015-04-04 03:07 - 2015-01-30 17:29 - 00099328 _____ () C:\WINDOWS\system32\igdde64.dll
2015-04-04 03:07 - 2015-01-30 17:29 - 00078848 _____ () C:\WINDOWS\SysWOW64\igdde32.dll
2015-04-04 03:07 - 2015-01-30 17:29 - 00031984 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2015-04-04 03:07 - 2015-01-30 17:29 - 00025088 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2015-04-04 03:07 - 2015-01-30 17:29 - 00017082 _____ () C:\WINDOWS\system32\iglhxs64.vp
2015-04-04 03:07 - 2015-01-30 17:29 - 00009728 _____ ( ) C:\WINDOWS\system32\IGFXDEVLib.dll
2015-04-04 03:06 - 2015-01-30 17:29 - 13028864 _____ (Intel Corporation) C:\WINDOWS\system32\ig4icd64.dll
2015-04-04 03:06 - 2015-01-30 17:29 - 11245520 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10umd32.dll
2015-04-04 03:06 - 2015-01-30 17:29 - 10811392 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig4icd32.dll
2015-04-04 03:06 - 2015-01-30 17:29 - 05906536 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUI.exe
2015-04-04 03:06 - 2015-01-30 17:29 - 00401512 _____ (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
2015-04-04 03:06 - 2015-01-30 17:29 - 00187496 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2015-04-04 03:06 - 2015-01-30 17:29 - 00175104 _____ (Intel Corporation) C:\WINDOWS\system32\gfxSrvc.dll
2015-04-04 01:44 - 2015-04-04 01:44 - 00001055 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-04-04 01:44 - 2015-04-04 01:44 - 00000000 ____D () C:\Users\FranciscoAdrian\AppData\Roaming\TeamViewer
2015-04-03 02:17 - 2015-04-03 02:17 - 00001062 _____ () C:\Users\Public\Desktop\Auto Clicker.lnk
2015-04-03 02:17 - 2015-04-03 02:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auto Clicker
2015-04-03 02:17 - 2015-04-03 02:17 - 00000000 ____D () C:\Program Files (x86)\Auto Clicker
2015-04-03 01:08 - 2015-04-03 01:08 - 00001819 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2015-04-03 01:06 - 2015-04-03 01:22 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2015-04-03 01:06 - 2015-04-03 01:19 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2015-04-03 01:06 - 2015-04-03 01:06 - 00000000 ____D () C:\Users\FranciscoAdrian\AppData\Local\Bluestacks
2015-04-03 01:06 - 2015-04-03 01:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2015-04-03 01:06 - 2015-04-03 01:06 - 00000000 ____D () C:\ProgramData\BlueStacks
2015-04-02 23:44 - 2015-04-10 16:43 - 00003258 _____ () C:\WINDOWS\System32\Tasks\Run LSI
2015-03-31 22:34 - 2013-09-23 14:49 - 00197704 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys
2015-03-31 17:01 - 2015-04-10 07:53 - 00000000 ____D () C:\Users\FranciscoAdrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LSI - LoL Summoner Information
2015-03-31 17:00 - 2015-04-05 17:51 - 00000000 ____D () C:\Users\FranciscoAdrian\AppData\Local\LSI
2015-03-31 16:59 - 2015-03-31 16:59 - 00001013 _____ () C:\Users\Public\Desktop\LoL Summoner Info.lnk
2015-03-31 16:59 - 2015-03-31 16:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LSI - LoL Summoner Information
2015-03-28 02:06 - 2015-03-28 02:09 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-03-28 02:06 - 2015-03-28 02:06 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX
2015-03-27 21:13 - 2015-03-27 21:17 - 00000000 ____D () C:\Users\FranciscoAdrian\Documents\Heroes of the Storm
2015-03-27 17:31 - 2015-03-27 17:30 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-03-27 17:30 - 2015-03-27 17:30 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-27 15:34 - 2015-03-27 15:34 - 00097686 _____ () C:\Users\FranciscoAdrian\Downloads\Problemas del Tema 19 - Calor especifico, cambio de fase y transferencia de calor.pptx
2015-03-25 19:52 - 2015-03-14 03:20 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-03-25 19:52 - 2015-03-14 03:13 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-03-24 01:26 - 2015-03-24 01:26 - 00054418 _____ () C:\Users\FranciscoAdrian\Downloads\Problemario.zip
2015-03-22 20:14 - 2015-03-22 20:14 - 00001201 _____ () C:\Users\Public\Desktop\Heroes of the Storm.lnk
2015-03-22 19:40 - 2015-03-22 19:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Split And Merge Basic
2015-03-22 19:40 - 2015-03-22 19:40 - 00000000 ____D () C:\Program Files (x86)\PDF Split And Merge Basic
2015-03-22 19:34 - 2015-03-22 19:34 - 01072475 _____ () C:\Users\FranciscoAdrian\Downloads\Cap 2 ING AMBIENAL.pptx
2015-03-22 19:34 - 2015-03-22 19:34 - 00894613 _____ () C:\Users\FranciscoAdrian\Downloads\Cap 1 ING AMBIENAL.pptx
2015-03-22 19:34 - 2015-03-22 19:34 - 00892433 _____ () C:\Users\FranciscoAdrian\Downloads\Cap 3 ING AMBIENAL.pptx
2015-03-22 19:34 - 2015-03-22 19:34 - 00316363 _____ () C:\Users\FranciscoAdrian\Downloads\Cap 4 ING AMBIENAL.pptx
2015-03-22 18:39 - 2015-03-29 21:39 - 00000000 ____D () C:\Program Files (x86)\Heroes of the Storm
2015-03-19 22:59 - 2015-03-19 22:59 - 01222044 _____ () C:\Users\FranciscoAdrian\Downloads\pm-opticas-2.tns
2015-03-19 22:47 - 2015-03-19 22:47 - 00307163 _____ () C:\Users\FranciscoAdrian\Downloads\Reflectancia (1).tns
2015-03-19 22:31 - 2015-03-19 22:31 - 00389236 _____ () C:\Users\FranciscoAdrian\Downloads\proter (1).tns
2015-03-19 22:26 - 2015-03-19 22:26 - 00307163 _____ () C:\Users\FranciscoAdrian\Downloads\Reflectancia.tns
2015-03-19 22:11 - 2015-03-19 22:11 - 00388745 _____ () C:\Users\FranciscoAdrian\Downloads\proter.tns
2015-03-19 21:57 - 2015-03-19 21:57 - 00450601 _____ () C:\Users\FranciscoAdrian\Downloads\Lentes.tns
2015-03-19 14:19 - 2015-03-19 14:19 - 04560051 _____ () C:\Users\FranciscoAdrian\Downloads\2. Propiedades térmicas (1).pptx
2015-03-19 14:17 - 2015-03-19 14:17 - 00490508 _____ () C:\Users\FranciscoAdrian\Downloads\Presentaciones (1).zip
2015-03-19 14:16 - 2015-03-19 14:16 - 11239025 _____ () C:\Users\FranciscoAdrian\Downloads\Presentaciones.zip
2015-03-18 22:16 - 2015-03-18 22:17 - 02198317 _____ () C:\Users\FranciscoAdrian\Downloads\calor-cap-6-y-7.pptx
2015-03-18 20:14 - 2015-04-10 16:28 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2015-03-18 20:14 - 2015-04-06 15:20 - 00000000 ____D () C:\WINDOWS\system32\NV
2015-03-18 20:11 - 2015-03-13 14:41 - 32114888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-03-18 20:11 - 2015-03-13 14:41 - 25460880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2015-03-18 20:11 - 2015-03-13 14:41 - 24775368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-03-18 20:11 - 2015-03-13 14:41 - 20466376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-03-18 20:11 - 2015-03-13 14:41 - 18580512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-03-18 20:11 - 2015-03-13 14:41 - 17258024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-03-18 20:11 - 2015-03-13 14:41 - 16022016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-03-18 20:11 - 2015-03-13 14:41 - 13297144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-03-18 20:11 - 2015-03-13 14:41 - 13210080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-03-18 20:11 - 2015-03-13 14:41 - 10775080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-03-18 20:11 - 2015-03-13 14:41 - 10715864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-03-18 20:11 - 2015-03-13 14:41 - 10262160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-03-18 20:11 - 2015-03-13 14:41 - 03611792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-03-18 20:11 - 2015-03-13 14:41 - 03249352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-03-18 20:11 - 2015-03-13 14:41 - 01896136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434788.dll
2015-03-18 20:11 - 2015-03-13 14:41 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434788.dll
2015-03-18 20:11 - 2015-03-13 14:41 - 00970384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-03-18 20:11 - 2015-03-13 14:41 - 00944784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-03-18 20:11 - 2015-03-13 14:41 - 00930448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-03-18 20:11 - 2015-03-13 14:41 - 00909512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-03-18 20:11 - 2015-03-13 14:41 - 00354112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-03-18 20:11 - 2015-03-13 14:41 - 00306208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-03-18 20:11 - 2015-03-13 14:41 - 00032456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2015-03-18 15:34 - 2015-03-31 17:18 - 00001897 _____ () C:\Users\FranciscoAdrian\Desktop\Spotify.lnk
2015-03-18 00:48 - 2015-03-18 00:48 - 01691305 _____ () C:\Users\FranciscoAdrian\Downloads\Cap_6_IDP.pptx
2015-03-16 19:44 - 2015-03-16 19:44 - 04560051 _____ () C:\Users\FranciscoAdrian\Downloads\2. Propiedades térmicas.pptx
2015-03-16 19:34 - 2015-03-16 19:34 - 09164547 _____ () C:\Users\FranciscoAdrian\Downloads\OneDrive-2015-03-16.zip
2015-03-16 19:18 - 2015-03-16 19:18 - 09472602 _____ () C:\Users\FranciscoAdrian\Downloads\3. Propiedades ópticas.pptx
2015-03-16 19:18 - 2015-03-16 19:18 - 01766171 _____ () C:\Users\FranciscoAdrian\Downloads\Lentes.pptx
2015-03-16 19:16 - 2015-03-16 19:16 - 00490376 _____ () C:\Users\FranciscoAdrian\Downloads\Reflectancia.pptx
2015-03-16 15:07 - 2015-03-16 15:07 - 00118645 _____ () C:\Users\FranciscoAdrian\Downloads\Archive-5107.zip
2015-03-16 04:12 - 2015-03-16 04:12 - 00056735 _____ () C:\Users\FranciscoAdrian\Downloads\Elementos-de-una-cultura-innovadora-sistemática.pptx
2015-03-14 02:21 - 2015-03-14 02:21 - 05328804 _____ () C:\Users\FranciscoAdrian\Downloads\Outlook.com.zip
2015-03-12 13:16 - 2015-03-12 13:16 - 00000000 ____D () C:\Users\FranciscoAdrian\AppData\Roaming\TDS
2015-03-12 01:38 - 2015-03-12 01:38 - 00842736 _____ () C:\Users\FranciscoAdrian\Downloads\HCWin (1).zip
2015-03-12 01:36 - 2015-03-12 01:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tahoe Design Software
2015-03-12 01:36 - 2015-03-12 01:39 - 00000000 ____D () C:\Program Files (x86)\Tahoe Design Software
2015-03-12 01:36 - 2015-03-12 01:36 - 03997472 _____ () C:\Users\FranciscoAdrian\Downloads\PBAcad30.zip
2015-03-12 01:35 - 2015-03-12 01:35 - 03378827 _____ () C:\Users\FranciscoAdrian\Downloads\HFAcad30.zip
2015-03-12 01:33 - 2015-03-12 01:33 - 00842736 _____ () C:\Users\FranciscoAdrian\Downloads\HCWin.zip
2015-03-11 17:46 - 2015-03-04 16:24 - 00792032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-03-11 17:46 - 2015-03-04 16:24 - 00178144 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-10 17:24 - 2013-10-18 00:10 - 01803169 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-10 17:10 - 2012-07-26 02:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-04-10 17:04 - 2014-11-11 21:38 - 00000838 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-04-10 17:02 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-04-10 17:01 - 2014-03-06 20:49 - 00000958 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1249880946-500993554-1577037575-1001UA.job
2015-04-10 16:59 - 2012-10-28 00:08 - 00001054 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-10 16:42 - 2014-10-10 14:52 - 00000000 ____D () C:\Program Files (x86)\LSI
2015-04-10 16:36 - 2012-10-27 14:19 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1249880946-500993554-1577037575-1001
2015-04-10 16:35 - 2013-09-29 23:08 - 01829802 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-10 16:35 - 2013-09-29 22:49 - 00811154 _____ () C:\WINDOWS\system32\perfh00A.dat
2015-04-10 16:35 - 2013-09-29 22:49 - 00166914 _____ () C:\WINDOWS\system32\perfc00A.dat
2015-04-10 16:33 - 2014-07-11 00:23 - 00000000 ____D () C:\Users\FranciscoAdrian\AppData\Local\Spotify
2015-04-10 16:33 - 2014-07-11 00:22 - 00000000 ____D () C:\Users\FranciscoAdrian\AppData\Roaming\Spotify
2015-04-10 16:32 - 2013-08-12 18:49 - 00000000 ____D () C:\Users\FranciscoAdrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2015-04-10 16:32 - 2012-11-11 16:05 - 00000000 __RDO () C:\Users\FranciscoAdrian\SkyDrive
2015-04-10 16:32 - 2012-10-28 00:08 - 00001050 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-10 16:29 - 2015-02-28 21:43 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-04-10 16:29 - 2013-08-22 09:46 - 00490627 _____ () C:\WINDOWS\setupact.log
2015-04-10 16:29 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-04-10 16:28 - 2013-09-29 13:58 - 00768020 _____ () C:\WINDOWS\PFRO.log
2015-04-10 16:28 - 2013-08-22 09:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-10 08:39 - 2013-08-22 08:25 - 00786432 ___SH () C:\WINDOWS\system32\config\BBI
2015-04-10 08:36 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-04-10 08:26 - 2013-08-12 20:43 - 00000000 ____D () C:\Users\FranciscoAdrian\AppData\Roaming\vlc
2015-04-10 08:06 - 2012-10-28 02:20 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2015-04-10 08:05 - 2012-10-28 02:36 - 00279968 _____ (Lenovo) C:\WINDOWS\system32\LenovoSdk.OKTDLL.dll
2015-04-10 08:05 - 2012-10-27 16:37 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-04-10 07:55 - 2015-02-20 02:14 - 00003678 _____ () C:\WINDOWS\System32\Tasks\HP online update program
2015-04-10 07:53 - 2013-10-22 21:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-04-10 07:51 - 2012-10-28 02:55 - 00000000 ___RD () C:\Users\FranciscoAdrian\Dropbox
2015-04-10 07:40 - 2013-08-22 10:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-10 07:24 - 2013-08-13 15:54 - 00000000 ____D () C:\Users\FranciscoAdrian\AppData\Roaming\GameRanger
2015-04-10 04:27 - 2013-10-18 01:49 - 00004002 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4964C068-B1AB-42C5-AEFF-188311B0113E}
2015-04-10 03:48 - 2013-08-12 22:31 - 00000000 ____D () C:\Users\FranciscoAdrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-10 03:48 - 2013-08-12 22:28 - 00000000 ____D () C:\Users\FranciscoAdrian\AppData\Roaming\Dropbox
2015-04-10 01:55 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-04-10 00:01 - 2014-03-06 20:49 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1249880946-500993554-1577037575-1001Core.job
2015-04-09 04:10 - 2015-02-08 05:46 - 00000000 ____D () C:\Users\FranciscoAdrian\Desktop\6 semestre
2015-04-09 03:38 - 2014-07-08 17:01 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-04-09 03:37 - 2014-12-11 08:59 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-04-08 04:38 - 2015-01-09 16:24 - 00001059 _____ () C:\Users\FranciscoAdrian\Desktop\Telegram.lnk
2015-04-08 03:19 - 2013-08-12 19:31 - 00000000 ____D () C:\Users\FranciscoAdrian\AppData\Roaming\Skype
2015-04-07 03:41 - 2012-10-27 14:10 - 00000000 ____D () C:\Users\FranciscoAdrian\AppData\Local\Packages
2015-04-06 02:28 - 2014-09-10 20:33 - 00000000 ____D () C:\Users\FranciscoAdrian\AppData\Local\Battle.net
2015-04-05 17:04 - 2014-01-22 22:33 - 00001956 _____ () C:\Users\FranciscoAdrian\Desktop\matlab - Acceso directo.lnk
2015-04-05 16:54 - 2014-01-22 22:32 - 00000000 ____D () C:\Users\FranciscoAdrian\Documents\MATLAB
2015-04-05 16:51 - 2014-01-22 22:32 - 00000000 ____D () C:\Users\FranciscoAdrian\AppData\Roaming\Subversion
2015-04-05 14:30 - 2014-01-22 21:33 - 00000000 ____D () C:\Program Files\MATLAB
2015-04-05 14:13 - 2012-11-13 18:52 - 00016332 _____ () C:\WINDOWS\system32\results.xml
2015-04-05 14:09 - 2013-08-22 09:44 - 00573728 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-04-05 14:07 - 2013-10-25 20:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-04 14:10 - 2013-08-13 04:02 - 00000000 ____D () C:\Users\FranciscoAdrian\AppData\Roaming\uTorrent
2015-04-04 10:46 - 2012-07-26 03:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2015-04-04 03:29 - 2014-01-22 01:01 - 00000000 ____D () C:\Users\FranciscoAdrian\Desktop\Libros IQ
2015-04-04 03:11 - 2012-11-13 18:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-04-04 01:47 - 2012-10-30 23:06 - 00000000 ____D () C:\ProgramData\Skype
2015-04-04 01:45 - 2012-10-28 17:05 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-04-04 01:33 - 2013-12-14 05:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-03 03:01 - 2013-07-01 02:22 - 00000000 ____D () C:\Users\FranciscoAdrian\Desktop\movies
2015-04-03 01:08 - 2013-08-22 10:36 - 00000000 __RHD () C:\Users\Public\Libraries
2015-04-02 23:58 - 2014-09-10 20:35 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2015-04-02 23:52 - 2014-09-10 20:33 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-04-01 17:13 - 2015-03-04 03:54 - 00000000 ____D () C:\Users\FranciscoAdrian\AppData\Roaming\HpUpdate
2015-03-31 22:41 - 2015-02-28 21:38 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2015-03-31 22:32 - 2012-07-26 03:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2015-03-31 17:18 - 2014-07-11 00:23 - 00001883 _____ () C:\Users\FranciscoAdrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-03-31 16:02 - 2013-10-18 00:18 - 00000000 ____D () C:\Users\FranciscoAdrian
2015-03-30 03:32 - 2013-10-18 00:09 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2015-03-27 21:13 - 2014-09-10 20:33 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2015-03-27 18:56 - 2013-05-05 16:54 - 00000000 ____D () C:\Users\FranciscoAdrian\Desktop\iq
2015-03-27 17:33 - 2013-09-11 20:35 - 00000883 _____ () C:\Users\FranciscoAdrian\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-03-27 17:33 - 2013-08-12 19:31 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-27 17:31 - 2014-04-13 04:38 - 00000000 ____D () C:\Users\FranciscoAdrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-03-27 17:31 - 2012-10-28 03:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-03-27 17:31 - 2012-10-28 03:15 - 00000000 ____D () C:\Program Files\WinRAR
2015-03-27 02:25 - 2013-08-22 00:29 - 00000000 ____D () C:\Users\FranciscoAdrian\Desktop\randompics
2015-03-27 02:24 - 2014-02-24 20:16 - 00000000 ____D () C:\Users\FranciscoAdrian\Documents\TI-Nspire
2015-03-25 19:47 - 2014-06-16 19:20 - 00028698 _____ () C:\WINDOWS\SecuniaPackage.log
2015-03-25 19:45 - 2015-01-19 00:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-03-25 19:22 - 2014-07-29 18:58 - 00001082 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-03-25 19:10 - 2014-11-11 21:38 - 00003726 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-03-25 12:08 - 2013-08-12 18:53 - 00000000 ____D () C:\Users\FranciscoAdrian\AppData\Local\VirtualStore
2015-03-21 11:47 - 2013-01-07 19:27 - 00000000 ___RD () C:\Users\FranciscoAdrian\Google Drive
2015-03-18 20:14 - 2013-10-18 00:10 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-18 20:13 - 2013-10-18 00:09 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-03-13 23:03 - 2013-01-07 19:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-03-13 22:28 - 2014-08-28 20:04 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-03-13 14:41 - 2015-02-11 00:33 - 00027441 _____ () C:\WINDOWS\system32\nvinfo.pb
2015-03-13 14:41 - 2015-01-29 04:48 - 14121624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-03-13 14:41 - 2015-01-29 04:48 - 03303448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-03-13 14:41 - 2015-01-29 04:48 - 02906928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-03-13 14:41 - 2015-01-29 04:48 - 00997856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-03-13 14:41 - 2015-01-29 04:48 - 00878328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-03-13 14:41 - 2013-10-01 00:51 - 00178512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-03-13 14:41 - 2013-10-01 00:51 - 00164568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-03-13 11:16 - 2013-10-18 00:10 - 06861968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-03-13 11:16 - 2013-10-18 00:10 - 03526856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-03-13 11:16 - 2013-10-18 00:10 - 02559808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-03-13 11:16 - 2013-10-18 00:10 - 01099408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-03-13 11:16 - 2013-10-18 00:10 - 00935056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-03-13 11:16 - 2013-10-18 00:10 - 00630416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2015-03-13 11:16 - 2013-10-18 00:10 - 00386248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-03-13 11:16 - 2013-10-18 00:10 - 00075976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-03-13 11:16 - 2013-10-18 00:10 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-03-12 01:38 - 2012-11-11 18:11 - 00000000 ____D () C:\WINDOWS\Downloaded Installations
2015-03-11 20:37 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-03-11 08:10 - 2013-10-18 00:10 - 04246327 _____ () C:\WINDOWS\system32\nvcoproc.bin
2015-03-11 02:28 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-03-11 02:28 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-11 02:28 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-11 02:28 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-03-11 02:28 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-03-11 02:28 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-11 02:28 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-11 00:17 - 2012-10-27 18:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
 
==================== Files in the root of some directories =======
 
2013-10-05 15:40 - 2013-10-05 15:40 - 0000036 _____ () C:\Users\FranciscoAdrian\AppData\Local\housecall.guid.cache
2015-02-16 21:51 - 2015-02-16 22:05 - 0001251 _____ () C:\ProgramData\hpzinstall.log
 
Some content of TEMP:
====================
C:\Users\FranciscoAdrian\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwcf84b.dll
C:\Users\FranciscoAdrian\AppData\Local\Temp\LoLSkinView.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-04-07 04:43
 
==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by FranciscoAdrian at 2015-04-10 17:27:36
Running from C:\Users\FranciscoAdrian\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus y Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus y Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\uTorrent) (Version: 3.4.3.39910 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
Actualización de NVIDIA 2.4.0.9 (Version: 2.4.0.9 - NVIDIA Corporation) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.273 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\{F22C3C05-B1D9-47FF-AA17-4F9DCBFE850F}) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arctic Combat (HKLM-x32\...\Steam App 212370) (Version: - )
Auto Clicker v1.1 (HKLM-x32\...\{C0A7E4F3-82CC-416B-82C6-BA06AACFD635}_is1) (Version: 1.1 - MurGee.com)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.18.5016 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{011580CB-3D7F-47A6-A5D2-1287A4E43C73}) (Version: 0.9.18.5016 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Box Sync (64 bit) (HKLM\...\{C1135974-554F-476D-B04F-0B79CFE49364}) (Version: 3.4.25.0 - Box, Inc)
Brother MFL-Pro Suite DCP-7055W (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
ChemSep 6.97 (HKLM-x32\...\ChemSepL6v97) (Version: 6.97 - ChemSep)
COCO (HKLM\...\COCO) (Version: 2.7 - AmsterCHEM)
Compaq Array Visualizer 1.5 (HKLM-x32\...\ArrayVisualizer15) (Version: - )
Copy (x32 Version: 130.0.366.000 - Hewlett-Packard) Hidden
COSMOthermCO-LITE-C30-1201 (HKLM-x32\...\COSMOthermCO-LITE-C30-1201) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Design-Expert 7.0.0 Trial (HKLM-x32\...\Design-Expert 7.0.0 Trial ) (Version: 7.0.0 - Stat-Ease, Inc.)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
Dia (sólo eliminar) (HKLM-x32\...\Dia) (Version: - )
Dino D-Day (HKLM-x32\...\Steam App 70000) (Version: - 800 North and Digital Ranch)
DJ_AIO_05_F4400_Software_Min (x32 Version: 130.0.448.000 - Hewlett-Packard) Hidden
Dolby Axon - 1.5.1.1 (HKLM-x32\...\{17936630-5344-4F18-9970-616129E2A114}_is1) (Version: 1.5.1.1 - Dolby Laboratories)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dropbox (HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\Dropbox) (Version: 3.4.3 - Dropbox, Inc.)
EES - Engineering Equation Solver (Limited Academic Version) (HKLM-x32\...\EES - Engineering Equation Solver (Limited Academic Version)) (Version: 8.453 - F-Chart Software)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.20 - Lenovo)
Energy Management (x32 Version: 8.0.2.20 - Lenovo) Hidden
Excel CAPE-OPEN Unit Operation (HKLM-x32\...\ExcelUO) (Version: 1.0.50 - AmsterCHEM)
F4400 (x32 Version: 130.0.448.000 - Hewlett-Packard) Hidden
Facebook Messenger 2.1.4651.0 (HKLM-x32\...\{17D26CDD-B87C-412B-92F0-2D5DD4313522}) (Version: 2.1.4651.0 - Facebook)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Gnumeric Spreadsheet 1.10.16-20110616 (HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\Gnumeric) (Version: 1.10.16-20110616 - )
Google Books Downloader version 2.5 (HKLM-x32\...\{216729B6-014A-F413-814F-F17F74FBA113}_is1) (Version: 2.5 - GBOOKSDOWNLOADER.COM)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.82 - Google Inc.)
Google Drive (HKLM-x32\...\{6C36881B-0E51-4231-9D02-BF2149664D34}) (Version: 1.20.8672.3137 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Google+ Auto Backup (HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\Google+ Auto Backup) (Version: 1.0.27.161 - Google, Inc.)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
GTR Evolution (HKLM-x32\...\Steam App 8660) (Version: - SimBin)
Gun Monkeys (HKLM-x32\...\Steam App 239450) (Version: - Size Five Games)
HCALC Free Unlimited Use Version (HKLM-x32\...\{14173D23-5939-441A-A317-EAEDF2658C44}) (Version: 1.1.0.0 - Tahoe Design Software (www.tahoesoft.com))
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet F4400 Printer Driver Software 13.0 Rel .5 (HKLM\...\{5AEBB4A3-6878-4CEE-AD34-0F6958A983F0}) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
hpPrintProjects (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
hpWLPGInstaller (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
HYDROFLO Academic 3.0 (HKLM-x32\...\{3C6BE347-A1B7-426F-9C89-D715D5DBD45F}}_is1) (Version: 3.0 - Tahoe Design Software)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
I-Doser Premium (HKLM-x32\...\I-Doser) (Version: 5.0 - I-Doser.com)
Intel® C++ Redistributables on IA-32 (HKLM-x32\...\{5018D8E6-8D8E-4F76-9AFD-CB2EF1100E84}) (Version: 13.0.089 - Intel Corporation)
Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{791FF357-3DE8-485E-BD59-41844BB16415}) (Version: 13.0.089 - Intel Corporation)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4101 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.5.1001 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 7.0.1628 - CyberLink Corp.) Hidden
LoLSkinView (HKLM-x32\...\{875EAEE1-97A8-4A2A-9307-CF5EA171EA31}) (Version: 2.1.0.7 - MooreR Software)
LSI - LoL Summoner Information (HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\{62B332E9-239D-4692-BDE2-0CC1CF2833DA}_is1) (Version: v4.6.1 - Aequus Gaming Ltd.)
Maple 17 (HKLM\...\Maple 17) (Version: 17.0.0.0 - Maplesoft)
MapleStory (HKLM-x32\...\MapleStory) (Version: - )
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
MATLAB Production Server R2015a (HKLM\...\MATLAB Production Server R2015a) (Version: 2.1 - MathWorks)
McAfee AntiVirus Plus (HKLM-x32\...\MSC) (Version: 14.0.339 - McAfee, Inc.)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - es-es (HKLM\...\O365ProPlusRetail - es-es) (Version: 15.0.4701.1002 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SharePoint Designer 2013 - es-es (HKLM\...\SPDRetail - es-es) (Version: 15.0.4701.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 Management Objects (HKLM-x32\...\{F5E87B12-3C27-452F-8E78-21D42164FD83}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Shell 2008 Service Pack 1 - ENU (HKLM-x32\...\{97E3C3BF-76AC-4DEA-BF8A-434F1EA5F272}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Web Authoring Component (HKLM-x32\...\VisualWebDeveloper) (Version: 12.0.4518.1066 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 37.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 en-US)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version: - )
Nuance PaperPort 12 (HKLM-x32\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
NVIDIA Controlador de gráficos 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA Controlador de la controladora 3D Vision 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.0.9 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.0.9 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Onekey Theater (HKLM-x32\...\InstallShield_{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.7 - Lenovo)
Onekey Theater (x32 Version: 2.0.2.7 - Lenovo) Hidden
ooVoo (HKLM-x32\...\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}) (Version: 3.5.9060 - ooVoo LLC.)
Panel de control de NVIDIA 347.88 (Version: 347.88 - NVIDIA Corporation) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
Paquete de controladores de Windows - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Paquete de controladores de Windows - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
PC Remote (HKLM-x32\...\{05AA3189-A48A-48FD-AD8C-F8192F734767}) (Version: 3.27 - PC Remote)
PDF Split And Merge Basic (HKLM-x32\...\{9A40D2F8-9458-458B-95E3-B57797C574E1}) (Version: 2.2.4 - Andrea Vacondio)
PhoneClean 2.2.2 (HKLM-x32\...\{E980ED1F-AOF8-PF7E-B174-59POS2BOIUVB}}_is1) (Version: 2.2.2 - iMobie Inc.)
PhoneClean 3.5.2 (HKLM-x32\...\{2FAFFE02-4D6B-4C0A-906B-1B33DAF0DD14}}_is1) (Version: 3.5.2 - iMobie Inc.)
PumpBase Academic 3.0 (HKLM-x32\...\{D9341696-2B9C-4F20-B450-1ECD51BB8020}_is1) (Version: 3.0 - Tahoe Design Software)
Python 2.7.9 (HKLM-x32\...\{79F081BF-7454-43DB-BD8F-9EE596813232}) (Version: 2.7.9150 - Python Software Foundation)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RACE 07 (HKLM-x32\...\Steam App 8600) (Version: - SimBin)
RaceRoom Racing Experience (HKLM-x32\...\Steam App 211500) (Version: - SimBin Studios AB)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.4-1.0.12786.82 - raidcall.com)
Really Big Sky (HKLM-x32\...\Steam App 201570) (Version: - Boss Baddie)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7404 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10007 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Scansoft PDF Professional (x32 Version: - ) Hidden
scilab-5.4.1 (64-bit) (HKLM\...\scilab-5.4.1 (64-bit)_is1) (Version: - Scilab Enterprises)
Secunia PSI (2.0.0.4003) (HKLM-x32\...\Secunia PSI) (Version: 2.0.0.4003 - Secunia)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
SHIELD Streaming (Version: 4.0.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.0.9 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SigmaPlot 12.0 (HKLM-x32\...\{730E22C0-A5A9-4A1B-AE66-570573DCA0E8}) (Version: 12.0 - Systat Software, Inc.)
SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.203 - McAfee, Inc.)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2247.4 - Hi-Rez Studios)
Software Intel® PROSet/Wireless (HKLM-x32\...\{eddf4201-b72e-4e94-9e7b-ac1ba97c029f}) (Version: 16.11.0 - Intel Corporation)
Software para dispositivos de chipset Intel® (x32 Version: 10.0.24 - Intel® Corporation) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SpaceChem (HKLM-x32\...\Steam App 92800) (Version: - Zachtronics)
Spotify (HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\Spotify) (Version: 1.0.3.101.gbfa97dfe - Spotify AB)
SQL Server System CLR Types (HKLM-x32\...\{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}) (Version: 10.0.1600.22 - Microsoft Corporation)
SRS Premium Sound Control Panel (HKLM\...\{F3C66EC8-2F33-452D-9CFF-E8C886B3ECC4}) (Version: 1.11.0000 - SRS Labs, Inc.)
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Nintendo Pack 2.5 (HKLM-x32\...\Super Nintendo_is1) (Version: - REGGNETWORK)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.5.2 - Synaptics Incorporated)
System Requirements Lab Detection (HKLM-x32\...\{A407FC22-36BF-4C82-A516-59D94BC505A9}) (Version: 1.0.5.0 - Husdawg, LLC)
System Requirements Lab for Intel (HKLM-x32\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.40798 - TeamViewer)
Telegram Desktop versión 0.8 (HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.8 - Telegram Messenger LLP)
TI-Nspire™ Teacher Software (HKLM-x32\...\{3D32D7F2-07C6-4E95-BC21-A515D82292A8}) (Version: 3.9.0.463 - Texas Instruments Inc.)
Tom Clancy's Ghost Recon Phantoms - NA (HKLM-x32\...\Steam App 243870) (Version: - Ubisoft Singapore)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
TuneUp Utilities 2013 (HKLM-x32\...\TuneUp Utilities 2013) (Version: 13.0.4000.286 - TuneUp Software)
TuneUp Utilities 2013 (x32 Version: 13.0.4000.286 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (en-US) (x32 Version: 13.0.4000.286 - TuneUp Software) Hidden
TunnelBear (HKLM-x32\...\{f9cc160f-ca8c-4098-84e2-39b7b9625569}) (Version: 2.3.6.0 - TunnelBear)
TunnelBear (x32 Version: 2.3.6.0 - TunnelBear) Hidden
Uconeer version 3.4 (HKLM-x32\...\{D3D31E41-48AC-4E11-88EB-4878DDB88436}_is1) (Version: 3.4 - Katmar Software)
Unity Web Player (HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
USEPA Cape Open Class Library with WAR Add-In (HKLM-x32\...\{174EB4DF-7074-4405-A775-361B205C9BE1}) (Version: 1.4.17 - USEPA)
Viber (HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\Viber) (Version: 5.0.0.2821 - Viber Media Inc)
Video Time Reversal 2.06 (HKLM-x32\...\Video Time Reversal 2_is1) (Version: 2.06 - Xander)
Visual Fortran 6.5 (HKLM-x32\...\VisualFortran60) (Version: - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)
VORAGO MO-404 Gaming Mouse (HKLM-x32\...\{B1669080-7C2D-4BA9-AB6F-FD6A4B0CE8AF}) (Version: 1.00 - VORAGO)
Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WISER 4.5 for Windows (HKLM-x32\...\WISER for Windows_is1) (Version: 4.5.191 - National Library of Medicine)
YTD Video Downloader 4.8.9 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8.9 - GreenTree Applications SRL) <==== ATTENTION

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1249880946-500993554-1577037575-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\FranciscoAdrian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1249880946-500993554-1577037575-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\FranciscoAdrian\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1249880946-500993554-1577037575-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\FranciscoAdrian\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1249880946-500993554-1577037575-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\FranciscoAdrian\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1249880946-500993554-1577037575-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\FranciscoAdrian\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1249880946-500993554-1577037575-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\FranciscoAdrian\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1249880946-500993554-1577037575-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\FranciscoAdrian\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1249880946-500993554-1577037575-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\FranciscoAdrian\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1249880946-500993554-1577037575-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\FranciscoAdrian\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1249880946-500993554-1577037575-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\FranciscoAdrian\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1249880946-500993554-1577037575-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\FranciscoAdrian\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1249880946-500993554-1577037575-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\FranciscoAdrian\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1249880946-500993554-1577037575-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\FranciscoAdrian\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1249880946-500993554-1577037575-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\FranciscoAdrian\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1249880946-500993554-1577037575-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\FranciscoAdrian\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1249880946-500993554-1577037575-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\FranciscoAdrian\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1249880946-500993554-1577037575-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\FranciscoAdrian\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points =========================

10-04-2015 07:36:27 Removed Company of Heroes.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {18B9FE9D-2838-48A5-A7AD-B2C5B4A476ED} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-02-03] (Microsoft Corporation)
Task: {2221CFA0-E5FE-48E4-9E15-92E7814F3AC1} - System32\Tasks\{318F0B62-1C84-4F86-8537-D4889D7F09B8} => pcalua.exe -a "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\Uninstall\setup.exe" -c -uninstall
Task: {23456283-4A9B-4145-9860-80CB1802BF10} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-02-10] (Oracle Corporation)
Task: {250C97E9-234F-40BC-80E8-6F83B0402BC8} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-23] (Microsoft Corporation)
Task: {26D49E34-3B07-4C86-92FD-0669AA435EEE} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {360D2254-C1C9-4E06-826F-BECDE4FB6268} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2014-01-28] (TuneUp Software)
Task: {38FB87CC-E236-4A79-95B6-96B25E64C982} - System32\Tasks\HP online update program => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)
Task: {451B220C-1698-43AF-A032-036FCE24D33A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-28] (Google Inc.)
Task: {4803A287-4808-43BF-8254-09687CD17F33} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-02-10] (Microsoft Corporation)
Task: {5618D408-F129-4D3F-869E-78B73A12F783} - System32\Tasks\{3170321D-2DE8-4399-9C04-52B6F6DB5C8A} => Chrome.exe http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.9.0.115&amp;LastError=404
Task: {5765C886-977D-4F20-9323-2DFC80EDB5BC} - System32\Tasks\{DCFD1005-390D-4AFC-8D78-1CE59CF4B346} => pcalua.exe -a "C:\Users\FranciscoAdrian\Downloads\WIN8_TouchPad (2).exe" -d C:\Users\FranciscoAdrian\Downloads
Task: {5FF1205A-6AD2-4C56-8E1D-36207A5B63B7} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-23] (Microsoft Corporation)
Task: {756D5EEC-6F17-4BB4-AB51-C1E61DFCA673} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1249880946-500993554-1577037575-1001UA => C:\Users\FranciscoAdrian\AppData\Local\Facebook\Update\FacebookUpdate.exe [2015-02-12] (Facebook Inc.)
Task: {77F5D282-B6FD-4DE7-B846-45E5AE2FFB25} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1249880946-500993554-1577037575-1001UA => C:\Users\FranciscoAdrian\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-06] (Google Inc.)
Task: {7F2D5338-F1CC-4184-A5B7-910B5DA40ABF} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-23] (Microsoft Corporation)
Task: {82A8FB6A-2315-477F-AB8E-F56971759071} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1249880946-500993554-1577037575-1001Core => C:\Users\FranciscoAdrian\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-06] (Google Inc.)
Task: {8BCD8D93-2822-423B-A9E8-AF27798AA361} - System32\Tasks\Google Updater and Installer => C:\Users\FranciscoAdrian\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-06] (Google Inc.)
Task: {8ED3582A-FDD6-4118-84C8-E3B39B3F2201} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {99F1DA7D-8C30-4301-AF29-F0C62182A35B} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {A1024062-235F-4D0E-8B09-F288ED08D9FF} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-25] (Adobe Systems Incorporated)
Task: {A5E17C02-C195-47E3-B686-36F3170B9799} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1249880946-500993554-1577037575-1001Core => C:\Users\FranciscoAdrian\AppData\Local\Facebook\Update\FacebookUpdate.exe [2015-02-12] (Facebook Inc.)
Task: {A63AD3D9-66E7-4530-8002-DE39765DA52A} - System32\Tasks\Run LSI => C:\Program Files (x86)\LSI\LoLSummonerInfo.exe [2015-04-05] (Aequus Gaming)
Task: {B4C00C3B-EC93-4A27-A955-D9E5780155F9} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-23] (Microsoft Corporation)
Task: {BBADE4B1-8E83-4121-95B8-E7E13F404E79} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {C511057B-02A4-4A13-A30A-05C6161B6D79} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C5365727-ED9E-4A50-B016-19F45FBE0E1B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {C82F0587-FF0C-41AA-8CF6-A19505A0AAC4} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe
Task: {CB455213-F027-4726-8BE7-FCEA6E883F3E} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe
Task: {D04020FC-F843-4A95-8013-96FD17143644} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-03-09] (Microsoft Corporation)
Task: {DE8DC296-8DEB-4AFD-8726-357849F179C8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-02-03] (Microsoft Corporation)
Task: {E51E61E3-DFBD-4CDC-93F5-87632CAE76DF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {FCEED83F-B15A-4C0C-AD9F-F0750AECB4A5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-28] (Google Inc.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1249880946-500993554-1577037575-1001Core.job => C:\Users\FranciscoAdrian\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1249880946-500993554-1577037575-1001UA.job => C:\Users\FranciscoAdrian\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1249880946-500993554-1577037575-1001Core.job => C:\Users\FranciscoAdrian\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1249880946-500993554-1577037575-1001UA.job => C:\Users\FranciscoAdrian\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2013-10-18 00:10 - 2015-03-13 11:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-12-03 11:44 - 2014-12-03 11:44 - 00029184 _____ () C:\WINDOWS\System32\ssa6mlm.dll
2015-01-13 07:04 - 2005-04-21 23:36 - 00143360 ____R () C:\WINDOWS\system32\BrSNMP64.dll
2014-01-28 13:10 - 2014-01-28 13:10 - 00741176 _____ () C:\Program Files (x86)\TuneUp Utilities 2013\avgrepliba.dll
2010-11-11 10:42 - 2010-11-11 10:42 - 00202144 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect64.dll
2010-11-11 10:44 - 2010-11-11 10:44 - 00156576 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll64.dll
2012-12-14 02:42 - 2012-12-14 02:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-05-11 19:29 - 2012-12-17 08:24 - 00278528 _____ () C:\Program Files (x86)\VORAGO\MO-404\mousehid.exe
2015-04-10 08:06 - 2015-04-10 08:05 - 00100256 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
2013-12-17 17:26 - 2015-03-08 07:40 - 00721224 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2013-12-17 17:26 - 2015-03-08 07:40 - 00855240 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2015-03-31 17:00 - 2015-03-31 17:00 - 40622592 _____ () C:\Program Files (x86)\LSI\libcef.dll
2014-10-10 14:52 - 2014-10-10 14:52 - 00570947 _____ () C:\Program Files (x86)\LSI\sqlite3.dll
2010-11-11 10:38 - 2010-11-11 10:38 - 00161696 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll
2010-11-11 10:39 - 2010-11-11 10:39 - 00133024 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll
2015-03-10 21:31 - 2015-03-31 17:18 - 40506936 _____ () C:\Users\FranciscoAdrian\AppData\Roaming\Spotify\libcef.dll
2014-01-11 22:08 - 2013-08-02 15:07 - 00073728 _____ () C:\Program Files (x86)\DolbyAxon\zlib1.dll
2015-04-10 16:32 - 2015-04-10 16:32 - 00148480 _____ () C:\Users\FranciscoAdrian\AppData\Local\Temp\DVPFB0B.tmp
2015-03-10 21:31 - 2015-03-31 17:18 - 01365560 _____ () C:\Users\FranciscoAdrian\AppData\Roaming\Spotify\libglesv2.dll
2015-03-10 21:31 - 2015-03-31 17:18 - 00219192 _____ () C:\Users\FranciscoAdrian\AppData\Roaming\Spotify\libegl.dll
2015-03-10 21:31 - 2015-03-18 15:34 - 09305656 _____ () C:\Users\FranciscoAdrian\AppData\Roaming\Spotify\pdf.dll
2015-03-10 21:31 - 2015-03-31 17:18 - 00990776 _____ () C:\Users\FranciscoAdrian\AppData\Roaming\Spotify\ffmpegsumo.dll
2015-03-31 17:00 - 2015-03-31 17:00 - 00911360 _____ () C:\Program Files (x86)\LSI\libglesv2.dll
2015-03-31 17:00 - 2015-03-31 17:00 - 00134144 _____ () C:\Program Files (x86)\LSI\libegl.dll
2015-03-31 17:00 - 2015-03-31 17:00 - 00950272 _____ () C:\Program Files (x86)\LSI\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\FranciscoAdrian\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1249880946-500993554-1577037575-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\FranciscoAdrian\AppData\Roaming\Microsoft\Windows Photo Viewer\Papel tapiz de Visualizador de fotos de Windows.jpg
DNS Servers: 192.168.1.254

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "Box Sync.lnk"
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\StartupFolder: => "TDS's Free HCALC 1.1.lnk"
HKLM\...\StartupApproved\Run: => "S_Monitor"
HKLM\...\StartupApproved\Run: => "UpdatePRCShortCut"
HKLM\...\StartupApproved\Run: => "Zune Launcher"
HKLM\...\StartupApproved\Run: => "BoxSyncHelper"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "IAStorIcon"
HKLM\...\StartupApproved\Run32: => "332BigDog"
HKLM\...\StartupApproved\Run32: => "UpdatePRCShortCut"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "YouCam Mirage"
HKLM\...\StartupApproved\Run32: => "YouCam Tray"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "B2C_AGENT"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "IndexSearch"
HKLM\...\StartupApproved\Run32: => "PaperPort PTD"
HKLM\...\StartupApproved\Run32: => "PPort12reminder"
HKLM\...\StartupApproved\Run32: => "PDFHook"
HKLM\...\StartupApproved\Run32: => "PDF5 Registry Controller"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\StartupApproved\Run: => "ooVoo"
HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\StartupApproved\Run: => "SkyDrive"
HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\StartupApproved\Run: => "Facebook Update"
HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\StartupApproved\Run: => "Adobe Reader Synchronizer"
HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\StartupApproved\Run: => "Google+ Auto Backup"
HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\StartupApproved\Run: => "MurGee.com Auto Clicker"
HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\StartupApproved\Run: => "ISUSPM"
HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\StartupApproved\Run: => "Overwolf"

==================== Accounts: =============================

Administrador (S-1-5-21-1249880946-500993554-1577037575-500 - Administrator - Disabled)
FranciscoAdrian (S-1-5-21-1249880946-500993554-1577037575-1001 - Administrator - Enabled) => C:\Users\FranciscoAdrian
HomeGroupUser$ (S-1-5-21-1249880946-500993554-1577037575-1008 - Limited - Enabled)
Invitado (S-1-5-21-1249880946-500993554-1577037575-501 - Limited - Enabled) => C:\Users\Invitado

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/10/2015 05:28:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: OpenWith.exe, versión: 6.3.9600.17415, marca de tiempo: 0x54504cff
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00007ff9b2fc0000
Identificador del proceso con errores: 0x1c3c
Hora de inicio de la aplicación con errores: 0xOpenWith.exe0
Ruta de acceso de la aplicación con errores: OpenWith.exe1
Ruta de acceso del módulo con errores: OpenWith.exe2
Identificador del informe: OpenWith.exe3
Nombre completo del paquete con errores: OpenWith.exe4
Identificador de aplicación relativa del paquete con errores: OpenWith.exe5

Error: (04/10/2015 05:18:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mcagent.exe, versión: 14.0.339.0, marca de tiempo: 0x54f5e66d
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00007ff9b2fc0080
Identificador del proceso con errores: 0x232c
Hora de inicio de la aplicación con errores: 0xmcagent.exe0
Ruta de acceso de la aplicación con errores: mcagent.exe1
Ruta de acceso del módulo con errores: mcagent.exe2
Identificador del informe: mcagent.exe3
Nombre completo del paquete con errores: mcagent.exe4
Identificador de aplicación relativa del paquete con errores: mcagent.exe5

Error: (04/10/2015 05:09:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mcagent.exe, versión: 14.0.339.0, marca de tiempo: 0x54f5e66d
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00007ff9b2fc0080
Identificador del proceso con errores: 0x2294
Hora de inicio de la aplicación con errores: 0xmcagent.exe0
Ruta de acceso de la aplicación con errores: mcagent.exe1
Ruta de acceso del módulo con errores: mcagent.exe2
Identificador del informe: mcagent.exe3
Nombre completo del paquete con errores: mcagent.exe4
Identificador de aplicación relativa del paquete con errores: mcagent.exe5

Error: (04/10/2015 05:07:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mcuicnt.exe, versión: 7.0.232.0, marca de tiempo: 0x54dbd4b1
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00007ff9b2fc0080
Identificador del proceso con errores: 0x267c
Hora de inicio de la aplicación con errores: 0xmcuicnt.exe0
Ruta de acceso de la aplicación con errores: mcuicnt.exe1
Ruta de acceso del módulo con errores: mcuicnt.exe2
Identificador del informe: mcuicnt.exe3
Nombre completo del paquete con errores: mcuicnt.exe4
Identificador de aplicación relativa del paquete con errores: mcuicnt.exe5

Error: (04/10/2015 05:07:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mcuicnt.exe, versión: 7.0.232.0, marca de tiempo: 0x54dbd4b1
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00007ff9b2fc0080
Identificador del proceso con errores: 0x266c
Hora de inicio de la aplicación con errores: 0xmcuicnt.exe0
Ruta de acceso de la aplicación con errores: mcuicnt.exe1
Ruta de acceso del módulo con errores: mcuicnt.exe2
Identificador del informe: mcuicnt.exe3
Nombre completo del paquete con errores: mcuicnt.exe4
Identificador de aplicación relativa del paquete con errores: mcuicnt.exe5

Error: (04/10/2015 05:01:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: SettingSyncHost.exe, versión: 6.3.9600.17415, marca de tiempo: 0x54503b4a
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00007ff9b2fc0000
Identificador del proceso con errores: 0xdb0
Hora de inicio de la aplicación con errores: 0xSettingSyncHost.exe0
Ruta de acceso de la aplicación con errores: SettingSyncHost.exe1
Ruta de acceso del módulo con errores: SettingSyncHost.exe2
Identificador del informe: SettingSyncHost.exe3
Nombre completo del paquete con errores: SettingSyncHost.exe4
Identificador de aplicación relativa del paquete con errores: SettingSyncHost.exe5

Error: (04/10/2015 05:01:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: SettingSyncHost.exe, versión: 6.3.9600.17415, marca de tiempo: 0x54503b4a
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00007ff9b2fc0000
Identificador del proceso con errores: 0xdb0
Hora de inicio de la aplicación con errores: 0xSettingSyncHost.exe0
Ruta de acceso de la aplicación con errores: SettingSyncHost.exe1
Ruta de acceso del módulo con errores: SettingSyncHost.exe2
Identificador del informe: SettingSyncHost.exe3
Nombre completo del paquete con errores: SettingSyncHost.exe4
Identificador de aplicación relativa del paquete con errores: SettingSyncHost.exe5

Error: (04/10/2015 05:01:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: SettingSyncHost.exe, versión: 6.3.9600.17415, marca de tiempo: 0x54503b4a
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00007ff9b2fc0000
Identificador del proceso con errores: 0xdb0
Hora de inicio de la aplicación con errores: 0xSettingSyncHost.exe0
Ruta de acceso de la aplicación con errores: SettingSyncHost.exe1
Ruta de acceso del módulo con errores: SettingSyncHost.exe2
Identificador del informe: SettingSyncHost.exe3
Nombre completo del paquete con errores: SettingSyncHost.exe4
Identificador de aplicación relativa del paquete con errores: SettingSyncHost.exe5

Error: (04/10/2015 04:56:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mcuicnt.exe, versión: 7.0.232.0, marca de tiempo: 0x54dbd4b1
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00007ff9b2fc0080
Identificador del proceso con errores: 0x1fdc
Hora de inicio de la aplicación con errores: 0xmcuicnt.exe0
Ruta de acceso de la aplicación con errores: mcuicnt.exe1
Ruta de acceso del módulo con errores: mcuicnt.exe2
Identificador del informe: mcuicnt.exe3
Nombre completo del paquete con errores: mcuicnt.exe4
Identificador de aplicación relativa del paquete con errores: mcuicnt.exe5

Error: (04/10/2015 04:55:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mcuicnt.exe, versión: 7.0.232.0, marca de tiempo: 0x54dbd4b1
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00007ff9b2fc0080
Identificador del proceso con errores: 0x4d0
Hora de inicio de la aplicación con errores: 0xmcuicnt.exe0
Ruta de acceso de la aplicación con errores: mcuicnt.exe1
Ruta de acceso del módulo con errores: mcuicnt.exe2
Identificador del informe: mcuicnt.exe3
Nombre completo del paquete con errores: mcuicnt.exe4
Identificador de aplicación relativa del paquete con errores: mcuicnt.exe5


System errors:
=============
Error: (04/10/2015 05:09:34 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: Se detectó un daño en la estructura del sistema de archivos del volumen C:.

Se encontró un daño en una estructura de índice del sistema de archivos. El número de referencia del archivo es 0xd00000003241a. El nombre del archivo es "\Windows\WinSxS\Temp\PendingRenames". El atributo de índice dañado es ":$I30:$INDEX_ALLOCATION".

Error: (04/10/2015 05:08:03 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {211EBA3A-EA5A-496B-A021-5C6BEB365E4C}

Error: (04/10/2015 04:56:58 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {ADA518B9-B7A3-4C36-B4ED-49EB3FA189FC}

Error: (04/10/2015 04:56:28 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {ADA518B9-B7A3-4C36-B4ED-49EB3FA189FC}

Error: (04/10/2015 04:55:52 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {ADA518B9-B7A3-4C36-B4ED-49EB3FA189FC}

Error: (04/10/2015 04:55:22 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {ADA518B9-B7A3-4C36-B4ED-49EB3FA189FC}

Error: (04/10/2015 04:54:47 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {ADA518B9-B7A3-4C36-B4ED-49EB3FA189FC}

Error: (04/10/2015 04:54:17 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {ADA518B9-B7A3-4C36-B4ED-49EB3FA189FC}

Error: (04/10/2015 04:53:42 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {ADA518B9-B7A3-4C36-B4ED-49EB3FA189FC}

Error: (04/10/2015 04:53:12 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {ADA518B9-B7A3-4C36-B4ED-49EB3FA189FC}


Microsoft Office Sessions:
=========================
Error: (04/10/2015 05:28:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OpenWith.exe6.3.9600.1741554504cffunknown0.0.0.000000000c000000500007ff9b2fc00001c3c01d073ddb3bf517cC:\WINDOWS\system32\OpenWith.exeunknownf4275e71-dfd0-11e4-bf52-e89a8f1822eb

Error: (04/10/2015 05:18:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mcagent.exe14.0.339.054f5e66dunknown0.0.0.000000000c000000500007ff9b2fc0080232c01d073dc4d8a6302C:\Program Files\McAfee.com\Agent\mcagent.exeunknown8b563432-dfcf-11e4-bf52-e89a8f1822eb

Error: (04/10/2015 05:09:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mcagent.exe14.0.339.054f5e66dunknown0.0.0.000000000c000000500007ff9b2fc0080229401d073db0e8dae24C:\Program Files\McAfee.com\Agent\mcagent.exeunknown4c5931f0-dfce-11e4-bf52-e89a8f1822eb

Error: (04/10/2015 05:07:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mcuicnt.exe7.0.232.054dbd4b1unknown0.0.0.000000000c000000500007ff9b2fc0080267c01d073dabe81fd6cC:\Program Files\Common Files\McAfee\Platform\mcuicnt.exeunknownfc41601c-dfcd-11e4-bf52-e89a8f1822eb

Error: (04/10/2015 05:07:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mcuicnt.exe7.0.232.054dbd4b1unknown0.0.0.000000000c000000500007ff9b2fc0080266c01d073dabe816116C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exeunknownfc40ead6-dfcd-11e4-bf52-e89a8f1822eb

Error: (04/10/2015 05:01:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SettingSyncHost.exe6.3.9600.1741554503b4aunknown0.0.0.000000000c000000500007ff9b2fc0000db001d073d5da1797d5C:\Windows\System32\SettingSyncHost.exeunknown34f8303c-dfcd-11e4-bf52-e89a8f1822eb

Error: (04/10/2015 05:01:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SettingSyncHost.exe6.3.9600.1741554503b4aunknown0.0.0.000000000c000000500007ff9b2fc0000db001d073d5da1797d5C:\Windows\System32\SettingSyncHost.exeunknown34c46d51-dfcd-11e4-bf52-e89a8f1822eb

Error: (04/10/2015 05:01:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SettingSyncHost.exe6.3.9600.1741554503b4aunknown0.0.0.000000000c000000500007ff9b2fc0000db001d073d5da1797d5C:\Windows\System32\SettingSyncHost.exeunknown34159076-dfcd-11e4-bf52-e89a8f1822eb

Error: (04/10/2015 04:56:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mcuicnt.exe7.0.232.054dbd4b1unknown0.0.0.000000000c000000500007ff9b2fc00801fdc01d073d9322da8b4C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exeunknown6feae830-dfcc-11e4-bf52-e89a8f1822eb

Error: (04/10/2015 04:55:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mcuicnt.exe7.0.232.054dbd4b1unknown0.0.0.000000000c000000500007ff9b2fc00804d001d073d920424b91C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exeunknown5dfacf4a-dfcc-11e4-bf52-e89a8f1822eb


CodeIntegrity Errors:
===================================
Date: 2015-02-28 20:07:11.652
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-02-28 01:11:57.939
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-02-28 01:11:27.671
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-02-28 01:10:39.993
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-02-28 01:10:09.535
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-02-28 01:09:35.220
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-02-28 01:08:36.513
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-02-28 01:07:36.194
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-02-28 01:07:05.695
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-02-28 00:55:30.343
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel® Core™ i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 53%
Total physical RAM: 8096.48 MB
Available physical RAM: 3803.97 MB
Total Pagefile: 9376.48 MB
Available Pagefile: 4316.07 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:564.39 GB) (Free:26.05 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 927CB349)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=564.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16.8 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12)

==================== End Of Log ============================

Attached Files


Edited by Oh My!, 13 April 2015 - 12:39 PM.


BC AdBot (Login to Remove)

 


m

#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,532 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:46 PM

Posted 13 April 2015 - 12:53 PM

Greetings pacoagc and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. Please consider and do this.

Cut and paste FRST.exe directly onto your Desktop.

===================================================

P2P Warning

--------------------

Going over your logs I noticed that you have µTorrent installed. It is pretty much certain that if you continue to use P2P programs, you will get infected again.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
I would recommend that you uninstall µTorrent, however that choice is up to you. If you choose to remove the program, you can do so via Start > Control Panel > Add/Remove Programs.

If you are still leaning toward using this program, please take a look at this information about Ransomware which can be delivered via P2P file transfers. The newest variation of Ransomware can make it impossible to recover the files this malicious software encrypts. In other words, you will probably lose most if not all of your valuable information, including pictures. In addition it has recently been reported that P2P downloads may be tracked resulting in your IP address being monitored by copyright authorities. .

If you wish to keep it, please do not use it until we are completely done and your machine is determined to be clean and updated.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\MountPoints2: {1e1ff773-523a-11e4-bf19-e89a8f1822eb} - "F:\LaunchU3.exe" -a
HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\MountPoints2: {b9e73054-0bfb-11e3-bebb-e89a8f1822eb} - "E:\setup.exe" 
HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\MountPoints2: {d7197630-b3f9-11e4-bf3c-e89a8f1822eb} - "F:\InstalarOffice.bat" 
HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\MountPoints2: {dc08c7dc-815b-11e3-bedc-e89a8f1822eb} - "E:\setup.exe" 
BHO: Hotspot Shield Class -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} ->  No File
S3 cpuz136; \??\C:\WINDOWS\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
S3 GPUZ; \??\C:\WINDOWS\TEMP\GPUZ.sys [X]
S3 NPF; system32\drivers\NPF.sys [X]
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

SystemLook by jpshortstuff

--------------------
  • Please download SystemLook from one of the links below and save it to your Desktop.

Download Mirror #1
Download Mirror #2
Download Mirror #3 For 64-bit users

  • Double-click SystemLook.exe to run it.
  • Vista\Windows 7 users:: Right click on SystemLook.exe, click Run As Administrator
  • Copy the content of the following codebox into the main textfield:
:filefind
*APPRAISER_Utc.etl
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • SystemLook report
  • System Summary Information

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 pacoagc

pacoagc
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:46 PM

Posted 14 April 2015 - 01:48 AM

Thank you in advance Gary, i did all you told me, if i made a mistake, please tell me, and i will still use utorrent, i havent had any problem with it, until now

  • Fixlog
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-04-2015
Ran by FranciscoAdrian at 2015-04-14 01:19:22 Run:1
Running from C:\Users\FranciscoAdrian\Desktop
Loaded Profiles: FranciscoAdrian (Available profiles: FranciscoAdrian & Invitado)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\MountPoints2: {1e1ff773-523a-11e4-bf19-e89a8f1822eb} - "F:\LaunchU3.exe" -a
HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\MountPoints2: {b9e73054-0bfb-11e3-bebb-e89a8f1822eb} - "E:\setup.exe" 
HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\MountPoints2: {d7197630-b3f9-11e4-bf3c-e89a8f1822eb} - "F:\InstalarOffice.bat" 
HKU\S-1-5-21-1249880946-500993554-1577037575-1001\...\MountPoints2: {dc08c7dc-815b-11e3-bedc-e89a8f1822eb} - "E:\setup.exe" 
BHO: Hotspot Shield Class -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} ->  No File
S3 cpuz136; \??\C:\WINDOWS\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
S3 GPUZ; \??\C:\WINDOWS\TEMP\GPUZ.sys [X]
S3 NPF; system32\drivers\NPF.sys [X]
*****************
 
"HKU\S-1-5-21-1249880946-500993554-1577037575-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1e1ff773-523a-11e4-bf19-e89a8f1822eb}" => Key deleted successfully.
HKCR\CLSID\{1e1ff773-523a-11e4-bf19-e89a8f1822eb} => Key not found. 
"HKU\S-1-5-21-1249880946-500993554-1577037575-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b9e73054-0bfb-11e3-bebb-e89a8f1822eb}" => Key deleted successfully.
HKCR\CLSID\{b9e73054-0bfb-11e3-bebb-e89a8f1822eb} => Key not found. 
"HKU\S-1-5-21-1249880946-500993554-1577037575-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d7197630-b3f9-11e4-bf3c-e89a8f1822eb}" => Key deleted successfully.
HKCR\CLSID\{d7197630-b3f9-11e4-bf3c-e89a8f1822eb} => Key not found. 
"HKU\S-1-5-21-1249880946-500993554-1577037575-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dc08c7dc-815b-11e3-bedc-e89a8f1822eb}" => Key deleted successfully.
HKCR\CLSID\{dc08c7dc-815b-11e3-bedc-e89a8f1822eb} => Key not found. 
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}" => Key deleted successfully.
"HKCR\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}" => Key deleted successfully.
cpuz136 => Service deleted successfully.
EagleX64 => Service deleted successfully.
GPUZ => Service deleted successfully.
NPF => Service deleted successfully.
 
==== End of Fixlog 01:19:23 ====
  • SystemLook report
SystemLook 30.07.11 by jpshortstuff
Log created at 01:20 on 14/04/2015 by FranciscoAdrian
Administrator - Elevation successful
 
========== filefind ==========
 
Searching for "*APPRAISER_Utc.etl"
No files found.
 
-= EOF =-
  • System Summary Information

attached

Attached Files



#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,532 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:46 PM

Posted 14 April 2015 - 01:33 PM

Could you please attempt the System Summary steps again. I can't open the file you attached. We also need to run SystemLook again as instructed below.

===================================================

SystemLook by jpshortstuff

--------------------
  • Double-click SystemLook.exe to run it.
  • Vista\Windows 7 users:: Right click on SystemLook.exe, click Run As Administrator
  • Copy the content of the following codebox into the main textfield:
:filefind
*Utc.etl*
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Attached System Summary report
  • SystemLook log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 pacoagc

pacoagc
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:46 PM

Posted 15 April 2015 - 09:32 PM

 
SystemLook 30.07.11 by jpshortstuff
Log created at 21:13 on 15/04/2015 by FranciscoAdrian
Administrator - Elevation successful
 
========== filefind ==========
 
Searching for "*Utc.etl*"
No files found.
 
-= EOF =-

Attached Files



#6 pacoagc

pacoagc
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:46 PM

Posted 15 April 2015 - 09:34 PM

However, since the microsoft tuesday updates, now my hardrive is like it had been, I have around 80gb free instead of zero space, when i publish the problem



#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,532 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:46 PM

Posted 15 April 2015 - 10:21 PM

Yes, the file is no longer there. The file contained crash information and since it was so large I was wondering what was causing the problem. Are you experiencing any system or application crashes?

Please do this.

===================================================

ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan This process may may take several hours, that is normal.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click Run ESET Online Scanner.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.
  • Check YES, I accept the Terms of Use.
  • Click the Start button.
  • Click Enable detection of potentially unwanted applications
  • Accept any security warnings from your browser.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply. Note: If no malware was found you will not get a log.
  • Click the Back button.
  • Check Uninstall application on close and Delete quarantined files
  • Click the Finish button.
  • Close the ESET window and reboot your computer
===================================================

screen317's Security Check

--------------------
  • Please download screen317's Security Check to your desktop
  • Double-click icon to launch the program
  • Click OK
  • Select Run Note: If you receive an error message saying UNSUPPORTED OPERATING SYSTEM! ABORTED! reboot your computer and attempt to run it again
  • Allow the program to run
  • A Notepad document will open on your desktop. Please copy and paste the contents in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • ESET log
  • Security Check log
  • How is your computer running?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#8 pacoagc

pacoagc
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:46 PM

Posted 17 April 2015 - 09:03 PM

  • ESET log

My computer went off because there was an outage and so i am running again the eset

 

  • Security Check log

 Results of screen317's Security Check version 1.00  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Windows Defender                   
McAfee Anti-Virus y Anti-Spyware   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 SiteAdvisor     
 Secunia PSI (2.0.0.4003)   
 TuneUp Utilities 2013   
 TuneUp Utilities Language Pack (en-US) 
 TuneUp Utilities 2013   
 Java 8 Update 45  
 Java version 32-bit out of Date! 
 Adobe Flash Player 17.0.0.169  
 Adobe Reader XI  
 Mozilla Firefox (37.0.1) 
 Google Chrome (42.0.2311.82) 
 Google Chrome (43.0.2357.18) 
````````Process Check: objlist.exe by Laurent````````  
 ESET ESET Online Scanner OnlineCmdLineScanner.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 
 
  • How is your computer running?

My computer is running as usually it had been running, no problems at all



#9 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,532 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:46 PM

Posted 17 April 2015 - 09:46 PM

Great, we will take a look at the ESET log once it completes.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,532 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:46 PM

Posted 20 April 2015 - 09:00 AM

Greetings,

===================================================

3 Day Bump

It has been more than 3 days since my last post.
  • Do you still need help with this?
  • If after 48hrs you have not replied to this thread then it will have to be closed.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 pacoagc

pacoagc
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:46 PM

Posted 21 April 2015 - 09:52 PM

sorry for the wait, i had some exams so i was quite busy 

 

eset log

C:\Users\All Users\YTD Video Downloader\ytd_installer.exe a variant of Win32/Toolbar.Widgi.N potentially unwanted application
C:\ProgramData\YTD Video Downloader\ytd_installer.exe a variant of Win32/Toolbar.Widgi.N potentially unwanted application deleted - quarantined


#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,532 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:46 PM

Posted 22 April 2015 - 09:01 AM

Hope you did well with your exams.

That looks great. Are there any other remaining issues?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,532 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:46 PM

Posted 25 April 2015 - 02:03 PM

Greetings,

===================================================

3 Day Bump

It has been more than 3 days since my last post.
  • Do you still need help with this?
  • If after 48hrs you have not replied to this thread then it will have to be closed.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,532 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:46 PM

Posted 27 April 2015 - 05:57 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users