Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

corrupted driver in kernel stack


  • This topic is locked This topic is locked
19 replies to this topic

#1 passacaglia

passacaglia

  • Members
  • 323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vina del Mar, Chile
  • Local time:05:53 AM

Posted 01 December 2015 - 12:09 PM

Original topic here now closed. Member has run ComboFix but logs not posted yet or prep guide followed. ~ Animal


Cannot find modem for broadband. Error 737. Checked connections and reset modem 3 or 4 times. Harware scan for modem did not find any plug-and-play modem. 
 
Checked for drivers with verifier.exe
 
Used different settings every time I used verifier. Got a lot of BSODs. One said "corrupted driver in kernel stack". There was a list of long codes at the bottom. Another BSOD said STOP.
 
I went out of verifier with verifier /reset. Had to be quick about it.
 
Installed Wi-FI with USB antenna and drivers. No problem with Wi-Fi.

BC AdBot (Login to Remove)

 


#2 passacaglia

passacaglia
  • Topic Starter

  • Members
  • 323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vina del Mar, Chile
  • Local time:05:53 AM

Posted 01 December 2015 - 12:14 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:30-11-2015
Ran by ERNESTO (administrator) on ERNESTO-PC (01-12-2015 13:40:40)
Running from D:\Downloads
Loaded Profiles: ERNESTO (Available Profiles: ERNESTO)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(Corsair) C:\Program Files (x86)\Corsair SSD Toolbox\CSSDTService.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Skillbrains) C:\Users\ERNESTO\AppData\Local\Skillbrains\lightshot\3.4.0.0\Lightshot.exe
(Mega Limited) C:\Users\ERNESTO\AppData\Local\MEGAsync\MEGAsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
() C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [PowerDVD14Agent] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe [795672 2014-03-17] (CyberLink Corp.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [337432 2013-04-15] (Power Software Ltd)
HKLM-x32\...\Run: [ZALFree] => C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe [8980016 2015-11-05] (Zemana Ltd.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2015-06-15] (Intel Corporation)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [71680 2015-10-09] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKU\S-1-5-21-3922804685-3341963184-3349325189-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-3922804685-3341963184-3349325189-1000\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2426144 2014-11-25] (IObit)
HKU\S-1-5-21-3922804685-3341963184-3349325189-1000\...\Run: [LightShot] => C:\Users\ERNESTO\AppData\Local\Skillbrains\lightshot\LightShot.exe [226152 2013-02-21] ()
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\ERNESTO\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\ERNESTO\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\ERNESTO\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\ERNESTO\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\ERNESTO\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\ERNESTO\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
Startup: C:\Users\ERNESTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2015-11-18]
ShortcutTarget: MEGAsync.lnk -> C:\Users\ERNESTO\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 200.83.1.4 190.160.0.14 200.30.192.15
Tcpip\..\Interfaces\{5D101D10-4053-4125-8B95-6A659B54AA5D}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{72522D9D-2841-45F2-B2B5-6F0DEEB14C32}: [DhcpNameServer] 200.83.1.4 190.160.0.14 200.30.192.15
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3922804685-3341963184-3349325189-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3922804685-3341963184-3349325189-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security Technical Preview 16.0.0\x64\IEExt\ie_plugin.dll [2015-04-06] (Kaspersky Lab ZAO)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security Technical Preview 16.0.0\IEExt\ie_plugin.dll [2015-04-06] (Kaspersky Lab ZAO)
Toolbar: HKLM - No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -  No File
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security Technical Preview 16.0.0\x64\IEExt\ie_plugin.dll [2015-04-06] (Kaspersky Lab ZAO)
Toolbar: HKLM-x32 - No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -  No File
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security Technical Preview 16.0.0\IEExt\ie_plugin.dll [2015-04-06] (Kaspersky Lab ZAO)
IE Session Restore: HKU\S-1-5-21-3922804685-3341963184-3349325189-1000 -> is enabled.
 
FireFox:
========
FF ProfilePath: C:\Users\ERNESTO\AppData\Roaming\Mozilla\Firefox\Profiles\n35uo09y.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-14] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-12-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-12-01] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security Technical Preview 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security Technical Preview 16.0.0\FFExt\light_plugin_firefox [2015-11-17] [not signed]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\ERNESTO\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\ERNESTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-16]
CHR Extension: (YouTube) - C:\Users\ERNESTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-16]
CHR Extension: (Adblock Plus) - C:\Users\ERNESTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-25]
CHR Extension: (Búsqueda de Google) - C:\Users\ERNESTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-16]
CHR Extension: (Bitdefender Wallet) - C:\Users\ERNESTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhhejlifdlcgcmogbggeomfodgklfaem [2015-11-16]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\ERNESTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-16]
CHR Extension: (AdBlock) - C:\Users\ERNESTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-11-25]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\ERNESTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-16]
CHR Extension: (Bitdefender QuickScan) - C:\Users\ERNESTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2015-11-16]
CHR Extension: (Gmail) - C:\Users\ERNESTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-16]
CHR HKLM\...\Chrome\Extension: [jfconhpnhkdpkbpmcdmcpfbmapedpnnk] - hxxps://chrome.google.com/webstore/detail/jfconhpnhkdpkbpmcdmcpfbmapedpnnk
CHR HKLM-x32\...\Chrome\Extension: [dhhejlifdlcgcmogbggeomfodgklfaem] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jfconhpnhkdpkbpmcdmcpfbmapedpnnk] - hxxps://chrome.google.com/webstore/detail/jfconhpnhkdpkbpmcdmcpfbmapedpnnk
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
S3 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security Technical Preview 16.0.0\avp.exe [194368 2015-04-06] (Kaspersky Lab ZAO)
R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [29912 2015-09-15] (AOMEI Tech Co., Ltd.)
R2 CorsairSSDToolBox; C:\Program Files (x86)\Corsair SSD Toolbox\CSSDTService.exe [1879656 2015-07-23] (Corsair)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2015-10-09] (Freemake) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-12] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2631456 2014-11-26] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-12] (NVIDIA Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [30648 2015-02-26] () [File not signed]
R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [151480 2015-02-26] () [File not signed]
R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [17848 2015-02-26] () [File not signed]
R1 archlp; C:\Windows\SysWow64\drivers\archlp.sys [147968 2009-08-13] ()
S3 catchme; no ImagePath
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [381640 2014-12-09] (Kaspersky Lab ZAO)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FreshIO; C:\Program Files (x86)\FreshDevices\FreshDiagnose\FreshIO.sys [2410 2004-10-26] () [File not signed]
R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [143904 2015-11-05] (Zemana Ltd.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [43720 2015-03-20] ()
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [61128 2015-03-10] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [59592 2015-02-05] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [160968 2015-04-04] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [249032 2015-03-28] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [909512 2015-04-04] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30920 2014-10-10] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [32968 2015-03-21] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [33480 2015-03-21] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [22216 2015-02-13] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [57032 2014-10-09] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [95416 2015-03-30] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178376 2015-04-01] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-01] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [178976 2015-07-08] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-11-05] (NVIDIA Corporation)
S3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33960 2015-07-01] (Synaptics Incorporated)
R2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [32456 2014-03-17] (CyberLink Corp.)
S1 ArcCtrl; system32\drivers\ArcCtrl.sys [X]
S3 b06bdrv; \SystemRoot\system32\drivers\bxvbda.sys [X]
S0 ignis; system32\DRIVERS\ignis.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-12-01 13:39 - 2015-12-01 13:40 - 00000000 ____D C:\FRST
2015-12-01 11:46 - 2015-01-10 15:32 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2015-12-01 11:46 - 2014-06-04 15:17 - 00034080 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
2015-12-01 04:04 - 2015-12-01 04:04 - 00000000 ____D C:\Users\ERNESTO\AppData\Local\Corsair
2015-12-01 04:04 - 2015-12-01 04:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corsair SSD Toolbox
2015-12-01 04:04 - 2015-12-01 04:04 - 00000000 ____D C:\Program Files (x86)\Corsair SSD Toolbox
2015-12-01 03:59 - 2015-12-01 03:59 - 00000863 _____ C:\Users\ERNESTO\Desktop\ComboFix.exe - Shortcut.lnk
2015-12-01 03:54 - 2015-12-01 03:54 - 00000000 ____D C:\Users\ERNESTO\AppData\Local\calibre-cache
2015-12-01 03:53 - 2015-12-01 03:54 - 00000000 ____D C:\Users\ERNESTO\AppData\Roaming\calibre
2015-12-01 03:08 - 2015-12-01 03:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-01 03:07 - 2015-12-01 13:12 - 00000900 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-01 03:07 - 2015-12-01 11:50 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-01 03:07 - 2015-12-01 03:07 - 00929872 _____ (Google Inc.) C:\Users\ERNESTO\Downloads\ChromeSetup.exe
2015-12-01 03:07 - 2015-12-01 03:07 - 00003896 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-01 03:07 - 2015-12-01 03:07 - 00003644 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-01 02:52 - 2015-12-01 02:58 - 00000000 ____D C:\Users\ERNESTO\AppData\Local\Mozilla
2015-12-01 02:52 - 2015-12-01 02:52 - 00001173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-12-01 02:52 - 2015-12-01 02:52 - 00000000 ____D C:\Users\ERNESTO\AppData\Roaming\Mozilla
2015-12-01 02:52 - 2015-12-01 02:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-01 02:52 - 2015-12-01 02:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-01 02:03 - 2015-12-01 02:03 - 00028051 _____ C:\ComboFix.txt
2015-12-01 01:58 - 2015-12-01 01:58 - 00000000 ____H C:\asc_rdflag
2015-11-25 04:10 - 2015-12-01 11:50 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-25 04:10 - 2015-11-14 03:06 - 06358832 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-11-25 04:10 - 2015-11-14 03:06 - 02983032 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-11-25 04:10 - 2015-11-14 03:06 - 02554488 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-11-25 04:10 - 2015-11-14 03:06 - 00938800 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-11-25 04:10 - 2015-11-14 03:06 - 00385144 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-11-25 04:10 - 2015-11-14 03:06 - 00062768 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-11-25 04:10 - 2015-11-14 02:53 - 00102520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-11-25 04:10 - 2015-10-28 05:17 - 06027430 _____ C:\Windows\system32\nvcoproc.bin
2015-11-25 03:48 - 2015-11-16 00:35 - 42913912 _____ C:\Windows\system32\nvcompiler.dll
2015-11-25 03:48 - 2015-11-16 00:35 - 37881976 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-11-25 03:48 - 2015-11-16 00:35 - 22310008 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-11-25 03:48 - 2015-11-16 00:35 - 18363000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-11-25 03:48 - 2015-11-16 00:35 - 17515528 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-11-25 03:48 - 2015-11-16 00:35 - 16553568 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-11-25 03:48 - 2015-11-16 00:35 - 15717864 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-11-25 03:48 - 2015-11-16 00:35 - 15122296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-11-25 03:48 - 2015-11-16 00:35 - 14835872 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-11-25 03:48 - 2015-11-16 00:35 - 13527440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-11-25 03:48 - 2015-11-16 00:35 - 12770944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-11-25 03:48 - 2015-11-16 00:35 - 12034248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-11-25 03:48 - 2015-11-16 00:35 - 11130488 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-11-25 03:48 - 2015-11-16 00:35 - 03579696 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-11-25 03:48 - 2015-11-16 00:35 - 03159248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-11-25 03:48 - 2015-11-16 00:35 - 02870576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-11-25 03:48 - 2015-11-16 00:35 - 02490672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-11-25 03:48 - 2015-11-16 00:35 - 01905272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435900.dll
2015-11-25 03:48 - 2015-11-16 00:35 - 01572496 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-11-25 03:48 - 2015-11-16 00:35 - 01564792 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435900.dll
2015-11-25 03:48 - 2015-11-16 00:35 - 00877176 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-11-25 03:48 - 2015-11-16 00:35 - 00861816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-11-25 03:48 - 2015-11-16 00:35 - 00689272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-11-25 03:48 - 2015-11-16 00:35 - 00673912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-11-25 03:48 - 2015-11-16 00:35 - 00501056 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-11-25 03:48 - 2015-11-16 00:35 - 00467912 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-11-25 03:48 - 2015-11-16 00:35 - 00422240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-11-25 03:48 - 2015-11-16 00:35 - 00413816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-11-25 03:48 - 2015-11-16 00:35 - 00388024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-11-25 03:48 - 2015-11-16 00:35 - 00369272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-11-25 03:48 - 2015-11-16 00:35 - 00205456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-11-25 03:48 - 2015-11-16 00:35 - 00177416 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-11-25 03:48 - 2015-11-16 00:35 - 00155976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-11-25 03:48 - 2015-11-16 00:35 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-11-25 03:48 - 2015-11-16 00:35 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-11-25 03:48 - 2015-11-16 00:35 - 00039240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-11-25 03:48 - 2015-11-16 00:35 - 00033607 _____ C:\Windows\system32\nvinfo.pb
2015-11-25 03:44 - 2015-11-25 03:44 - 00000000 ____D C:\Users\ERNESTO\AppData\Local\NVIDIA Corporation
2015-11-25 03:44 - 2015-11-12 15:37 - 00112712 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2015-11-24 23:24 - 2015-11-24 23:24 - 00003544 ____N C:\bootsqm.dat
2015-11-24 23:15 - 2015-11-24 23:15 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2015-11-24 23:15 - 2015-11-24 23:15 - 00419928 _____ C:\Windows\system32\locale.nls
2015-11-24 23:15 - 2015-11-24 23:15 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-11-24 23:15 - 2015-11-24 23:15 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-11-24 23:15 - 2015-11-24 23:15 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-11-24 23:15 - 2015-11-24 23:15 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-11-24 23:15 - 2015-11-24 23:15 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-11-20 19:04 - 2015-11-20 19:05 - 00000000 ____D C:\Users\ERNESTO\AppData\Roaming\FreshDiagnose
2015-11-20 18:59 - 2015-11-20 18:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreshDevices
2015-11-20 18:59 - 2015-11-20 18:59 - 00000000 ____D C:\Program Files (x86)\FreshDevices
2015-11-20 01:04 - 2015-11-20 01:04 - 00000000 ____D C:\ProgramData\RegInOut
2015-11-20 00:54 - 2015-11-20 00:54 - 00000000 ____D C:\Program Files (x86)\Intel Desktop Board
2015-11-19 23:38 - 2015-11-25 02:06 - 00000740 _____ C:\Users\ERNESTO\AppData\Roaming\burnaware.ini
2015-11-19 23:37 - 2015-11-19 23:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnAware Free
2015-11-19 23:37 - 2015-11-19 23:37 - 00000000 ____D C:\Program Files (x86)\BurnAware Free
2015-11-19 21:57 - 2015-11-19 21:57 - 00000000 ____D C:\Users\ERNESTO\AppData\Roaming\Ashampoo
2015-11-19 21:56 - 2015-11-19 21:56 - 00000000 ____D C:\Users\ERNESTO\AppData\Local\ashampoo
2015-11-19 21:56 - 2015-11-19 21:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2015-11-19 21:56 - 2015-11-19 21:56 - 00000000 ____D C:\ProgramData\Ashampoo
2015-11-19 21:56 - 2015-11-19 21:56 - 00000000 ____D C:\Program Files (x86)\Ashampoo
2015-11-19 21:44 - 2015-11-19 21:44 - 00000000 ____D C:\Users\ERNESTO\AppData\Roaming\ImgBurn
2015-11-18 23:59 - 2015-11-19 00:02 - 00000000 ____D C:\AdwCleaner
2015-11-18 21:51 - 2015-11-18 21:51 - 00000546 _____ C:\Users\ERNESTO\AppData\Local\UserProducts.xml
2015-11-18 21:51 - 2015-11-18 21:51 - 00000000 ____D C:\Users\ERNESTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LightShot
2015-11-18 21:51 - 2015-11-18 21:51 - 00000000 ____D C:\Users\ERNESTO\AppData\Local\Skillbrains
2015-11-18 21:51 - 2015-11-18 21:51 - 00000000 ____D C:\Program Files (x86)\Skillbrains
2015-11-18 19:55 - 2015-11-18 19:55 - 00000000 ____D C:\Program Files\Speccy
2015-11-18 15:52 - 2015-11-20 01:54 - 00000000 ____D C:\Users\ERNESTO\AppData\Roaming\vlc
2015-11-18 14:51 - 2015-11-18 14:51 - 00000000 ____D C:\Users\ERNESTO\Documents\MEGA
2015-11-18 14:49 - 2015-11-18 14:49 - 00000000 ____D C:\Users\ERNESTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2015-11-18 14:49 - 2015-11-18 14:49 - 00000000 ____D C:\Users\ERNESTO\AppData\Local\MEGAsync
2015-11-18 14:49 - 2015-11-18 14:49 - 00000000 ____D C:\Users\ERNESTO\AppData\Local\Mega Limited
2015-11-18 14:12 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-11-18 14:12 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-11-18 14:12 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-11-18 14:12 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-11-18 14:12 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-11-18 14:12 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-11-18 14:12 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-11-18 14:12 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-11-18 14:12 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-11-18 14:12 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-11-18 14:12 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-11-18 14:12 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2015-11-18 14:12 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2015-11-18 14:12 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-11-18 14:12 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-11-18 14:12 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2015-11-18 14:12 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-11-18 14:12 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2015-11-18 14:12 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-11-18 14:12 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2015-11-18 14:12 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2015-11-18 14:12 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-11-18 14:12 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-11-18 14:12 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2015-11-18 14:12 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-11-18 14:12 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2015-11-18 14:12 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-11-18 14:12 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-11-18 14:12 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2015-11-18 14:12 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2015-11-18 14:12 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-11-18 14:12 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2015-11-18 14:12 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-11-18 14:12 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2015-11-18 14:12 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-11-18 14:12 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2015-11-18 14:12 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2015-11-18 14:12 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-11-18 14:12 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-11-18 14:12 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2015-11-18 14:12 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-11-18 14:12 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2015-11-18 14:12 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-11-18 14:12 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2015-11-18 14:12 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-11-18 14:12 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2015-11-18 14:12 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-11-18 14:12 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2015-11-18 14:12 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2015-11-18 14:12 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-11-18 14:12 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-11-18 14:12 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2015-11-18 14:12 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-11-18 14:12 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2015-11-18 14:12 - 2008-10-10 04:52 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-11-18 14:12 - 2008-10-10 04:52 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-11-18 14:12 - 2008-10-10 04:52 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-11-18 14:12 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-11-18 14:12 - 2008-10-10 04:52 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-11-18 14:12 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-11-18 14:12 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2015-11-18 14:12 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-11-18 14:12 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-11-18 14:12 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-11-18 14:12 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-11-18 14:12 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-11-18 14:12 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-11-18 14:12 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2015-11-18 14:12 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-11-18 14:12 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2015-11-18 14:12 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-11-18 14:12 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2015-11-18 14:12 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-11-18 14:12 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2015-11-18 14:12 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2015-11-18 14:12 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-11-18 14:12 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-11-18 14:12 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2015-11-18 14:12 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2015-11-18 14:12 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-11-18 14:12 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-11-18 14:12 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2015-11-18 14:12 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-11-18 14:12 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2015-11-18 14:12 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-11-18 14:12 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2015-11-18 14:12 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-11-18 14:12 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2015-11-18 14:12 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2015-11-18 14:12 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-11-18 14:12 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-11-18 14:12 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2015-11-18 14:12 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-11-18 14:12 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2015-11-18 14:12 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-11-18 14:12 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2015-11-18 14:12 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-11-18 14:12 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2015-11-18 14:12 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-11-18 14:12 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2015-11-18 14:12 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-11-18 14:12 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2015-11-18 14:12 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-11-18 14:12 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2015-11-18 14:12 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-11-18 14:12 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2015-11-18 14:12 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-11-18 14:12 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2015-11-18 14:12 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-11-18 14:12 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2015-11-18 14:12 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-11-18 14:12 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2015-11-18 14:12 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-11-18 14:12 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2015-11-18 14:12 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-11-18 14:12 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2015-11-18 14:12 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-11-18 14:12 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2015-11-18 14:12 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-11-18 14:12 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2015-11-18 14:12 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-11-18 14:12 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2015-11-18 14:12 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-11-18 14:12 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2015-11-18 14:12 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-11-18 14:12 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2015-11-18 14:12 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2015-11-18 14:12 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2015-11-18 14:12 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2015-11-18 14:12 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2015-11-18 14:12 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2015-11-18 14:12 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2015-11-18 14:12 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2015-11-18 14:12 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2015-11-18 14:12 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-11-18 14:12 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2015-11-18 14:12 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-11-18 14:12 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2015-11-18 14:12 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2015-11-18 14:12 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-11-18 14:12 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-11-18 14:12 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-11-18 14:12 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-11-18 14:12 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2015-11-18 14:12 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-11-18 14:12 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-11-18 14:12 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2015-11-18 14:12 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-11-18 14:12 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-11-18 14:12 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-11-18 14:12 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2015-11-18 14:12 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2015-11-18 14:12 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2015-11-18 14:12 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-11-18 14:12 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-11-18 14:12 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-11-18 14:12 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-11-18 14:12 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2015-11-18 14:12 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-11-18 14:12 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2015-11-18 14:12 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-11-18 14:12 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-11-18 14:12 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-11-18 14:12 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-11-18 14:12 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-11-18 14:12 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-11-18 14:12 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-11-18 14:12 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-11-18 14:12 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-11-18 14:12 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-11-18 14:12 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-11-18 14:12 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-11-18 14:12 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-11-18 14:12 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-11-18 14:12 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-11-18 14:12 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-11-18 14:08 - 2015-11-18 14:12 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-11-18 14:08 - 2015-11-18 14:08 - 00000000 ____D C:\Users\ERNESTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2015-11-18 14:08 - 2015-11-18 14:08 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2015-11-18 14:07 - 2015-11-18 14:13 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2015-11-18 14:07 - 2015-11-18 14:07 - 00000000 ____D C:\Users\ERNESTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2015-11-18 13:36 - 2015-11-25 02:38 - 00000000 ____D C:\Users\ERNESTO\AppData\Local\CrashDumps
2015-11-18 09:54 - 2015-11-18 09:54 - 00000000 ____D C:\Users\ERNESTO\AppData\Local\FreemakeVideoConverter
2015-11-18 08:39 - 2015-11-20 01:35 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-11-18 08:39 - 2012-10-25 02:20 - 00769168 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2015-11-18 08:39 - 2012-10-25 02:20 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2015-11-18 08:39 - 2012-10-25 02:20 - 00074344 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2015-11-18 08:04 - 2015-09-23 14:19 - 00405472 _____ (Intel Corporation) C:\Windows\system32\PROUnstl.exe
2015-11-18 07:29 - 2015-11-18 07:29 - 00001891 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
2015-11-18 07:29 - 2015-11-18 07:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2015-11-18 07:29 - 2015-11-18 07:29 - 00000000 ____D C:\Program Files (x86)\ImgBurn
2015-11-17 22:48 - 2015-11-17 22:48 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-11-17 22:48 - 2015-11-17 22:48 - 00000000 ____D C:\Users\ERNESTO\AppData\Roaming\Sun
2015-11-17 22:48 - 2015-11-17 22:48 - 00000000 ____D C:\Users\ERNESTO\AppData\LocalLow\Sun
2015-11-17 22:48 - 2015-11-17 22:48 - 00000000 ____D C:\Users\ERNESTO\.oracle_jre_usage
2015-11-17 22:48 - 2015-11-17 22:48 - 00000000 ____D C:\ProgramData\Oracle
2015-11-17 22:48 - 2015-11-17 22:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-17 22:48 - 2015-11-17 22:48 - 00000000 ____D C:\Program Files (x86)\Java
2015-11-17 22:39 - 2015-11-17 22:39 - 00000000 ____D C:\Users\ERNESTO\AppData\LocalLow\Oracle
2015-11-17 20:42 - 2015-11-17 20:42 - 00000000 ____D C:\ProgramData\Canneverbe Limited
2015-11-17 20:30 - 2015-11-17 20:30 - 00000000 ____D C:\Users\ERNESTO\AppData\Roaming\Canneverbe Limited
2015-11-17 20:00 - 2015-11-17 20:13 - 00037624 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-11-17 20:00 - 2015-11-17 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2015-11-17 20:00 - 2015-11-17 20:13 - 00000000 ____D C:\Program Files\RogueKiller
2015-11-17 20:00 - 2015-11-17 20:00 - 00000000 ____D C:\ProgramData\RogueKiller
2015-11-17 19:57 - 2015-11-17 19:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 3
2015-11-17 19:57 - 2015-11-17 19:57 - 00000000 ____D C:\Program Files\MSI Kombustor 3
2015-11-17 19:53 - 2015-11-17 19:53 - 00214968 _____ C:\TDSSKiller.3.1.0.6_17.11.2015_19.53.01_log.txt
2015-11-17 19:51 - 2015-11-17 19:51 - 00000364 _____ C:\TDSSKiller.3.1.0.5_17.11.2015_19.51.42_log.txt
2015-11-17 19:51 - 2015-11-17 19:51 - 00000000 ____D C:\Users\ERNESTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2015-11-17 19:51 - 2015-11-17 19:51 - 00000000 ____D C:\Program Files\Unlocker
2015-11-17 19:47 - 2015-11-17 19:47 - 00003092 _____ C:\Windows\System32\Tasks\{E8E2481C-A974-488B-9E97-93ED12016B81}
2015-11-17 19:42 - 2015-11-17 19:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FairStars CD Ripper
2015-11-17 19:42 - 2015-11-17 19:44 - 00000000 ____D C:\Program Files (x86)\FairStars CD Ripper
2015-11-17 19:37 - 2015-11-18 09:54 - 00000000 ____D C:\Users\ERNESTO\Documents\Freemake
2015-11-17 19:37 - 2015-11-18 09:53 - 00000000 ____D C:\ProgramData\Freemake
2015-11-17 19:37 - 2015-11-17 19:37 - 00000000 ____D C:\Users\ERNESTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2015-11-17 19:37 - 2015-11-17 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2015-11-17 19:37 - 2015-11-17 19:37 - 00000000 ____D C:\Program Files (x86)\Freemake
2015-11-17 18:17 - 2015-11-17 18:17 - 00131584 _____ C:\Windows\SysWOW64\SpoonUninstall.exe
2015-11-17 18:17 - 2015-11-17 18:17 - 00001868 _____ C:\Windows\SysWOW64\SpoonUninstall-OpenDHCPServer.dat
2015-11-17 18:17 - 2015-11-17 18:17 - 00000000 ____D C:\Users\ERNESTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open DHCP Server
2015-11-17 18:17 - 2015-11-17 18:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Open DHCP Server
2015-11-17 18:17 - 2015-11-17 18:17 - 00000000 ____D C:\OpenDHCPServer
2015-11-17 18:17 - 2015-11-17 18:16 - 00034358 _____ C:\Windows\SysWOW64\SpoonUninstall-OpenDHCPServer.bmp
2015-11-17 13:07 - 2015-12-01 11:50 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2015-11-17 11:20 - 2015-11-17 11:20 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\6ADE1EF1.sys
2015-11-17 02:55 - 2015-12-01 10:47 - 00001024 ____H C:\SYSTAG.BIN
2015-11-17 02:20 - 2015-11-17 02:20 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2015-11-17 02:01 - 2015-12-01 01:46 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-11-17 02:01 - 2015-11-17 02:01 - 00000000 ____D C:\Windows\ELAMBKUP
2015-11-17 02:01 - 2015-11-17 02:01 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2015-11-17 02:01 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-11-17 01:50 - 2015-12-01 02:03 - 00000000 ____D C:\Qoobox
2015-11-17 01:50 - 2015-11-17 01:55 - 00000000 ____D C:\Windows\erdnt
2015-11-17 01:50 - 2011-06-26 03:45 - 00256000 _____ C:\Windows\PEV.exe
2015-11-17 01:50 - 2010-11-07 14:20 - 00208896 _____ C:\Windows\MBR.exe
2015-11-17 01:50 - 2009-04-20 01:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-11-17 01:50 - 2000-08-30 21:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-11-17 01:50 - 2000-08-30 21:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-11-17 01:50 - 2000-08-30 21:00 - 00098816 _____ C:\Windows\sed.exe
2015-11-17 01:50 - 2000-08-30 21:00 - 00080412 _____ C:\Windows\grep.exe
2015-11-17 01:50 - 2000-08-30 21:00 - 00068096 _____ C:\Windows\zip.exe
2015-11-17 01:35 - 2015-11-17 01:35 - 00002858 _____ C:\Windows\System32\Tasks\ASC8_SkipUac_ERNESTO
2015-11-17 00:53 - 2015-11-17 02:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
2015-11-17 00:52 - 2015-03-28 20:54 - 00249032 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2015-11-17 00:21 - 2015-11-17 00:21 - 00002798 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-11-17 00:19 - 2015-11-17 00:19 - 00002890 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_ERNESTO
2015-11-16 23:13 - 2015-11-17 00:20 - 00000000 ____D C:\Program Files (x86)\Panda Security
2015-11-16 23:13 - 2015-11-17 00:19 - 00000000 ____D C:\Users\ERNESTO\AppData\Roaming\Panda Security
2015-11-16 23:02 - 2015-11-17 00:19 - 00000000 ____D C:\ProgramData\Panda Security
2015-11-16 21:55 - 2015-05-27 16:02 - 49626058 ____H C:\bdr-im03.gz
2015-11-16 21:55 - 2013-08-13 12:38 - 03271472 ____H C:\bdr-bz03
2015-11-16 20:20 - 2015-11-16 20:20 - 00000000 ____D C:\Windows\Options
2015-11-16 19:51 - 2015-12-01 01:58 - 70324224 _____ C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2015-11-16 19:51 - 2015-12-01 01:58 - 39735296 _____ C:\Windows\system32\config\COMPONENTS.iodefrag.bak
2015-11-16 19:51 - 2015-12-01 01:58 - 00270336 _____ C:\Windows\system32\config\DEFAULT.iodefrag.bak
2015-11-16 19:51 - 2015-12-01 01:58 - 00028672 _____ C:\Windows\system32\config\SAM.iodefrag.bak
2015-11-16 19:51 - 2015-12-01 01:58 - 00024576 _____ C:\Windows\system32\config\SECURITY.iodefrag.bak
2015-11-16 19:48 - 2014-10-16 10:27 - 00027424 _____ (IObit) C:\Windows\system32\RegistryDefragBootTime.exe
2015-11-16 19:47 - 2015-11-16 19:47 - 39395328 _____ C:\Windows\system32\config\COMPONENTS.iobit
2015-11-16 19:12 - 2015-11-16 19:12 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-11-16 19:12 - 2015-11-16 19:12 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ICCWDT_01009.Wdf
2015-11-16 19:11 - 2015-11-16 19:11 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-11-16 19:11 - 2015-11-16 19:11 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2015-11-16 19:11 - 2015-11-16 19:11 - 00000000 ____D C:\Windows\system32\DAX2
2015-11-16 19:11 - 2015-11-16 19:11 - 00000000 ____D C:\Program Files\Realtek
2015-11-16 19:11 - 2014-09-24 11:31 - 07087448 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2015-11-16 19:11 - 2014-09-24 11:31 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2015-11-16 19:11 - 2014-09-24 11:31 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2015-11-16 19:11 - 2014-09-24 11:31 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2015-11-16 19:11 - 2013-07-16 08:32 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2015-11-16 19:11 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2015-11-16 19:11 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2015-11-16 19:11 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2015-11-16 19:11 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2015-11-16 19:11 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2015-11-16 19:10 - 2015-11-16 19:10 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-11-16 19:10 - 2015-11-16 19:10 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2015-11-16 19:10 - 2015-11-16 19:10 - 00000000 ____D C:\Program Files\Synaptics
2015-11-16 19:10 - 2015-06-15 01:00 - 00041984 _____ (Intel Corporation) C:\Windows\system32\Drivers\USB3Ver.dll
2015-11-16 18:42 - 2015-11-17 01:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Driver Updater
2015-11-16 18:42 - 2015-11-16 23:24 - 00000000 ____D C:\Program Files (x86)\Advanced Driver Updater
2015-11-16 18:42 - 2015-11-16 18:42 - 00000000 ____D C:\Users\ERNESTO\AppData\Roaming\Systweak
2015-11-16 18:31 - 2015-11-17 00:24 - 00087856 _____ C:\Users\ERNESTO\AppData\Local\GDIPFONTCACHEV1.DAT
2015-11-16 18:31 - 2015-11-16 18:31 - 00000000 ____D C:\Users\ERNESTO\AppData\Local\ArcSoft
2015-11-16 18:28 - 2015-11-16 18:28 - 00000000 ____D C:\Users\ERNESTO\AppData\Local\GWX
2015-11-16 18:27 - 2015-11-16 19:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft TotalMedia Theatre 3
2015-11-16 18:07 - 2015-11-16 18:26 - 00000000 ____D C:\Windows\Downloaded Installations
2015-11-16 18:04 - 2015-11-16 18:04 - 00000000 ____D C:\Users\ERNESTO\AppData\Local\VirtualStore
2015-11-16 18:04 - 2015-11-16 18:04 - 00000000 ____D C:\Users\ERNESTO\AppData\Local\CyberLink
2015-11-16 18:04 - 2015-11-16 18:04 - 00000000 ____D C:\Users\ERNESTO\AppData\Local\AntiLogger Free
2015-11-16 17:46 - 2015-11-16 17:46 - 00000000 ____D C:\Users\ERNESTO\AppData\Local\VS Revo Group
2015-11-16 17:42 - 2015-11-16 17:42 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-11-16 17:38 - 2015-12-01 13:34 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-16 17:38 - 2015-11-16 17:42 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-16 17:38 - 2015-11-16 17:42 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-16 17:37 - 2015-11-16 17:37 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2015-11-16 17:37 - 2015-11-16 17:37 - 00000000 ____D C:\Windows\system32\Macromed
2015-11-16 17:16 - 2015-11-16 17:16 - 00000000 ____D C:\Users\ERNESTO\Documents\ArcSoft
2015-11-16 17:12 - 2015-11-16 17:12 - 00000000 ____D C:\Users\Public\CyberLink
2015-11-16 16:55 - 2015-11-16 16:55 - 00000376 _____ C:\Windows\ODBC.INI
2015-11-16 16:54 - 2015-11-16 16:54 - 00000000 ____D C:\Windows\PCHEALTH
2015-11-16 16:54 - 2015-11-16 16:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-11-16 16:54 - 2015-11-16 16:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-11-16 16:54 - 2015-11-16 16:54 - 00000000 ____D C:\Program Files (x86)\Microsoft ActiveSync
2015-11-16 16:33 - 2015-11-16 16:33 - 00000000 ____D C:\Users\ERNESTO\AppData\Roaming\PowerISO
2015-11-16 09:13 - 2015-05-27 16:02 - 49626058 ____H C:\bdr-im02.gz
2015-11-16 09:13 - 2013-08-13 12:38 - 03271472 ____H C:\bdr-bz02
2015-11-16 03:33 - 2015-11-16 03:33 - 00000385 _____ C:\Users\ERNESTO\AppData\Roaminguser_gensett.xml
2015-11-16 03:32 - 2015-11-16 03:32 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2015-11-16 03:32 - 2015-11-16 03:32 - 00000000 ____D C:\ProgramData\BDLogging
2015-11-16 03:32 - 2015-01-09 11:44 - 00074000 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll
2015-11-16 03:32 - 2007-04-11 10:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2015-11-16 03:28 - 2015-05-27 17:02 - 49626058 ____H C:\bdr-im01.gz
2015-11-16 03:28 - 2013-08-13 13:38 - 03271472 ____H C:\bdr-bz01
2015-11-16 03:26 - 2015-11-16 03:26 - 00000000 ____D C:\Users\ERNESTO\AppData\Roaming\QuickScan
2015-11-16 03:12 - 2015-11-16 03:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Windows AIK
2015-11-16 03:12 - 2015-11-16 03:12 - 00000000 ____D C:\Program Files\Windows Imaging
2015-11-16 03:12 - 2015-11-16 03:12 - 00000000 ____D C:\Program Files\Windows AIK
2015-11-16 02:52 - 2015-11-16 02:52 - 00000000 ____D C:\Users\ERNESTO\AppData\Local\Zemana
2015-11-16 02:29 - 2015-11-16 02:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Karen's Power Tools
2015-11-16 02:29 - 2015-11-16 02:29 - 00000000 ____D C:\Program Files (x86)\Karen's Power Tools
2015-11-16 02:28 - 2015-11-16 02:28 - 00000000 ____D C:\ProgramData\Karen's Power Tools
2015-11-16 02:25 - 2015-11-16 02:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum
2015-11-16 02:25 - 2015-11-16 02:25 - 00000000 ____D C:\Program Files\DAUM
2015-11-16 02:22 - 2015-11-16 05:20 - 00000000 ____D C:\Program Files (x86)\KeyCryptSDK
2015-11-16 02:22 - 2015-11-16 02:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiLogger Free
2015-11-16 02:22 - 2015-11-16 02:52 - 00000000 ____D C:\Program Files (x86)\Zemana AntiLogger Free
2015-11-16 02:22 - 2015-11-05 15:00 - 00143904 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\KeyCrypt64.sys
2015-11-16 02:20 - 2015-11-16 02:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2015-11-16 02:20 - 2015-11-16 02:20 - 00000000 ____D C:\Program Files\Calibre2
2015-11-16 02:17 - 2015-11-16 20:07 - 00001119 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2015-11-16 02:17 - 2015-11-16 02:17 - 00000000 ____D C:\ProgramData\VS Revo Group
2015-11-16 02:17 - 2015-11-16 02:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2015-11-16 02:17 - 2015-11-16 02:17 - 00000000 ____D C:\Program Files\VS Revo Group
2015-11-16 02:17 - 2009-12-30 11:21 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2015-11-16 02:14 - 2015-11-16 02:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2015-11-16 02:14 - 2015-11-16 02:14 - 00000000 ____D C:\Program Files\MPC-HC
2015-11-16 02:13 - 2015-11-16 02:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-11-16 02:13 - 2015-11-16 02:13 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2015-11-16 01:46 - 2015-11-25 00:46 - 00000000 ____D C:\Users\ERNESTO\AppData\Roaming\Foxit Software
2015-11-16 01:46 - 2015-11-16 01:46 - 00000000 ____D C:\Users\Public\Foxit Software
2015-11-16 01:46 - 2015-11-16 01:46 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2015-11-16 01:41 - 2015-12-01 13:19 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-16 01:41 - 2015-11-16 01:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-11-16 01:41 - 2015-11-16 01:49 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-16 01:41 - 2015-11-16 01:41 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-16 01:41 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-11-16 01:41 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-11-16 01:41 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-11-16 01:39 - 2015-12-01 10:47 - 00000082 _____ C:\Windows\SysWOW64\winsevr.dat
2015-11-16 01:38 - 2015-12-01 10:50 - 00000000 ____D C:\ProgramData\AomeiBR
2015-11-16 01:38 - 2015-11-16 01:39 - 00000000 ____D C:\Program Files (x86)\AOMEI Backupper
2015-11-16 01:38 - 2015-11-16 01:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Backupper
2015-11-16 01:38 - 2015-02-26 00:00 - 00151480 _____ C:\Windows\system32\ammntdrv.sys
2015-11-16 01:38 - 2015-02-26 00:00 - 00030648 _____ C:\Windows\system32\ambakdrv.sys
2015-11-16 01:38 - 2015-02-26 00:00 - 00017848 _____ C:\Windows\system32\amwrtdrv.sys
2015-11-16 01:24 - 2015-11-16 01:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2015-11-16 01:24 - 2015-11-16 01:24 - 00000000 ____D C:\Program Files (x86)\PowerISO
2015-11-16 01:24 - 2013-04-15 06:50 - 00127384 _____ (Power Software Ltd) C:\Windows\system32\Drivers\scdemu.sys
2015-11-16 00:55 - 2015-11-16 00:55 - 00000000 ____D C:\Users\ERNESTO\AppData\Roaming\WinRAR
2015-11-16 00:17 - 2015-11-16 18:35 - 00000000 ____D C:\Users\ERNESTO\AppData\Roaming\ArcSoft
2015-11-16 00:07 - 2015-11-16 18:35 - 00000000 ____D C:\ProgramData\ArcSoft
2015-11-16 00:04 - 2015-11-16 00:04 - 00000000 ____D C:\Users\Public\Documents\CyberLink
2015-11-16 00:04 - 2015-11-16 00:04 - 00000000 ____D C:\Users\ERNESTO\Documents\CyberLink
2015-11-16 00:04 - 2015-11-16 00:04 - 00000000 ____D C:\Users\ERNESTO\AppData\Roaming\CyberLink
2015-11-15 23:57 - 2015-11-15 23:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 14
2015-11-15 23:57 - 2015-11-15 23:57 - 00000000 ____D C:\Program Files (x86)\CyberLink
2015-11-15 23:50 - 2015-11-16 20:07 - 00001216 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quick Search.lnk
2015-11-15 23:50 - 2015-11-15 23:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2015-11-15 23:50 - 2015-11-15 23:50 - 00000000 ____D C:\ProgramData\GlarySoft
2015-11-15 23:50 - 2015-11-15 23:50 - 00000000 ____D C:\Program Files (x86)\Glarysoft
2015-11-15 23:42 - 2015-11-15 21:35 - 00000000 ____D C:\Intel
2015-11-15 23:03 - 2015-11-15 23:57 - 00000000 ____D C:\ProgramData\Temp
2015-11-15 23:00 - 2015-11-25 04:06 - 00000000 ____D C:\Users\ERNESTO\AppData\Roaming\uTorrent
2015-11-15 22:47 - 2015-11-25 03:44 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-15 22:47 - 2015-11-15 23:57 - 00000000 ____D C:\Program Files (x86)\NSIS Uninstall Information
2015-11-15 22:47 - 2015-11-15 22:47 - 00000000 ____D C:\ProgramData\PDVD
2015-11-15 22:46 - 2015-11-19 07:54 - 00000000 ____D C:\ProgramData\CyberLink
2015-11-15 22:46 - 2015-11-15 23:56 - 00000000 ____D C:\ProgramData\SUPPORTDIR
2015-11-15 22:46 - 2015-11-15 23:56 - 00000000 ____D C:\ProgramData\install_clap
2015-11-15 22:45 - 2015-11-15 22:45 - 00000000 ____D C:\Program Files (x86)\DAMN NFO Viewer
2015-11-15 22:41 - 2015-11-25 04:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-11-15 22:41 - 2015-11-25 04:10 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-11-15 22:41 - 2015-11-12 15:37 - 01828160 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-11-15 22:41 - 2015-11-12 15:37 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-11-15 22:41 - 2015-11-12 15:37 - 01509824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-11-15 22:41 - 2015-11-12 15:37 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-11-15 22:41 - 2015-11-05 14:13 - 00072504 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-11-15 22:41 - 2015-11-05 14:13 - 00069416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-11-15 22:41 - 2015-11-05 14:13 - 00050472 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-11-15 22:41 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-11-15 22:41 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2015-11-15 22:41 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-11-15 22:41 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2015-11-15 22:41 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-11-15 22:41 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-11-15 22:21 - 2015-11-17 06:29 - 00000000 ____D C:\Users\ERNESTO\AppData\Roaming\ProductData
2015-11-15 22:20 - 2015-11-15 22:20 - 00000118 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-11-15 21:53 - 2015-11-15 21:53 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled
2015-11-15 21:49 - 2015-11-15 21:49 - 57651200 _____ C:\Windows\system32\config\SOFTWARE.iobit
2015-11-15 21:49 - 2015-11-15 21:49 - 00188416 _____ C:\Windows\system32\config\DEFAULT.iobit
2015-11-15 21:49 - 2015-11-15 21:49 - 00028672 _____ C:\Windows\system32\config\SAM.iobit
2015-11-15 21:49 - 2015-11-15 21:49 - 00024576 _____ C:\Windows\system32\config\SECURITY.iobit
2015-11-15 21:43 - 2015-12-01 11:49 - 00000000 ____D C:\Users\ERNESTO\AppData\Roaming\IObit
2015-11-15 21:43 - 2015-12-01 11:48 - 00000000 ____D C:\Program Files (x86)\IObit
2015-11-15 21:43 - 2015-12-01 11:46 - 00000000 ____D C:\Users\ERNESTO\AppData\LocalLow\IObit
2015-11-15 21:43 - 2015-12-01 11:46 - 00000000 ____D C:\ProgramData\ProductData
2015-11-15 21:43 - 2015-11-16 20:07 - 00001236 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2015-11-15 21:43 - 2015-11-15 23:02 - 00000000 ____D C:\ProgramData\IObit
2015-11-15 21:43 - 2015-11-15 21:43 - 00000000 ____D C:\Users\ERNESTO\AppData\Roaming\Apple Computer
2015-11-15 21:43 - 2015-11-15 21:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2015-11-15 21:43 - 2015-11-15 21:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2015-11-15 21:43 - 2015-11-15 21:43 - 00000000 ____D C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2015-11-15 21:41 - 2015-11-15 21:41 - 00000000 ____D C:\Users\ERNESTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-11-15 21:41 - 2015-11-15 21:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-11-15 21:41 - 2015-11-15 21:41 - 00000000 ____D C:\Program Files\WinRAR
2015-11-15 21:40 - 2015-11-15 21:40 - 00000000 ____D C:\Program Files\CCleaner
2015-11-15 21:35 - 2015-12-01 11:50 - 00000000 __SHD C:\Users\ERNESTO\IntelGraphicsProfiles
2015-11-15 21:35 - 2015-11-25 03:44 - 00000000 ____D C:\Users\ERNESTO\AppData\Local\NVIDIA
2015-11-15 21:35 - 2015-11-15 21:53 - 00000401 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-11-15 21:33 - 2015-11-16 19:12 - 00000000 ____D C:\Program Files (x86)\Intel
2015-11-15 21:33 - 2015-11-15 21:33 - 00000000 ____D C:\Program Files\Intel
2015-11-15 21:32 - 2015-11-25 04:10 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-11-15 21:32 - 2015-11-25 04:10 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-11-15 21:32 - 2015-08-09 04:50 - 00096752 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-11-15 21:32 - 2015-08-09 04:50 - 00092648 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-11-15 16:31 - 2015-10-20 15:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-15 16:31 - 2015-10-20 15:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-15 16:31 - 2015-10-20 15:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-15 16:31 - 2015-10-20 15:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-15 16:31 - 2015-10-20 15:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-15 16:31 - 2015-10-20 15:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-15 16:31 - 2015-10-20 15:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-15 16:31 - 2015-10-20 15:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-15 16:31 - 2015-10-20 15:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-15 16:31 - 2015-10-20 15:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-15 16:31 - 2015-10-20 15:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-15 16:31 - 2015-10-20 14:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-15 16:31 - 2015-10-20 14:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-15 16:31 - 2015-10-20 14:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-15 16:31 - 2015-10-20 14:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-15 16:31 - 2015-10-20 14:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-15 16:31 - 2015-08-06 15:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-11-15 16:31 - 2015-08-06 15:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-11-15 16:31 - 2015-08-06 14:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-11-15 16:31 - 2015-08-06 14:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-11-15 16:31 - 2015-08-05 14:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-11-15 16:30 - 2015-11-03 14:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-15 16:30 - 2015-10-01 15:06 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-11-15 16:30 - 2015-10-01 15:04 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-11-15 16:30 - 2015-10-01 15:00 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-11-15 16:30 - 2015-10-01 15:00 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-11-15 16:30 - 2015-10-01 15:00 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-11-15 16:30 - 2015-10-01 15:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-11-15 16:30 - 2015-10-01 15:00 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-11-15 16:30 - 2015-10-01 14:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-11-15 16:30 - 2015-10-01 14:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-11-15 16:30 - 2015-09-18 16:22 - 00025432 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-11-15 16:30 - 2015-09-18 16:19 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-11-15 16:30 - 2015-09-18 16:19 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-11-15 16:30 - 2015-09-18 16:19 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-11-15 16:30 - 2015-09-18 16:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-11-15 16:30 - 2015-09-18 16:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-11-15 16:30 - 2015-09-18 16:09 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-11-15 16:30 - 2015-07-18 10:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-11-15 16:29 - 2015-08-27 15:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-11-15 16:29 - 2015-08-27 15:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-11-15 16:29 - 2015-08-27 15:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-11-15 16:29 - 2015-08-27 15:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-11-15 16:29 - 2015-08-27 14:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-11-15 16:29 - 2015-08-27 14:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-11-15 16:29 - 2015-08-27 14:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-11-15 16:29 - 2015-08-27 14:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-11-15 16:28 - 2015-10-01 15:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-15 16:28 - 2015-10-01 15:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-15 16:28 - 2015-10-01 14:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-15 16:28 - 2015-09-02 00:04 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-11-15 16:28 - 2015-09-02 00:04 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-11-15 16:28 - 2015-09-02 00:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-11-15 16:28 - 2015-09-02 00:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-11-15 16:28 - 2015-09-01 23:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-11-15 16:28 - 2015-09-01 23:48 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-11-15 16:28 - 2015-09-01 23:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-11-15 16:28 - 2015-09-01 23:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-11-15 16:28 - 2015-09-01 22:47 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-11-15 16:28 - 2015-09-01 22:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-11-15 16:26 - 2015-11-15 16:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyFinder
2015-11-15 16:26 - 2015-11-15 16:26 - 00000000 ____D C:\Program Files (x86)\Magical Jelly Bean
2015-11-15 16:25 - 2015-11-03 19:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-15 16:25 - 2015-11-03 18:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-15 16:25 - 2015-10-30 20:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-15 16:25 - 2015-10-30 20:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-15 16:25 - 2015-10-30 20:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-15 16:25 - 2015-10-30 20:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-15 16:25 - 2015-10-30 20:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-15 16:25 - 2015-10-30 20:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-15 16:25 - 2015-10-30 20:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-15 16:25 - 2015-10-30 20:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-15 16:25 - 2015-10-30 20:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-15 16:25 - 2015-10-30 20:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-15 16:25 - 2015-10-30 20:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-15 16:25 - 2015-10-30 20:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-15 16:25 - 2015-10-30 20:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-15 16:25 - 2015-10-30 20:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-15 16:25 - 2015-10-30 20:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-15 16:25 - 2015-10-30 20:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-15 16:25 - 2015-10-30 20:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-15 16:25 - 2015-10-30 20:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-15 16:25 - 2015-10-30 20:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-15 16:25 - 2015-10-30 19:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-15 16:25 - 2015-10-30 19:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-15 16:25 - 2015-10-30 19:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-15 16:25 - 2015-10-30 19:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-15 16:25 - 2015-10-30 19:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-15 16:25 - 2015-10-30 19:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-15 16:25 - 2015-10-30 19:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-15 16:25 - 2015-10-30 19:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-15 16:25 - 2015-10-30 19:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-15 16:25 - 2015-10-30 19:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-15 16:25 - 2015-10-30 19:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-15 16:25 - 2015-10-30 19:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-15 16:25 - 2015-10-30 19:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-15 16:25 - 2015-10-30 19:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-15 16:25 - 2015-10-30 19:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-15 16:25 - 2015-10-30 19:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-15 16:25 - 2015-10-30 19:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-15 16:25 - 2015-10-30 19:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-15 16:25 - 2015-10-30 19:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-15 16:25 - 2015-10-30 19:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-15 16:25 - 2015-10-30 19:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-15 16:25 - 2015-10-30 19:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-15 16:25 - 2015-10-30 19:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-15 16:25 - 2015-10-30 19:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-15 16:25 - 2015-10-30 19:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-15 16:25 - 2015-10-30 19:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-15 16:25 - 2015-10-30 19:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-15 16:25 - 2015-10-30 19:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-15 16:25 - 2015-10-30 19:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-15 16:25 - 2015-10-30 19:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-15 16:25 - 2015-10-30 19:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-15 16:25 - 2015-10-30 19:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-15 16:25 - 2015-10-30 19:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-15 16:25 - 2015-10-30 19:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-15 16:25 - 2015-10-30 19:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-15 16:25 - 2015-10-30 19:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-15 16:25 - 2015-10-30 19:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-15 16:25 - 2015-10-30 19:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-15 16:25 - 2015-10-30 19:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-15 16:25 - 2015-10-30 18:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-15 16:25 - 2015-10-30 18:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-15 16:25 - 2015-10-30 18:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-15 16:25 - 2015-10-30 18:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-15 16:25 - 2015-08-05 14:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2015-11-15 16:25 - 2015-08-05 14:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-11-15 16:23 - 2015-10-29 14:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-11-15 16:23 - 2015-10-29 14:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-11-15 16:23 - 2015-10-29 14:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-11-15 16:23 - 2015-10-29 14:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-11-15 16:23 - 2015-10-29 14:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-11-15 16:23 - 2015-10-29 14:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-11-15 16:23 - 2015-10-29 14:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-11-15 16:23 - 2015-10-19 22:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-15 16:23 - 2015-10-19 22:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-15 16:23 - 2015-10-19 22:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-15 16:23 - 2015-10-19 22:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-15 16:23 - 2015-10-19 22:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-15 16:23 - 2015-10-19 22:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-15 16:23 - 2015-10-19 22:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-15 16:23 - 2015-10-19 22:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-15 16:23 - 2015-10-19 22:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-15 16:23 - 2015-10-19 22:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-15 16:23 - 2015-10-19 22:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-15 16:23 - 2015-10-19 22:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-15 16:23 - 2015-10-19 22:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-15 16:23 - 2015-10-19 22:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-15 16:23 - 2015-10-19 22:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-15 16:23 - 2015-10-19 22:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-15 16:23 - 2015-10-19 22:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-15 16:23 - 2015-10-19 22:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-15 16:23 - 2015-10-19 22:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-15 16:23 - 2015-10-19 22:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-15 16:23 - 2015-10-19 22:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-15 16:23 - 2015-10-19 22:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-15 16:23 - 2015-10-19 22:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-15 16:23 - 2015-10-19 22:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-15 16:23 - 2015-10-19 22:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-15 16:23 - 2015-10-19 22:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-15 16:23 - 2015-10-19 22:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-15 16:23 - 2015-10-19 22:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-15 16:23 - 2015-10-19 22:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-15 16:23 - 2015-10-19 22:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-15 16:23 - 2015-10-19 22:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-15 16:23 - 2015-10-19 22:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-15 16:23 - 2015-10-19 22:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-15 16:23 - 2015-10-19 21:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-15 16:23 - 2015-10-19 21:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-15 16:23 - 2015-10-19 21:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-15 16:23 - 2015-10-19 21:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-15 16:23 - 2015-10-19 21:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-15 16:23 - 2015-10-19 21:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-15 16:23 - 2015-10-19 21:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-15 16:23 - 2015-10-19 21:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-15 16:23 - 2015-10-19 21:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-15 16:23 - 2015-10-19 21:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-15 16:23 - 2015-10-19 21:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-15 16:23 - 2015-10-19 21:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-15 16:23 - 2015-10-19 21:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-15 16:23 - 2015-10-19 21:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-15 16:23 - 2015-10-19 21:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-15 16:23 - 2015-10-19 21:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-15 16:23 - 2015-10-19 21:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-15 16:23 - 2015-10-19 21:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-15 16:23 - 2015-10-19 21:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-15 16:23 - 2015-10-19 21:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-15 16:23 - 2015-10-19 21:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-15 16:23 - 2015-10-19 21:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-15 16:23 - 2015-10-19 21:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-15 16:23 - 2015-10-19 21:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-15 16:23 - 2015-10-19 21:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-15 16:23 - 2015-10-19 21:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-15 16:23 - 2015-10-19 21:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-15 16:23 - 2015-10-19 21:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-15 16:23 - 2015-10-19 21:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 21:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 20:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-15 16:23 - 2015-10-19 20:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-15 16:23 - 2015-10-19 20:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-15 16:23 - 2015-10-19 20:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-15 16:23 - 2015-10-19 20:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-15 16:23 - 2015-10-19 20:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 20:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 20:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-15 16:23 - 2015-10-19 20:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-15 16:23 - 2015-10-13 13:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-15 16:23 - 2015-10-13 13:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-15 16:23 - 2015-10-13 01:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-15 16:23 - 2015-09-23 10:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-15 16:23 - 2015-09-23 10:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-15 16:23 - 2015-09-23 10:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-15 16:09 - 2015-12-01 03:08 - 00000000 ____D C:\Program Files (x86)\Google
2015-11-15 16:09 - 2015-11-16 17:45 - 00000000 ____D C:\Users\ERNESTO\AppData\Local\Google
2015-11-15 16:02 - 2015-11-18 08:39 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-11-15 16:02 - 2011-04-01 10:50 - 01847296 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\athurx.sys
2015-11-15 16:02 - 2011-04-01 10:50 - 01847296 _____ (Atheros Communications, Inc.) C:\Windows\system32\athurx.sys
2015-11-15 16:02 - 2011-04-01 10:50 - 00007484 _____ C:\Windows\system32\athurextx.cat
2015-11-15 16:00 - 2015-11-15 16:00 - 00000000 ____D C:\ProgramData\TP-LINK
2015-11-15 15:57 - 2015-12-01 04:04 - 00000000 ____D C:\Users\ERNESTO
2015-11-15 15:57 - 2015-11-16 20:07 - 00001405 _____ C:\Users\ERNESTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-11-15 15:57 - 2015-11-15 15:57 - 00000020 ___SH C:\Users\ERNESTO\ntuser.ini
2015-11-15 15:57 - 2015-11-15 15:57 - 00000000 _SHDL C:\Users\ERNESTO\My Documents
2015-11-15 15:57 - 2015-11-15 15:57 - 00000000 _SHDL C:\Users\ERNESTO\Documents\My Videos
2015-11-15 15:57 - 2015-11-15 15:57 - 00000000 _SHDL C:\Users\ERNESTO\Documents\My Pictures
2015-11-15 15:57 - 2015-11-15 15:57 - 00000000 _SHDL C:\Users\ERNESTO\Documents\My Music
2015-11-15 15:57 - 2015-11-15 15:57 - 00000000 ____D C:\Users\ERNESTO\AppData\Roaming\Adobe
2015-11-15 15:57 - 2011-04-12 05:28 - 00000000 ____D C:\Users\ERNESTO\AppData\Roaming\Media Center Programs
2015-11-15 15:35 - 2015-11-24 23:00 - 00000000 ____D C:\Windows\CSC
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-12-01 13:39 - 2009-07-14 00:20 - 00000000 ____D C:\Windows
2015-12-01 13:34 - 2009-07-14 01:45 - 00021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-01 13:34 - 2009-07-14 01:45 - 00021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-01 11:50 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-01 11:50 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\tracing
2015-12-01 04:00 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2015-12-01 01:59 - 2009-07-13 23:34 - 00000215 _____ C:\Windows\system.ini
2015-11-25 04:10 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\Help
2015-11-25 03:58 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\Msdtc
2015-11-24 23:25 - 2009-07-14 01:45 - 00356792 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-18 19:55 - 2009-07-14 02:13 - 00781298 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-17 21:36 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\NDF
2015-11-17 11:18 - 2015-04-19 09:20 - 00000554 _____ C:\Users\ERNESTO\AppData\Roaming\K5E6Ub1LH55d1Ok
2015-11-17 06:29 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\registration
2015-11-16 20:07 - 2015-08-12 04:22 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-11-16 20:07 - 2015-08-12 04:22 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-11-16 20:07 - 2009-07-14 02:01 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2015-11-16 20:07 - 2009-07-14 01:57 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-11-16 20:07 - 2009-07-14 01:57 - 00001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2015-11-16 20:07 - 2009-07-14 01:57 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2015-11-16 20:07 - 2009-07-14 01:54 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2015-11-16 20:07 - 2009-07-14 01:49 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2015-11-16 17:37 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\GroupPolicy
2015-11-16 17:37 - 2009-07-13 23:34 - 00000601 _____ C:\Windows\win.ini
2015-11-16 16:54 - 2011-04-12 05:28 - 00000000 ____D C:\Windows\ShellNew
2015-11-16 16:53 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system
2015-11-16 09:41 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\rescache
2015-11-16 05:20 - 2015-08-12 09:01 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-11-16 05:20 - 2015-08-12 09:01 - 00000000 ___SD C:\Windows\system32\GWX
2015-11-16 05:20 - 2015-08-12 09:01 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-11-16 05:20 - 2015-08-12 09:01 - 00000000 ____D C:\Windows\system32\appraiser
2015-11-16 05:20 - 2011-04-12 05:28 - 00000000 ____D C:\Windows\RemotePackages
2015-11-16 05:20 - 2011-04-12 05:28 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-16 03:28 - 2009-07-14 00:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-11-15 21:50 - 2015-08-12 05:19 - 00000000 ____D C:\Windows\Panther
2015-11-15 21:35 - 2015-08-12 05:40 - 00000000 ____D C:\Windows\system32\MRT
2015-11-15 21:35 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-11-15 20:34 - 2009-07-14 02:32 - 00032768 _____ C:\Windows\system32\config\BCD-Template
2015-11-15 16:31 - 2015-08-12 04:32 - 00765280 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-15 16:06 - 2009-07-14 00:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-11-15 16:05 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\AppCompat
 
==================== Files in the root of some directories =======
 
2015-11-19 23:38 - 2015-11-25 02:06 - 0000740 _____ () C:\Users\ERNESTO\AppData\Roaming\burnaware.ini
2015-04-19 09:20 - 2015-11-17 11:18 - 0000554 _____ () C:\Users\ERNESTO\AppData\Roaming\K5E6Ub1LH55d1Ok
2015-11-18 21:51 - 2015-11-18 21:51 - 0000003 _____ () C:\Users\ERNESTO\AppData\Local\updater.log
2015-11-18 21:51 - 2015-11-18 21:51 - 0000546 _____ () C:\Users\ERNESTO\AppData\Local\UserProducts.xml
2015-11-16 19:11 - 2015-11-16 19:11 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-11-16 09:34
 
==================== End of FRST.txt ============================


#3 passacaglia

passacaglia
  • Topic Starter

  • Members
  • 323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vina del Mar, Chile
  • Local time:05:53 AM

Posted 01 December 2015 - 12:25 PM

Additional scan result of Farbar Recovery Scan Tool (x64) Version:30-11-2015
Ran by ERNESTO (2015-12-01 13:40:59)
Running from D:\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2015-11-15 18:57:01)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3922804685-3341963184-3349325189-500 - Administrator - Disabled)
ERNESTO (S-1-5-21-3922804685-3341963184-3349325189-1000 - Administrator - Enabled) => C:\Users\ERNESTO
Guest (S-1-5-21-3922804685-3341963184-3349325189-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3922804685-3341963184-3349325189-1002 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Kaspersky Total Security (Disabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Total Security (Disabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Disabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-3922804685-3341963184-3349325189-1000\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.0.3 - IObit)
AntiLogger Free version 1.8.2.320 (HKLM-x32\...\{A80DB23D-0618-405B-89D9-28F99814E287}_is1) (Version: 1.8.2.320 - Zemana Ltd.)
AOMEI Backupper Standard (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536C09F}_is1) (Version:  - AOMEI Technology Co., Ltd.)
ArcSoft TotalMedia Theatre 3 (HKLM-x32\...\InstallShield_{B5F47039-9B19-4AC3-9A4A-E1CA3068E59F}) (Version: 3.0.1.120 - ArcSoft)
ArcSoft TotalMedia Theatre 3 (x32 Version: 3.0.1.120 - ArcSoft) Hidden
Ashampoo Burning Studio FREE v.1.14.5 (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
BurnAware Free 8.6 (HKLM-x32\...\BurnAware Free_is1) (Version:  - Burnaware)
calibre 64bit (HKLM\...\{6AD98955-017B-4E0A-A0F6-2619E83B4A24}) (Version: 2.43.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
Corsair SSD Toolbox 1.2.3.5 (HKLM-x32\...\{70DE02E8-FBDD-4892-9B21-117DCA1DD553}_is1) (Version: 1.2.3.5 - Corsair)
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.3917.58 - CyberLink Corp.)
FairStars CD Ripper 1.90 (HKLM-x32\...\FairStars CD Ripper_is1) (Version:  - FairStars Soft)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.2.929 - Foxit Software Inc.)
Freemake Video Converter version 4.1.7 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.7 - Ellora Assets Corporation)
FreshDiagnose (HKLM-x32\...\FreshDevices - FreshDiagnose_is1) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.0.36 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.1.5.24 - IObit)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Karen's Clipboard Viewer (HKLM-x32\...\Karen's Clipboard Viewer) (Version: 2.2.0.0 - Karen Kenworthy)
Kaspersky Total Security Technical Preview (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.360 - Kaspersky Lab)
Kaspersky Total Security Technical Preview (x32 Version: 16.0.0.360 - Kaspersky Lab) Hidden
lightshot-3.4.0.0 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 3.4.0.0 - Skillbrains)
Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.10.10 - Magical Jelly Bean)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0 - Mozilla)
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
MSI Afterburner 4.1.1 (HKLM-x32\...\Afterburner) (Version: 4.1.1 - MSI Co., LTD)
MSI Kombustor 3.5.2.1 (64-bit) (HKLM\...\{9598DA62-2AE8-426D-9C86-BEA96AC6721E}_is1) (Version:  - MSI Co., LTD)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 359.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 359.00 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.7.4.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.7.4.10 - NVIDIA Corporation)
NVIDIA Graphics Driver 359.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.00 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenDHCPServer (HKLM-x32\...\OpenDHCPServer) (Version:  - )
Potplayer-64 Bits (HKLM\...\PotPlayer64) (Version:  - Daum Kakao Corp.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.6 - Power Software Ltd)
Quick Search 5.15.1.62 (HKLM-x32\...\Quick Search) (Version: 5.15.1.62 - Glarysoft Ltd)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.65.1025.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.1.4 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.4 - VS Revo Group, Ltd.)
RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder)
RogueKiller version 10 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 10 - Adlice Software)
SHIELD Streaming (Version: 4.1.0240 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.7.4.10 - NVIDIA Corporation) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Utilidad de Cliente Inalámbrico TP-LINK  (HKLM-x32\...\{E9E37560-9D7F-4BD1-8D07-D747EC67F733}) (Version: 7 - TP-LINK)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Automated Installation Kit (HKLM\...\{31E8F586-4EF7-4500-844D-BA8756474FF1}) (Version: 2.0.0.0 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Restore Points =========================
 
01-12-2015 01:48:45 ComboFix created restore point
01-12-2015 02:09:30 Windows Backup
01-12-2015 03:01:24 Revo Uninstaller Pro's restore point - Google Chrome
01-12-2015 03:55:03 Installed calibre 64bit
01-12-2015 11:48:27 Revo Uninstaller Pro's restore point - Smart Defrag 4
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 23:34 - 2015-12-01 01:59 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1       localhost
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {018438AC-6BCC-4D2D-91EA-17611FADB9BB} - \cdf1b020-ba4c-4dca-b920-4cb0584ad896-5_user -> No File <==== ATTENTION
Task: {0268938D-12BE-43D1-B95A-6D5F0F0C5D8A} - \{B85828DE-2820-4888-A9D3-FA09E3C747CA} -> No File <==== ATTENTION
Task: {2178E55A-ACE7-4B74-87F9-FAB5F4FD46EE} - \cdf1b020-ba4c-4dca-b920-4cb0584ad896-7 -> No File <==== ATTENTION
Task: {22C5B9DA-1068-4F85-BABF-F911166251AA} - \cdf1b020-ba4c-4dca-b920-4cb0584ad896-1-6 -> No File <==== ATTENTION
Task: {2E1A2939-A91F-4BEB-A8DE-777B95AA0BF0} - \Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 -> No File <==== ATTENTION
Task: {3C5E5860-9CB6-4056-BD05-76ACE210E4BC} - \{B75DF321-6804-456C-BBE5-6D617A66AC00} -> No File <==== ATTENTION
Task: {452F506F-710B-46F4-A35C-2CA4B88BECD9} - System32\Tasks\Uninstaller_SkipUac_ERNESTO => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-11-04] (IObit)
Task: {63551256-23C0-4FC8-BEEA-DF85DE48624E} - \cdf1b020-ba4c-4dca-b920-4cb0584ad896-1-7 -> No File <==== ATTENTION
Task: {666BA696-A0D5-4828-9BF3-01CDBB552B4A} - \cdf1b020-ba4c-4dca-b920-4cb0584ad896-5 -> No File <==== ATTENTION
Task: {6A06AAF9-FABE-49EC-94AB-03ECEC69F749} - \cdf1b020-ba4c-4dca-b920-4cb0584ad896-6 -> No File <==== ATTENTION
Task: {72204694-8EBA-44AB-AB5D-499453FAECB9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-01] (Google Inc.)
Task: {7892730F-E61E-4976-BB40-15157E7BF4A5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-01] (Google Inc.)
Task: {7966B94E-034F-4964-9830-6B809B1E5F68} - \cdf1b020-ba4c-4dca-b920-4cb0584ad896-3 -> No File <==== ATTENTION
Task: {80E57959-2F8F-40E8-8FF0-BB89B3D3D426} - \IQA -> No File <==== ATTENTION
Task: {83DE000F-BF2D-437B-87B8-FE7DDF5DCBA5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)
Task: {8BB646B5-A60D-4035-8815-2DC6E5189E28} - \Adobe Flash Player Updater -> No File <==== ATTENTION
Task: {8C0402DB-FD43-4F1B-B20A-E2EA04CA818B} - \cdf1b020-ba4c-4dca-b920-4cb0584ad896-10_user -> No File <==== ATTENTION
Task: {DE220FB9-772F-4346-8DFE-5CDCB54AFB5C} - \{43E1CBEB-22D2-48E8-BFFE-BDB3A0882A2F} -> No File <==== ATTENTION
Task: {EDEDE5AB-A72A-44B3-9713-19E44F570715} - System32\Tasks\{E8E2481C-A974-488B-9E97-93ED12016B81} => pcalua.exe -a H:\Software\ptclpvue-setup.exe -d H:\Software
Task: {EE13213A-A2C5-4019-8175-7636F89E8B31} - System32\Tasks\ASC8_SkipUac_ERNESTO => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2014-11-26] (IObit)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-11-25 04:10 - 2015-11-14 03:06 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-01 11:13 - 2014-05-01 11:13 - 00470016 _____ () C:\Users\ERNESTO\AppData\Local\MEGAsync\ShellExtX64.dll
2015-11-17 19:37 - 2015-10-09 16:56 - 00071680 _____ () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
2015-11-15 21:43 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\sqlite3.dll
2015-11-16 01:38 - 2015-09-15 17:56 - 00306904 _____ () C:\Program Files (x86)\AOMEI Backupper\UiLogic.dll
2015-11-16 01:38 - 2015-09-15 17:56 - 00241368 _____ () C:\Program Files (x86)\AOMEI Backupper\diskmgr.dll
2015-11-16 01:38 - 2015-09-15 17:56 - 00290520 _____ () C:\Program Files (x86)\AOMEI Backupper\Comn.dll
2015-11-16 01:38 - 2015-09-15 17:56 - 00077528 _____ () C:\Program Files (x86)\AOMEI Backupper\Ldm.dll
2015-11-16 01:38 - 2015-09-15 17:56 - 00061144 _____ () C:\Program Files (x86)\AOMEI Backupper\Device.dll
2015-11-16 01:38 - 2015-09-15 17:56 - 00282328 _____ () C:\Program Files (x86)\AOMEI Backupper\BrFat.dll
2015-11-16 01:38 - 2015-09-15 17:56 - 00962264 _____ () C:\Program Files (x86)\AOMEI Backupper\BrNtfs.dll
2015-11-16 01:38 - 2015-09-15 17:56 - 00122584 _____ () C:\Program Files (x86)\AOMEI Backupper\FuncLogic.dll
2015-11-16 01:38 - 2015-09-15 17:56 - 00282328 _____ () C:\Program Files (x86)\AOMEI Backupper\Clone.dll
2015-11-16 01:38 - 2015-09-15 17:56 - 00347864 _____ () C:\Program Files (x86)\AOMEI Backupper\ImgFile.dll
2015-11-16 01:38 - 2015-09-15 17:56 - 00028376 _____ () C:\Program Files (x86)\AOMEI Backupper\Encrypt.dll
2015-11-16 01:38 - 2015-09-15 17:56 - 00069336 _____ () C:\Program Files (x86)\AOMEI Backupper\Compress.dll
2015-11-16 01:38 - 2015-09-15 17:56 - 00102104 _____ () C:\Program Files (x86)\AOMEI Backupper\BrVol.dll
2015-11-16 01:38 - 2015-09-15 17:56 - 00253656 _____ () C:\Program Files (x86)\AOMEI Backupper\GptBcd.dll
2015-11-16 01:38 - 2015-09-15 17:56 - 00155352 _____ () C:\Program Files (x86)\AOMEI Backupper\FlBackup.dll
2015-11-16 01:38 - 2015-09-15 17:56 - 00483032 _____ () C:\Program Files (x86)\AOMEI Backupper\EnumFolder.dll
2015-11-16 01:38 - 2015-09-15 17:56 - 00175832 _____ () C:\Program Files (x86)\AOMEI Backupper\DeviceMgr.dll
2015-11-16 01:38 - 2015-09-15 17:56 - 00118488 _____ () C:\Program Files (x86)\AOMEI Backupper\Backup.dll
2015-11-16 01:38 - 2015-09-15 17:56 - 00691928 _____ () C:\Program Files (x86)\AOMEI Backupper\Sync.dll
2015-11-16 01:38 - 2015-09-15 17:56 - 00102104 _____ () C:\Program Files (x86)\AOMEI Backupper\BrLog.dll
2015-11-16 01:38 - 2015-02-26 00:00 - 02403504 _____ () C:\Program Files (x86)\AOMEI Backupper\QtCore4.dll
2015-11-15 22:41 - 2015-11-12 15:39 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-11-15 21:43 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\webres.dll
2015-11-15 23:57 - 2014-03-17 03:38 - 00866056 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\common\UNO\UNO.dll
2015-11-15 23:57 - 2013-12-10 04:39 - 00074240 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_ctypes.pyd
2015-11-15 23:57 - 2013-12-10 04:39 - 00285184 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_hashlib.pyd
2015-11-15 23:57 - 2013-12-10 04:39 - 00040960 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_socket.pyd
2015-11-15 23:57 - 2013-12-10 04:39 - 00721920 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_ssl.pyd
2015-11-15 23:57 - 2014-03-17 03:38 - 00043784 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DHProcedure\DHProcedure.dll
2014-05-01 11:15 - 2014-05-01 11:15 - 00463360 _____ () C:\Users\ERNESTO\AppData\Local\MEGAsync\ShellExtX32.dll
2015-11-15 21:43 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2015-11-15 21:43 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2015-11-15 21:43 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2015-12-01 03:08 - 2015-11-07 01:36 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libglesv2.dll
2015-12-01 03:08 - 2015-11-07 01:36 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\S-1-5-21-3922804685-3341963184-3349325189-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3922804685-3341963184-3349325189-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3922804685-3341963184-3349325189-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3922804685-3341963184-3349325189-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3922804685-3341963184-3349325189-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3922804685-3341963184-3349325189-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3922804685-3341963184-3349325189-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3922804685-3341963184-3349325189-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3922804685-3341963184-3349325189-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3922804685-3341963184-3349325189-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3922804685-3341963184-3349325189-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3922804685-3341963184-3349325189-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3922804685-3341963184-3349325189-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3922804685-3341963184-3349325189-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3922804685-3341963184-3349325189-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3922804685-3341963184-3349325189-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3922804685-3341963184-3349325189-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3922804685-3341963184-3349325189-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3922804685-3341963184-3349325189-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3922804685-3341963184-3349325189-1000\...\100sexlinks.com -> 100sexlinks.com
 
There are 4788 more sites.
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3922804685-3341963184-3349325189-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 200.83.1.4 - 190.160.0.14
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{95B2E807-F32C-43A0-B6DA-BA93C024E1A3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{77DC609D-9F60-4654-B65D-BE17381B8BCF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F857385C-11DA-4846-AB9A-2C6329FFF081}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8A2EB7CF-1E9F-4649-8DA8-1C7BDD954A54}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{EDDD7CC0-FE64-40EE-BF42-90517E88EC8C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{BAA05481-AE20-4E4A-98EE-2B3BF8356A50}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{09C7AC06-FB34-41A8-9DF4-157C31768CF9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A49AE2F3-456C-4635-A043-34ED987F8A2B}] => (Allow) C:\Users\ERNESTO\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D430C161-99D8-4BE8-825E-403A07C3B95B}] => (Allow) C:\Users\ERNESTO\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EE492A70-E0AB-4F83-A3A9-C256CE009003}] => (Allow) C:\Users\ERNESTO\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B73A8F71-2622-4EB9-9434-1445525234F6}] => (Allow) C:\Users\ERNESTO\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1F9B907D-3738-4842-BE63-18612BCE74D4}] => (Allow) C:\Users\ERNESTO\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E0BD528E-C7A7-4E2D-85EC-FE3245BBD4E6}] => (Allow) C:\Users\ERNESTO\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0895DFB2-F209-41A7-81E3-FBE34185B0EA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{08BE9E79-C176-4452-8916-32CB3A0789E7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
FirewallRules: [{38E4C775-9B0E-4760-B61C-4D3490F60A2D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
FirewallRules: [{09DEB5FE-FDFB-41E2-A5E7-07B7BAD41C21}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{A276A504-110F-4E48-BD0B-37F41639C42B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{C24EB853-33B0-4682-9370-F798D98DD968}] => (Allow) C:\Program Files (x86)\Advanced Driver Updater\adu.exe
FirewallRules: [{DEE30578-A471-4A16-8A21-EACE3B1BCA99}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0BAA8DDF-5303-479F-952A-74844A061300}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9A93C4BE-0B8F-4521-A127-B23851462665}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
Name: ArcCtrl
Description: ArcCtrl
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: ArcCtrl
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasPppoe
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/01/2015 11:55:34 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={E0FBE527-C919-448D-BC7A-CCA8D29C2CF6}: The user ERNESTO-PC\ERNESTO dialed a connection named Broadband Connection which has failed. The error code returned on failure is 797.
 
Error: (12/01/2015 11:51:00 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (12/01/2015 11:51:00 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.
 
Context: Windows Application
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (12/01/2015 11:51:00 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (12/01/2015 11:51:00 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
Details:
Element not found.  (HRESULT : 0x80070490) (0x80070490)
 
Error: (12/01/2015 11:51:00 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (12/01/2015 11:51:00 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: The Windows Search Service cannot load the property store information.
 
Context: Windows Application, SystemIndex Catalog
 
Details:
The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)
 
Error: (12/01/2015 11:51:00 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (12/01/2015 11:51:00 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index.
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (12/01/2015 11:51:00 AM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: The Windows Search Service cannot open the Jet property store.
 
Details:
0x%08x (0xc0041800 - The content index database is corrupt.  (HRESULT : 0xc0041800))
 
 
System errors:
=============
Error: (12/01/2015 01:40:43 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.
 
Error: (12/01/2015 00:16:21 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.
 
Error: (12/01/2015 11:55:23 AM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.
 
Error: (12/01/2015 11:53:38 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error: 
%%2
 
Error: (12/01/2015 11:51:41 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140993535
 
Error: (12/01/2015 11:51:41 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140993535
 
Error: (12/01/2015 11:51:41 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140993535
 
Error: (12/01/2015 11:51:41 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140993535
 
Error: (12/01/2015 11:51:41 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
 
Error: (12/01/2015 11:51:41 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
 
 
CodeIntegrity:
===================================
  Date: 2015-11-20 19:04:49.555
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\FreshDevices\FreshDiagnose\FreshIO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-11-20 19:04:49.515
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\FreshDevices\FreshDiagnose\FreshIO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-11-18 10:12:19.997
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\raspppoe.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-11-18 10:12:19.960
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\raspppoe.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-11-17 21:38:19.540
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\raspppoe.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-11-17 21:38:19.524
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\raspppoe.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-11-17 19:40:47.836
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\raspppoe.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-11-17 19:40:47.805
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\raspppoe.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-11-17 17:22:32.524
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\raspppoe.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-11-17 17:22:32.493
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\raspppoe.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-4670 CPU @ 3.40GHz
Percentage of memory in use: 14%
Total physical RAM: 16263 MB
Available physical RAM: 13824.37 MB
Total Virtual: 32826 MB
Available Virtual: 30071.15 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:118.9 GB) (Free:57.24 GB) NTFS
Drive d: () (Fixed) (Total:384.96 GB) (Free:344.72 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: () (Fixed) (Total:217.48 GB) (Free:217.34 GB) NTFS
Drive f: () (Fixed) (Total:329.07 GB) (Free:56.71 GB) NTFS
Drive j: (TOSHIBA) (Fixed) (Total:931.51 GB) (Free:116.16 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 135A86F5)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.9 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F6802E4F)
Partition 1: (Not Active) - (Size=217.5 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=385 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=329.1 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: C16A4C19)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================


#4 passacaglia

passacaglia
  • Topic Starter

  • Members
  • 323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vina del Mar, Chile
  • Local time:05:53 AM

Posted 01 December 2015 - 12:53 PM

Windows found driver for your device but encountered an error while attempting to install it.

 

WAN Miniport PPPOE

 

The system cannot find the file specified



#5 nasdaq

nasdaq

  • Malware Response Team
  • 40,502 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:53 AM

Posted 02 December 2015 - 03:56 PM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.


start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3922804685-3341963184-3349325189-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKLM - No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -  No File
Toolbar: HKLM-x32 - No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -  No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
S3 catchme; no ImagePath
S1 ArcCtrl; system32\drivers\ArcCtrl.sys [X]
S3 b06bdrv; \SystemRoot\system32\drivers\bxvbda.sys [X]
S0 ignis; system32\DRIVERS\ignis.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
Task: {018438AC-6BCC-4D2D-91EA-17611FADB9BB} - \cdf1b020-ba4c-4dca-b920-4cb0584ad896-5_user -> No File <==== ATTENTION
Task: {0268938D-12BE-43D1-B95A-6D5F0F0C5D8A} - \{B85828DE-2820-4888-A9D3-FA09E3C747CA} -> No File <==== ATTENTION
Task: {2178E55A-ACE7-4B74-87F9-FAB5F4FD46EE} - \cdf1b020-ba4c-4dca-b920-4cb0584ad896-7 -> No File <==== ATTENTION
Task: {22C5B9DA-1068-4F85-BABF-F911166251AA} - \cdf1b020-ba4c-4dca-b920-4cb0584ad896-1-6 -> No File <==== ATTENTION
Task: {2E1A2939-A91F-4BEB-A8DE-777B95AA0BF0} - \Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 -> No File <==== ATTENTION
Task: {3C5E5860-9CB6-4056-BD05-76ACE210E4BC} - \{B75DF321-6804-456C-BBE5-6D617A66AC00} -> No File <==== ATTENTION
Task: {63551256-23C0-4FC8-BEEA-DF85DE48624E} - \cdf1b020-ba4c-4dca-b920-4cb0584ad896-1-7 -> No File <==== ATTENTION
Task: {666BA696-A0D5-4828-9BF3-01CDBB552B4A} - \cdf1b020-ba4c-4dca-b920-4cb0584ad896-5 -> No File <==== ATTENTION
Task: {6A06AAF9-FABE-49EC-94AB-03ECEC69F749} - \cdf1b020-ba4c-4dca-b920-4cb0584ad896-6 -> No File <==== ATTENTION
Task: {7966B94E-034F-4964-9830-6B809B1E5F68} - \cdf1b020-ba4c-4dca-b920-4cb0584ad896-3 -> No File <==== ATTENTION
Task: {80E57959-2F8F-40E8-8FF0-BB89B3D3D426} - \IQA -> No File <==== ATTENTION
Task: {8BB646B5-A60D-4035-8815-2DC6E5189E28} - \Adobe Flash Player Updater -> No File <==== ATTENTION
Task: {8C0402DB-FD43-4F1B-B20A-E2EA04CA818B} - \cdf1b020-ba4c-4dca-b920-4cb0584ad896-10_user -> No File <==== ATTENTION
Task: {DE220FB9-772F-4346-8DFE-5CDCB54AFB5C} - \{43E1CBEB-22D2-48E8-BFFE-BDB3A0882A2F} -> No File <==== ATTENTION
Windows Firewall is disabled.

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

--RogueKiller--
  • Download & SAVE to your Desktop Download RogueKiller
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • When instructed Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • Click on "Report"
  • Click on Export TXT button save the file as RogueReport.txt
  • The file RogueReport.txt will be saved in the desktop.
  • Close the program.
  • Open the file with Notepad and Copy/paste the content into your next reply.
<<<>>>

p.s.
Next time you get a BSOD error please note the exact message and post it for my review.

#6 passacaglia

passacaglia
  • Topic Starter

  • Members
  • 323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vina del Mar, Chile
  • Local time:05:53 AM

Posted 02 December 2015 - 08:48 PM

Hello nasdaq, nice meeting you

 

First I have to  bring you up to date with the latest happenings. Only now have I managed to connect to the internet (wi-fi).

I unplugged the PC yesterday night. This morning it started with "bootmgr is missing" press Ctrl+Alt+Del to restart. The Repair Disk said it could not fix the startup problem; "Easy Recovery" could not fix the bootmgr; Hirens said I have a problem with the PXE stack due to config issues. Kon-Boot and other similar stuff could not boot. With the Repair Disk, System Restore and Image Restore did not work. The latest Aomei backup (which I access via CD) refused to start.

 

So finally I pulled out my installation disk and when it was reaching the end of the installation (Windows is preparing your desktop), the screen went black and said it could not continue because there was a corruption problem in one of the system32 drivers. I don't recall exactly but I think the last word was config.

 

Sorry for not having written all those messages down for you. Finally, it started with one of the oldest Aomei backups I have. During all this maneuvering not one BSOD appeared.

 

I'll work on your directives now.



#7 passacaglia

passacaglia
  • Topic Starter

  • Members
  • 323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vina del Mar, Chile
  • Local time:05:53 AM

Posted 02 December 2015 - 09:43 PM

Fix result of Farbar Recovery Scan Tool (x64) Version:30-11-2015

Ran by ERNESTO (2015-12-02 22:57:50) Run:1
Running from E:\Software\Farbar Recovery Scan Tool
Loaded Profiles: ERNESTO (Available Profiles: ERNESTO)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
start
 
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3922804685-3341963184-3349325189-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKLM - No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -  No File
Toolbar: HKLM-x32 - No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -  No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
S3 catchme; no ImagePath
S1 ArcCtrl; system32\drivers\ArcCtrl.sys [X]
S3 b06bdrv; \SystemRoot\system32\drivers\bxvbda.sys [X]
S0 ignis; system32\DRIVERS\ignis.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
Task: {018438AC-6BCC-4D2D-91EA-17611FADB9BB} - \cdf1b020-ba4c-4dca-b920-4cb0584ad896-5_user -> No File <==== ATTENTION
Task: {0268938D-12BE-43D1-B95A-6D5F0F0C5D8A} - \{B85828DE-2820-4888-A9D3-FA09E3C747CA} -> No File <==== ATTENTION
Task: {2178E55A-ACE7-4B74-87F9-FAB5F4FD46EE} - \cdf1b020-ba4c-4dca-b920-4cb0584ad896-7 -> No File <==== ATTENTION
Task: {22C5B9DA-1068-4F85-BABF-F911166251AA} - \cdf1b020-ba4c-4dca-b920-4cb0584ad896-1-6 -> No File <==== ATTENTION
Task: {2E1A2939-A91F-4BEB-A8DE-777B95AA0BF0} - \Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 -> No File <==== ATTENTION
Task: {3C5E5860-9CB6-4056-BD05-76ACE210E4BC} - \{B75DF321-6804-456C-BBE5-6D617A66AC00} -> No File <==== ATTENTION
Task: {63551256-23C0-4FC8-BEEA-DF85DE48624E} - \cdf1b020-ba4c-4dca-b920-4cb0584ad896-1-7 -> No File <==== ATTENTION
Task: {666BA696-A0D5-4828-9BF3-01CDBB552B4A} - \cdf1b020-ba4c-4dca-b920-4cb0584ad896-5 -> No File <==== ATTENTION
Task: {6A06AAF9-FABE-49EC-94AB-03ECEC69F749} - \cdf1b020-ba4c-4dca-b920-4cb0584ad896-6 -> No File <==== ATTENTION
Task: {7966B94E-034F-4964-9830-6B809B1E5F68} - \cdf1b020-ba4c-4dca-b920-4cb0584ad896-3 -> No File <==== ATTENTION
Task: {80E57959-2F8F-40E8-8FF0-BB89B3D3D426} - \IQA -> No File <==== ATTENTION
Task: {8BB646B5-A60D-4035-8815-2DC6E5189E28} - \Adobe Flash Player Updater -> No File <==== ATTENTION
Task: {8C0402DB-FD43-4F1B-B20A-E2EA04CA818B} - \cdf1b020-ba4c-4dca-b920-4cb0584ad896-10_user -> No File <==== ATTENTION
Task: {DE220FB9-772F-4346-8DFE-5CDCB54AFB5C} - \{43E1CBEB-22D2-48E8-BFFE-BDB3A0882A2F} -> No File <==== ATTENTION
Windows Firewall is disabled.
 
End
*****************
 
Restore point was successfully created.
Processes closed successfully.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-3922804685-3341963184-3349325189-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} => value removed successfully
HKCR\CLSID\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} => key not found. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} => value removed successfully
HKCR\Wow6432Node\CLSID\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} => key not found. 
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
catchme => service removed successfully
ArcCtrl => service removed successfully
b06bdrv => service removed successfully
ignis => service removed successfully
VGPU => service removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{018438AC-6BCC-4D2D-91EA-17611FADB9BB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{018438AC-6BCC-4D2D-91EA-17611FADB9BB}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cdf1b020-ba4c-4dca-b920-4cb0584ad896-5_user => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0268938D-12BE-43D1-B95A-6D5F0F0C5D8A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0268938D-12BE-43D1-B95A-6D5F0F0C5D8A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B85828DE-2820-4888-A9D3-FA09E3C747CA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2178E55A-ACE7-4B74-87F9-FAB5F4FD46EE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2178E55A-ACE7-4B74-87F9-FAB5F4FD46EE}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cdf1b020-ba4c-4dca-b920-4cb0584ad896-7 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{22C5B9DA-1068-4F85-BABF-F911166251AA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22C5B9DA-1068-4F85-BABF-F911166251AA}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cdf1b020-ba4c-4dca-b920-4cb0584ad896-1-6 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{2E1A2939-A91F-4BEB-A8DE-777B95AA0BF0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2E1A2939-A91F-4BEB-A8DE-777B95AA0BF0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3C5E5860-9CB6-4056-BD05-76ACE210E4BC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3C5E5860-9CB6-4056-BD05-76ACE210E4BC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B75DF321-6804-456C-BBE5-6D617A66AC00}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{63551256-23C0-4FC8-BEEA-DF85DE48624E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{63551256-23C0-4FC8-BEEA-DF85DE48624E}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cdf1b020-ba4c-4dca-b920-4cb0584ad896-1-7 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{666BA696-A0D5-4828-9BF3-01CDBB552B4A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{666BA696-A0D5-4828-9BF3-01CDBB552B4A}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cdf1b020-ba4c-4dca-b920-4cb0584ad896-5 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6A06AAF9-FABE-49EC-94AB-03ECEC69F749}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A06AAF9-FABE-49EC-94AB-03ECEC69F749}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cdf1b020-ba4c-4dca-b920-4cb0584ad896-6 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7966B94E-034F-4964-9830-6B809B1E5F68}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7966B94E-034F-4964-9830-6B809B1E5F68}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cdf1b020-ba4c-4dca-b920-4cb0584ad896-3 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{80E57959-2F8F-40E8-8FF0-BB89B3D3D426}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{80E57959-2F8F-40E8-8FF0-BB89B3D3D426}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IQA => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8BB646B5-A60D-4035-8815-2DC6E5189E28}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8BB646B5-A60D-4035-8815-2DC6E5189E28}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8C0402DB-FD43-4F1B-B20A-E2EA04CA818B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C0402DB-FD43-4F1B-B20A-E2EA04CA818B}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cdf1b020-ba4c-4dca-b920-4cb0584ad896-10_user => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DE220FB9-772F-4346-8DFE-5CDCB54AFB5C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE220FB9-772F-4346-8DFE-5CDCB54AFB5C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{43E1CBEB-22D2-48E8-BFFE-BDB3A0882A2F}" => key removed successfully
Windows Firewall is disabled. => Error: No automatic fix found for this entry.
EmptyTemp: => 37.7 MB temporary data Removed.
 
 
The system needed a reboot.
 
==== End of Fixlog 22:58:26 ====
 
 
 
 
RogueKiller V11.0.0.0 [Nov 27 2015] (Free) by Adlice Software
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : ERNESTO [Administrator]
Started from : D:\Downloads\RogueKiller.exe
Mode : Scan -- Date : 12/02/2015 23:30:29
 
¤¤¤ Processes : 0 ¤¤¤
 
¤¤¤ Registry : 7 ¤¤¤
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Systweak -> Found
[PUP] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending | (default) : {056D528D-CE28-4194-9BA3-BA2E9197FF8C} (C:\Users\ERNESTO\AppData\Local\MEGAsync\ShellExtX64.dll)  -> Found
[PUP] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced | (default) : {05B38830-F4E9-4329-978B-1DD28605D202} (C:\Users\ERNESTO\AppData\Local\MEGAsync\ShellExtX64.dll)  -> Found
[PUP] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing | (default) : {0596C850-7BDD-4C9D-AFDF-873BE6890637} (C:\Users\ERNESTO\AppData\Local\MEGAsync\ShellExtX64.dll)  -> Found
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending | (default) : {056D528D-CE28-4194-9BA3-BA2E9197FF8C} (C:\Users\ERNESTO\AppData\Local\MEGAsync\ShellExtX64.dll)  -> Found
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced | (default) : {05B38830-F4E9-4329-978B-1DD28605D202} (C:\Users\ERNESTO\AppData\Local\MEGAsync\ShellExtX64.dll)  -> Found
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing | (default) : {0596C850-7BDD-4C9D-AFDF-873BE6890637} (C:\Users\ERNESTO\AppData\Local\MEGAsync\ShellExtX64.dll)  -> Found
 
¤¤¤ Tasks : 0 ¤¤¤
 
¤¤¤ Files : 2 ¤¤¤
[PUP][Folder] C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} -> Found
[PUP][Folder] C:\Program Files (x86)\Advanced Driver Updater -> Found
 
¤¤¤ Hosts File : 0 ¤¤¤
 
¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: Corsair Force GS ATA Device +++++
--- User ---
[MBR] 28693d1ea81883e03fc28f0cad210f9e
[BSP] bb963fb4fd23400b132c26bf5570576e : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 121752 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK
 
+++++ PhysicalDrive1: WDC WD1002FAEX-00Z3A0 ATA Device +++++
--- User ---
[MBR] 0bebe86e6e03e21de4fa13bdbb387a83
[BSP] 2c95ab25544bc1bc15fad3437646b1d0 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 68 | Size: 222697 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 456085352 | Size: 394196 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1263400960 | Size: 336972 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK
 


#8 nasdaq

nasdaq

  • Malware Response Team
  • 40,502 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:53 AM

Posted 03 December 2015 - 08:27 AM

Any issues since you executed the FRST fix?

#9 passacaglia

passacaglia
  • Topic Starter

  • Members
  • 323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vina del Mar, Chile
  • Local time:05:53 AM

Posted 03 December 2015 - 08:57 AM

YES

 

I keep getting bootmgr is missing and have to use a backup to get in.

 

Would an upgrade to Win10 fix these problems or would it leave me withot bootmgr?

 

As well as error 797 for the ethernet connection?



#10 passacaglia

passacaglia
  • Topic Starter

  • Members
  • 323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vina del Mar, Chile
  • Local time:05:53 AM

Posted 03 December 2015 - 10:12 AM

Nasdaq

Where I'm writing turned all white. Hope I'm writing in the right place.

#11 passacaglia

passacaglia
  • Topic Starter

  • Members
  • 323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vina del Mar, Chile
  • Local time:05:53 AM

Posted 03 December 2015 - 10:21 AM

Ran CCleaner and all back to normal now.

 

Sorry for the font size nasdaq. Apparently something went wrong there.

 

Were any of the log texts useful?

 

Thanks for your interest.



#12 nasdaq

nasdaq

  • Malware Response Team
  • 40,502 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:53 AM

Posted 04 December 2015 - 07:54 AM



All the fix did was the cleaning of empty keys and the removal of the policy restrictions.

I suggest your run the RogueKiller and remove these bad items.
CCleaner may have removed them. Better safe then sorry.

[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Systweak -> Found
[PUP][Folder] C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} -> Found
[PUP][Folder] C:\Program Files (x86)\Advanced Driver Updater -> Found


Restart the computer normally.

===

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/
===

#13 passacaglia

passacaglia
  • Topic Starter

  • Members
  • 323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vina del Mar, Chile
  • Local time:05:53 AM

Posted 04 December 2015 - 02:15 PM

Followed all your recommendations. Still getting error 797.

#14 nasdaq

nasdaq

  • Malware Response Team
  • 40,502 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:53 AM

Posted 05 December 2015 - 09:30 AM

Please download MiniToolBox to Desktop and run it.

Check mark the following boxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List last 10 Event Viewer log
  • List content of Hosts
  • List IP Configuration
  • List Winsock Entries
  • List Installed Programs
  • List Users, Partitions and Memory size
  • List Devices (problems only)
  • List Minidump Files
  • List Restore Points
  • Click Go and copy/paste the log (Result.txt) into your next post.
  • Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
p.s.
How do you connect to the internet?

#15 passacaglia

passacaglia
  • Topic Starter

  • Members
  • 323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vina del Mar, Chile
  • Local time:05:53 AM

Posted 06 December 2015 - 02:19 PM

I've been out of the air these last couple of days

i have good news and bad news (but solved)

 

Good news is I don't get error 797 and am connected to broadband at download speed of 44 Mbps

I uninstalled all wi-fi related functions (driver, registry,etc.) installed new ethernet drivers and did a clean install of Windows.

 

Bad news is that to fix the BOOTMGR is missing. After trying all I could, I did a Windows clean install, erased all the PC with Dariks Boot and Nuke but forgot to export my chrome bookmarks.

 

However, after the clean install I ran the Easy Recovery for Win7 CD and it loaded a new bootmgr.

 

The quizzes I have are, why did my ethernet stop working with no apparent cause? (had to install a wi-fi).  And:

all of a sudden, why did I get the "bootmgr is missing" message and Easy Recovery was unable to install a new one?

 

I thank you very, very, very much for all your efforts and dedication to this problem. I hope you had a good weekend (I stayed stuck in front of my PC). And wish you have excellent malware solutions in the coming days.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users