Solved "Alarm your system is in danger" windows 10

R

Roteke

Posts: 47   +0
Hi, Last week I made the upgrade for windows 10 and from that moment I've been getting a pop up windows in Firefox with "alarm your system is in danger". I think this is a trojan and I been run Avast scan, but do not works. As per your instructions in the main thread, you'll find below the FRST.txt and Addition.txt logs. Thank you.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:14-08-2015 01
Ran by Emilio (administrator) on EMILIO-PC (15-08-2015 13:36:05)
Running from C:\Users\Emilio\Downloads
Loaded Profiles: Emilio (Available Profiles: Emilio & DefaultAppPool)
Platform: Windows 10 Pro (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(cFos Software GmbH) C:\Program Files\ASUS\ROG GameFirst\spd.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\DAODx.exe
() C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(cFos Software GmbH) C:\Program Files\ASUS\ROG GameFirst\cfosspeed.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(ROCCAT) C:\Program Files (x86)\ROCCAT\Arvo Keyboard\ArvoHID.EXE
(BitTorrent Inc.) C:\Users\Emilio\AppData\Roaming\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Users\Emilio\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\VolPanlu.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(Argente Software) C:\Program Files (x86)\Argente - Registry Cleaner\ArgenteRC.exe
(ROCCAT) C:\Program Files (x86)\ROCCAT\Pyra Mouse\PyraMonitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.803.16240.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.8.3.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [THXCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
HKLM\...\Run: [RunDLLEntry] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\AmbRunE.dll,RunDLLEntry
HKLM\...\Run: [ROG GameFirst] => C:\Program Files\ASUS\ROG GameFirst\cFosSpeed.exe [1305272 2010-11-22] (cFos Software GmbH)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\THXAudioCP\THXAudio.exe [1349632 2010-06-11] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\VolPanlu.exe [241789 2010-02-18] (Creative Technology Ltd)
HKLM-x32\...\Run: [ArgenteRC] => C:\Program Files (x86)\Argente - Registry Cleaner\ArgenteRC.exe [2759168 2012-10-24] (Argente Software)
HKLM-x32\...\Run: [ROCCAT Pyra Mouse] => C:\Program Files (x86)\ROCCAT\Pyra Mouse\PyraMonitor.EXE [532480 2010-09-07] (ROCCAT)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-08-08] (AVAST Software)
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-05-19] (Google Inc.)
HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\...\Run: [Arvo] => C:\Program Files (x86)\ROCCAT\Arvo Keyboard\ArvoHID.EXE [582144 2010-04-01] (ROCCAT)
HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\...\Run: [uTorrent] => C:\Users\Emilio\AppData\Roaming\uTorrent\uTorrent.exe [1993056 2015-07-19] (BitTorrent Inc.)
HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\...\Run: [OneDrive] => C:\Users\Emilio\AppData\Local\Microsoft\OneDrive\OneDrive.exe [402632 2015-08-08] (Microsoft Corporation)
HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_Plugin.exe [1155760 2015-07-15] (Adobe Systems Incorporated)
IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2012-09-11]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-08] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://cl.msn.com/?ocid=iehp
HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=es-CL&Src=MSE&Tid=00032955&OHP=https%3A%2F%2Fpyme.defontana.com%2Fsistema%2Fmain.asp&OSP=http%3A%2F%2Fwww.google.com%2Fsearch%3Fq%3D%7BsearchTerms%7D%26rls%3Dcom.microsoft%3A%7Blanguage%7D%3A%7Breferrer%3Asource%3F%7D%26ie%3D%7BinputEncoding%7D%26oe%3D%7BoutputEncoding%7D%26sourceid%3Die7%26rlz%3D1I7ASUM%5FesCL484
SearchScopes: HKLM -> DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = hxxp://start.iminent.com/?appId=51DE3E92-7CE1-4D3D-AA50-336BDFBAC424&ref=toolbox&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2491552106-2971991606-1040936953-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2491552106-2971991606-1040936953-1000 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-08] (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-18] (Google Inc.)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-08] (AVAST Software)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-18] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-18] (Google Inc.)
Toolbar: HKLM-x32 - No Name - {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - No File
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll [2013-04-08] (pdfforge GmbH)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-18] (Google Inc.)
Toolbar: HKU\S-1-5-21-2491552106-2971991606-1040936953-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-18] (Google Inc.)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b246c8fa-33fb-4750-ab13-0d08df709706}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default
FF SelectedSearchEngine: StartWeb
FF Homepage: https://www.google.cl/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-07-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-07-13] (NVIDIA Corporation)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Emilio\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-05-27] (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2491552106-2971991606-1040936953-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2013-08-17] ()
FF user.js: detected! => C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\user.js [2014-04-14]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\linkfilter@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-05-28]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-08-08]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.89\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.89\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.89\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Profile: C:\Users\Emilio\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Wallet) - C:\Users\Emilio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-18]
CHR HKLM-x32\...\Chrome\Extension: [dhdepfaagokllfmhfbcfmocaeigmoebo] - C:\Users\Emilio\AppData\Local\Savings Sidekick\Chrome\Savings Sidekick.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-08-08]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-08-08]
CHR HKLM-x32\...\Chrome\Extension: [jbpkiefagocgkmemidfngdkamloieekf] - C:\Program Files (x86)\TornTV.com\torn10.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Program Files (x86)\Yontoo\YontooLayers.crx [2012-11-03]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [922240 2011-06-13] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [915584 2010-12-01] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-08] (AVAST Software)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2255064 2013-10-28] (Broadcom Corporation.)
R3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [326144 2015-07-10] (Microsoft Corporation)
S3 CDPSvc; C:\Windows\System32\CDPSvc.dll [134144 2015-07-10] (Microsoft Corporation)
R2 cFosSpeedS; C:\Program Files\ASUS\ROG GameFirst\spd.exe [487096 2010-11-22] (cFos Software GmbH)
R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [808856 2015-08-07] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [510976 2015-08-07] (Microsoft Corporation)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2012-05-19] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2012-05-19] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2009-08-28] (Creative Technology Ltd) [File not signed]
S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [27136 2015-07-10] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [267776 2015-07-10] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [193024 2015-07-10] (Microsoft Corporation)
S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [87040 2015-07-10] (Microsoft Corporation)
S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [275456 2015-07-10] (Microsoft Corporation)
S3 icssvc; C:\Windows\System32\tetheringservice.dll [148992 2015-08-07] (Microsoft Corporation)
R3 lfsvc; C:\Windows\SysWOW64\lfsvc.dll [22528 2015-07-10] (Microsoft Corporation)
R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [21504 2015-07-10] (Microsoft Corporation)
S2 MapsBroker; C:\Windows\System32\moshost.dll [62464 2015-07-10] (Microsoft Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc.)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-08-07] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1900728 2013-06-09] (Microsoft Corporation)
S2 OneSyncSvc; C:\Windows\System32\APHostService.dll [296960 2015-07-10] (Microsoft Corporation)
R2 OneSyncSvc_Session2; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R2 OneSyncSvc_Session2; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S3 PimIndexMaintenanceSvc; C:\Windows\System32\PimIndexMaintenance.dll [289280 2015-07-10] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_Session2; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_Session2; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 RetailDemo; C:\Windows\system32\RDXService.dll [988672 2015-08-07] (Microsoft Corporation)
S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1031680 2015-08-07] (Microsoft Corporation)
R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [2674176 2015-07-10] (Microsoft Corporation)
R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [2049024 2015-07-10] (Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\System32\unistore.dll [1203200 2015-08-07] (Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\SysWOW64\unistore.dll [925696 2015-08-07] (Microsoft Corporation)
R3 UnistoreSvc_Session2; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 UnistoreSvc_Session2; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 UserDataSvc; C:\Windows\System32\userdataservice.dll [1420288 2015-08-07] (Microsoft Corporation)
R3 UserDataSvc_Session2; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 UserDataSvc_Session2; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 vmicvmsession; C:\Windows\System32\ICSvc.dll [506880 2015-07-10] (Microsoft Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-08-07] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-08-07] (Microsoft Corporation)
S3 WalletService; C:\Windows\system32\WalletService.dll [504320 2015-07-10] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [918016 2015-07-10] (Microsoft Corporation)
S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1149440 2015-07-10] (Microsoft Corporation)
S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1019392 2015-07-10] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ArvoFltr; C:\Windows\system32\drivers\ArvoFltr.sys [15872 2009-05-06] (ROCCAT Development, Inc.)
R0 asahci64; C:\Windows\System32\drivers\asahci64.sys [36448 2011-03-23] (Asmedia Technology)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-08] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-08] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-08] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-08] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-08] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-08] (AVAST Software)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-07-10] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [36864 2015-07-10] (Microsoft Corporation)
R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys [39936 2015-07-10] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3436896 2015-07-10] (QLogic Corporation)
R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [83968 2015-07-10] (Microsoft Corporation)
S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [20992 2015-07-10] (Microsoft Corporation)
R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2015-07-10] (Microsoft Corporation)
S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [424800 2015-07-10] (Mellanox)
S3 IoQos; C:\Windows\System32\drivers\ioqos.sys [26624 2015-07-10] (Microsoft Corporation)
S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [99168 2015-07-10] (Avago Technologies)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [705376 2015-07-10] (Mellanox)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-08-07] (Microsoft Corporation)
S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [76128 2015-07-10] (Mellanox)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [61952 2015-07-10] (Microsoft Corporation)
R3 swenum; C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys [17760 2015-07-10] (Microsoft Corporation)
S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [61952 2015-07-10] (Microsoft Corporation)
S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [46080 2015-08-07] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [106520 2015-07-10] (Microsoft Corporation)
R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [17944 2015-07-10] (Microsoft Corporation)
S3 WinMad; C:\Windows\System32\drivers\winmad.sys [26976 2015-07-10] (Mellanox)
S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [59232 2015-07-10] (Mellanox)
S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [222720 2015-07-10] (Microsoft Corporation)
S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [25600 2015-07-10] (Microsoft Corporation)
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: dosvc -> C:\Windows\system32\dosvc.dll (Microsoft Corporation)
NETSVC: DcpSvc -> C:\Windows\system32\dcpsvc.dll (Microsoft Corporation)
NETSVC: NetSetupSvc -> C:\Windows\System32\NetSetupSvc.dll (Microsoft Corporation)
NETSVC: dmwappushservice -> C:\Windows\system32\dmwappushsvc.dll (Microsoft Corporation)
NETSVC: XblGameSave -> C:\Windows\System32\XblGameSave.dll (Microsoft Corporation)
NETSVC: XboxNetApiSvc -> C:\Windows\system32\XboxNetApiSvc.dll (Microsoft Corporation)
NETSVC: UsoSvc -> C:\Windows\system32\usocore.dll (Microsoft Corporation)
NETSVC: UserManager -> C:\Windows\System32\usermgr.dll (Microsoft Corporation)
NETSVC: DmEnrollmentSvc -> C:\Windows\system32\Windows.Internal.Management.dll (Microsoft Corporation)
NETSVC: XblAuthManager -> C:\Windows\System32\XblAuthManager.dll (Microsoft Corporation)
NETSVC: RetailDemo -> C:\Windows\system32\RDXService.dll (Microsoft Corporation)
NETSVCx32: NetSetupSvc -> C:\Windows\SysWOW64\NetSetupSvc.dll ==> No File
NETSVCx32: UserManager -> C:\Windows\SysWOW64\usermgr.dll ==> No File

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-15 13:36 - 2015-08-15 13:36 - 00030588 _____ C:\Users\Emilio\Downloads\FRST.txt
2015-08-15 13:35 - 2015-08-15 13:36 - 00000000 ____D C:\FRST
2015-08-15 13:34 - 2015-08-15 13:34 - 02173952 _____ (Farbar) C:\Users\Emilio\Downloads\FRST64.exe
2015-08-15 12:53 - 2015-08-15 12:53 - 00016148 _____ C:\WINDOWS\system32\EMILIO-PC_Emilio_HistoryPrediction.bin
2015-08-13 22:05 - 2015-08-13 22:05 - 00003436 _____ C:\Users\Emilio\Desktop\477620359.htm
2015-08-13 19:11 - 2015-08-13 19:11 - 00001248 _____ C:\Users\Emilio\Desktop\Mameui64 - Acceso directo.lnk
2015-08-10 19:13 - 2015-08-10 19:13 - 00000000 ____D C:\Users\Emilio\AppData\Roaming\MPC-HC
2015-08-10 19:12 - 2015-08-10 19:12 - 00001743 _____ C:\Users\Emilio\Desktop\MPC-HC x64.lnk
2015-08-10 19:12 - 2015-08-10 19:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2015-08-10 19:12 - 2015-08-10 19:12 - 00000000 ____D C:\Program Files\MPC-HC
2015-08-10 19:11 - 2015-08-10 19:11 - 13144368 _____ (MPC-HC Team ) C:\Users\Emilio\Downloads\MPC-HC.1.7.9.x64.exe
2015-08-10 19:07 - 2015-08-10 19:07 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-08-09 16:08 - 2015-08-09 16:08 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-08-09 12:13 - 2015-08-09 12:13 - 00000000 ____D C:\Users\Emilio\AppData\Local\PeerDistRepub
2015-08-08 12:47 - 2015-08-08 12:47 - 00000000 ____D C:\Users\Emilio\AppData\Roaming\AVAST Software
2015-08-08 12:46 - 2015-08-13 19:08 - 01048344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-08-08 12:46 - 2015-08-08 12:46 - 01048856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys.1439503710187
2015-08-08 12:46 - 2015-08-08 12:46 - 00447944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-08-08 12:46 - 2015-08-08 12:46 - 00378880 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-08-08 12:46 - 2015-08-08 12:46 - 00274808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-08-08 12:46 - 2015-08-08 12:46 - 00150672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-08-08 12:46 - 2015-08-08 12:46 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-08-08 12:46 - 2015-08-08 12:46 - 00090968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-08-08 12:46 - 2015-08-08 12:46 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-08-08 12:46 - 2015-08-08 12:46 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-08-08 12:46 - 2015-08-08 12:46 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-08-08 12:46 - 2015-08-08 12:46 - 00004006 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-08-08 12:46 - 2015-08-08 12:46 - 00001967 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-08-08 12:46 - 2015-08-08 12:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-08-08 12:45 - 2015-08-08 12:45 - 00000000 ____D C:\Program Files\AVAST Software
2015-08-08 12:44 - 2015-08-08 12:44 - 00000000 ____D C:\ProgramData\AVAST Software
2015-08-08 09:05 - 2015-08-08 09:05 - 00000000 ___HD C:\OneDriveTemp
2015-08-08 09:03 - 2015-08-08 09:05 - 00000000 ____D C:\Users\Emilio\AppData\Local\Comms
2015-08-08 08:58 - 2015-08-15 12:55 - 00000000 ____D C:\Users\Emilio\AppData\Local\MicrosoftEdge
2015-08-08 08:58 - 2015-08-08 08:58 - 00002134 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-08-08 08:48 - 2015-07-13 14:17 - 00572048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-08-08 08:46 - 2015-08-08 08:46 - 42730128 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 37748880 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 30518928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 22972560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 18514616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 16159608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 16009800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 15892904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 14510584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 13274560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 12972336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 11842680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 11139216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-08-08 08:46 - 2015-08-08 08:46 - 03344672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 02955832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 02360976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 02163856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 01898312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435354.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435354.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 01165192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 01061192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 01052488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 00991336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 00983368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 00976528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 00177088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 00155280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 00150832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-08-08 08:45 - 2015-08-13 19:05 - 00000000 ___RD C:\Users\Emilio\OneDrive
2015-08-08 08:45 - 2015-08-08 08:46 - 00002412 _____ C:\Users\Emilio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-08-08 08:44 - 2015-08-08 08:44 - 00001051 _____ C:\Users\Emilio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Funciones opcionales.lnk
2015-08-08 08:44 - 2015-08-08 08:44 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2015-08-08 08:44 - 2015-07-09 20:39 - 04847104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2015-08-08 08:44 - 2015-07-09 20:36 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2015-08-08 08:44 - 2015-07-09 20:28 - 06358016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2015-08-08 08:44 - 2015-07-09 20:25 - 05739520 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2015-08-08 08:44 - 2015-07-09 20:25 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2015-08-08 08:43 - 2015-08-08 08:43 - 00000000 ____D C:\Users\Emilio\AppData\Local\Publishers
2015-08-08 08:42 - 2015-08-09 08:05 - 00000000 ____D C:\Users\Emilio\AppData\Local\Packages
2015-08-08 08:42 - 2015-08-08 08:42 - 00000020 ___SH C:\Users\Emilio\ntuser.ini
2015-08-08 08:42 - 2015-08-08 08:42 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2015-08-08 08:42 - 2015-08-08 08:42 - 00000000 _SHDL C:\Users\DefaultAppPool\Reciente
2015-08-08 08:42 - 2015-08-08 08:42 - 00000000 _SHDL C:\Users\DefaultAppPool\Plantillas
2015-08-08 08:42 - 2015-08-08 08:42 - 00000000 _SHDL C:\Users\DefaultAppPool\Mis documentos
2015-08-08 08:42 - 2015-08-08 08:42 - 00000000 _SHDL C:\Users\DefaultAppPool\Menú Inicio
2015-08-08 08:42 - 2015-08-08 08:42 - 00000000 _SHDL C:\Users\DefaultAppPool\Impresoras
2015-08-08 08:42 - 2015-08-08 08:42 - 00000000 _SHDL C:\Users\DefaultAppPool\Entorno de red
2015-08-08 08:42 - 2015-08-08 08:42 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Mis vídeos
2015-08-08 08:42 - 2015-08-08 08:42 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Mis imágenes
2015-08-08 08:42 - 2015-08-08 08:42 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Mi música
2015-08-08 08:42 - 2015-08-08 08:42 - 00000000 _SHDL C:\Users\DefaultAppPool\Datos de programa
2015-08-08 08:42 - 2015-08-08 08:42 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2015-08-08 08:42 - 2015-08-08 08:42 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Historial
2015-08-08 08:42 - 2015-08-08 08:42 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Datos de programa
2015-08-08 08:42 - 2015-08-08 08:42 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Archivos temporales de Internet
2015-08-08 08:42 - 2015-08-08 08:42 - 00000000 ____D C:\Users\Emilio\AppData\Local\TileDataLayer
2015-08-08 08:42 - 2015-08-08 08:42 - 00000000 ____D C:\Users\DefaultAppPool
2015-08-08 08:42 - 2015-08-07 23:28 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-08 08:42 - 2015-07-10 08:04 - 00000000 __RSD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-08-08 08:42 - 2015-07-10 08:04 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-08 08:42 - 2015-07-10 08:04 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-08 08:42 - 2015-07-10 08:04 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default\Reciente
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default\Plantillas
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default\Mis documentos
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default\Menú Inicio
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default\Impresoras
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default\Entorno de red
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default\Documents\Mis vídeos
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default\Documents\Mis imágenes
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default\Documents\Mi música
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default\Datos de programa
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default\AppData\Local\Historial
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default\AppData\Local\Datos de programa
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default\AppData\Local\Archivos temporales de Internet
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default User\Documents\Mis vídeos
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default User\Documents\Mis imágenes
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default User\Documents\Mi música
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Historial
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Datos de programa
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Archivos temporales de Internet
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 __SHD C:\Recovery
2015-08-07 23:37 - 2015-08-07 23:37 - 00023076 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-08-07 23:35 - 2015-08-13 19:22 - 00002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-07 23:31 - 2015-07-10 07:59 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-08-07 23:28 - 2015-08-07 23:28 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-08-07 23:25 - 2015-08-07 23:25 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2015-08-07 23:23 - 2015-08-13 19:04 - 00000000 ____D C:\Users\Emilio
2015-08-07 23:23 - 2015-08-08 08:42 - 00000000 ___RD C:\Users\Emilio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-07 23:23 - 2015-08-07 23:23 - 00000000 _SHDL C:\Users\Emilio\Reciente
2015-08-07 23:23 - 2015-08-07 23:23 - 00000000 _SHDL C:\Users\Emilio\Plantillas
2015-08-07 23:23 - 2015-08-07 23:23 - 00000000 _SHDL C:\Users\Emilio\Mis documentos
2015-08-07 23:23 - 2015-08-07 23:23 - 00000000 _SHDL C:\Users\Emilio\Menú Inicio
2015-08-07 23:23 - 2015-08-07 23:23 - 00000000 _SHDL C:\Users\Emilio\Impresoras
2015-08-07 23:23 - 2015-08-07 23:23 - 00000000 _SHDL C:\Users\Emilio\Entorno de red
2015-08-07 23:23 - 2015-08-07 23:23 - 00000000 _SHDL C:\Users\Emilio\Documents\Mis vídeos
2015-08-07 23:23 - 2015-08-07 23:23 - 00000000 _SHDL C:\Users\Emilio\Documents\Mis imágenes
2015-08-07 23:23 - 2015-08-07 23:23 - 00000000 _SHDL C:\Users\Emilio\Documents\Mi música
2015-08-07 23:23 - 2015-08-07 23:23 - 00000000 _SHDL C:\Users\Emilio\Datos de programa
2015-08-07 23:23 - 2015-08-07 23:23 - 00000000 _SHDL C:\Users\Emilio\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2015-08-07 23:23 - 2015-08-07 23:23 - 00000000 _SHDL C:\Users\Emilio\AppData\Local\Historial
2015-08-07 23:23 - 2015-08-07 23:23 - 00000000 _SHDL C:\Users\Emilio\AppData\Local\Datos de programa
2015-08-07 23:23 - 2015-08-07 23:23 - 00000000 _SHDL C:\Users\Emilio\AppData\Local\Archivos temporales de Internet
2015-08-07 23:23 - 2015-07-10 08:04 - 00000000 __RSD C:\Users\Emilio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-08-07 23:23 - 2015-07-10 08:04 - 00000000 ___RD C:\Users\Emilio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-07 23:23 - 2015-07-10 08:04 - 00000000 ___RD C:\Users\Emilio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-07 23:23 - 2015-07-10 08:04 - 00000000 ____D C:\Users\Emilio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-07 23:20 - 2015-08-10 19:10 - 02129848 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-07 23:20 - 2015-08-07 23:20 - 02032978 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-08-07 23:20 - 2015-08-07 23:20 - 00021209 _____ C:\WINDOWS\iis.log
2015-08-07 23:15 - 2015-08-09 11:32 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-07 23:15 - 2015-08-08 08:49 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-08-07 23:15 - 2015-08-07 23:25 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-08-07 23:15 - 2015-08-07 23:15 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-08-07 23:15 - 2015-08-07 23:15 - 00000000 ____D C:\Program Files\Realtek
2015-08-07 23:13 - 2015-08-07 23:13 - 00023867 _____ C:\WINDOWS\system32\NetSetupMig.log
2015-08-07 23:12 - 2015-08-08 08:52 - 00006626 _____ C:\WINDOWS\PFRO.log
2015-08-07 22:43 - 2015-08-07 23:37 - 00006696 _____ C:\WINDOWS\comsetup.log
2015-08-07 22:40 - 2015-08-07 23:38 - 00010449 _____ C:\WINDOWS\diagerr.xml
2015-08-07 22:40 - 2015-08-07 23:38 - 00009528 _____ C:\WINDOWS\diagwrn.xml
2015-08-07 19:11 - 2015-08-08 08:40 - 00000000 ___DC C:\WINDOWS\Panther
2015-08-07 19:08 - 2015-08-07 19:08 - 00000000 ____D C:\Windows.old
 
2015-08-07 19:07 - 2015-08-07 19:07 - 24591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 22320576 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 21873152 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 20854232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 19333632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 18810368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 16710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 13024256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 12502016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 11552768 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 11260928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 09885184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 07051264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 06488312 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 06305792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 05118024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 05076480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 04760576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 04611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 04398080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 04350464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 03687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 03589632 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-08-07 19:07 - 2015-08-07 19:07 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 03362816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 02878000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 02741760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 02661376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 02606080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 02462136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 02415616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 02224128 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 02207744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 02150696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 02147592 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 02116960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-08-07 19:07 - 2015-08-07 19:07 - 02112512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01983328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-08-07 19:07 - 2015-08-07 19:07 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01914880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01890304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01867672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01820672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01793024 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01769568 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01680896 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01601024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01593856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01591856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01562968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01561360 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01521664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01420288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01411072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01396576 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-08-07 19:07 - 2015-08-07 19:07 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01365072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01356368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-08-07 19:07 - 2015-08-07 19:07 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-07 19:07 - 2015-08-07 19:07 - 01161728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01135312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01101792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01085776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-08-07 19:07 - 2015-08-07 19:07 - 00991584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-08-07 19:07 - 2015-08-07 19:07 - 00966424 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00934752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2015-08-07 19:07 - 2015-08-07 19:07 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00916800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00858624 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00823336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00808856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00762896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00750592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00713312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00695136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00643616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00632168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00630160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00607008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00606392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-08-07 19:07 - 2015-08-07 19:07 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efscore.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00569344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2015-08-07 19:07 - 2015-08-07 19:07 - 00562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00539216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00527952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00521568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00520704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-08-07 19:07 - 2015-08-07 19:07 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00507696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-08-07 19:07 - 2015-08-07 19:07 - 00505344 _____ C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-08-07 19:07 - 2015-08-07 19:07 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00445240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00425824 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00412672 _____ C:\WINDOWS\system32\diagtrack_win.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00407616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00403968 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00365056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00335248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00325984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2015-08-07 19:07 - 2015-08-07 19:07 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00290312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00265480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00242264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00208736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OmaDmAgent.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00082616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2015-08-07 19:07 - 2015-08-07 19:07 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00061280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-08-07 19:07 - 2015-08-07 19:07 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmprc.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2015-08-07 19:07 - 2015-08-07 19:07 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00032768 _____ C:\WINDOWS\system32\LicenseManagerApi.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2015-08-07 19:03 - 2015-08-07 19:03 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-08-07 18:57 - 2015-08-07 18:57 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-08-07 18:57 - 2015-08-07 18:57 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2015-08-07 18:57 - 2015-08-07 18:57 - 00000000 ____D C:\WINDOWS\system32\msmq
2015-08-07 18:57 - 2015-08-07 18:57 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2015-08-07 18:57 - 2015-08-07 18:57 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-08-07 18:57 - 2015-08-07 18:57 - 00000000 ____D C:\Program Files\MSBuild
2015-08-07 18:57 - 2015-08-07 18:57 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-08-07 18:57 - 2015-08-07 18:57 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-08-07 18:57 - 2015-08-07 18:57 - 00000000 ____D C:\inetpub
 
2015-08-07 18:56 - 2015-06-17 14:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-08-07 18:56 - 2015-06-17 14:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-07 18:56 - 2015-06-17 14:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-08-07 18:56 - 2015-05-29 17:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-08-07 18:56 - 2015-05-29 17:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-07 18:56 - 2015-05-29 17:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-08-07 14:09 - 2015-08-07 15:55 - 00000000 ____D C:\Users\Emilio\AppData\Local\CrashDumps
2015-08-07 13:54 - 2015-08-07 13:54 - 01331823 _____ (Igor Pavlov) C:\Users\Emilio\Downloads\7z1505-x64.exe
2015-08-06 19:30 - 2015-08-07 11:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-25 19:51 - 2015-08-07 23:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-07-25 19:51 - 2015-07-25 19:51 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-07-23 04:02 - 2015-08-08 08:46 - 00031976 _____ C:\WINDOWS\system32\nvinfo.pb
2015-07-23 04:02 - 2015-07-23 04:02 - 01898128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435362.dll
2015-07-23 04:02 - 2015-07-23 04:02 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435362.dll
2015-07-19 15:34 - 2015-07-19 15:34 - 00002645 _____ C:\Users\Emilio\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-07-19 15:31 - 2015-07-19 15:31 - 01993056 _____ (BitTorrent Inc.) C:\Users\Emilio\Downloads\uTorrent.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-15 13:35 - 2013-05-21 20:04 - 00000000 ____D C:\Users\Emilio\AppData\Roaming\uTorrent
2015-08-15 13:28 - 2015-07-10 09:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-15 12:36 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-14 19:54 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-13 21:45 - 2014-03-02 14:14 - 00000000 ____D C:\Users\Emilio\AppData\Local\Battle.net
2015-08-13 19:21 - 2015-07-10 07:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-13 19:21 - 2013-08-16 02:49 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-13 19:15 - 2014-03-02 14:14 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-08-13 19:15 - 2012-07-02 23:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-13 19:15 - 2012-05-19 19:08 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-13 19:14 - 2012-07-02 23:33 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-13 19:14 - 2012-07-02 23:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-10 19:10 - 2015-07-10 13:26 - 00926026 _____ C:\WINDOWS\system32\perfh00A.dat
2015-08-10 19:10 - 2015-07-10 13:26 - 00206298 _____ C:\WINDOWS\system32\perfc00A.dat
2015-08-10 19:07 - 2015-07-10 09:20 - 00022680 _____ C:\WINDOWS\setupact.log
2015-08-09 11:26 - 2014-04-13 17:26 - 00000000 ____D C:\Program Files (x86)\GoPhoto.it V9.0
2015-08-09 11:26 - 2012-11-03 21:42 - 00000000 ____D C:\ProgramData\SUS
2015-08-09 03:23 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\appcompat
2015-08-08 12:38 - 2015-07-10 08:06 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 12:38 - 2015-07-10 08:06 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-08 09:25 - 2015-07-10 09:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-08 09:25 - 2012-05-19 17:56 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-08 09:24 - 2015-07-10 06:05 - 00131072 ___SH C:\WINDOWS\system32\config\BBI
2015-08-08 08:58 - 2012-09-30 12:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-08-08 08:52 - 2015-07-10 09:20 - 00194096 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-08 08:44 - 2015-07-10 13:26 - 00000000 ____D C:\WINDOWS\OCR
2015-08-08 08:42 - 2015-07-10 08:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-08-08 08:42 - 2015-07-10 08:04 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-08-08 08:42 - 2015-07-10 08:04 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-08-08 08:42 - 2015-07-10 08:04 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-08-08 08:42 - 2013-03-04 18:31 - 00001864 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
2015-08-07 23:40 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\rescache
2015-08-07 23:38 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\Registration
2015-08-07 23:38 - 2015-07-10 08:04 - 00000000 ____D C:\Program Files\Windows NT
2015-08-07 23:38 - 2015-07-10 06:05 - 00000000 __RHD C:\Users\Default
2015-08-07 23:37 - 2015-07-10 08:04 - 00000000 __RSD C:\WINDOWS\Media
2015-08-07 23:37 - 2015-07-10 08:04 - 00000000 __RHD C:\Users\Public\Libraries
2015-08-07 23:37 - 2014-12-25 13:45 - 00003996 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-08-07 23:37 - 2014-01-05 13:53 - 00003196 _____ C:\WINDOWS\System32\Tasks\{C2654699-73B3-41F4-B919-79AFE2EA44CC}
2015-08-07 23:37 - 2013-07-30 20:03 - 00003270 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2015-08-07 23:37 - 2013-07-30 20:03 - 00003214 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2015-08-07 23:37 - 2013-07-30 20:03 - 00003212 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2015-08-07 23:37 - 2013-06-29 21:03 - 00003194 _____ C:\WINDOWS\System32\Tasks\{B16EA617-C534-4B29-BF08-62A66B3E1447}
2015-08-07 23:37 - 2012-09-17 12:32 - 00003284 _____ C:\WINDOWS\System32\Tasks\{7C2DF542-B42C-493F-8D5C-C71567379154}
2015-08-07 23:37 - 2012-08-01 00:00 - 00003078 _____ C:\WINDOWS\System32\Tasks\{D502BBCB-717E-4445-9A95-C5554871F43B}
2015-08-07 23:37 - 2012-07-31 23:59 - 00003078 _____ C:\WINDOWS\System32\Tasks\{674184BB-CBE9-4293-A892-3E921EA63E32}
2015-08-07 23:37 - 2012-07-31 23:57 - 00003078 _____ C:\WINDOWS\System32\Tasks\{E76B951C-F9D7-4B83-82E0-F06FCAAD37C4}
2015-08-07 23:37 - 2012-07-31 23:56 - 00003078 _____ C:\WINDOWS\System32\Tasks\{0CAD0A76-0114-4B9C-A492-B99643F9967B}
2015-08-07 23:37 - 2012-05-19 19:23 - 00003244 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2015-08-07 23:37 - 2012-05-19 19:21 - 00003242 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2015-08-07 23:37 - 2012-05-19 17:39 - 00003300 _____ C:\WINDOWS\System32\Tasks\SidebarExecute
2015-08-07 23:37 - 2012-05-19 17:08 - 00004142 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-07 23:37 - 2012-05-19 17:08 - 00003890 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-07 23:35 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\spool
2015-08-07 23:29 - 2015-07-10 08:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-07 23:29 - 2015-07-10 06:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-08-07 23:29 - 2015-05-21 21:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2015-08-07 23:29 - 2015-01-11 12:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RaidCall
2015-08-07 23:29 - 2014-04-14 21:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-07 23:29 - 2014-03-29 21:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-08-07 23:29 - 2014-03-02 17:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2015-08-07 23:29 - 2014-03-02 14:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-08-07 23:29 - 2013-12-25 18:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2015-08-07 23:29 - 2013-08-20 21:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player
2015-08-07 23:29 - 2013-08-16 21:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Argente - Registry Cleaner
2015-08-07 23:29 - 2013-06-29 21:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2015-08-07 23:29 - 2013-05-28 09:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2015-08-07 23:29 - 2013-05-28 09:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect
2015-08-07 23:29 - 2013-05-27 23:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2015-08-07 23:29 - 2013-05-11 18:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Agama2
2015-08-07 23:29 - 2013-03-12 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2015-08-07 23:29 - 2012-11-03 21:42 - 00000000 ____D C:\Users\Emilio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ardamax Keylogger 4.0
2015-08-07 23:29 - 2012-09-26 23:07 - 00000000 ____D C:\WINDOWS\SysWOW64\QuickTime
2015-08-07 23:29 - 2012-09-10 19:44 - 00000000 ____D C:\Users\Emilio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-07 23:29 - 2012-09-10 19:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-07 23:29 - 2012-09-06 18:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2015-08-07 23:29 - 2012-08-28 19:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2015-08-07 23:29 - 2012-08-05 16:13 - 00000000 ____D C:\Users\Emilio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-08-07 23:29 - 2012-08-04 23:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2015-08-07 23:29 - 2012-07-18 22:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-08-07 23:29 - 2012-07-04 23:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter
2015-08-07 23:29 - 2012-07-04 23:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow x64
2015-08-07 23:29 - 2012-05-19 19:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2015-08-07 23:29 - 2012-05-19 18:05 - 00000000 ____D C:\Users\Emilio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EVGA Precision
2015-08-07 23:29 - 2012-05-19 17:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2015-08-07 23:29 - 2012-05-19 17:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-07 23:29 - 2009-07-14 02:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-08-07 23:28 - 2015-07-10 08:05 - 00004362 _____ C:\WINDOWS\DtcInstall.log
2015-08-07 23:28 - 2015-07-10 08:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-07 23:28 - 2015-07-10 08:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-07 23:28 - 2009-07-14 00:20 - 00000000 ____D C:\Users\Default.migrated
2015-08-07 23:26 - 2015-07-10 13:25 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2015-08-07 23:26 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\zh-HK
2015-08-07 23:26 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\tr-TR
2015-08-07 23:26 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-08-07 23:26 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-08-07 23:26 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\zh-HK
2015-08-07 23:26 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-08-07 23:26 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\tr-TR
2015-08-07 23:26 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-08-07 23:26 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\IME
2015-08-07 23:26 - 2012-08-04 22:03 - 00000000 ____D C:\WINDOWS\SysWOW64\xlive
2015-08-07 23:25 - 2015-07-10 10:19 - 00000000 ____D C:\WINDOWS\DigitalLocker
2015-08-07 23:25 - 2015-07-10 08:04 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-08-07 23:25 - 2015-07-10 08:04 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-08-07 23:25 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\schemas
2015-08-07 23:25 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-08-07 23:25 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\Help
2015-08-07 23:25 - 2015-07-10 08:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-08-07 23:25 - 2015-04-06 22:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cooler Master
2015-08-07 23:25 - 2015-03-26 23:00 - 00000000 ____D C:\Program Files\WIDCOMM
2015-08-07 23:25 - 2014-04-19 15:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-08-07 23:25 - 2014-01-05 13:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ROCCAT
2015-08-07 23:25 - 2013-06-29 20:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CAPCOM
2015-08-07 23:25 - 2013-05-21 21:21 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2015-08-07 23:25 - 2012-09-26 23:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3ivx
2015-08-07 23:25 - 2012-05-19 17:42 - 00000000 ____D C:\Program Files\ASUS
2015-08-07 23:25 - 2012-05-19 17:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-08-07 23:25 - 2012-05-19 17:24 - 00000000 ____D C:\Program Files (x86)\ASUS
2015-08-07 23:25 - 2012-05-19 17:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asmedia Technology
2015-08-07 23:25 - 2009-07-14 02:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-08-07 23:24 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-08-07 23:24 - 2012-05-26 12:31 - 00000000 ____D C:\Users\Emilio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ventrilo
2015-08-07 23:20 - 2015-07-10 06:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-08-07 22:47 - 2012-05-19 16:49 - 01982674 _____ C:\WINDOWS\WindowsUpdate (1).log
2015-08-07 22:47 - 2009-07-14 01:45 - 00032208 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-07 22:47 - 2009-07-14 01:45 - 00032208 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-07 22:40 - 2015-07-10 14:09 - 00000000 ___HD C:\$Windows.~BT
2015-08-07 19:11 - 2015-07-10 08:04 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-08-07 19:08 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-08-07 19:08 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-08-07 19:08 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-07 19:08 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-07 19:08 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-08-07 19:08 - 2015-07-10 06:05 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-08-07 19:08 - 2015-07-10 06:05 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-08-07 18:57 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-08-07 18:57 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-08-07 18:57 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-08-07 18:57 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-08-07 18:57 - 2015-07-10 08:01 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2015-08-07 18:57 - 2015-07-10 08:01 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2015-08-07 18:57 - 2015-07-10 08:01 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2015-08-07 18:57 - 2015-07-10 08:01 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-08-07 18:57 - 2015-07-10 08:01 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2015-08-07 18:57 - 2015-07-10 08:01 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2015-08-07 18:57 - 2015-07-10 08:01 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2015-08-07 18:57 - 2015-07-10 08:01 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2015-08-07 18:57 - 2015-07-10 08:01 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-08-07 18:57 - 2015-07-10 08:01 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2015-08-07 18:57 - 2015-07-10 08:01 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-08-07 18:57 - 2015-07-10 08:01 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-08-07 18:57 - 2015-07-10 08:01 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-08-07 18:57 - 2015-07-10 08:01 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-08-07 18:57 - 2015-07-10 08:01 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-08-07 18:57 - 2015-07-10 08:01 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2015-08-07 18:57 - 2015-07-10 08:00 - 01417728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2015-08-07 18:57 - 2015-07-10 08:00 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2015-08-07 18:57 - 2015-07-10 08:00 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2015-08-07 18:57 - 2015-07-10 08:00 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2015-08-07 18:57 - 2015-07-10 08:00 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2015-08-07 18:57 - 2015-07-10 08:00 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-08-07 18:57 - 2015-07-10 08:00 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2015-08-07 18:57 - 2015-07-10 08:00 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2015-08-07 18:57 - 2015-07-10 08:00 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2015-08-07 18:57 - 2015-07-10 08:00 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2015-08-07 18:57 - 2015-07-10 08:00 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2015-08-07 18:57 - 2015-07-10 08:00 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-08-07 18:57 - 2015-07-10 08:00 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-08-07 18:57 - 2015-07-10 08:00 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2015-08-07 18:57 - 2015-07-10 08:00 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2015-08-07 18:57 - 2015-07-10 08:00 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2015-08-07 18:57 - 2015-07-10 08:00 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2015-08-07 18:57 - 2015-07-10 08:00 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-08-07 18:57 - 2015-07-10 08:00 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-08-07 18:57 - 2015-07-10 08:00 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-08-07 18:57 - 2015-07-10 08:00 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2015-08-07 13:54 - 2014-03-29 21:47 - 00000000 ____D C:\Program Files\7-Zip
2015-08-07 11:22 - 2012-05-19 19:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-25 19:51 - 2012-09-11 19:43 - 00001934 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2015-07-25 19:51 - 2012-09-11 19:43 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-07-21 20:08 - 2014-04-14 21:54 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-07-21 20:06 - 2014-04-14 21:53 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-07-21 20:06 - 2013-05-26 16:58 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

==================== Files in the root of some directories =======

2008-02-05 15:28 - 2008-02-05 15:28 - 0000051 _____ () C:\Users\Emilio\AppData\Local\setup.txt
2012-05-19 17:18 - 2012-05-19 17:18 - 0000000 _____ () C:\Users\Emilio\AppData\Local\{E59A8083-9242-44D7-9BBC-A13A58223068}
2012-05-19 17:26 - 2014-07-06 20:03 - 0000000 _____ () C:\ProgramData\Gpu.log
2012-11-30 22:21 - 2012-11-30 22:21 - 0000040 _____ () C:\ProgramData\ra3.ini

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-08-07 23:12

==================== End of log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:14-08-2015 01
Ran by Emilio (2015-08-15 13:37:15)
Running from C:\Users\Emilio\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-2491552106-2971991606-1040936953-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2491552106-2971991606-1040936953-503 - Limited - Disabled)
Emilio (S-1-5-21-2491552106-2971991606-1040936953-1000 - Administrator - Enabled) => C:\Users\Emilio
HomeGroupUser$ (S-1-5-21-2491552106-2971991606-1040936953-1006 - Limited - Enabled)
Invitado (S-1-5-21-2491552106-2971991606-1040936953-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\...\uTorrent) (Version: 3.4.3.40760 - BitTorrent Inc.)
3ivx MPEG-4 5.0.4 (remove only) (HKLM-x32\...\3ivx MPEG-4 5.0.4) (Version: 5.0.4 - 3ivx Technologies, Pty. Ltd.)
7-Zip 15.05 beta x64 (HKLM\...\7-Zip) (Version: - )
7-Zip 4.65 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0465-000001000000}) (Version: 4.65.00.0 - Igor Pavlov)
AC3Filter 2.5b (HKLM-x32\...\AC3Filter_is1) (Version: 2.5b - Alexander Vigovsky)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Actualización de NVIDIA 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Agama2 (HKLM-x32\...\{3E082BD8-AC11-450C-A9C6-523DE3FB0213}) (Version: 2.00.01 - KYE)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 1.01.40 - ASUSTeK Computer Inc.)
Aliens vs. Predator (HKLM-x32\...\Steam App 10680) (Version: - Rebellion)
Argente - Registry Cleaner 3.1.0.1 (HKLM-x32\...\Argente - Registry Cleaner_is1) (Version: 3.1.0.1 - Argente Software)
Arvo (HKLM-x32\...\{61DF2893-0069-4E50-A02E-3A41A97CB1B4}) (Version: 1.0 - ROCCAT)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.0.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.2.2.000 - Asmedia Technology)
ASUS ROG Connect Plus (HKLM-x32\...\{ECF51D37-52ED-4871-BF8B-FEA34B8B4120}) (Version: 1.00.14 - ASUSTeK Computer Inc.)
ATI Catalyst Install Manager (HKLM\...\{AB7F4312-8037-4EBF-9D0F-5513CDFD534C}) (Version: 3.0.812.0 - ATI Technologies, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
Batman: Arkham Asylum GOTY Edition (HKLM-x32\...\Steam App 35140) (Version: - Rocksteady Studios Ltd.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.65.1074 - AB Team, d.o.o.)
Centro de Ratón y Teclado de Microsoft (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Centro de Ratón y Teclado de Microsoft (Version: 2.2.173.0 - Microsoft Corporation) Hidden
Claro LTD toolbar (HKLM-x32\...\claro) (Version: - Claro LTD) <==== ATTENTION
Company of Heroes (HKLM-x32\...\Steam App 4560) (Version: - Relic)
Dead Island (HKLM-x32\...\Steam App 91310) (Version: - Techland)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
EVGA Precision 2.0.4 (HKLM-x32\...\Precision) (Version: 2.0.4 - EVGA Corporation)
F.E.A.R. (HKLM-x32\...\Steam App 21090) (Version: - Monolith Productions)
ffdshow x64 v1.2.4422 [2012-04-09] (HKLM\...\ffdshow64_is1) (Version: 1.2.4422.0 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6710.2136 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
GoPhoto.it V9.0 (HKLM-x32\...\GoPhoto.it V9.0) (Version: 1.34.3.28 - installdaddy) <==== ATTENTION
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Intel(R) Network Connections 16.4.68.0 (HKLM\...\PROSetDX) (Version: 16.4.68.0 - Intel)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LIMBO (HKLM-x32\...\Steam App 48000) (Version: - )
Magic 2014 (HKLM-x32\...\Steam App 213850) (Version: - Stainless Games)
Malwarebytes Anti-Malware versión 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.149.2 - McAfee, Inc.)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{449EFED6-5F86-4428-8EB2-3DA1F6E67CE4}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 39.0.3 (x86 es-ES) (HKLM-x32\...\Mozilla Firefox 39.0.3 (x86 es-ES)) (Version: 39.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MPC-HC 1.7.9 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.9 - MPC-HC Team)
NVIDIA Controlador de 3D Vision 353.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.54 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 353.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.54 - NVIDIA Corporation)
NVIDIA Controlador de la controladora 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version: - )
Panel de control de NVIDIA 353.54 (Version: 353.54 - NVIDIA Corporation) Hidden
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.0 - pdfforge)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.6-1.0.12972.94 - raidcall.com)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Recon Software (HKLM-x32\...\InstallShield_{5116E722-70F6-42DD-8B0A-EC5136A78978}) (Version: 1.24 - Cooler Master)
Recon Software (x32 Version: 1.24 - Cooler Master) Hidden
resident evil 4 (HKLM-x32\...\{DFFCDB41-C2DA-47D6-96FF-03C05C0BEA22}) (Version: 1.00.0000 - CAPCOM)
Resident Evil 6 / Biohazard 6 (HKLM-x32\...\Steam App 221040) (Version: - Capcom)
ROCCAT Pyra Mouse Driver (HKLM-x32\...\{918F769E-02E8-44EC-8373-4888B23B2492}) (Version: - Roccat GmbH)
ROG GameFirst v4.53 (HKLM\...\ROG GameFirst) (Version: 4.53 - cFos Software GmbH, Bonn)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.14.5.201403281437 - Sony Mobile Communications AB)
Sony PC Companion 2.10.211 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.211 - Sony)
Sound Blaster X-Fi MB 2 (HKLM-x32\...\{89F922D6-E3E0-4303-AF8E-CE18412E3A18}) (Version: 1.0 - Creative Technology Limited)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Street Fighter IV: Arcade Edition (HKLM-x32\...\Steam App 45760) (Version: - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.5800 - Broadcom Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2491552106-2971991606-1040936953-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2491552106-2971991606-1040936953-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Emilio\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2491552106-2971991606-1040936953-1000_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Emilio\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2491552106-2971991606-1040936953-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Emilio\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2491552106-2971991606-1040936953-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Emilio\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2491552106-2971991606-1040936953-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Emilio\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2491552106-2971991606-1040936953-1000_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Emilio\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2491552106-2971991606-1040936953-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Emilio\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2491552106-2971991606-1040936953-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Emilio\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2491552106-2971991606-1040936953-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Emilio\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2491552106-2971991606-1040936953-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Emilio\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 23:34 - 2015-07-25 19:51 - 00000854 ____A C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation)
Task: {095C17C2-8AC0-49A2-9F59-8D3CFC3A596E} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
Task: {09DA38AF-EEE8-445F-8ED2-D369636A6945} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation)
Task: {0EE6028A-1999-4D5C-84F5-4D6F28B626F8} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {1641F54C-1E57-4902-AB65-EE2B65E5629D} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {1D3D099E-EE1E-4907-8BA2-BA8F12D11AA6} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe [2015-07-10] (Microsoft Corporation)
Task: {224E0988-CEAB-43AA-9C0C-2A3D412E6B9B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {27F81FC9-96DD-4BA0-92B2-D7366ACB9E11} - System32\Tasks\{674184BB-CBE9-4293-A892-3E921EA63E32} => D:\Juegos PC\Steam\Steam.exe [2015-06-04] (Valve Corporation)
Task: {2837DE1B-E19E-4524-8DFE-6ABCFFD9F48B} - System32\Tasks\Microsoft\Office\Office First Run Task => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-06-09] (Microsoft Corporation)
Task: {2AAB19B9-A652-477A-B9AC-EEF4659E2774} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {2C97A00A-1C5C-4318-B5CC-8A1A126B77F9} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask
Task: {2DDA57B9-41F8-44C0-ACEF-A838C4639B02} - \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync -> No File <==== ATTENTION
Task: {30325ED4-8962-4F9B-AA6D-0AE2331DE40B} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {3466852E-7C81-422A-AA7D-089F832A00BA} - System32\Tasks\{7C2DF542-B42C-493F-8D5C-C71567379154} => pcalua.exe -a C:\Users\Emilio\Downloads\setup(1).exe -d C:\Users\Emilio\Downloads
Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation)
Task: {41E45A06-6B92-4081-A3AC-A063DC0E951A} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {4454A8D0-2E4E-4A02-BF67-48DF6A7BFAB4} - System32\Tasks\Microsoft\Windows\Maps\MapsUpdateTask
Task: {44C89A70-EC67-4CAA-B430-9F95AC894615} - System32\Tasks\{D502BBCB-717E-4445-9A95-C5554871F43B} => D:\Juegos PC\Steam\Steam.exe [2015-06-04] (Valve Corporation)
Task: {44CF46C6-CC04-4F14-A40C-1F1BA7FB17CF} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2010-11-26] (ASUSTeK Computer Inc.)
Task: {44D2519B-E6AB-49D2-9D0D-19782011B85E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {48B54F45-8728-478A-B353-78480732648E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {4CEAEE32-D78B-42CE-B10C-A932EB0AF114} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {4D75A859-B915-44E0-848A-281AE7890AC1} - System32\Tasks\{E76B951C-F9D7-4B83-82E0-F06FCAAD37C4} => D:\Juegos PC\Steam\Steam.exe [2015-06-04] (Valve Corporation)
Task: {57900FF0-F6D6-4BD5-A180-14D7C8782B97} - System32\Tasks\ASUS\RC TweakIt Server Execute => C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe [2010-11-23] ()
Task: {5A117250-4995-4F4A-8A59-83414A7D50BB} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {5D1F15E1-E550-432A-8E7C-919053ADB1DB} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {5E5515C1-7D87-4904-B9CE-FD29EB2ADB72} - System32\Tasks\Microsoft\Windows\Sysmain\ResPriStaticDbSync
Task: {611C823C-437B-46E7-9683-5312DFFCFD7B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {6669C4CB-627C-44C0-9EE6-8F9F71000FFF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {6CA5C1CB-9ACE-44B9-BB91-BC2FE918394B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {70E5111A-E375-4FF3-93C2-64B1D84E51FC} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {711EE2F9-A611-4773-AF8E-D4B278A6718D} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask
Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {744C9FEA-08B7-43E1-A729-0F94647D655C} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {78443CD6-0655-42FE-B867-4E6BE07BBD5C} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance
Task: {7A003965-A297-4DC6-B15B-852D798391E0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\WINDOWS\system32\MusNotification.exe [2015-08-07] (Microsoft Corporation)
Task: {7FDA739D-184D-43B6-8F5F-6B8E4124259B} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {848DCC36-520C-4946-BF68-C7EFFEFA2F84} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot => C:\windows\system32\MusNotification.exe [2015-08-07] (Microsoft Corporation)
Task: {86CB3ACF-61EC-407C-A947-32A71C522DF4} - System32\Tasks\{B16EA617-C534-4B29-BF08-62A66B3E1447} => pcalua.exe -a F:\launcher.exe -d F:\
Task: {8AAC8205-90ED-4613-BDB8-082917830766} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {8B3E6B99-7EA1-4205-818A-296DBF4B265A} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-08-07] (Microsoft Corporation)
Task: {8F0612E6-7904-4812-8AFD-97694573968A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {905A4642-E0BF-4B8A-947E-37A36E0CF193} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {95C9410D-EF8A-47E9-8A18-657C0EAB87EB} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {A364E297-00AD-490D-900E-22AC34598C71} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {AC15EDCB-AE63-4F69-A953-8BEF590FEBCD} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => C:\WINDOWS\system32\MusNotification.exe [2015-08-07] (Microsoft Corporation)
Task: {AC29E64E-3271-47BA-B8F1-914523CF379B} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Automatic App Update
Task: {AC9CA008-9B33-49A9-A502-EB401B8FB963} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {AF9B540A-861D-47D5-A290-A7F8457DC326} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {B01D38E8-CA03-4B2B-9F13-B568758343C0} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {B24285CF-8D57-480A-BA12-02B8A167ACD8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B4049BD3-20C7-4CE7-9044-3C113128586A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {B9B36D41-C776-424E-9A13-5387E17A2CEB} - System32\Tasks\Microsoft\Windows\WCM\WiFiTask => C:\Windows\System32\WiFiTask.exe [2015-07-10] (Microsoft Corporation)
Task: {BDE51060-E628-4B02-A2E7-7D6FA293FA39} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {BEF86B9A-DCB3-4212-814B-CA1A444097DB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {C0EC8EA8-C1E9-4E4D-9CD5-6342A70E2CB1} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {C17F1B8C-86EB-45A4-AE6A-45EEC7BCFD3C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {C2162702-FFEB-48C0-AA5F-2DA3A8887D61} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Installation
Task: {C3F1285D-37C2-4D88-8DB8-1B7AF859A881} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation)
Task: {CCF4F193-4953-4F39-A6D1-6125581077CC} - System32\Tasks\ASUS\ASUS DigiVRM Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe [2011-04-13] (ASUSTeK Computer Inc.)
Task: {CF24746A-F511-4547-8778-9A1101DB916D} - System32\Tasks\{0CAD0A76-0114-4B9C-A492-B99643F9967B} => D:\Juegos PC\Steam\Steam.exe [2015-06-04] (Valve Corporation)
Task: {D0F6A660-BD3F-45C3-81F7-E4AA1A5C3671} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {D2401052-A382-42DE-9C79-D1CF3563F654} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation
Task: {D26EEFB0-A93B-4B96-86EF-FF2A7082A0F2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {DAF2BAE3-1C5B-4CB5-9F62-0911C031A15A} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics => C:\Windows\system32\disksnapshot.exe [2015-07-10] (Microsoft Corporation)
Task: {DF048519-F124-4883-BD1E-492081184592} - System32\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent
Task: {E11AAE37-3578-42DE-82A9-3406E3EF4633} - System32\Tasks\{C2654699-73B3-41F4-B919-79AFE2EA44CC} => pcalua.exe -a E:\autostart.exe -d E:\
Task: {E8A94D20-B3A0-4133-AD55-3A26AFBF6B4D} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {E963F403-A611-4CCC-A163-13ECDDC6D10B} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {EA3F661E-B31C-44A9-B40C-E3D5D56149D4} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display => C:\windows\system32\MusNotification.exe [2015-08-07] (Microsoft Corporation)
Task: {EDC89D7D-DFD8-4893-BECC-A1AC9E2923B7} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {F0E820ED-A173-46D2-9183-9D2BB5A247D2} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {F35FC68A-6B80-47F8-9F24-BF22C57EDD1D} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {F428AA6E-B5C5-4297-ACEC-293E336494E3} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-08] (AVAST Software)
Task: {F52ADE01-BCE8-4459-90FE-8FA4410BC297} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {F79D2975-AF2C-4834-AC93-51672861746F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {FC4A95B8-EBE8-40C1-BBD5-FC5ADFD4A509} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {FCFCEA60-95DA-4D19-B018-1BFBDA5FE46A} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {FD5FA16F-6342-4693-AF91-6901F92445AE} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Loaded Modules (Whitelisted) ==============

2015-08-07 19:07 - 2015-08-07 19:07 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00403968 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2011-06-13 05:36 - 2011-06-13 05:36 - 00922240 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
2010-12-01 23:15 - 2010-12-01 23:15 - 00915584 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
2012-05-19 17:25 - 2010-10-21 06:52 - 00586880 ____R () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
2013-08-11 22:24 - 2013-06-20 14:01 - 00381096 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll
2013-08-11 22:24 - 2013-06-09 17:05 - 00518824 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll
2013-08-11 22:24 - 2013-06-09 17:05 - 00612520 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2012-05-19 17:55 - 2015-07-13 14:37 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-07-04 23:54 - 2012-06-17 23:18 - 01202688 _____ () C:\WINDOWS\system32\ac3filter64.acm
2015-08-07 19:07 - 2015-08-07 19:07 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2009-03-30 03:32 - 2009-03-30 03:32 - 00032768 ____R () C:\Windows\DAODx.exe
2012-05-19 17:24 - 2010-11-23 16:43 - 00105088 _____ () C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2012-07-04 23:54 - 2012-06-17 23:18 - 01202688 _____ () C:\WINDOWS\SYSTEM32\ac3filter64.acm
2015-07-10 07:59 - 2015-07-10 07:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 07:59 - 2015-07-10 07:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 06576640 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 08:00 - 2015-07-10 13:34 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01806848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 08:00 - 2015-07-10 13:34 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-08-08 09:23 - 2015-08-08 09:23 - 00007168 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.803.16240.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2015-08-08 09:23 - 2015-08-08 09:23 - 11284480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.803.16240.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-07-10 13:40 - 2015-07-10 13:40 - 07897088 _____ () C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.0_1.0.22929.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
2015-08-08 09:23 - 2015-08-08 09:23 - 07824896 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.8.3.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2015-08-08 09:23 - 2015-08-08 09:23 - 02062336 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.8.3.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2012-05-19 17:26 - 2015-08-08 09:25 - 00036864 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.14\PEbiosinterface32.dll
2012-05-19 17:26 - 2010-06-28 23:58 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.14\ATKEX.dll
2015-08-08 12:46 - 2015-08-08 12:46 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-08 12:46 - 2015-08-08 12:46 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-08-08 12:46 - 2015-08-08 12:46 - 02960384 _____ () C:\Program Files\AVAST Software\Avast\defs\15080800\algo.dll
2015-08-08 15:42 - 2015-08-08 15:42 - 02960384 _____ () C:\Program Files\AVAST Software\Avast\defs\15080801\algo.dll
2015-08-09 09:28 - 2015-08-09 09:28 - 02960384 _____ () C:\Program Files\AVAST Software\Avast\defs\15080900\algo.dll
2015-08-10 17:30 - 2015-08-10 17:30 - 02960384 _____ () C:\Program Files\AVAST Software\Avast\defs\15081003\algo.dll
2015-08-15 08:22 - 2015-08-15 08:22 - 02962432 _____ () C:\Program Files\AVAST Software\Avast\defs\15081500\algo.dll
2012-05-19 17:24 - 2010-06-24 22:50 - 00094208 _____ () C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\IccLibDll.dll
2012-05-19 17:29 - 2011-03-04 05:33 - 00053248 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
2012-05-19 17:29 - 2009-05-21 11:14 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
2013-08-16 21:59 - 2012-06-14 22:11 - 00325968 _____ () C:\Program Files (x86)\Argente - Registry Cleaner\lua5.1.dll
2014-01-05 13:52 - 2009-10-31 07:13 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Pyra Mouse\hiddriver.dll
2015-08-08 12:46 - 2015-08-08 12:46 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-05-19 17:27 - 2011-02-24 11:19 - 00143360 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2012-05-19 17:27 - 2010-06-21 16:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2012-05-19 17:27 - 2009-08-12 21:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2012-05-19 17:27 - 2011-05-06 17:53 - 01036800 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\Update.dll
2012-05-19 17:27 - 2011-05-16 18:35 - 00965632 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2012-05-19 17:28 - 2011-05-11 15:01 - 01264640 _____ () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2012-05-19 17:28 - 2011-01-06 11:38 - 01027072 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2012-05-19 17:27 - 2011-05-20 10:12 - 00881152 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2012-05-19 17:27 - 2011-04-07 18:33 - 01607168 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2012-05-19 17:27 - 2011-01-07 17:39 - 01246208 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2012-05-19 17:27 - 2010-08-06 19:11 - 00850944 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2012-05-19 17:27 - 2010-08-06 19:13 - 00886272 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2012-05-19 17:26 - 2010-08-22 23:17 - 00662016 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMLib.dll
2012-05-19 17:27 - 2010-06-21 16:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\ImageHelper.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"
 
==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Emilio\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: GPU TweakIt Server Execute => "C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\GPU TweakIt Server\GPUTweakit.exe"
MSCONFIG\startupreg: RaidCall => C:\Program Files (x86)\RaidCall\raidcall.exe
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{A1E3D511-6C98-4DA9-B945-317CD1EC4206}] => (Allow) C:\Users\Emilio\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{19245C87-233D-4352-B22B-331E94987B9F}] => (Allow) C:\Users\Emilio\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F3BFF89E-8DBA-412C-A0C1-A3C97C4D10F9}] => (Allow) C:\Users\Emilio\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{01D16F9D-5937-4D4C-8837-96744E02FC0D}] => (Allow) C:\Users\Emilio\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{99C5E853-8004-47E4-B619-A96CF8B10DA6}] => (Allow) C:\Users\Emilio\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FF82E32C-76B4-4DED-8971-6714D5FD621A}] => (Allow) C:\Users\Emilio\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [UDP Query User{A05F644F-C510-48CB-B28F-B2B2EF826269}D:\juegos pc\starcraft ii\versions\base32283\sc2.exe] => (Allow) D:\juegos pc\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [TCP Query User{E0520F23-9794-4D72-B2F1-9ECCD3424120}D:\juegos pc\starcraft ii\versions\base32283\sc2.exe] => (Allow) D:\juegos pc\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [{51D312A4-F507-4528-B92D-1A52DBDD8BC0}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{EA2B0A3A-567F-43F5-AE08-7E5D54D7D240}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{540930E2-C1C2-44C6-8148-0BEC92921A17}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4A493F47-0C39-4C7C-872D-8E3E7096152B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D83CDDED-CB93-4B8C-92A1-836CA7E6C285}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CDB6CC55-99BB-4898-96C8-5C131B4B6CB9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EA21295F-1DCC-450E-887E-4122E9A2F1AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{98276A51-6540-4EAA-B6E2-73119C848D06}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{AEE61CF0-1B09-40A1-A9F7-2823FEC7F28B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A347BB6C-1FB8-46F6-89CC-808D36BCF121}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A443AE01-475C-43D1-8BBA-F7560BE13AEA}] => (Allow) D:\Juegos PC\Steam\bin\steamwebhelper.exe
FirewallRules: [{EC67EBB7-9E99-4CC7-AC66-3AC703F06318}] => (Allow) D:\Juegos PC\Steam\bin\steamwebhelper.exe
FirewallRules: [{AC0002B7-0E34-4CC5-A793-6B6230F869C5}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{BED44192-B156-4C9F-A25D-241DDC7FD3F0}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{6AC5921B-BD37-48F7-B030-8D49048C2238}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{2EF383CA-538B-4E6A-BAC5-CD9DF57DA656}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{E296DF15-64F4-49EC-8258-88C57265C83E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{FDDB3498-66D4-484C-8F10-9DA6F0D8082A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{78EAA80E-4DD2-49FA-BC77-CEA06CE661CE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{6AB97353-1D0D-425F-B9CD-A945851935A3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{8802AA31-B980-4B06-B6D9-E00E0EBEDC10}] => (Allow) D:\Juegos PC\Hearthstone\Hearthstone.exe
FirewallRules: [{458E16C1-04F5-4AD6-A679-DC3D4F956DC0}] => (Allow) D:\Juegos PC\Hearthstone\Hearthstone.exe
FirewallRules: [{AB24F4F8-C8FD-4BB9-92EE-95F4DCCFF6FF}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{203B20E0-CB4E-4690-89BE-798018B2465F}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{F6DFEFB4-414F-4335-93E1-C850DA6CC941}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [{EE9D91F6-F20A-4FF1-B0D4-2268B1968DB3}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [{691F2E8F-50D0-4F67-9200-F9EF4096216D}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\Magic 2014\DotP_D14.exe
FirewallRules: [{77227814-8402-4233-ADA9-E9DE07D5C7CA}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\Magic 2014\DotP_D14.exe
FirewallRules: [{37852A7B-4B08-459E-B43C-410E6CBEAD8A}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{672C1EA1-824C-4127-8B6D-41B984565FEA}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [UDP Query User{FCBEC09F-368B-424B-A328-15CBD4AB3A62}D:\juegos pc\starcraft ii\versions\base26490\sc2.exe] => (Allow) D:\juegos pc\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [TCP Query User{998F827B-C764-410E-BE16-6294BC84ECA4}D:\juegos pc\starcraft ii\versions\base26490\sc2.exe] => (Allow) D:\juegos pc\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [{E9F3B316-81BD-4CE3-9B9E-B32EEF613999}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\Aliens vs Predator\AvP.exe
FirewallRules: [{7DDF0C32-B8FA-4728-AD14-E51CC515614D}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\Aliens vs Predator\AvP.exe
FirewallRules: [{98D528BB-7955-432C-8BE8-FE05FC7B3E1A}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\Aliens vs Predator\AvP_DX11.exe
FirewallRules: [{25435013-D1AA-495D-8E82-AE8196260A3A}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\Aliens vs Predator\AvP_DX11.exe
FirewallRules: [{F5A7700D-8CAF-4677-ADD6-E4FCC5D3E761}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\Aliens vs Predator\AvP_Launcher.exe
FirewallRules: [{66E35A7A-EC45-4E05-9369-1137CE2C3B12}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\Aliens vs Predator\AvP_Launcher.exe
FirewallRules: [{93E3EA96-3893-4A90-AD08-477DA181FB26}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\batman arkham asylum goty\Binaries\BmLauncher.exe
FirewallRules: [{F02BC963-1E2C-466E-9A5E-ADB03CA05065}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\batman arkham asylum goty\Binaries\BmLauncher.exe
FirewallRules: [{80620860-0EAC-46B0-B441-8CB1D4D83A5E}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\Resident Evil 6\BH6.exe
FirewallRules: [{84D67E8F-F94C-4087-B2D2-5A6C487DA862}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\Resident Evil 6\BH6.exe
FirewallRules: [UDP Query User{DC9C3DBA-7920-4F5A-B0AB-5C93678D5B29}D:\juegos pc\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) D:\juegos pc\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe
FirewallRules: [TCP Query User{6BE5C227-378B-4B2C-B5C4-7AD79F2EC22D}D:\juegos pc\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) D:\juegos pc\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe
FirewallRules: [{22909804-C90A-4847-B3FA-A199F2F24E95}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{B4032CB3-35CB-4C9A-ABFA-7576000CF428}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{0206884C-338C-427C-8706-1478AED0D930}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{688D9646-A7A7-4A2E-9A15-2EA6CD2706C3}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{36CE0091-3E33-4960-8AF5-CB8EF1CE3801}] => (Allow) D:\uTorrent\uTorrent.exe
FirewallRules: [{3C2607B7-18BF-4AED-94AB-26BF1963B81B}] => (Allow) D:\uTorrent\uTorrent.exe
FirewallRules: [UDP Query User{FE08B9DE-1CA9-4DEB-924B-813116CD3E4A}C:\program files\jdownloader\jre\bin\java.exe] => (Allow) C:\program files\jdownloader\jre\bin\java.exe
FirewallRules: [TCP Query User{6A976146-AF9D-4B0D-8650-00E2BF482144}C:\program files\jdownloader\jre\bin\java.exe] => (Allow) C:\program files\jdownloader\jre\bin\java.exe
FirewallRules: [UDP Query User{4AAC89D9-CF21-4FC6-AA68-A250252C577E}C:\program files\jdownloader\jre\bin\javaw.exe] => (Allow) C:\program files\jdownloader\jre\bin\javaw.exe
FirewallRules: [TCP Query User{B216485F-D947-46BE-B989-BFF6216C5851}C:\program files\jdownloader\jre\bin\javaw.exe] => (Allow) C:\program files\jdownloader\jre\bin\javaw.exe
FirewallRules: [UDP Query User{09DDD6B7-42A5-4BE6-B08B-9507C70BA7DE}D:\juegos pc\starcraft ii\versions\base24944\sc2.exe] => (Allow) D:\juegos pc\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [TCP Query User{289D24AD-9CA9-42CC-B7F5-26D61E188D91}D:\juegos pc\starcraft ii\versions\base24944\sc2.exe] => (Allow) D:\juegos pc\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [UDP Query User{1E09E0BB-BA3C-451C-A3D5-DB2110E0A6C3}D:\juegos pc\starcraft ii\versions\base23260\sc2.exe] => (Allow) D:\juegos pc\starcraft ii\versions\base23260\sc2.exe
FirewallRules: [TCP Query User{9080D9C0-AD07-42C3-8A35-155ACD2E5B95}D:\juegos pc\starcraft ii\versions\base23260\sc2.exe] => (Allow) D:\juegos pc\starcraft ii\versions\base23260\sc2.exe
FirewallRules: [{AB44E00A-CCFB-4FA8-8C0A-C0B7FFB64C24}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B747826B-70EB-4B7D-A9F9-44440533C9AF}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{63930314-425B-4C45-808C-8F5DD2D4C0B4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4350EC91-E26C-4F0A-90C2-0B1920CCCBC7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{6D542FD2-DE7D-4CEA-8CF1-49E93E72039C}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\limbo\limbo.exe
FirewallRules: [{936B500D-702F-44F8-824A-0A2D12EFF466}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\limbo\limbo.exe
FirewallRules: [{44E629F3-3BA6-41D2-AC56-80C5A689F028}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\Super Street Fighter IV - Arcade Edition\SSFIV.exe
FirewallRules: [{32CA8A60-854E-475E-A012-C346AB8DDBF7}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\Super Street Fighter IV - Arcade Edition\SSFIV.exe
FirewallRules: [UDP Query User{A27008E7-EAE5-45EC-9F2A-E5309C7CF3BA}D:\juegos pc\starcraft ii\versions\base22612\sc2.exe] => (Allow) D:\juegos pc\starcraft ii\versions\base22612\sc2.exe
FirewallRules: [TCP Query User{2A7A8882-9A42-455D-BFF2-4AAA5D931D27}D:\juegos pc\starcraft ii\versions\base22612\sc2.exe] => (Allow) D:\juegos pc\starcraft ii\versions\base22612\sc2.exe
FirewallRules: [{9EF05727-E2C9-4CF3-8369-25C5184B61FB}] => (Allow) D:\Juegos PC\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{61898E4E-0D3A-4E7A-87EE-4D40A94DB6DA}] => (Allow) D:\Juegos PC\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [UDP Query User{A9D6F4C4-91B1-48F5-BDE6-A6BFB5F826AD}D:\juegos pc\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) D:\juegos pc\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe
FirewallRules: [TCP Query User{7E31E601-0167-4B7C-A8A9-BBE7B7CEB791}D:\juegos pc\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) D:\juegos pc\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe
FirewallRules: [{4595FF7C-271D-4EAF-9853-8796CF1487BC}] => (Allow) D:\Juegos PC\Steam\Steam.exe
FirewallRules: [{110E2764-A878-4198-BED2-29F762BD398F}] => (Allow) D:\Juegos PC\Steam\Steam.exe
FirewallRules: [{326D8691-175F-4468-98FE-5B320437732C}] => (Allow) D:\Juegos PC\StarCraft II\StarCraft II.exe
FirewallRules: [{02CBCD3E-80C0-49EA-B44D-CF1E8362AAAD}] => (Allow) D:\Juegos PC\StarCraft II\StarCraft II.exe
FirewallRules: [{1AEBA63E-9CFC-42B4-AB08-547C4F330362}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{9A046958-846F-4008-B808-DF1945D83C66}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [UDP Query User{A8685B7E-B4E6-471E-849F-C4BD8CD2B903}D:\juegos pc\diablo iii\diablo iii.exe] => (Allow) D:\juegos pc\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{FD4CA006-617C-4EE6-8EF3-4872C3573388}D:\juegos pc\diablo iii\diablo iii.exe] => (Allow) D:\juegos pc\diablo iii\diablo iii.exe
FirewallRules: [{5783F036-5D50-4816-A86F-FF62500E03A2}] => (Allow) D:\Juegos PC\Diablo III\Diablo III.exe
FirewallRules: [{7494DA9E-1969-4CFD-BF2C-02D71A5ED8EB}] => (Allow) D:\Juegos PC\Diablo III\Diablo III.exe
FirewallRules: [{DD694650-D901-47AC-B7E3-C3CA57B642BF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{8745AE88-FEDC-4048-8277-AD2E9940F8CA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{6D1F8651-945B-441F-8266-8B69BE357D01}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/13/2015 07:20:36 PM) (Source: Perflib) (EventID: 1017) (User: )
Description: ASP.NET_2.0.50727

Error: (08/13/2015 07:20:36 PM) (Source: Perflib) (EventID: 1021) (User: )
Description: ASP.NET_2.0.507278

Error: (08/13/2015 07:07:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: OHub.exe, versión: 16.0.6106.2350, marca de tiempo: 0x55c40ea1
Nombre del módulo con errores: ntdll.dll, versión: 10.0.10240.16392, marca de tiempo: 0x55a864a2
Código de excepción: 0xc0000374
Desplazamiento de errores: 0x00000000000ea28c
Identificador del proceso con errores: 0x268c
Hora de inicio de la aplicación con errores: 0xOHub.exe0
Ruta de acceso de la aplicación con errores: OHub.exe1
Ruta de acceso del módulo con errores: OHub.exe2
Identificador del informe: OHub.exe3
Nombre completo del paquete con errores: OHub.exe4
Identificador de aplicación relativa del paquete con errores: OHub.exe5

Error: (08/11/2015 12:14:11 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: EMILIO-PC)
Description: No se pudo activar la aplicación Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI debido al error: -2144927141. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

Error: (08/09/2015 11:32:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: GFExperience.exe, versión: 15.3.33.0, marca de tiempo: 0x53d235eb
Nombre del módulo con errores: KERNELBASE.dll, versión: 10.0.10240.16384, marca de tiempo: 0x559f3b2a
Código de excepción: 0xe0434352
Desplazamiento de errores: 0x000b3e28
Identificador del proceso con errores: 0x105c
Hora de inicio de la aplicación con errores: 0xGFExperience.exe0
Ruta de acceso de la aplicación con errores: GFExperience.exe1
Ruta de acceso del módulo con errores: GFExperience.exe2
Identificador del informe: GFExperience.exe3
Nombre completo del paquete con errores: GFExperience.exe4
Identificador de aplicación relativa del paquete con errores: GFExperience.exe5

Error: (08/09/2015 11:32:43 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: GFExperience.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.NullReferenceException
Pila:
en GFEClient.Model.Update.UpdateInstaller+<>c__DisplayClassa.<BuildProcInfo>b__8(System.Object, System.EventArgs)
en System.Diagnostics.Process.OnExited()
en System.Diagnostics.Process.RaiseOnExited()
en System.Diagnostics.Process.CompletionCallback(System.Object, Boolean)
en System.Threading._ThreadPoolWaitOrTimerCallback.WaitOrTimerCallback_Context(System.Object, Boolean)
en System.Threading._ThreadPoolWaitOrTimerCallback.WaitOrTimerCallback_Context_f(System.Object)
en System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
en System.Threading._ThreadPoolWaitOrTimerCallback.PerformWaitOrTimerCallback(System.Object, Boolean)

Error: (08/08/2015 08:47:53 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: EMILIO-PC)
Description: No se pudo activar la aplicación Microsoft.ZuneMusic_8wekyb3d8bbwe!Microsoft.ZuneMusic debido al error: -2147023170. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

Error: (08/08/2015 08:47:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: wwahost.exe, versión: 10.0.10240.16392, marca de tiempo: 0x55a867b2
Nombre del módulo con errores: edgehtml.dll, versión: 11.0.10240.16401, marca de tiempo: 0x55b1a774
Código de excepción: 0xc0000602
Desplazamiento de errores: 0x000000000053d636
Identificador del proceso con errores: 0x1bc0
Hora de inicio de la aplicación con errores: 0xwwahost.exe0
Ruta de acceso de la aplicación con errores: wwahost.exe1
Ruta de acceso del módulo con errores: wwahost.exe2
Identificador del informe: wwahost.exe3
Nombre completo del paquete con errores: wwahost.exe4
Identificador de aplicación relativa del paquete con errores: wwahost.exe5

Error: (08/08/2015 08:47:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: wwahost.exe, versión: 10.0.10240.16392, marca de tiempo: 0x55a867b2
Nombre del módulo con errores: KERNELBASE.dll, versión: 10.0.10240.16384, marca de tiempo: 0x559f38c3
Código de excepción: 0x80000003
Desplazamiento de errores: 0x000000000002a1c8
Identificador del proceso con errores: 0x1bc0
Hora de inicio de la aplicación con errores: 0xwwahost.exe0
Ruta de acceso de la aplicación con errores: wwahost.exe1
Ruta de acceso del módulo con errores: wwahost.exe2
Identificador del informe: wwahost.exe3
Nombre completo del paquete con errores: wwahost.exe4
Identificador de aplicación relativa del paquete con errores: wwahost.exe5

Error: (08/08/2015 08:45:41 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa SearchUI.exe, versión 10.0.10240.16401, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, comprueba el historial de problemas en la sección Seguridad y mantenimiento del Panel de control.

Identificador de proceso: 1910

Hora de inicio: 01d0d1cf66815471

Hora de finalización: 4294967295

Ruta de la aplicación: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe

Identificador de informe: fce72cf5-3dc2-11e5-9bc2-0016383a0224

Nombre completo de paquete con errores: Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy

Identificador de aplicación relativa del paquete con errores: CortanaUI


System errors:
=============
Error: (08/11/2015 12:14:18 AM) (Source: DCOM) (EventID: 10010) (User: EMILIO-PC)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}

Error: (08/11/2015 12:14:18 AM) (Source: DCOM) (EventID: 10010) (User: EMILIO-PC)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}

Error: (08/11/2015 12:14:18 AM) (Source: DCOM) (EventID: 10010) (User: EMILIO-PC)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}

Error: (08/11/2015 12:14:11 AM) (Source: DCOM) (EventID: 10010) (User: EMILIO-PC)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca

Error: (08/11/2015 12:14:10 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Acceso a datos de usuarios_Session1 terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 10000 milisegundos: Reiniciar el servicio.

Error: (08/11/2015 12:14:10 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Almacenamiento de datos de usuarios_Session1 terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 10000 milisegundos: Reiniciar el servicio.

Error: (08/11/2015 12:14:10 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Datos de contactos_Session1 terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 10000 milisegundos: Reiniciar el servicio.

Error: (08/11/2015 12:14:10 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Sincronizar host_Session1 terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 10000 milisegundos: Reiniciar el servicio.

Error: (08/08/2015 09:25:15 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Adaptador de escucha Net.Tcp depende del servicio Servicio de uso compartido de puertos Net.Tcp, el cual no pudo iniciarse debido al siguiente error:
%%1058

Error: (08/08/2015 09:25:01 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: La DLL de notificación de contraseña C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll no se pudo cargar y dio el error 126. Compruebe que la ruta de acceso de la DLL de notificación definida en el registro, HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages, haga referencia a una ruta de acceso correcta y absoluta (<unidad>:\<ruta de acceso>\<nombre de archivo>.<ext>) y no a una ruta de acceso relativa o no válida. Si la ruta de acceso de la DLL es correcta, valide que los archivos auxiliares se encuentren en el mismo directorio, y que la cuenta del sistema tenga acceso de lectura tanto en la ruta de acceso de la DLL, como en los archivos auxiliares. Póngase en contacto con el proveedor de la DLL de notificación para obtener soporte adicional. Si desea obtener más detalles visite http://go.microsoft.com/fwlink/?LinkId=245898.


Microsoft Office:
=========================
Error: (08/13/2015 07:20:36 PM) (Source: Perflib) (EventID: 1017) (User: )
Description: ASP.NET_2.0.50727

Error: (08/13/2015 07:20:36 PM) (Source: Perflib) (EventID: 1021) (User: )
Description: ASP.NET_2.0.507278

Error: (08/13/2015 07:07:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OHub.exe16.0.6106.235055c40ea1ntdll.dll10.0.10240.1639255a864a2c000037400000000000ea28c268c01d0d6146a66e5e4C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbwe\OHub.exeC:\WINDOWS\SYSTEM32\ntdll.dll7446c617-40f6-4531-ab70-a08c13c3934eMicrosoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbweMicrosoft.MicrosoftOfficeHub

Error: (08/11/2015 12:14:11 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: EMILIO-PC)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2144927141

Error: (08/09/2015 11:32:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: GFExperience.exe15.3.33.053d235ebKERNELBASE.dll10.0.10240.16384559f3b2ae0434352000b3e28105c01d0d2af8882acc4C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll51e60807-1299-47e7-b320-0d108a227af0

Error: (08/09/2015 11:32:43 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: GFExperience.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.NullReferenceException
Pila:
en GFEClient.Model.Update.UpdateInstaller+<>c__DisplayClassa.<BuildProcInfo>b__8(System.Object, System.EventArgs)
en System.Diagnostics.Process.OnExited()
en System.Diagnostics.Process.RaiseOnExited()
en System.Diagnostics.Process.CompletionCallback(System.Object, Boolean)
en System.Threading._ThreadPoolWaitOrTimerCallback.WaitOrTimerCallback_Context(System.Object, Boolean)
en System.Threading._ThreadPoolWaitOrTimerCallback.WaitOrTimerCallback_Context_f(System.Object)
en System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
en System.Threading._ThreadPoolWaitOrTimerCallback.PerformWaitOrTimerCallback(System.Object, Boolean)

Error: (08/08/2015 08:47:53 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: EMILIO-PC)
Description: Microsoft.ZuneMusic_8wekyb3d8bbwe!Microsoft.ZuneMusic-2147023170

Error: (08/08/2015 08:47:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: wwahost.exe10.0.10240.1639255a867b2edgehtml.dll11.0.10240.1640155b1a774c0000602000000000053d6361bc001d0d1d008d15463C:\WINDOWS\system32\wwahost.exeC:\WINDOWS\system32\edgehtml.dll920053da-1740-4ef2-ad5d-66e65e52afbdMicrosoft.ZuneMusic_3.6.10841.0_x64__8wekyb3d8bbweMicrosoft.ZuneMusic

Error: (08/08/2015 08:47:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: wwahost.exe10.0.10240.1639255a867b2KERNELBASE.dll10.0.10240.16384559f38c380000003000000000002a1c81bc001d0d1d008d15463C:\WINDOWS\system32\wwahost.exeC:\WINDOWS\system32\KERNELBASE.dllc5e2dda0-472e-4252-8377-214fe6ff9fe8Microsoft.ZuneMusic_3.6.10841.0_x64__8wekyb3d8bbweMicrosoft.ZuneMusic

Error: (08/08/2015 08:45:41 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SearchUI.exe10.0.10240.16401191001d0d1cf668154714294967295C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exefce72cf5-3dc2-11e5-9bc2-0016383a0224Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyCortanaUI


==================== Memory info ===========================

Processor: AMD FX(tm)-8120 Eight-Core Processor
Percentage of memory in use: 42%
Total physical RAM: 8136.27 MB
Available physical RAM: 4682.45 MB
Total Virtual: 16328.27 MB
Available Virtual: 11639.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:103.89 GB) (Free:31.78 GB) NTFS
Drive d: (Bizarro) (Fixed) (Total:361.33 GB) (Free:124.44 GB) NTFS
Drive g: (Nuevo vol) (Fixed) (Total:97.66 GB) (Free:97.43 GB) NTFS
Drive h: (Nuevo vol) (Fixed) (Total:833.85 GB) (Free:643.93 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 9C14E587)
Partition 1: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=833.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 09625847)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=103.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=361.3 GB) - (Type=07 NTFS)

==================== End of log ============================
 
Welcome aboard

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

======================================

redtarget.gif
FRST reports:
ATTENTION: System Restore is disabled
Click to expand...
Did you disable Windows firewall for whatever reason?

redtarget.gif
Uninstall following unwanted programs:

Claro LTD toolbar
GoPhoto.it V9.0

redtarget.gif
Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2

  • Close all the running programs
  • Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
  • Otherwise just double-click on RogueKiller.exe
  • Pre-scan will start. Let it finish.
  • Click on SCAN button.
  • Wait until the Status box shows Scan Finished
  • Click on Delete.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

redtarget.gif
Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
NOTE. If you already have MBAM 2.0 installed scroll down.

  • Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
  • Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.


If you already have MBAM 2.0 installed:

  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.

How to get logs:
(Export log to save as txt)

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • Attach that saved log to your next reply.


(Copy to clipboard for pasting into forum replies or tickets)

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

redtarget.gif
Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

redtarget.gif
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
 
I'm sorry. I should have asked if you disabled system restore not Windows firewall.
 
RogueKiller V10.10.0.0 [Aug 11 2015] by Adlice Software
correo : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Sitio web : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Sistema Operativo : Windows 10 (10.0.10240) 64 bits version
Iniciado en : Modo Normal
Usuario : Emilio [Administrador]
Started from : C:\Users\Emilio\Downloads\RogueKiller.exe
Modo : Borrar -- Fecha : 08/15/2015 17:04:08

¤¤¤ Procesos : 0 ¤¤¤

¤¤¤ Registro : 4 ¤¤¤
[PUP] (X86) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar | {9E131A93-EED7-4BEB-B015-A0ADB30B5646} : Claro LTD Toolbar -> No seleccionado
[PUP] (X86) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar | {25A3A431-30BB-47C8-AD6A-E1063801134F} : -> No seleccionado
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2491552106-2971991606-1040936953-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> No seleccionado
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2491552106-2971991606-1040936953-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> No seleccionado

¤¤¤ Tareas : 1 ¤¤¤
[Suspicious.Path] \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -- C:\Program Files\Microsoft Security Client\MpCmdRun.exe (Scan -ScheduleJob -RestrictPrivileges) -> No seleccionado

¤¤¤ Archivos : 0 ¤¤¤

¤¤¤ Archivo de hosts : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.1 mssplus.mcafee.com

¤¤¤ Antirootkit : 0 (Driver: No cargado [0xc000036b]) ¤¤¤

¤¤¤ Navegadores Web : 0 ¤¤¤

¤¤¤ Chequeo MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD10 EZEX-00BN5A0 SATA Disk Device +++++
--- User ---
[MBR] bbc7a034b1d6bacdeabe7ea41a50651d
[BSP] f95f96a030c3b906d5982461f0bfd3d3 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100000 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 204802048 | Size: 853866 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: WDC WD50 00AAKX-001CA0 SATA Disk Device +++++
--- User ---
[MBR] 016ec5c8f3ee663578416de29489e2ae
[BSP] 3ec8385ba6b6cf8c4be415d879c57417 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 106388 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 218089472 | Size: 450 MB
3 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 219011072 | Size: 370000 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK
 
Malwarebytes Anti-Malware
www.malwarebytes.org

Fecha del análisis: 15/08/2015
Hora del análisis: 17:08
Archivo de registro: MBAM scan log.txt
Administrador: Sí

Versión: 2.1.8.1057
Base de datos de malwares: v2015.08.15.05
Base de datos de rootkits: v2015.08.06.01
Licencia: Gratis
Protección contra el malware: Desactivado
Protección contra sitios web maliciosos: Desactivado
Autoprotección: Desactivado

SO: Windows 10
CPU: x64
Sistema de archivos: NTFS
Usuario: Emilio

Tipo de análisis: Análisis de amenazas
Resultado: Completado
Objetos analizados: 411848
Tiempo transcurrido: 7 min, 26 seg

Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Advertencia
PUM: Activado

Procesos: 0
(No hay elementos maliciosos detectados)

Módulos: 0
(No hay elementos maliciosos detectados)

Claves del registro: 54
PUP.Optional.Yontoo.A, HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}, En cuarentena, [899858b14645c472b6587a1edc26e21e],
PUP.Optional.Yontoo.A, HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}, En cuarentena, [899858b14645c472b6587a1edc26e21e],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}, En cuarentena, [30f1b950c3c851e563e04f4847bbc739],
PUP.Optional.Downloader.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GoPhoto.it V9.0, En cuarentena, [f72ad138b0db2b0bcc7eb800936eb14f],
PUP.Optional.Claro.A, HKLM\SOFTWARE\CLASSES\claro.claroappCore, En cuarentena, [47dafd0c19727abc3b91dd6091729e62],
PUP.Optional.Claro.A, HKLM\SOFTWARE\CLASSES\claro.claroappCore.1, En cuarentena, [909131d863285adce1ebb18cd92a31cf],
PUP.Optional.Claro.A, HKLM\SOFTWARE\CLASSES\claro.clarodskBnd, En cuarentena, [a37e35d483087abca6261627dc27ab55],
PUP.Optional.Claro.A, HKLM\SOFTWARE\CLASSES\claro.clarodskBnd.1, En cuarentena, [6cb5c3466a210135c7059da056ad29d7],
PUP.Optional.Claro.A, HKLM\SOFTWARE\CLASSES\claro.claroHlpr, En cuarentena, [69b82cddd4b745f11fadf647f21112ee],
PUP.Optional.Claro.A, HKLM\SOFTWARE\CLASSES\claro.claroHlpr.1, En cuarentena, [79a88980c5c6290d309ca29bf21101ff],
PUP.Optional.Claro.A, HKLM\SOFTWARE\CLASSES\esrv.claroESrvc, En cuarentena, [ce534abf4c3f9a9c9932b18ce91a8a76],
PUP.Optional.Claro.A, HKLM\SOFTWARE\CLASSES\esrv.claroESrvc.1, En cuarentena, [d24ffa0f6823ad8977544fee06fd748c],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{006A4FEA-BEB5-4088-8A7C-C9EDAFDEE1B2}, En cuarentena, [9a870dfc45460a2cbae6465e4fb5a35d],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{048BEE96-9110-48F9-AABF-749391CF0F16}, En cuarentena, [3ee3a6636b201026e4bc7331ba4a1fe1],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2FF9696A-D071-4724-8DF3-70023AC634B7}, En cuarentena, [73ae2cdd0883c670069bf9ab6c98b54b],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{35C8E407-9D9E-4993-8D6D-D9622EDC1CC1}, En cuarentena, [ec35c643fe8dc472e2bf4262f50f26da],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6D362AF4-65AE-4B47-B4ED-4740D465B3A1}, En cuarentena, [79a8e1286427ad891989752f41c3817f],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7CBFC949-2735-4FA4-B7C6-CAC03629F76F}, En cuarentena, [869b0405deadcf670e94aef645bf49b7],
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DATAMNGRCOORDINATOR.EXE, En cuarentena, [32efa76202894bebd49095b209fa57a9],
PUP.Optional.GoPhoto.A, HKLM\SOFTWARE\WOW6432NODE\GoPhoto.it V9.0, En cuarentena, [7fa2ae5b632864d208aa2712996a817f],
PUP.Optional.Claro.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\claro.claroappCore, En cuarentena, [2ff249c0e0ab7fb7f5d7fb4261a22ad6],
PUP.Optional.Claro.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\claro.claroappCore.1, En cuarentena, [e73aff0a741735018e3ec37a53b032ce],
PUP.Optional.Claro.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\claro.clarodskBnd, En cuarentena, [6cb511f859322214cc00fa437b88ee12],
PUP.Optional.Claro.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\claro.clarodskBnd.1, En cuarentena, [39e8ed1c226931053b91c4796f94f10f],
PUP.Optional.Claro.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\claro.claroHlpr, En cuarentena, [35ec42c70b8075c11fadd568867d31cf],
PUP.Optional.Claro.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\claro.claroHlpr.1, En cuarentena, [6cb5f51493f87bbb844856e715ee25db],
PUP.Optional.Claro.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.claroESrvc, En cuarentena, [b66be524b3d87abcba11a6975fa4a060],
PUP.Optional.Claro.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.claroESrvc.1, En cuarentena, [db4650b9cac14aec6566ad9017ec5fa1],
PUP.Optional.SavingsSidekick.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\dhdepfaagokllfmhfbcfmocaeigmoebo, En cuarentena, [4dd4fc0d27643006f91d0ca725df8b75],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\jbpkiefagocgkmemidfngdkamloieekf, En cuarentena, [9f8221e82a619c9a6b8e8ebbdb2814ec],
PUP.Optional.Yontoo.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\niapdbllcanepiiimjjndipklodoedlc, En cuarentena, [958c15f4018a80b67ff023304bb8ed13],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{006A4FEA-BEB5-4088-8A7C-C9EDAFDEE1B2}, En cuarentena, [d64bf712f19a9a9ce2be1f855da7718f],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{048BEE96-9110-48F9-AABF-749391CF0F16}, En cuarentena, [9091c445f596d363217fb5ef7c880bf5],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{21111111-1111-1111-1111-110011501160}, En cuarentena, [77aaa7629bf089ad366a7034c53f52ae],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2FF9696A-D071-4724-8DF3-70023AC634B7}, En cuarentena, [a18024e533583cfa1a876143659fc53b],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{35C8E407-9D9E-4993-8D6D-D9622EDC1CC1}, En cuarentena, [91904abfe1aae74f6c35c0e47d8705fb],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6D362AF4-65AE-4B47-B4ED-4740D465B3A1}, En cuarentena, [0d14be4beba02412881a772d5fa5cd33],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7CBFC949-2735-4FA4-B7C6-CAC03629F76F}, En cuarentena, [30f152b7b1da42f4eeb4238117ed6a96],
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DATAMNGRCOORDINATOR.EXE, En cuarentena, [8c954fbaf7941f172f35222537cc0cf4],
PUP.Optional.GoPhoto.A, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\GoPhoto.it V9.0, En cuarentena, [7ba6a069e4a760d6f1c3291018eb7b85],
PUP.Optional.GoPhoto.A, HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\SOFTWARE\APPDATALOW\SOFTWARE\GoPhoto.it V9.0, En cuarentena, [120f80890d7ee15507ad0435729114ec],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\SOFTWARE\CONDUIT\DistributionEngine, En cuarentena, [9f825cad95f64fe778e3614651b3b64a],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{006A4FEA-BEB5-4088-8A7C-C9EDAFDEE1B2}, En cuarentena, [66bbc5449fecf145019ca5ff857f13ed],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{048BEE96-9110-48F9-AABF-749391CF0F16}, En cuarentena, [bd6461a83655e25465386c388a7a956b],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{27000D83-6BCF-400C-95DE-54FF769462AE}, En cuarentena, [3be6b950c8c3ea4c4857faaae024e818],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2FF9696A-D071-4724-8DF3-70023AC634B7}, En cuarentena, [ea37a9608ffc72c47d21762e0bf9f40c],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{35C8E407-9D9E-4993-8D6D-D9622EDC1CC1}, En cuarentena, [f92861a8206b4bebeeb0d8cc6c9845bb],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3E6E69C0-F066-43A4-91D3-B3CA91AFF6D0}, En cuarentena, [839e22e73655a88e0897960e26de3bc5],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6D362AF4-65AE-4B47-B4ED-4740D465B3A1}, En cuarentena, [160b15f4315ab38356496b39ce3626da],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7A063E56-F188-4E46-A4C0-4BF16F3B8C9C}, En cuarentena, [d0518485c8c30531a5f9abf906fe25db],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7CBFC949-2735-4FA4-B7C6-CAC03629F76F}, En cuarentena, [c55c20e9c9c2b185584752521ee6c739],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A43E1278-FAAC-4D9F-A64C-97A22D4EFC46}, En cuarentena, [5ec3c742f695f145336c851f1ce801ff],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EBCA2CE5-D3A8-488F-BB95-E4B6F920ACD3}, En cuarentena, [ad7440c9cac11125d1cdeabab05410f0],
PUP.Optional.Iminent.A, HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\Iminent, En cuarentena, [b170d732bad146f06ca5de77ef14f40c],

Valores del registro: 29
PUP.Optional.Claro.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{9E131A93-EED7-4BEB-B015-A0ADB30B5646}, En cuarentena, [7ea310f9f695c76fe380bed8877b5aa6],
PUP.Optional.Claro.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{9E131A93-EED7-4BEB-B015-A0ADB30B5646}, Claro LTD Toolbar, En cuarentena, [7ea310f9f695c76fe380bed8877b5aa6]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{006a4fea-beb5-4088-8a7c-c9edafdee1b2}|AppName, Torntv V9.0-bg.exe, En cuarentena, [9a870dfc45460a2cbae6465e4fb5a35d]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{048bee96-9110-48f9-aabf-749391cf0f16}|AppName, GoPhoto.it V9.0-bg.exe, En cuarentena, [3ee3a6636b201026e4bc7331ba4a1fe1]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2ff9696a-d071-4724-8df3-70023ac634b7}|AppName, Torntv V9.0-buttonutil.exe, En cuarentena, [73ae2cdd0883c670069bf9ab6c98b54b]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{35c8e407-9d9e-4993-8d6d-d9622edc1cc1}|AppName, GoPhoto.it V9.0-buttonutil.exe, En cuarentena, [ec35c643fe8dc472e2bf4262f50f26da]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6d362af4-65ae-4b47-b4ed-4740d465b3a1}|AppName, GoPhoto.it V9.0-codedownloader.exe, En cuarentena, [79a8e1286427ad891989752f41c3817f]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7cbfc949-2735-4fa4-b7c6-cac03629f76f}|AppName, Torntv V9.0-codedownloader.exe, En cuarentena, [869b0405deadcf670e94aef645bf49b7]
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DATAMNGRCOORDINATOR.EXE|debugger, tasklist.exe, En cuarentena, [32efa76202894bebd49095b209fa57a9]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{006a4fea-beb5-4088-8a7c-c9edafdee1b2}|AppName, Torntv V9.0-bg.exe, En cuarentena, [d64bf712f19a9a9ce2be1f855da7718f]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{048bee96-9110-48f9-aabf-749391cf0f16}|AppName, GoPhoto.it V9.0-bg.exe, En cuarentena, [9091c445f596d363217fb5ef7c880bf5]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{21111111-1111-1111-1111-110011501160}|AppName, Savings Sidekick-bg.exe, En cuarentena, [77aaa7629bf089ad366a7034c53f52ae]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2ff9696a-d071-4724-8df3-70023ac634b7}|AppName, Torntv V9.0-buttonutil.exe, En cuarentena, [a18024e533583cfa1a876143659fc53b]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{35c8e407-9d9e-4993-8d6d-d9622edc1cc1}|AppName, GoPhoto.it V9.0-buttonutil.exe, En cuarentena, [91904abfe1aae74f6c35c0e47d8705fb]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6d362af4-65ae-4b47-b4ed-4740d465b3a1}|AppName, GoPhoto.it V9.0-codedownloader.exe, En cuarentena, [0d14be4beba02412881a772d5fa5cd33]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7cbfc949-2735-4fa4-b7c6-cac03629f76f}|AppName, Torntv V9.0-codedownloader.exe, En cuarentena, [30f152b7b1da42f4eeb4238117ed6a96]
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}|Url, http://start.iminent.com/?appId=51DE3E92-7CE1-4D3D-AA50-336BDFBAC424&ref=toolbox&q={searchTerms}, En cuarentena, [c25f11f883083ff797edd6cf877d4ab6]
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DATAMNGRCOORDINATOR.EXE|debugger, tasklist.exe, En cuarentena, [8c954fbaf7941f172f35222537cc0cf4]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{006a4fea-beb5-4088-8a7c-c9edafdee1b2}|AppName, Torntv V9.0-bg.exe, En cuarentena, [66bbc5449fecf145019ca5ff857f13ed]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{048bee96-9110-48f9-aabf-749391cf0f16}|AppName, GoPhoto.it V9.0-bg.exe, En cuarentena, [bd6461a83655e25465386c388a7a956b]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{27000D83-6BCF-400C-95DE-54FF769462AE}|AppName, 3acf9a70-1a99-4e96-962c-fb7ed7f05265-2.exe-codedownloader.exe, En cuarentena, [3be6b950c8c3ea4c4857faaae024e818]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2ff9696a-d071-4724-8df3-70023ac634b7}|AppName, Torntv V9.0-buttonutil.exe, En cuarentena, [ea37a9608ffc72c47d21762e0bf9f40c]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{35c8e407-9d9e-4993-8d6d-d9622edc1cc1}|AppName, GoPhoto.it V9.0-buttonutil.exe, En cuarentena, [f92861a8206b4bebeeb0d8cc6c9845bb]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3E6E69C0-F066-43A4-91D3-B3CA91AFF6D0}|AppName, 3acf9a70-1a99-4e96-962c-fb7ed7f05265-2.exe-codedownloader.exe, En cuarentena, [839e22e73655a88e0897960e26de3bc5]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6d362af4-65ae-4b47-b4ed-4740d465b3a1}|AppName, GoPhoto.it V9.0-codedownloader.exe, En cuarentena, [160b15f4315ab38356496b39ce3626da]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7A063E56-F188-4E46-A4C0-4BF16F3B8C9C}|AppName, 00e1002c-7029-4aa8-96af-5a4f99b861b7-2.exe-buttonutil.exe, En cuarentena, [d0518485c8c30531a5f9abf906fe25db]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7cbfc949-2735-4fa4-b7c6-cac03629f76f}|AppName, Torntv V9.0-codedownloader.exe, En cuarentena, [c55c20e9c9c2b185584752521ee6c739]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A43E1278-FAAC-4D9F-A64C-97A22D4EFC46}|AppName, 00e1002c-7029-4aa8-96af-5a4f99b861b7-2.exe-codedownloader.exe, En cuarentena, [5ec3c742f695f145336c851f1ce801ff]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EBCA2CE5-D3A8-488F-BB95-E4B6F920ACD3}|AppName, 3acf9a70-1a99-4e96-962c-fb7ed7f05265-2.exe-buttonutil.exe, En cuarentena, [ad7440c9cac11125d1cdeabab05410f0]

Datos del registro: 0
(No hay elementos maliciosos detectados)

Carpetas: 5
PUP.Optional.TornTV.A, C:\Users\Emilio\AppData\LocalLow\Torntv V9.0, En cuarentena, [51d0a06988035cdaf905de08cc369868],
PUP.Optional.Yontoo.A, C:\Program Files (x86)\Yontoo, En cuarentena, [7ba60cfd4a41ae885abeb83861a1ff01],
PUP.Optional.Claro.A, C:\Users\Emilio\AppData\LocalLow\Claro LTD\claro, En cuarentena, [ea374dbc83088caa5f8142bbe1216f91],
PUP.Optional.GoPhoto.A, C:\Users\Emilio\AppData\LocalLow\GoPhoto.it V9.0, En cuarentena, [d74a66a35e2d8caabd3917e96d960af6],
PUP.Optional.GoPhoto.A, C:\Program Files (x86)\GoPhoto.it V9.0, En cuarentena, [98899376c2c9ff370fe91ce405fe05fb],

Archivos: 8
PUP.Optional.Downloader.C, C:\Program Files (x86)\GoPhoto.it V9.0\Uninstall.exe, En cuarentena, [f72ad138b0db2b0bcc7eb800936eb14f],
PUP.Optional.Yontoo.A, C:\Program Files (x86)\Yontoo\YontooIEClient.dll, En cuarentena, [7ba60cfd4a41ae885abeb83861a1ff01],
PUP.Optional.Yontoo.A, C:\Program Files (x86)\Yontoo\YontooLayers.crx, En cuarentena, [7ba60cfd4a41ae885abeb83861a1ff01],
PUP.Optional.GoPhoto.A, C:\Program Files (x86)\GoPhoto.it V9.0\34068.crx, En cuarentena, [98899376c2c9ff370fe91ce405fe05fb],
PUP.Optional.GoPhoto.A, C:\Program Files (x86)\GoPhoto.it V9.0\34068.xpi, En cuarentena, [98899376c2c9ff370fe91ce405fe05fb],
PUP.Optional.GoPhoto.A, C:\Program Files (x86)\GoPhoto.it V9.0\background.html, En cuarentena, [98899376c2c9ff370fe91ce405fe05fb],
PUP.Optional.GoPhoto.A, C:\Program Files (x86)\GoPhoto.it V9.0\GoPhoto.it V9.0.ico, En cuarentena, [98899376c2c9ff370fe91ce405fe05fb],
PUP.Optional.StartWeb.A, C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js, Bueno: (), Malo: (user_pref("browser.search.selectedEngine", "StartWeb");), Sustituido,[e1406e9bff8cd85e4a9977159b6a6799]

Sectores físicos: 0
(No hay elementos maliciosos detectados)


(end)
 
# AdwCleaner v5.000 - Logfile created 15/08/2015 at 17:33:39
# Updated 14/08/2015 by Xplode
# Database : 2015-08-15.1 [Server]
# Operating system : Windows 10 Pro (x64)
# Username : Emilio - EMILIO-PC
# Running from : C:\Users\Emilio\Downloads\Elimina troyanos\adwcleaner_5.000.exe
# Option : Scan

***** [ Services ] *****


***** [ Folders ] *****

Folder Found : C:\Program Files (x86)\Common Files\Umbrella
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\SoftSafe
Folder Found : C:\ProgramData\Tarma Installer
Folder Found : C:\Users\Emilio\AppData\LocalLow\Claro LTD
Folder Found : C:\Users\Emilio\AppData\Roaming\eType
Folder Found : C:\Users\Emilio\AppData\Roaming\pdfforge
Folder Found : C:\Users\Emilio\AppData\Roaming\PerformerSoft
Folder Found : C:\Users\Emilio\AppData\Roaming\SendSpace

***** [ Files ] *****

File Found : C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\user.js

***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{8E9F2D02-6B06-4EBA-92C2-68438EADED28}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Key Found : HKLM\SOFTWARE\Classes\AppID\{CCC3E766-7BA9-4629-AC1A-7F4B7F362E65}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{99E71BF1-5F51-4AF9-830B-67015D59640D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F398D871-ED00-42A8-BEAA-0209E9E59FCC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Found : HKLM\SOFTWARE\Classes\Interface\{16466D47-74A8-4928-B8B2-07CD79ABFC9F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{26D5CC0A-7A46-4D86-AF45-2EFA320B0C54}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2D13AC8F-037E-40C5-ADA6-231BA74EA2F4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{322EDCF5-9E7D-4021-8C67-F3FFE4961A38}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3E254398-828F-4D51-A39E-3F6B6D96A12C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{442DAF0C-7EAD-48D9-ABEA-E0036470D6D5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{58EB187D-24F8-4423-BD6C-655CE4C416BD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6BEB066C-A791-4A21-B934-7783533FE888}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A07612DF-B1DD-484F-A1C3-36CA4CE919D2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A76F97B2-2C56-456A-A29E-72741595C2E8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B19D9D96-E59C-4936-B283-8A831CDB3A53}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DC8AAABA-3F8B-4866-8B3A-D9368133A478}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E15519AE-99BE-42DD-BE60-FFC3C183F443}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{5563BEFE-3B03-43B1-8041-64A9745DAA56}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A903AC15-686E-4D67-A355-86FCBE9F60DA}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{CCC3E766-7BA9-4629-AC1A-7F4B7F362E65}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{58124A0B-DC32-4180-9BFF-E0E21AE34026}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}]
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{208D4124-3895-4974-B293-A159BD306078}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{16466D47-74A8-4928-B8B2-07CD79ABFC9F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{26D5CC0A-7A46-4D86-AF45-2EFA320B0C54}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2D13AC8F-037E-40C5-ADA6-231BA74EA2F4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{322EDCF5-9E7D-4021-8C67-F3FFE4961A38}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3E254398-828F-4D51-A39E-3F6B6D96A12C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{442DAF0C-7EAD-48D9-ABEA-E0036470D6D5}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{58EB187D-24F8-4423-BD6C-655CE4C416BD}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6BEB066C-A791-4A21-B934-7783533FE888}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A07612DF-B1DD-484F-A1C3-36CA4CE919D2}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A76F97B2-2C56-456A-A29E-72741595C2E8}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B19D9D96-E59C-4936-B283-8A831CDB3A53}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{DC8AAABA-3F8B-4866-8B3A-D9368133A478}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E15519AE-99BE-42DD-BE60-FFC3C183F443}
Key Found : HKU\.DEFAULT\Software\IBUpdaterService
Key Found : HKCU\Software\Conduit
Key Found : HKLM\SOFTWARE\Babylon
Key Found : HKLM\SOFTWARE\Conduit
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Found : [x64] HKLM\SOFTWARE\Tarma Installer

***** [ Web browsers ] *****

[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("extensions.claro.admin", false);
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("extensions.claro.aflt", "babsst");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("extensions.claro.appId", "{C3110516-8EFC-49D6-8B72-69354F332062}");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("extensions.claro.dfltLng", "en");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("extensions.claro.excTlbr", false);
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("extensions.claro.id", "76fdc0e2000000000000c86000746c79");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("extensions.claro.instlDay", "15648");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("extensions.claro.instlRef", "sst");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("extensions.claro.prdct", "claro");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("extensions.claro.prtnrId", "claro");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("extensions.claro.tlbrId", "claro");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("extensions.claro.tlbrSrchUrl", "");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("extensions.claro.vrsn", "1.8.3.10");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("extensions.claro.vrsni", "1.8.3.10");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("extensions.claro_i.smplGrp", "none");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("extensions.claro_i.vrsnTs", "1.8.3.100:48:16");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("extensions.iminent.admin", false);
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("extensions.iminent.aflt", "orgnl");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("extensions.iminent.appId", "{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("extensions.iminent.autoRvrt", "false");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("extensions.iminent.dfltLng", "");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("extensions.iminent.excTlbr", false);
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("extensions.iminent.ffxUnstlRst", false);
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("extensions.iminent.id", "76fdc0e20000000000000016383a0224");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("extensions.iminent.instlDay", "16173");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("extensions.iminent.instlRef", "");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("extensions.iminent.newTab", false);
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("extensions.iminent.prdct", "iminent");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("extensions.iminent.prtnrId", "iminent");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("extensions.iminent.rvrt", "false");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("extensions.iminent.smplGrp", "none");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("extensions.iminent.tlbrId", "YBCPCSTIPO");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("extensions.iminent.tlbrSrchUrl", "hxxp://start.iminent.com/?ref=toolbarm#q=");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("extensions.iminent.vrsn", "1.8.28.3");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("extensions.iminent.vrsnTs", "1.8.28.316:27:07");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("extensions.iminent.vrsni", "1.8.28.3");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("extentions.y2layers.defaultEnableAppsList", "DropDownDeals,buzzdock,YontooNewOffers");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("extentions.y2layers.installId", "99059227-db2b-41e3-a674-2889f973812d");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("iminent.LayoutId", "1");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("iminent._oaZGabJJ8Q_", "{\"cpt\":0,\"cpr\":0,\"s\":0,\"es\":1}");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("iminent.adapters", "{\"www.iminent.com\":{\"CountryCode\":\"CL\",\"NoAds\":false,\"Status\":1,\"AdapterKey\":\"iminent\",\"v\":true,\"p\":0,\"t\":1,\"th\":0.228,\"expireTime\":\"13974208388[...]
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("iminent.enabledAds", "obsolete");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("iminent.externalScripts", "{\"value\":[{\"addonUid\":\"10bb6277-6b2b-413e-8d82-ad9398543254\",\"name\":\"Dealply\",\"addonId\":1,\"url\":\"//I.iminentjs.info/imitin/javascript.js\",\"queryS[...]
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("iminent.newtabredirect", "true");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("iminent.nomsi", "true");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("iminent.registerToolbarEvent102", "1397420991889");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("iminent.searchindex", "1");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("iminent.trackExternalScripts1", "1397420990345");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("iminent.trackExternalScripts2", "1397420991577");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("iminent.trackingInfo", "{\"state\":0,\"samplingRate\":0}");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("iminent.version", "8.15.4.1");
[C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default\prefs.js] [Preference] Found : user_pref("iminent.versioning", "{\"CurrentVersion\":\"8.15.4.1\",\"InstallEventCTime\":1397420834626,\"InstallEvent\":\"True\"}");
[C:\Users\Emilio\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : claro-search.com

*************************

C:\AdwCleaner[S1].txt - [16120 octets] - [15/08/2015 17:33:39]

########## EOF - C:\AdwCleaner[S1].txt - [16184 octets] ##########
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.6 (08.10.2015:1)
OS: Windows 10 Pro x64
Ran by Emilio on 15/08/2015 at 18:35:08,25
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3A2D5EBA-F86D-4BD3-A177-019765996711}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660066506660}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660066506660}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660066506660}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\Program Files (x86)\Common Files\umbrella
Successfully deleted: [Folder] C:\ProgramData\babylon
Successfully deleted: [Folder] C:\ProgramData\google
Successfully deleted: [Folder] C:\ProgramData\softsafe
Successfully deleted: [Folder] C:\ProgramData\tarma installer
Successfully deleted: [Folder] C:\Users\Emilio\Appdata\LocalLow\claro ltd
Successfully deleted: [Folder] C:\Users\Emilio\AppData\Roaming\etype
Successfully deleted: [Folder] C:\Users\Emilio\AppData\Roaming\pdfforge
Successfully deleted: [Folder] C:\Users\Emilio\AppData\Roaming\performersoft
Successfully deleted: [Folder] C:\Users\Emilio\Documents\add-in express



~~~ FireFox

Successfully deleted: [File] C:\Users\Emilio\AppData\Roaming\mozilla\firefox\profiles\f2czdvom.default\user.js
Successfully deleted the following from C:\Users\Emilio\AppData\Roaming\mozilla\firefox\profiles\f2czdvom.default\prefs.js

user_pref(extensions.claro.admin, false);
user_pref(extensions.claro.aflt, babsst);
user_pref(extensions.claro.appId, {C3110516-8EFC-49D6-8B72-69354F332062});
user_pref(extensions.claro.dfltLng, en);
user_pref(extensions.claro.excTlbr, false);
user_pref(extensions.claro.id, 76fdc0e2000000000000c86000746c79);
user_pref(extensions.claro.instlDay, 15648);
user_pref(extensions.claro.instlRef, sst);
user_pref(extensions.claro.prdct, claro);
user_pref(extensions.claro.prtnrId, claro);
user_pref(extensions.claro.tlbrId, claro);
user_pref(extensions.claro.tlbrSrchUrl, );
user_pref(extensions.claro.vrsn, 1.8.3.10);
user_pref(extensions.claro.vrsni, 1.8.3.10);
user_pref(extensions.claro_i.smplGrp, none);
user_pref(extensions.claro_i.vrsnTs, 1.8.3.100:48:16);
user_pref(extensions.iminent.admin, false);
user_pref(extensions.iminent.aflt, orgnl);
user_pref(extensions.iminent.appId, {0E4B2CAB-B859-4C57-B96E-63DDEC692BC4});
user_pref(extensions.iminent.autoRvrt, false);
user_pref(extensions.iminent.dfltLng, );
user_pref(extensions.iminent.excTlbr, false);
user_pref(extensions.iminent.ffxUnstlRst, false);
user_pref(extensions.iminent.id, 76fdc0e20000000000000016383a0224);
user_pref(extensions.iminent.instlDay, 16173);
user_pref(extensions.iminent.instlRef, );
user_pref(extensions.iminent.newTab, false);
user_pref(extensions.iminent.prdct, iminent);
user_pref(extensions.iminent.prtnrId, iminent);
user_pref(extensions.iminent.rvrt, false);
user_pref(extensions.iminent.smplGrp, none);
user_pref(extensions.iminent.tlbrId, YBCPCSTIPO);
user_pref(extensions.iminent.tlbrSrchUrl, hxxp://start.iminent.com/?ref=toolbarm#q=);
user_pref(extensions.iminent.vrsn, 1.8.28.3);
user_pref(extensions.iminent.vrsnTs, 1.8.28.316:27:07);
user_pref(extensions.iminent.vrsni, 1.8.28.3);
user_pref(extentions.y2layers.defaultEnableAppsList, DropDownDeals,buzzdock,YontooNewOffers);
user_pref(extentions.y2layers.installId, 99059227-db2b-41e3-a674-2889f973812d);
user_pref(iminent.LayoutId, 1);
user_pref(iminent._oaZGabJJ8Q_, {\cpt\:0,\cpr\:0,\s\:0,\es\:1});
user_pref(iminent.adapters, {\www.iminent.com\:{\CountryCode\:\CL\,\NoAds\:false,\Status\:1,\AdapterKey\:\iminent\,\v\:true,\p\:0,\t\:1,\th\:0.228,\e
user_pref(iminent.enabledAds, obsolete);
user_pref(iminent.externalScripts, {\value\:[{\addonUid\:\10bb6277-6b2b-413e-8d82-ad9398543254\,\name\:\Dealply\,\addonId\:1,\url\:\//I.iminentjs.info/imitin
user_pref(iminent.newtabredirect, true);
user_pref(iminent.nomsi, true);
user_pref(iminent.registerToolbarEvent102, 1397420991889);
user_pref(iminent.searchindex, 1);
user_pref(iminent.trackExternalScripts1, 1397420990345);
user_pref(iminent.trackExternalScripts2, 1397420991577);
user_pref(iminent.trackingInfo, {\state\:0,\samplingRate\:0});
user_pref(iminent.version, 8.15.4.1);
user_pref(iminent.versioning, {\CurrentVersion\:\8.15.4.1\,\InstallEventCTime\:1397420834626,\InstallEvent\:\True\});
Emptied folder: C:\Users\Emilio\AppData\Roaming\mozilla\firefox\profiles\f2czdvom.default\minidumps [203 files]



~~~ Chrome


[C:\Users\Emilio\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Emilio\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Emilio\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Emilio\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15/08/2015 at 18:38:43,46
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
redtarget.gif
Turn system restore on: http://www.pcworld.com/article/2955...indows-10-to-protect-against-bad-updates.html

redtarget.gif
Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Make sure you checkmark Addition.txt box.
  • Press Scan button.
  • Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:14-08-2015 01
Ran by Emilio (administrator) on EMILIO-PC (15-08-2015 20:15:52)
Running from C:\Users\Emilio\Downloads\Elimina troyanos
Loaded Profiles: Emilio (Available Profiles: Emilio & DefaultAppPool)
Platform: Windows 10 Pro (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(cFos Software GmbH) C:\Program Files\ASUS\ROG GameFirst\spd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\DAODx.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
() C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(cFos Software GmbH) C:\Program Files\ASUS\ROG GameFirst\cfosspeed.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(ROCCAT) C:\Program Files (x86)\ROCCAT\Arvo Keyboard\ArvoHID.EXE
(BitTorrent Inc.) C:\Users\Emilio\AppData\Roaming\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Users\Emilio\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\VolPanlu.exe
(Argente Software) C:\Program Files (x86)\Argente - Registry Cleaner\ArgenteRC.exe
(ROCCAT) C:\Program Files (x86)\ROCCAT\Pyra Mouse\PyraMonitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\HelpPane.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [THXCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
HKLM\...\Run: [RunDLLEntry] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\AmbRunE.dll,RunDLLEntry
HKLM\...\Run: [ROG GameFirst] => C:\Program Files\ASUS\ROG GameFirst\cFosSpeed.exe [1305272 2010-11-22] (cFos Software GmbH)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\THXAudioCP\THXAudio.exe [1349632 2010-06-11] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\VolPanlu.exe [241789 2010-02-18] (Creative Technology Ltd)
HKLM-x32\...\Run: [ArgenteRC] => C:\Program Files (x86)\Argente - Registry Cleaner\ArgenteRC.exe [2759168 2012-10-24] (Argente Software)
HKLM-x32\...\Run: [ROCCAT Pyra Mouse] => C:\Program Files (x86)\ROCCAT\Pyra Mouse\PyraMonitor.EXE [532480 2010-09-07] (ROCCAT)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-08-08] (AVAST Software)
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-05-19] (Google Inc.)
HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\...\Run: [Arvo] => C:\Program Files (x86)\ROCCAT\Arvo Keyboard\ArvoHID.EXE [582144 2010-04-01] (ROCCAT)
HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\...\Run: [uTorrent] => C:\Users\Emilio\AppData\Roaming\uTorrent\uTorrent.exe [1993056 2015-07-19] (BitTorrent Inc.)
HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\...\Run: [OneDrive] => C:\Users\Emilio\AppData\Local\Microsoft\OneDrive\OneDrive.exe [402632 2015-08-08] (Microsoft Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2012-09-11]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-08] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://cl.msn.com/?ocid=iehp
HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=es-CL&Src=MSE&Tid=00032955&OHP=https%3A%2F%2Fpyme.defontana.com%2Fsistema%2Fmain.asp&OSP=http%3A%2F%2Fwww.google.com%2Fsearch%3Fq%3D%7BsearchTerms%7D%26rls%3Dcom.microsoft%3A%7Blanguage%7D%3A%7Breferrer%3Asource%3F%7D%26ie%3D%7BinputEncoding%7D%26oe%3D%7BoutputEncoding%7D%26sourceid%3Die7%26rlz%3D1I7ASUM%5FesCL484
SearchScopes: HKLM -> DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-2491552106-2971991606-1040936953-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2491552106-2971991606-1040936953-1000 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-08] (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-18] (Google Inc.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-08] (AVAST Software)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-18] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-18] (Google Inc.)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll [2013-04-08] (pdfforge GmbH)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-18] (Google Inc.)
Toolbar: HKU\S-1-5-21-2491552106-2971991606-1040936953-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-18] (Google Inc.)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b246c8fa-33fb-4750-ab13-0d08df709706}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Emilio\AppData\Roaming\Mozilla\Firefox\Profiles\f2czdvom.default
FF Homepage: https://www.google.cl/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-07-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-07-13] (NVIDIA Corporation)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Emilio\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-05-27] (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2491552106-2971991606-1040936953-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2013-08-17] ()
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\linkfilter@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-05-28]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-08-08]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Emilio\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Wallet) - C:\Users\Emilio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-18]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-08-08]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-08-08]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [922240 2011-06-13] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [915584 2010-12-01] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-08] (AVAST Software)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2255064 2013-10-28] (Broadcom Corporation.)
R3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [326144 2015-07-10] (Microsoft Corporation)
S3 CDPSvc; C:\Windows\System32\CDPSvc.dll [134144 2015-07-10] (Microsoft Corporation)
R2 cFosSpeedS; C:\Program Files\ASUS\ROG GameFirst\spd.exe [487096 2010-11-22] (cFos Software GmbH)
R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [808856 2015-08-07] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [510976 2015-08-07] (Microsoft Corporation)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2012-05-19] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2012-05-19] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2009-08-28] (Creative Technology Ltd) [File not signed]
S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [27136 2015-07-10] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [267776 2015-07-10] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [193024 2015-07-10] (Microsoft Corporation)
S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [87040 2015-07-10] (Microsoft Corporation)
S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [275456 2015-07-10] (Microsoft Corporation)
S3 icssvc; C:\Windows\System32\tetheringservice.dll [148992 2015-08-07] (Microsoft Corporation)
R3 lfsvc; C:\Windows\SysWOW64\lfsvc.dll [22528 2015-07-10] (Microsoft Corporation)
R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [21504 2015-07-10] (Microsoft Corporation)
R2 MapsBroker; C:\Windows\System32\moshost.dll [62464 2015-07-10] (Microsoft Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc.)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-08-07] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1900728 2013-06-09] (Microsoft Corporation)
S2 OneSyncSvc; C:\Windows\System32\APHostService.dll [296960 2015-07-10] (Microsoft Corporation)
R2 OneSyncSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R2 OneSyncSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S3 PimIndexMaintenanceSvc; C:\Windows\System32\PimIndexMaintenance.dll [289280 2015-07-10] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 RetailDemo; C:\Windows\system32\RDXService.dll [988672 2015-08-02] (Microsoft Corporation)
S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1031680 2015-08-07] (Microsoft Corporation)
R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [2674176 2015-07-10] (Microsoft Corporation)
R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [2049024 2015-07-10] (Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\System32\unistore.dll [1203200 2015-08-07] (Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\SysWOW64\unistore.dll [925696 2015-08-07] (Microsoft Corporation)
R3 UnistoreSvc_Session1; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 UnistoreSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 UserDataSvc; C:\Windows\System32\userdataservice.dll [1420288 2015-07-30] (Microsoft Corporation)
R3 UserDataSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 UserDataSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 vmicvmsession; C:\Windows\System32\ICSvc.dll [506880 2015-07-10] (Microsoft Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-08-07] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-08-07] (Microsoft Corporation)
S3 WalletService; C:\Windows\system32\WalletService.dll [504320 2015-07-10] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [918016 2015-07-10] (Microsoft Corporation)
S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1149440 2015-07-10] (Microsoft Corporation)
S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1019392 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ArvoFltr; C:\Windows\system32\drivers\ArvoFltr.sys [15872 2009-05-06] (ROCCAT Development, Inc.)
R0 asahci64; C:\Windows\System32\drivers\asahci64.sys [36448 2011-03-23] (Asmedia Technology)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-08] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-08] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-08] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-08] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-08] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-08] (AVAST Software)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-07-10] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [36864 2015-07-10] (Microsoft Corporation)
R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys [39936 2015-07-10] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3436896 2015-07-10] (QLogic Corporation)
R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [83968 2015-07-10] (Microsoft Corporation)
S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [20992 2015-07-10] (Microsoft Corporation)
R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2015-07-10] (Microsoft Corporation)
S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [424800 2015-07-10] (Mellanox)
S3 IoQos; C:\Windows\System32\drivers\ioqos.sys [26624 2015-07-10] (Microsoft Corporation)
S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [99168 2015-07-10] (Avago Technologies)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [705376 2015-07-10] (Mellanox)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-08-07] (Microsoft Corporation)
S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [76128 2015-07-10] (Mellanox)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [61952 2015-07-10] (Microsoft Corporation)
R3 swenum; C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys [17760 2015-07-10] (Microsoft Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-08-15] ()
S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [61952 2015-07-10] (Microsoft Corporation)
S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [46080 2015-08-07] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [106520 2015-07-10] (Microsoft Corporation)
R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [17944 2015-07-10] (Microsoft Corporation)
S3 WinMad; C:\Windows\System32\drivers\winmad.sys [26976 2015-07-10] (Mellanox)
S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [59232 2015-07-10] (Mellanox)
S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [222720 2015-07-10] (Microsoft Corporation)
S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [25600 2015-07-10] (Microsoft Corporation)
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: dosvc -> C:\Windows\system32\dosvc.dll (Microsoft Corporation)
NETSVC: DcpSvc -> C:\Windows\system32\dcpsvc.dll (Microsoft Corporation)
NETSVC: NetSetupSvc -> C:\Windows\System32\NetSetupSvc.dll (Microsoft Corporation)
NETSVC: dmwappushservice -> C:\Windows\system32\dmwappushsvc.dll (Microsoft Corporation)
NETSVC: XblGameSave -> C:\Windows\System32\XblGameSave.dll (Microsoft Corporation)
NETSVC: XboxNetApiSvc -> C:\Windows\system32\XboxNetApiSvc.dll (Microsoft Corporation)
NETSVC: UsoSvc -> C:\Windows\system32\usocore.dll (Microsoft Corporation)
NETSVC: UserManager -> C:\Windows\System32\usermgr.dll (Microsoft Corporation)
NETSVC: DmEnrollmentSvc -> C:\Windows\system32\Windows.Internal.Management.dll (Microsoft Corporation)
NETSVC: XblAuthManager -> C:\Windows\System32\XblAuthManager.dll (Microsoft Corporation)
NETSVC: RetailDemo -> C:\Windows\system32\RDXService.dll (Microsoft Corporation)
NETSVCx32: NetSetupSvc -> C:\Windows\SysWOW64\NetSetupSvc.dll ==> No File
NETSVCx32: UserManager -> C:\Windows\SysWOW64\usermgr.dll ==> No File

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-15 19:26 - 2015-08-15 19:26 - 00016148 _____ C:\WINDOWS\system32\EMILIO-PC_Emilio_HistoryPrediction.bin
2015-08-15 18:37 - 2015-08-12 05:57 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-08-15 18:37 - 2015-08-12 05:22 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-08-15 18:03 - 2015-08-15 18:03 - 00000308 _____ C:\AdwCleaner[S2].txt
2015-08-15 17:33 - 2015-08-15 17:33 - 00000000 ____D C:\AdwCleaner
2015-08-15 16:41 - 2015-08-15 19:35 - 00000000 ____D C:\Users\Emilio\Downloads\Elimina troyanos
2015-08-15 16:31 - 2015-08-15 17:06 - 00000000 ____D C:\ProgramData\RogueKiller
2015-08-15 16:31 - 2015-08-15 16:31 - 00035064 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-08-15 13:35 - 2015-08-15 20:15 - 00000000 ____D C:\FRST
2015-08-13 19:13 - 2015-08-08 04:30 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-13 19:13 - 2015-08-08 04:29 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-13 19:13 - 2015-08-08 04:19 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-08-13 19:13 - 2015-08-08 04:01 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-13 19:13 - 2015-08-08 03:48 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-08-13 19:13 - 2015-08-08 03:40 - 00365056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-13 19:13 - 2015-08-08 03:24 - 02415104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-13 19:13 - 2015-08-08 03:24 - 01679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-13 19:13 - 2015-08-08 03:22 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-13 19:13 - 2015-08-08 03:21 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2015-08-13 19:13 - 2015-08-08 03:15 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-13 19:13 - 2015-08-08 03:00 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-13 19:13 - 2015-08-06 00:18 - 00290768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2015-08-13 19:13 - 2015-08-06 00:17 - 00237392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2015-08-13 19:13 - 2015-08-06 00:17 - 00200528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2015-08-13 19:13 - 2015-08-05 23:36 - 21874176 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-08-13 19:13 - 2015-08-05 23:22 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2015-08-13 19:13 - 2015-08-05 23:03 - 18805248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-08-13 19:13 - 2015-08-05 01:49 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-08-13 19:13 - 2015-08-05 01:29 - 00644128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-08-13 19:13 - 2015-08-05 01:03 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-08-13 19:13 - 2015-08-05 01:00 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2015-08-13 19:13 - 2015-08-05 00:54 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-08-13 19:13 - 2015-08-05 00:47 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-08-13 19:13 - 2015-08-05 00:47 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-08-13 19:13 - 2015-08-05 00:43 - 01916416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-08-13 19:13 - 2015-08-05 00:39 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2015-08-13 19:13 - 2015-08-04 01:08 - 02462648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-08-13 19:13 - 2015-08-04 01:07 - 00102752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-13 19:13 - 2015-08-04 01:06 - 00583128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-08-13 19:13 - 2015-08-04 01:06 - 00243248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-08-13 19:13 - 2015-08-04 00:50 - 02151208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-08-13 19:13 - 2015-08-04 00:23 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2015-08-13 19:13 - 2015-08-04 00:21 - 16709120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-13 19:13 - 2015-08-04 00:10 - 13025792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-13 19:13 - 2015-08-03 23:59 - 01212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-08-13 19:13 - 2015-08-03 23:47 - 00898560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-08-13 19:13 - 2015-08-02 23:32 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2015-08-13 19:13 - 2015-08-02 23:28 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2015-08-13 19:13 - 2015-08-02 23:19 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-08-13 19:13 - 2015-08-02 23:19 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-08-13 19:13 - 2015-08-02 23:18 - 08613200 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2015-08-13 19:13 - 2015-08-02 23:18 - 01983840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-08-13 19:13 - 2015-08-02 23:18 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2015-08-13 19:13 - 2015-08-02 23:18 - 00046432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpiowin32.sys
2015-08-13 19:13 - 2015-08-02 23:17 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-08-13 19:13 - 2015-08-02 23:17 - 00052264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2015-08-13 19:13 - 2015-08-02 23:13 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-13 19:13 - 2015-08-02 23:12 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-08-13 19:13 - 2015-08-02 22:56 - 06878256 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2015-08-13 19:13 - 2015-08-02 22:50 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-13 19:13 - 2015-08-02 22:49 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-08-13 19:13 - 2015-08-02 22:31 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-08-13 19:13 - 2015-08-02 22:30 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2015-08-13 19:13 - 2015-08-02 22:24 - 24592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-13 19:13 - 2015-08-02 22:24 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-08-13 19:13 - 2015-08-02 22:24 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-08-13 19:13 - 2015-08-02 22:24 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2015-08-13 19:13 - 2015-08-02 22:23 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2015-08-13 19:13 - 2015-08-02 22:23 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2015-08-13 19:13 - 2015-08-02 22:22 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-08-13 19:13 - 2015-08-02 22:22 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-08-13 19:13 - 2015-08-02 22:22 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-08-13 19:13 - 2015-08-02 22:22 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll
2015-08-13 19:13 - 2015-08-02 22:21 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2015-08-13 19:13 - 2015-08-02 22:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-13 19:13 - 2015-08-02 22:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-13 19:13 - 2015-08-02 22:18 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-13 19:13 - 2015-08-02 22:18 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-08-13 19:13 - 2015-08-02 22:18 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-08-13 19:13 - 2015-08-02 22:18 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
2015-08-13 19:13 - 2015-08-02 22:15 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-08-13 19:13 - 2015-08-02 22:15 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-08-13 19:13 - 2015-08-02 22:15 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-08-13 19:13 - 2015-08-02 22:15 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2015-08-13 19:13 - 2015-08-02 22:15 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-08-13 19:13 - 2015-08-02 22:15 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2015-08-13 19:13 - 2015-08-02 22:14 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-08-13 19:13 - 2015-08-02 22:14 - 00247808 _____ C:\WINDOWS\system32\facecredentialprovider.dll
2015-08-13 19:13 - 2015-08-02 22:12 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-13 19:13 - 2015-08-02 22:12 - 01890304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-13 19:13 - 2015-08-02 22:12 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2015-08-13 19:13 - 2015-08-02 22:12 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-08-13 19:13 - 2015-08-02 22:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2015-08-13 19:13 - 2015-08-02 22:11 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2015-08-13 19:13 - 2015-08-02 22:11 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-08-13 19:13 - 2015-08-02 22:10 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-08-13 19:13 - 2015-08-02 22:06 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-13 19:13 - 2015-08-02 22:03 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-08-13 19:13 - 2015-08-02 22:02 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-08-13 19:13 - 2015-08-02 22:02 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-08-13 19:13 - 2015-08-02 22:01 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-13 19:13 - 2015-08-02 22:00 - 01593856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-13 19:13 - 2015-08-02 21:59 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2015-08-13 19:11 - 2015-08-13 19:11 - 00001248 _____ C:\Users\Emilio\Desktop\Mameui64 - Acceso directo.lnk
2015-08-10 19:13 - 2015-08-10 19:13 - 00000000 ____D C:\Users\Emilio\AppData\Roaming\MPC-HC
2015-08-10 19:12 - 2015-08-10 19:12 - 00001743 _____ C:\Users\Emilio\Desktop\MPC-HC x64.lnk
2015-08-10 19:12 - 2015-08-10 19:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2015-08-10 19:12 - 2015-08-10 19:12 - 00000000 ____D C:\Program Files\MPC-HC
2015-08-10 19:11 - 2015-08-10 19:11 - 13144368 _____ (MPC-HC Team ) C:\Users\Emilio\Downloads\MPC-HC.1.7.9.x64.exe
2015-08-10 19:07 - 2015-08-10 19:07 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-08-09 16:08 - 2015-08-09 16:08 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-08-09 12:13 - 2015-08-09 12:13 - 00000000 ____D C:\Users\Emilio\AppData\Local\PeerDistRepub
2015-08-09 08:04 - 2015-07-30 03:24 - 01561872 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-08-09 08:04 - 2015-07-30 03:23 - 00527952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-08-09 08:04 - 2015-07-30 03:21 - 00816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-08-09 08:04 - 2015-07-30 03:17 - 01200400 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-08-09 08:04 - 2015-07-30 03:17 - 01025840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-08-09 08:04 - 2015-07-30 03:16 - 02147080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2015-08-09 08:04 - 2015-07-30 03:15 - 00632168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2015-08-09 08:04 - 2015-07-30 03:14 - 00333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-08-09 08:04 - 2015-07-30 03:09 - 01562968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-08-09 08:04 - 2015-07-30 03:06 - 01043872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-08-09 08:04 - 2015-07-30 03:05 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-09 08:04 - 2015-07-30 03:05 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-08-09 08:04 - 2015-07-30 03:04 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-08-09 08:04 - 2015-07-30 03:03 - 02116448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-08-09 08:04 - 2015-07-30 02:24 - 00252768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-08-09 08:04 - 2015-07-30 01:42 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-08-09 08:04 - 2015-07-30 01:29 - 00705520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-08-09 08:04 - 2015-07-30 01:26 - 01867160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2015-08-09 08:04 - 2015-07-30 01:26 - 00877016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-08-09 08:04 - 2015-07-30 01:25 - 01356368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-08-09 08:04 - 2015-07-30 01:25 - 00713312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-08-09 08:04 - 2015-07-30 01:24 - 01769056 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-08-09 08:04 - 2015-07-30 01:24 - 00445240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-08-09 08:04 - 2015-07-30 01:24 - 00407616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-08-09 08:04 - 2015-07-30 01:24 - 00285632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-08-09 08:04 - 2015-07-30 01:22 - 00896144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-08-09 08:04 - 2015-07-30 01:22 - 00507696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2015-08-09 08:04 - 2015-07-30 01:21 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-08-09 08:04 - 2015-07-30 01:12 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-08-09 08:04 - 2015-07-30 01:12 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-08-09 08:04 - 2015-07-30 01:09 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-08-09 08:04 - 2015-07-30 01:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-08-09 08:04 - 2015-07-30 01:08 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-08-09 08:04 - 2015-07-30 01:08 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2015-08-09 08:04 - 2015-07-30 00:59 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-08-09 08:04 - 2015-07-30 00:52 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-08-09 08:04 - 2015-07-30 00:52 - 00521216 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-08-09 08:04 - 2015-07-30 00:52 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2015-08-09 08:04 - 2015-07-30 00:49 - 11557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-08-09 08:04 - 2015-07-30 00:49 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-08-09 08:04 - 2015-07-30 00:49 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-09 08:04 - 2015-07-30 00:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-08-09 08:04 - 2015-07-30 00:46 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-08-09 08:04 - 2015-07-30 00:46 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-08-09 08:04 - 2015-07-30 00:46 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-08-09 08:04 - 2015-07-30 00:45 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2015-08-09 08:04 - 2015-07-30 00:45 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2015-08-09 08:04 - 2015-07-30 00:44 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-08-09 08:04 - 2015-07-30 00:44 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-08-09 08:04 - 2015-07-30 00:44 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-08-09 08:04 - 2015-07-30 00:44 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-08-09 08:04 - 2015-07-30 00:44 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-08-09 08:04 - 2015-07-30 00:44 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoiceActivationManager.dll
2015-08-09 08:04 - 2015-07-30 00:42 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-08-09 08:04 - 2015-07-30 00:41 - 00407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-08-09 08:04 - 2015-07-30 00:41 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2015-08-09 08:04 - 2015-07-30 00:40 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-08-09 08:04 - 2015-07-30 00:38 - 01420288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-08-09 08:04 - 2015-07-30 00:38 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2015-08-09 08:04 - 2015-07-30 00:34 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-08-09 08:04 - 2015-07-30 00:29 - 00654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-08-09 08:04 - 2015-07-30 00:15 - 09889792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-08-09 08:04 - 2015-07-30 00:10 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-08-09 08:04 - 2015-07-30 00:10 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-09 08:04 - 2015-07-30 00:07 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2015-08-09 08:04 - 2015-07-30 00:06 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-08-09 08:04 - 2015-07-30 00:06 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-08-09 08:04 - 2015-07-30 00:06 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2015-08-09 08:04 - 2015-07-30 00:06 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoiceActivationManager.dll
2015-08-09 08:04 - 2015-07-30 00:04 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-08-09 08:04 - 2015-07-30 00:04 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-08-09 08:04 - 2015-07-29 23:59 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-08-09 08:04 - 2015-07-29 23:58 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-08-08 12:47 - 2015-08-08 12:47 - 00000000 ____D C:\Users\Emilio\AppData\Roaming\AVAST Software
2015-08-08 12:46 - 2015-08-13 19:08 - 01048344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-08-08 12:46 - 2015-08-08 12:46 - 00447944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-08-08 12:46 - 2015-08-08 12:46 - 00378880 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-08-08 12:46 - 2015-08-08 12:46 - 00274808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-08-08 12:46 - 2015-08-08 12:46 - 00150672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-08-08 12:46 - 2015-08-08 12:46 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-08-08 12:46 - 2015-08-08 12:46 - 00090968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-08-08 12:46 - 2015-08-08 12:46 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-08-08 12:46 - 2015-08-08 12:46 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-08-08 12:46 - 2015-08-08 12:46 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-08-08 12:46 - 2015-08-08 12:46 - 00004006 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-08-08 12:46 - 2015-08-08 12:46 - 00001967 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-08-08 12:46 - 2015-08-08 12:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-08-08 12:45 - 2015-08-08 12:45 - 00000000 ____D C:\Program Files\AVAST Software
2015-08-08 12:44 - 2015-08-08 12:44 - 00000000 ____D C:\ProgramData\AVAST Software
2015-08-08 09:05 - 2015-08-08 09:05 - 00000000 ___HD C:\OneDriveTemp
2015-08-08 09:03 - 2015-08-08 09:05 - 00000000 ____D C:\Users\Emilio\AppData\Local\Comms
2015-08-08 08:58 - 2015-08-15 12:55 - 00000000 ____D C:\Users\Emilio\AppData\Local\MicrosoftEdge
2015-08-08 08:58 - 2015-08-08 08:58 - 00002134 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-08-08 08:48 - 2015-07-13 14:17 - 00572048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-08-08 08:46 - 2015-08-08 08:46 - 42730128 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 37748880 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 30518928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 22972560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 18514616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 16159608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 16009800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 15892904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 14510584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 13274560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 12972336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 11842680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 11139216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-08-08 08:46 - 2015-08-08 08:46 - 03344672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 02955832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 02360976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 02163856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 01898312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435354.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435354.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 01165192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 01061192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 01052488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 00991336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 00983368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 00976528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 00177088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 00155280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 00150832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-08-08 08:46 - 2015-08-08 08:46 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-08-08 08:45 - 2015-08-15 19:27 - 00000000 ___RD C:\Users\Emilio\OneDrive
2015-08-08 08:45 - 2015-08-08 08:46 - 00002412 _____ C:\Users\Emilio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-08-08 08:44 - 2015-08-08 08:44 - 00001051 _____ C:\Users\Emilio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Funciones opcionales.lnk
2015-08-08 08:44 - 2015-08-08 08:44 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2015-08-08 08:44 - 2015-07-09 20:39 - 04847104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2015-08-08 08:44 - 2015-07-09 20:36 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2015-08-08 08:44 - 2015-07-09 20:28 - 06358016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2015-08-08 08:44 - 2015-07-09 20:25 - 05739520 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2015-08-08 08:44 - 2015-07-09 20:25 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2015-08-08 08:43 - 2015-08-08 08:43 - 00000000 ____D C:\Users\Emilio\AppData\Local\Publishers
2015-08-08 08:42 - 2015-08-09 08:05 - 00000000 ____D C:\Users\Emilio\AppData\Local\Packages
2015-08-08 08:42 - 2015-08-08 08:42 - 00000020 ___SH C:\Users\Emilio\ntuser.ini
2015-08-08 08:42 - 2015-08-08 08:42 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2015-08-08 08:42 - 2015-08-08 08:42 - 00000000 _SHDL C:\Users\DefaultAppPool\Reciente
2015-08-08 08:42 - 2015-08-08 08:42 - 00000000 _SHDL C:\Users\DefaultAppPool\Plantillas
2015-08-08 08:42 - 2015-08-08 08:42 - 00000000 _SHDL C:\Users\DefaultAppPool\Mis documentos
2015-08-08 08:42 - 2015-08-08 08:42 - 00000000 _SHDL C:\Users\DefaultAppPool\Menú Inicio
2015-08-08 08:42 - 2015-08-08 08:42 - 00000000 _SHDL C:\Users\DefaultAppPool\Impresoras
2015-08-08 08:42 - 2015-08-08 08:42 - 00000000 _SHDL C:\Users\DefaultAppPool\Entorno de red
2015-08-08 08:42 - 2015-08-08 08:42 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Mis vídeos
2015-08-08 08:42 - 2015-08-08 08:42 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Mis imágenes
2015-08-08 08:42 - 2015-08-08 08:42 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Mi música
2015-08-08 08:42 - 2015-08-08 08:42 - 00000000 _SHDL C:\Users\DefaultAppPool\Datos de programa
2015-08-08 08:42 - 2015-08-08 08:42 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2015-08-08 08:42 - 2015-08-08 08:42 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Historial
2015-08-08 08:42 - 2015-08-08 08:42 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Datos de programa
2015-08-08 08:42 - 2015-08-08 08:42 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Archivos temporales de Internet
2015-08-08 08:42 - 2015-08-08 08:42 - 00000000 ____D C:\Users\Emilio\AppData\Local\TileDataLayer
2015-08-08 08:42 - 2015-08-08 08:42 - 00000000 ____D C:\Users\DefaultAppPool
2015-08-08 08:42 - 2015-08-07 23:28 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-08 08:42 - 2015-07-10 08:04 - 00000000 __RSD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-08-08 08:42 - 2015-07-10 08:04 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-08 08:42 - 2015-07-10 08:04 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-08 08:42 - 2015-07-10 08:04 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default\Reciente
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default\Plantillas
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default\Mis documentos
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default\Menú Inicio
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default\Impresoras
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default\Entorno de red
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default\Documents\Mis vídeos
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default\Documents\Mis imágenes
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default\Documents\Mi música
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default\Datos de programa
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default\AppData\Local\Historial
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default\AppData\Local\Datos de programa
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default\AppData\Local\Archivos temporales de Internet
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default User\Documents\Mis vídeos
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default User\Documents\Mis imágenes
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default User\Documents\Mi música
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Historial
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Datos de programa
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Archivos temporales de Internet
2015-08-07 23:38 - 2015-08-07 23:38 - 00000000 __SHD C:\Recovery
2015-08-07 23:37 - 2015-08-07 23:37 - 00023076 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-08-07 23:35 - 2015-08-13 19:22 - 00002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-07 23:31 - 2015-07-10 07:59 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-08-07 23:28 - 2015-08-07 23:28 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-08-07 23:25 - 2015-08-07 23:25 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2015-08-07 23:23 - 2015-08-15 17:19 - 00000000 ____D C:\Users\Emilio
2015-08-07 23:23 - 2015-08-08 08:42 - 00000000 ___RD C:\Users\Emilio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-07 23:23 - 2015-08-07 23:23 - 00000000 _SHDL C:\Users\Emilio\Reciente
2015-08-07 23:23 - 2015-08-07 23:23 - 00000000 _SHDL C:\Users\Emilio\Plantillas
2015-08-07 23:23 - 2015-08-07 23:23 - 00000000 _SHDL C:\Users\Emilio\Mis documentos
2015-08-07 23:23 - 2015-08-07 23:23 - 00000000 _SHDL C:\Users\Emilio\Menú Inicio
2015-08-07 23:23 - 2015-08-07 23:23 - 00000000 _SHDL C:\Users\Emilio\Impresoras
2015-08-07 23:23 - 2015-08-07 23:23 - 00000000 _SHDL C:\Users\Emilio\Entorno de red
2015-08-07 23:23 - 2015-08-07 23:23 - 00000000 _SHDL C:\Users\Emilio\Documents\Mis vídeos
2015-08-07 23:23 - 2015-08-07 23:23 - 00000000 _SHDL C:\Users\Emilio\Documents\Mis imágenes
2015-08-07 23:23 - 2015-08-07 23:23 - 00000000 _SHDL C:\Users\Emilio\Documents\Mi música
2015-08-07 23:23 - 2015-08-07 23:23 - 00000000 _SHDL C:\Users\Emilio\Datos de programa
2015-08-07 23:23 - 2015-08-07 23:23 - 00000000 _SHDL C:\Users\Emilio\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2015-08-07 23:23 - 2015-08-07 23:23 - 00000000 _SHDL C:\Users\Emilio\AppData\Local\Historial
2015-08-07 23:23 - 2015-08-07 23:23 - 00000000 _SHDL C:\Users\Emilio\AppData\Local\Datos de programa
2015-08-07 23:23 - 2015-08-07 23:23 - 00000000 _SHDL C:\Users\Emilio\AppData\Local\Archivos temporales de Internet
2015-08-07 23:23 - 2015-07-10 08:04 - 00000000 __RSD C:\Users\Emilio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-08-07 23:23 - 2015-07-10 08:04 - 00000000 ___RD C:\Users\Emilio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-07 23:23 - 2015-07-10 08:04 - 00000000 ___RD C:\Users\Emilio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-07 23:23 - 2015-07-10 08:04 - 00000000 ____D C:\Users\Emilio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-07 23:20 - 2015-08-15 19:02 - 02129912 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-07 23:20 - 2015-08-07 23:20 - 02032978 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-08-07 23:20 - 2015-08-07 23:20 - 00021209 _____ C:\WINDOWS\iis.log
2015-08-07 23:15 - 2015-08-09 11:32 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-07 23:15 - 2015-08-08 08:49 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-08-07 23:15 - 2015-08-07 23:25 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-08-07 23:15 - 2015-08-07 23:15 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-08-07 23:15 - 2015-08-07 23:15 - 00000000 ____D C:\Program Files\Realtek
2015-08-07 23:13 - 2015-08-07 23:13 - 00023867 _____ C:\WINDOWS\system32\NetSetupMig.log
2015-08-07 23:12 - 2015-08-15 18:24 - 00010144 _____ C:\WINDOWS\PFRO.log
2015-08-07 22:43 - 2015-08-07 23:37 - 00006696 _____ C:\WINDOWS\comsetup.log
2015-08-07 22:40 - 2015-08-07 23:38 - 00010449 _____ C:\WINDOWS\diagerr.xml
2015-08-07 22:40 - 2015-08-07 23:38 - 00009528 _____ C:\WINDOWS\diagwrn.xml
2015-08-07 19:11 - 2015-08-08 08:40 - 00000000 ___DC C:\WINDOWS\Panther
2015-08-07 19:08 - 2015-08-07 19:08 - 00000000 ____D C:\Windows.old
2015-08-07 19:07 - 2015-08-07 19:07 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 07051264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 06488312 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 06305792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 05118024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 05076480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 04760576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 04611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 04398080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 04350464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 03687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 03362816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 02878000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 02741760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 02606080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 02224128 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 02207744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 02112512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01591856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01521664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01411072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01365072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-08-07 19:07 - 2015-08-07 19:07 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-07 19:07 - 2015-08-07 19:07 - 01135312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01101792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01085776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-08-07 19:07 - 2015-08-07 19:07 - 00991584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-08-07 19:07 - 2015-08-07 19:07 - 00966424 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00934752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2015-08-07 19:07 - 2015-08-07 19:07 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00916800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00823336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00808856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
 
2015-08-07 19:07 - 2015-08-07 19:07 - 00762896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00750592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00695136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00630160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00607008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-08-07 19:07 - 2015-08-07 19:07 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efscore.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00569344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2015-08-07 19:07 - 2015-08-07 19:07 - 00562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00521568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00505344 _____ C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-08-07 19:07 - 2015-08-07 19:07 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00425824 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00412672 _____ C:\WINDOWS\system32\diagtrack_win.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00403968 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00335248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00325984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2015-08-07 19:07 - 2015-08-07 19:07 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00290312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00265480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00242264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00208736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OmaDmAgent.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00082616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2015-08-07 19:07 - 2015-08-07 19:07 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00061280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-08-07 19:07 - 2015-08-07 19:07 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmprc.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2015-08-07 19:07 - 2015-08-07 19:07 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00032768 _____ C:\WINDOWS\system32\LicenseManagerApi.dll
2015-08-07 19:07 - 2015-08-07 19:07 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-08-07 19:03 - 2015-08-07 19:03 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-08-07 18:57 - 2015-08-07 18:57 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-08-07 18:57 - 2015-08-07 18:57 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2015-08-07 18:57 - 2015-08-07 18:57 - 00000000 ____D C:\WINDOWS\system32\msmq
2015-08-07 18:57 - 2015-08-07 18:57 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2015-08-07 18:57 - 2015-08-07 18:57 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-08-07 18:57 - 2015-08-07 18:57 - 00000000 ____D C:\Program Files\MSBuild
2015-08-07 18:57 - 2015-08-07 18:57 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-08-07 18:57 - 2015-08-07 18:57 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-08-07 18:57 - 2015-08-07 18:57 - 00000000 ____D C:\inetpub
2015-08-07 18:56 - 2015-06-17 14:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-08-07 18:56 - 2015-06-17 14:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-07 18:56 - 2015-06-17 14:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-08-07 18:56 - 2015-05-29 17:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-08-07 18:56 - 2015-05-29 17:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-07 18:56 - 2015-05-29 17:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-08-07 14:09 - 2015-08-15 19:28 - 00000000 ____D C:\Users\Emilio\AppData\Local\CrashDumps
2015-08-07 13:54 - 2015-08-07 13:54 - 01331823 _____ (Igor Pavlov) C:\Users\Emilio\Downloads\7z1505-x64.exe
2015-08-06 19:30 - 2015-08-07 11:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-25 19:51 - 2015-08-07 23:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-07-25 19:51 - 2015-07-25 19:51 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-07-23 04:02 - 2015-08-08 08:46 - 00031976 _____ C:\WINDOWS\system32\nvinfo.pb
2015-07-23 04:02 - 2015-07-23 04:02 - 01898128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435362.dll
2015-07-23 04:02 - 2015-07-23 04:02 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435362.dll
2015-07-19 15:34 - 2015-07-19 15:34 - 00002645 _____ C:\Users\Emilio\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-07-19 15:31 - 2015-07-19 15:31 - 01993056 _____ (BitTorrent Inc.) C:\Users\Emilio\Downloads\uTorrent.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-15 20:13 - 2015-07-10 09:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-15 20:12 - 2013-05-21 20:04 - 00000000 ____D C:\Users\Emilio\AppData\Roaming\uTorrent
2015-08-15 19:57 - 2014-03-02 14:14 - 00000000 ____D C:\Users\Emilio\AppData\Local\Battle.net
2015-08-15 19:56 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-15 19:02 - 2015-07-10 13:26 - 00926026 _____ C:\WINDOWS\system32\perfh00A.dat
2015-08-15 19:02 - 2015-07-10 13:26 - 00206298 _____ C:\WINDOWS\system32\perfc00A.dat
2015-08-15 18:55 - 2015-07-10 09:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-15 18:55 - 2012-05-19 17:56 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-15 18:54 - 2015-07-10 06:05 - 00131072 ___SH C:\WINDOWS\system32\config\BBI
2015-08-15 18:44 - 2015-07-10 07:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-15 17:38 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-15 17:28 - 2014-04-14 21:54 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-08-15 17:22 - 2015-07-10 09:20 - 00194096 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-15 17:21 - 2012-07-02 23:33 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-15 17:21 - 2012-07-02 23:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-15 17:20 - 2015-07-10 08:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-15 17:20 - 2015-07-10 08:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-15 17:20 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-08-15 17:20 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-15 17:20 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-15 17:20 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-08-13 19:21 - 2013-08-16 02:49 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-13 19:15 - 2014-03-02 14:14 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-08-13 19:15 - 2012-07-02 23:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-13 19:15 - 2012-05-19 19:08 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-10 19:07 - 2015-07-10 09:20 - 00022680 _____ C:\WINDOWS\setupact.log
2015-08-09 11:26 - 2012-11-03 21:42 - 00000000 ____D C:\ProgramData\SUS
2015-08-09 03:23 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\appcompat
2015-08-08 12:38 - 2015-07-10 08:06 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 12:38 - 2015-07-10 08:06 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-08 08:58 - 2012-09-30 12:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-08-08 08:44 - 2015-07-10 13:26 - 00000000 ____D C:\WINDOWS\OCR
2015-08-08 08:42 - 2015-07-10 08:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-08-08 08:42 - 2015-07-10 08:04 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-08-08 08:42 - 2015-07-10 08:04 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-08-08 08:42 - 2015-07-10 08:04 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-08-08 08:42 - 2013-03-04 18:31 - 00001864 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
2015-08-07 23:40 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\rescache
2015-08-07 23:38 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\Registration
2015-08-07 23:38 - 2015-07-10 08:04 - 00000000 ____D C:\Program Files\Windows NT
2015-08-07 23:38 - 2015-07-10 06:05 - 00000000 __RHD C:\Users\Default
2015-08-07 23:37 - 2015-07-10 08:04 - 00000000 __RSD C:\WINDOWS\Media
2015-08-07 23:37 - 2015-07-10 08:04 - 00000000 __RHD C:\Users\Public\Libraries
2015-08-07 23:37 - 2014-12-25 13:45 - 00003996 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-08-07 23:37 - 2014-01-05 13:53 - 00003196 _____ C:\WINDOWS\System32\Tasks\{C2654699-73B3-41F4-B919-79AFE2EA44CC}
2015-08-07 23:37 - 2013-07-30 20:03 - 00003270 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2015-08-07 23:37 - 2013-07-30 20:03 - 00003214 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2015-08-07 23:37 - 2013-07-30 20:03 - 00003212 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2015-08-07 23:37 - 2013-06-29 21:03 - 00003194 _____ C:\WINDOWS\System32\Tasks\{B16EA617-C534-4B29-BF08-62A66B3E1447}
2015-08-07 23:37 - 2012-09-17 12:32 - 00003284 _____ C:\WINDOWS\System32\Tasks\{7C2DF542-B42C-493F-8D5C-C71567379154}
2015-08-07 23:37 - 2012-08-01 00:00 - 00003078 _____ C:\WINDOWS\System32\Tasks\{D502BBCB-717E-4445-9A95-C5554871F43B}
2015-08-07 23:37 - 2012-07-31 23:59 - 00003078 _____ C:\WINDOWS\System32\Tasks\{674184BB-CBE9-4293-A892-3E921EA63E32}
2015-08-07 23:37 - 2012-07-31 23:57 - 00003078 _____ C:\WINDOWS\System32\Tasks\{E76B951C-F9D7-4B83-82E0-F06FCAAD37C4}
2015-08-07 23:37 - 2012-07-31 23:56 - 00003078 _____ C:\WINDOWS\System32\Tasks\{0CAD0A76-0114-4B9C-A492-B99643F9967B}
2015-08-07 23:37 - 2012-05-19 19:23 - 00003244 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2015-08-07 23:37 - 2012-05-19 19:21 - 00003242 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2015-08-07 23:37 - 2012-05-19 17:39 - 00003300 _____ C:\WINDOWS\System32\Tasks\SidebarExecute
2015-08-07 23:37 - 2012-05-19 17:08 - 00004142 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-07 23:37 - 2012-05-19 17:08 - 00003890 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-07 23:35 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\spool
2015-08-07 23:29 - 2015-07-10 08:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-07 23:29 - 2015-07-10 06:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-08-07 23:29 - 2015-05-21 21:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2015-08-07 23:29 - 2015-01-11 12:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RaidCall
2015-08-07 23:29 - 2014-04-14 21:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-07 23:29 - 2014-03-29 21:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-08-07 23:29 - 2014-03-02 17:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2015-08-07 23:29 - 2014-03-02 14:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-08-07 23:29 - 2013-12-25 18:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2015-08-07 23:29 - 2013-08-20 21:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player
2015-08-07 23:29 - 2013-08-16 21:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Argente - Registry Cleaner
2015-08-07 23:29 - 2013-06-29 21:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2015-08-07 23:29 - 2013-05-28 09:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2015-08-07 23:29 - 2013-05-28 09:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect
2015-08-07 23:29 - 2013-05-27 23:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2015-08-07 23:29 - 2013-05-11 18:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Agama2
2015-08-07 23:29 - 2013-03-12 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2015-08-07 23:29 - 2012-11-03 21:42 - 00000000 ____D C:\Users\Emilio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ardamax Keylogger 4.0
2015-08-07 23:29 - 2012-09-26 23:07 - 00000000 ____D C:\WINDOWS\SysWOW64\QuickTime
2015-08-07 23:29 - 2012-09-10 19:44 - 00000000 ____D C:\Users\Emilio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-07 23:29 - 2012-09-10 19:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-07 23:29 - 2012-09-06 18:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2015-08-07 23:29 - 2012-08-28 19:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2015-08-07 23:29 - 2012-08-05 16:13 - 00000000 ____D C:\Users\Emilio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-08-07 23:29 - 2012-08-04 23:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2015-08-07 23:29 - 2012-07-18 22:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-08-07 23:29 - 2012-07-04 23:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter
2015-08-07 23:29 - 2012-07-04 23:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow x64
2015-08-07 23:29 - 2012-05-19 19:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2015-08-07 23:29 - 2012-05-19 18:05 - 00000000 ____D C:\Users\Emilio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EVGA Precision
2015-08-07 23:29 - 2012-05-19 17:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2015-08-07 23:29 - 2012-05-19 17:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-07 23:29 - 2009-07-14 02:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-08-07 23:28 - 2015-07-10 08:05 - 00004362 _____ C:\WINDOWS\DtcInstall.log
2015-08-07 23:28 - 2009-07-14 00:20 - 00000000 ____D C:\Users\Default.migrated
2015-08-07 23:26 - 2015-07-10 13:25 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2015-08-07 23:26 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\zh-HK
2015-08-07 23:26 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\tr-TR
2015-08-07 23:26 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-08-07 23:26 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-08-07 23:26 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\zh-HK
2015-08-07 23:26 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\tr-TR
2015-08-07 23:26 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-08-07 23:26 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\IME
2015-08-07 23:26 - 2012-08-04 22:03 - 00000000 ____D C:\WINDOWS\SysWOW64\xlive
2015-08-07 23:25 - 2015-07-10 10:19 - 00000000 ____D C:\WINDOWS\DigitalLocker
2015-08-07 23:25 - 2015-07-10 08:04 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-08-07 23:25 - 2015-07-10 08:04 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-08-07 23:25 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\schemas
2015-08-07 23:25 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-08-07 23:25 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\Help
2015-08-07 23:25 - 2015-07-10 08:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-08-07 23:25 - 2015-04-06 22:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cooler Master
2015-08-07 23:25 - 2015-03-26 23:00 - 00000000 ____D C:\Program Files\WIDCOMM
2015-08-07 23:25 - 2014-04-19 15:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-08-07 23:25 - 2014-01-05 13:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ROCCAT
2015-08-07 23:25 - 2013-06-29 20:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CAPCOM
2015-08-07 23:25 - 2013-05-21 21:21 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2015-08-07 23:25 - 2012-09-26 23:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3ivx
2015-08-07 23:25 - 2012-05-19 17:42 - 00000000 ____D C:\Program Files\ASUS
2015-08-07 23:25 - 2012-05-19 17:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-08-07 23:25 - 2012-05-19 17:24 - 00000000 ____D C:\Program Files (x86)\ASUS
2015-08-07 23:25 - 2012-05-19 17:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asmedia Technology
2015-08-07 23:25 - 2009-07-14 02:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-08-07 23:24 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-08-07 23:24 - 2012-05-26 12:31 - 00000000 ____D C:\Users\Emilio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ventrilo
2015-08-07 23:20 - 2015-07-10 06:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-08-07 22:47 - 2012-05-19 16:49 - 01982674 _____ C:\WINDOWS\WindowsUpdate (1).log
2015-08-07 22:47 - 2009-07-14 01:45 - 00032208 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-07 22:47 - 2009-07-14 01:45 - 00032208 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-07 22:40 - 2015-07-10 14:09 - 00000000 ___HD C:\$Windows.~BT
2015-08-07 19:11 - 2015-07-10 08:04 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-08-07 19:08 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-08-07 19:08 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-08-07 19:08 - 2015-07-10 06:05 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-08-07 19:08 - 2015-07-10 06:05 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-08-07 18:57 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-08-07 18:57 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-08-07 18:57 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-08-07 18:57 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-08-07 18:57 - 2015-07-10 08:01 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2015-08-07 18:57 - 2015-07-10 08:01 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2015-08-07 18:57 - 2015-07-10 08:01 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2015-08-07 18:57 - 2015-07-10 08:01 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-08-07 18:57 - 2015-07-10 08:01 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2015-08-07 18:57 - 2015-07-10 08:01 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2015-08-07 18:57 - 2015-07-10 08:01 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2015-08-07 18:57 - 2015-07-10 08:01 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2015-08-07 18:57 - 2015-07-10 08:01 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-08-07 18:57 - 2015-07-10 08:01 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2015-08-07 18:57 - 2015-07-10 08:01 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-08-07 18:57 - 2015-07-10 08:01 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-08-07 18:57 - 2015-07-10 08:01 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-08-07 18:57 - 2015-07-10 08:01 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-08-07 18:57 - 2015-07-10 08:01 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-08-07 18:57 - 2015-07-10 08:01 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2015-08-07 18:57 - 2015-07-10 08:00 - 01417728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2015-08-07 18:57 - 2015-07-10 08:00 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2015-08-07 18:57 - 2015-07-10 08:00 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2015-08-07 18:57 - 2015-07-10 08:00 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2015-08-07 18:57 - 2015-07-10 08:00 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2015-08-07 18:57 - 2015-07-10 08:00 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-08-07 18:57 - 2015-07-10 08:00 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2015-08-07 18:57 - 2015-07-10 08:00 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2015-08-07 18:57 - 2015-07-10 08:00 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2015-08-07 18:57 - 2015-07-10 08:00 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2015-08-07 18:57 - 2015-07-10 08:00 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2015-08-07 18:57 - 2015-07-10 08:00 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-08-07 18:57 - 2015-07-10 08:00 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-08-07 18:57 - 2015-07-10 08:00 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2015-08-07 18:57 - 2015-07-10 08:00 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2015-08-07 18:57 - 2015-07-10 08:00 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2015-08-07 18:57 - 2015-07-10 08:00 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2015-08-07 18:57 - 2015-07-10 08:00 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-08-07 18:57 - 2015-07-10 08:00 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-08-07 18:57 - 2015-07-10 08:00 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-08-07 18:57 - 2015-07-10 08:00 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2015-08-07 13:54 - 2014-03-29 21:47 - 00000000 ____D C:\Program Files\7-Zip
2015-08-07 11:22 - 2012-05-19 19:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-25 19:51 - 2012-09-11 19:43 - 00001934 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2015-07-25 19:51 - 2012-09-11 19:43 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-07-21 20:06 - 2014-04-14 21:53 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-07-21 20:06 - 2013-05-26 16:58 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

==================== Files in the root of some directories =======

2008-02-05 15:28 - 2008-02-05 15:28 - 0000051 _____ () C:\Users\Emilio\AppData\Local\setup.txt
2012-05-19 17:18 - 2012-05-19 17:18 - 0000000 _____ () C:\Users\Emilio\AppData\Local\{E59A8083-9242-44D7-9BBC-A13A58223068}
2012-05-19 17:26 - 2014-07-06 20:03 - 0000000 _____ () C:\ProgramData\Gpu.log
2012-11-30 22:21 - 2012-11-30 22:21 - 0000040 _____ () C:\ProgramData\ra3.ini

Some files in TEMP:
====================
C:\Users\Emilio\AppData\Local\Temp\dllnt_dump.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-08-07 23:12

==================== End of log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:14-08-2015 01
Ran by Emilio (2015-08-15 20:16:53)
Running from C:\Users\Emilio\Downloads\Elimina troyanos
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-2491552106-2971991606-1040936953-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2491552106-2971991606-1040936953-503 - Limited - Disabled)
Emilio (S-1-5-21-2491552106-2971991606-1040936953-1000 - Administrator - Enabled) => C:\Users\Emilio
HomeGroupUser$ (S-1-5-21-2491552106-2971991606-1040936953-1006 - Limited - Enabled)
Invitado (S-1-5-21-2491552106-2971991606-1040936953-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\...\uTorrent) (Version: 3.4.3.40760 - BitTorrent Inc.)
3ivx MPEG-4 5.0.4 (remove only) (HKLM-x32\...\3ivx MPEG-4 5.0.4) (Version: 5.0.4 - 3ivx Technologies, Pty. Ltd.)
7-Zip 15.05 beta x64 (HKLM\...\7-Zip) (Version: - )
7-Zip 4.65 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0465-000001000000}) (Version: 4.65.00.0 - Igor Pavlov)
AC3Filter 2.5b (HKLM-x32\...\AC3Filter_is1) (Version: 2.5b - Alexander Vigovsky)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Actualización de NVIDIA 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Agama2 (HKLM-x32\...\{3E082BD8-AC11-450C-A9C6-523DE3FB0213}) (Version: 2.00.01 - KYE)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 1.01.40 - ASUSTeK Computer Inc.)
Aliens vs. Predator (HKLM-x32\...\Steam App 10680) (Version: - Rebellion)
Argente - Registry Cleaner 3.1.0.1 (HKLM-x32\...\Argente - Registry Cleaner_is1) (Version: 3.1.0.1 - Argente Software)
Arvo (HKLM-x32\...\{61DF2893-0069-4E50-A02E-3A41A97CB1B4}) (Version: 1.0 - ROCCAT)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.0.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.2.2.000 - Asmedia Technology)
ASUS ROG Connect Plus (HKLM-x32\...\{ECF51D37-52ED-4871-BF8B-FEA34B8B4120}) (Version: 1.00.14 - ASUSTeK Computer Inc.)
ATI Catalyst Install Manager (HKLM\...\{AB7F4312-8037-4EBF-9D0F-5513CDFD534C}) (Version: 3.0.812.0 - ATI Technologies, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
Batman: Arkham Asylum GOTY Edition (HKLM-x32\...\Steam App 35140) (Version: - Rocksteady Studios Ltd.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.65.1074 - AB Team, d.o.o.)
Centro de Ratón y Teclado de Microsoft (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Centro de Ratón y Teclado de Microsoft (Version: 2.2.173.0 - Microsoft Corporation) Hidden
Company of Heroes (HKLM-x32\...\Steam App 4560) (Version: - Relic)
Dead Island (HKLM-x32\...\Steam App 91310) (Version: - Techland)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
EVGA Precision 2.0.4 (HKLM-x32\...\Precision) (Version: 2.0.4 - EVGA Corporation)
F.E.A.R. (HKLM-x32\...\Steam App 21090) (Version: - Monolith Productions)
ffdshow x64 v1.2.4422 [2012-04-09] (HKLM\...\ffdshow64_is1) (Version: 1.2.4422.0 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6710.2136 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Intel(R) Network Connections 16.4.68.0 (HKLM\...\PROSetDX) (Version: 16.4.68.0 - Intel)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LIMBO (HKLM-x32\...\Steam App 48000) (Version: - )
Magic 2014 (HKLM-x32\...\Steam App 213850) (Version: - Stainless Games)
Malwarebytes Anti-Malware versión 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.149.2 - McAfee, Inc.)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{449EFED6-5F86-4428-8EB2-3DA1F6E67CE4}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 39.0.3 (x86 es-ES) (HKLM-x32\...\Mozilla Firefox 39.0.3 (x86 es-ES)) (Version: 39.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MPC-HC 1.7.9 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.9 - MPC-HC Team)
NVIDIA Controlador de 3D Vision 353.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.54 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 353.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.54 - NVIDIA Corporation)
NVIDIA Controlador de la controladora 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version: - )
Panel de control de NVIDIA 353.54 (Version: 353.54 - NVIDIA Corporation) Hidden
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.0 - pdfforge)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.6-1.0.12972.94 - raidcall.com)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Recon Software (HKLM-x32\...\InstallShield_{5116E722-70F6-42DD-8B0A-EC5136A78978}) (Version: 1.24 - Cooler Master)
Recon Software (x32 Version: 1.24 - Cooler Master) Hidden
resident evil 4 (HKLM-x32\...\{DFFCDB41-C2DA-47D6-96FF-03C05C0BEA22}) (Version: 1.00.0000 - CAPCOM)
Resident Evil 6 / Biohazard 6 (HKLM-x32\...\Steam App 221040) (Version: - Capcom)
ROCCAT Pyra Mouse Driver (HKLM-x32\...\{918F769E-02E8-44EC-8373-4888B23B2492}) (Version: - Roccat GmbH)
ROG GameFirst v4.53 (HKLM\...\ROG GameFirst) (Version: 4.53 - cFos Software GmbH, Bonn)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.14.5.201403281437 - Sony Mobile Communications AB)
Sony PC Companion 2.10.211 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.211 - Sony)
Sound Blaster X-Fi MB 2 (HKLM-x32\...\{89F922D6-E3E0-4303-AF8E-CE18412E3A18}) (Version: 1.0 - Creative Technology Limited)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Street Fighter IV: Arcade Edition (HKLM-x32\...\Steam App 45760) (Version: - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.5800 - Broadcom Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2491552106-2971991606-1040936953-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2491552106-2971991606-1040936953-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Emilio\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2491552106-2971991606-1040936953-1000_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Emilio\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2491552106-2971991606-1040936953-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Emilio\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2491552106-2971991606-1040936953-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Emilio\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2491552106-2971991606-1040936953-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Emilio\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2491552106-2971991606-1040936953-1000_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Emilio\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2491552106-2971991606-1040936953-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Emilio\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2491552106-2971991606-1040936953-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Emilio\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2491552106-2971991606-1040936953-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Emilio\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2491552106-2971991606-1040936953-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Emilio\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 23:34 - 2015-07-25 19:51 - 00000854 ____A C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation)
Task: {095C17C2-8AC0-49A2-9F59-8D3CFC3A596E} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
Task: {09DA38AF-EEE8-445F-8ED2-D369636A6945} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation)
Task: {0EE6028A-1999-4D5C-84F5-4D6F28B626F8} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {1641F54C-1E57-4902-AB65-EE2B65E5629D} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {1D3D099E-EE1E-4907-8BA2-BA8F12D11AA6} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe [2015-07-10] (Microsoft Corporation)
Task: {224E0988-CEAB-43AA-9C0C-2A3D412E6B9B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {27F81FC9-96DD-4BA0-92B2-D7366ACB9E11} - System32\Tasks\{674184BB-CBE9-4293-A892-3E921EA63E32} => D:\Juegos PC\Steam\Steam.exe [2015-06-04] (Valve Corporation)
Task: {2837DE1B-E19E-4524-8DFE-6ABCFFD9F48B} - System32\Tasks\Microsoft\Office\Office First Run Task => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-06-09] (Microsoft Corporation)
Task: {2AAB19B9-A652-477A-B9AC-EEF4659E2774} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {2C97A00A-1C5C-4318-B5CC-8A1A126B77F9} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask
Task: {2DDA57B9-41F8-44C0-ACEF-A838C4639B02} - \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync -> No File <==== ATTENTION
Task: {30325ED4-8962-4F9B-AA6D-0AE2331DE40B} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {3466852E-7C81-422A-AA7D-089F832A00BA} - System32\Tasks\{7C2DF542-B42C-493F-8D5C-C71567379154} => pcalua.exe -a C:\Users\Emilio\Downloads\setup(1).exe -d C:\Users\Emilio\Downloads
Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation)
Task: {41E45A06-6B92-4081-A3AC-A063DC0E951A} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {4454A8D0-2E4E-4A02-BF67-48DF6A7BFAB4} - System32\Tasks\Microsoft\Windows\Maps\MapsUpdateTask
Task: {44C89A70-EC67-4CAA-B430-9F95AC894615} - System32\Tasks\{D502BBCB-717E-4445-9A95-C5554871F43B} => D:\Juegos PC\Steam\Steam.exe [2015-06-04] (Valve Corporation)
Task: {44CF46C6-CC04-4F14-A40C-1F1BA7FB17CF} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2010-11-26] (ASUSTeK Computer Inc.)
Task: {44D2519B-E6AB-49D2-9D0D-19782011B85E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {48B54F45-8728-478A-B353-78480732648E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {4CEAEE32-D78B-42CE-B10C-A932EB0AF114} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {4D75A859-B915-44E0-848A-281AE7890AC1} - System32\Tasks\{E76B951C-F9D7-4B83-82E0-F06FCAAD37C4} => D:\Juegos PC\Steam\Steam.exe [2015-06-04] (Valve Corporation)
Task: {57900FF0-F6D6-4BD5-A180-14D7C8782B97} - System32\Tasks\ASUS\RC TweakIt Server Execute => C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe [2010-11-23] ()
Task: {5A117250-4995-4F4A-8A59-83414A7D50BB} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {5D1F15E1-E550-432A-8E7C-919053ADB1DB} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {5E5515C1-7D87-4904-B9CE-FD29EB2ADB72} - System32\Tasks\Microsoft\Windows\Sysmain\ResPriStaticDbSync
Task: {611C823C-437B-46E7-9683-5312DFFCFD7B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {6669C4CB-627C-44C0-9EE6-8F9F71000FFF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {6CA5C1CB-9ACE-44B9-BB91-BC2FE918394B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {70E5111A-E375-4FF3-93C2-64B1D84E51FC} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {711EE2F9-A611-4773-AF8E-D4B278A6718D} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask
Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {744C9FEA-08B7-43E1-A729-0F94647D655C} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {78443CD6-0655-42FE-B867-4E6BE07BBD5C} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance
Task: {7A003965-A297-4DC6-B15B-852D798391E0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\WINDOWS\system32\MusNotification.exe [2015-08-07] (Microsoft Corporation)
Task: {7FDA739D-184D-43B6-8F5F-6B8E4124259B} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {848DCC36-520C-4946-BF68-C7EFFEFA2F84} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot => C:\windows\system32\MusNotification.exe [2015-08-07] (Microsoft Corporation)
Task: {86CB3ACF-61EC-407C-A947-32A71C522DF4} - System32\Tasks\{B16EA617-C534-4B29-BF08-62A66B3E1447} => pcalua.exe -a F:\launcher.exe -d F:\
Task: {8AAC8205-90ED-4613-BDB8-082917830766} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {8B3E6B99-7EA1-4205-818A-296DBF4B265A} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-08-07] (Microsoft Corporation)
Task: {8F0612E6-7904-4812-8AFD-97694573968A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {905A4642-E0BF-4B8A-947E-37A36E0CF193} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {95C9410D-EF8A-47E9-8A18-657C0EAB87EB} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {A364E297-00AD-490D-900E-22AC34598C71} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {AC29E64E-3271-47BA-B8F1-914523CF379B} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Automatic App Update
Task: {AC9CA008-9B33-49A9-A502-EB401B8FB963} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {AF9B540A-861D-47D5-A290-A7F8457DC326} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {B01D38E8-CA03-4B2B-9F13-B568758343C0} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {B24285CF-8D57-480A-BA12-02B8A167ACD8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B4049BD3-20C7-4CE7-9044-3C113128586A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {B9B36D41-C776-424E-9A13-5387E17A2CEB} - System32\Tasks\Microsoft\Windows\WCM\WiFiTask => C:\Windows\System32\WiFiTask.exe [2015-07-10] (Microsoft Corporation)
Task: {BDE51060-E628-4B02-A2E7-7D6FA293FA39} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {BEF86B9A-DCB3-4212-814B-CA1A444097DB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {C0EC8EA8-C1E9-4E4D-9CD5-6342A70E2CB1} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {C17F1B8C-86EB-45A4-AE6A-45EEC7BCFD3C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {C2162702-FFEB-48C0-AA5F-2DA3A8887D61} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Installation
Task: {C3F1285D-37C2-4D88-8DB8-1B7AF859A881} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation)
Task: {CCF4F193-4953-4F39-A6D1-6125581077CC} - System32\Tasks\ASUS\ASUS DigiVRM Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe [2011-04-13] (ASUSTeK Computer Inc.)
Task: {CF24746A-F511-4547-8778-9A1101DB916D} - System32\Tasks\{0CAD0A76-0114-4B9C-A492-B99643F9967B} => D:\Juegos PC\Steam\Steam.exe [2015-06-04] (Valve Corporation)
Task: {D0F6A660-BD3F-45C3-81F7-E4AA1A5C3671} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {D2401052-A382-42DE-9C79-D1CF3563F654} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation
Task: {D26EEFB0-A93B-4B96-86EF-FF2A7082A0F2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {DAF2BAE3-1C5B-4CB5-9F62-0911C031A15A} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics => C:\Windows\system32\disksnapshot.exe [2015-07-10] (Microsoft Corporation)
Task: {DF048519-F124-4883-BD1E-492081184592} - System32\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent
Task: {E11AAE37-3578-42DE-82A9-3406E3EF4633} - System32\Tasks\{C2654699-73B3-41F4-B919-79AFE2EA44CC} => pcalua.exe -a E:\autostart.exe -d E:\
Task: {E8A94D20-B3A0-4133-AD55-3A26AFBF6B4D} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {E963F403-A611-4CCC-A163-13ECDDC6D10B} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {EA3F661E-B31C-44A9-B40C-E3D5D56149D4} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display => C:\windows\system32\MusNotification.exe [2015-08-07] (Microsoft Corporation)
Task: {EDC89D7D-DFD8-4893-BECC-A1AC9E2923B7} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {F0E820ED-A173-46D2-9183-9D2BB5A247D2} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {F35FC68A-6B80-47F8-9F24-BF22C57EDD1D} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {F428AA6E-B5C5-4297-ACEC-293E336494E3} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-08] (AVAST Software)
Task: {F52ADE01-BCE8-4459-90FE-8FA4410BC297} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {F79D2975-AF2C-4834-AC93-51672861746F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {FC4A95B8-EBE8-40C1-BBD5-FC5ADFD4A509} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {FCFCEA60-95DA-4D19-B018-1BFBDA5FE46A} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {FD5FA16F-6342-4693-AF91-6901F92445AE} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Loaded Modules (Whitelisted) ==============

2015-08-07 19:07 - 2015-08-07 19:07 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2012-05-19 17:55 - 2015-07-13 14:37 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-06-13 05:36 - 2011-06-13 05:36 - 00922240 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
2012-05-19 17:25 - 2010-10-21 06:52 - 00586880 ____R () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
2010-12-01 23:15 - 2010-12-01 23:15 - 00915584 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
2015-08-07 19:07 - 2015-08-07 19:07 - 00403968 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2013-08-11 22:24 - 2013-06-20 14:01 - 00381096 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll
2013-08-11 22:24 - 2013-06-09 17:05 - 00518824 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll
2013-08-11 22:24 - 2013-06-09 17:05 - 00612520 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2015-08-09 08:04 - 2015-07-30 03:05 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2009-03-30 03:32 - 2009-03-30 03:32 - 00032768 ____R () C:\Windows\DAODx.exe
2012-05-19 17:24 - 2010-11-23 16:43 - 00105088 _____ () C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe
2015-08-09 08:04 - 2015-07-30 03:05 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2012-07-04 23:54 - 2012-06-17 23:18 - 01202688 _____ () C:\WINDOWS\SYSTEM32\ac3filter64.acm
2015-07-10 07:59 - 2015-07-10 07:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 07:59 - 2015-07-10 07:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-08-13 19:13 - 2015-08-02 22:11 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 08:00 - 2015-07-10 13:34 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-13 19:13 - 2015-08-02 22:08 - 01806848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-13 19:13 - 2015-08-02 22:09 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 08:00 - 2015-07-10 13:34 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-08-08 12:46 - 2015-08-08 12:46 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-08 12:46 - 2015-08-08 12:46 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-08-15 16:23 - 2015-08-15 16:23 - 02962432 _____ () C:\Program Files\AVAST Software\Avast\defs\15081502\algo.dll
2012-05-19 17:26 - 2015-08-15 18:55 - 00036864 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.14\PEbiosinterface32.dll
2012-05-19 17:26 - 2010-06-28 23:58 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.14\ATKEX.dll
2012-05-19 17:24 - 2010-06-24 22:50 - 00094208 _____ () C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\IccLibDll.dll
2012-05-19 17:29 - 2011-03-04 05:33 - 00053248 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
2012-05-19 17:29 - 2009-05-21 11:14 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
2012-05-19 17:27 - 2011-02-24 11:19 - 00143360 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2012-05-19 17:27 - 2010-06-21 16:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2012-05-19 17:27 - 2009-08-12 21:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2012-05-19 17:27 - 2011-05-06 17:53 - 01036800 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\Update.dll
2012-05-19 17:27 - 2011-05-16 18:35 - 00965632 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2012-05-19 17:28 - 2011-05-11 15:01 - 01264640 _____ () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2012-05-19 17:28 - 2011-01-06 11:38 - 01027072 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2012-05-19 17:27 - 2011-05-20 10:12 - 00881152 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2012-05-19 17:27 - 2011-04-07 18:33 - 01607168 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2012-05-19 17:27 - 2011-01-07 17:39 - 01246208 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2012-05-19 17:27 - 2010-08-06 19:11 - 00850944 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2012-05-19 17:27 - 2010-08-06 19:13 - 00886272 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2012-05-19 17:26 - 2010-08-22 23:17 - 00662016 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMLib.dll
2012-05-19 17:27 - 2010-06-21 16:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\ImageHelper.dll
2013-08-16 21:59 - 2012-06-14 22:11 - 00325968 _____ () C:\Program Files (x86)\Argente - Registry Cleaner\lua5.1.dll
2014-01-05 13:52 - 2009-10-31 07:13 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Pyra Mouse\hiddriver.dll
2015-08-08 12:46 - 2015-08-08 12:46 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
 
==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2491552106-2971991606-1040936953-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Emilio\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: GPU TweakIt Server Execute => "C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\GPU TweakIt Server\GPUTweakit.exe"
MSCONFIG\startupreg: RaidCall => C:\Program Files (x86)\RaidCall\raidcall.exe
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{A1E3D511-6C98-4DA9-B945-317CD1EC4206}] => (Allow) C:\Users\Emilio\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{19245C87-233D-4352-B22B-331E94987B9F}] => (Allow) C:\Users\Emilio\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F3BFF89E-8DBA-412C-A0C1-A3C97C4D10F9}] => (Allow) C:\Users\Emilio\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{01D16F9D-5937-4D4C-8837-96744E02FC0D}] => (Allow) C:\Users\Emilio\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{99C5E853-8004-47E4-B619-A96CF8B10DA6}] => (Allow) C:\Users\Emilio\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FF82E32C-76B4-4DED-8971-6714D5FD621A}] => (Allow) C:\Users\Emilio\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [UDP Query User{A05F644F-C510-48CB-B28F-B2B2EF826269}D:\juegos pc\starcraft ii\versions\base32283\sc2.exe] => (Allow) D:\juegos pc\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [TCP Query User{E0520F23-9794-4D72-B2F1-9ECCD3424120}D:\juegos pc\starcraft ii\versions\base32283\sc2.exe] => (Allow) D:\juegos pc\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [{51D312A4-F507-4528-B92D-1A52DBDD8BC0}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{EA2B0A3A-567F-43F5-AE08-7E5D54D7D240}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{540930E2-C1C2-44C6-8148-0BEC92921A17}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4A493F47-0C39-4C7C-872D-8E3E7096152B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D83CDDED-CB93-4B8C-92A1-836CA7E6C285}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CDB6CC55-99BB-4898-96C8-5C131B4B6CB9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EA21295F-1DCC-450E-887E-4122E9A2F1AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{98276A51-6540-4EAA-B6E2-73119C848D06}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{AEE61CF0-1B09-40A1-A9F7-2823FEC7F28B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A347BB6C-1FB8-46F6-89CC-808D36BCF121}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A443AE01-475C-43D1-8BBA-F7560BE13AEA}] => (Allow) D:\Juegos PC\Steam\bin\steamwebhelper.exe
FirewallRules: [{EC67EBB7-9E99-4CC7-AC66-3AC703F06318}] => (Allow) D:\Juegos PC\Steam\bin\steamwebhelper.exe
FirewallRules: [{AC0002B7-0E34-4CC5-A793-6B6230F869C5}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{BED44192-B156-4C9F-A25D-241DDC7FD3F0}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{6AC5921B-BD37-48F7-B030-8D49048C2238}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{2EF383CA-538B-4E6A-BAC5-CD9DF57DA656}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{E296DF15-64F4-49EC-8258-88C57265C83E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{FDDB3498-66D4-484C-8F10-9DA6F0D8082A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{78EAA80E-4DD2-49FA-BC77-CEA06CE661CE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{6AB97353-1D0D-425F-B9CD-A945851935A3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{8802AA31-B980-4B06-B6D9-E00E0EBEDC10}] => (Allow) D:\Juegos PC\Hearthstone\Hearthstone.exe
FirewallRules: [{458E16C1-04F5-4AD6-A679-DC3D4F956DC0}] => (Allow) D:\Juegos PC\Hearthstone\Hearthstone.exe
FirewallRules: [{AB24F4F8-C8FD-4BB9-92EE-95F4DCCFF6FF}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{203B20E0-CB4E-4690-89BE-798018B2465F}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{F6DFEFB4-414F-4335-93E1-C850DA6CC941}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [{EE9D91F6-F20A-4FF1-B0D4-2268B1968DB3}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [{691F2E8F-50D0-4F67-9200-F9EF4096216D}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\Magic 2014\DotP_D14.exe
FirewallRules: [{77227814-8402-4233-ADA9-E9DE07D5C7CA}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\Magic 2014\DotP_D14.exe
FirewallRules: [{37852A7B-4B08-459E-B43C-410E6CBEAD8A}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{672C1EA1-824C-4127-8B6D-41B984565FEA}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [UDP Query User{FCBEC09F-368B-424B-A328-15CBD4AB3A62}D:\juegos pc\starcraft ii\versions\base26490\sc2.exe] => (Allow) D:\juegos pc\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [TCP Query User{998F827B-C764-410E-BE16-6294BC84ECA4}D:\juegos pc\starcraft ii\versions\base26490\sc2.exe] => (Allow) D:\juegos pc\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [{E9F3B316-81BD-4CE3-9B9E-B32EEF613999}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\Aliens vs Predator\AvP.exe
FirewallRules: [{7DDF0C32-B8FA-4728-AD14-E51CC515614D}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\Aliens vs Predator\AvP.exe
FirewallRules: [{98D528BB-7955-432C-8BE8-FE05FC7B3E1A}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\Aliens vs Predator\AvP_DX11.exe
FirewallRules: [{25435013-D1AA-495D-8E82-AE8196260A3A}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\Aliens vs Predator\AvP_DX11.exe
FirewallRules: [{F5A7700D-8CAF-4677-ADD6-E4FCC5D3E761}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\Aliens vs Predator\AvP_Launcher.exe
FirewallRules: [{66E35A7A-EC45-4E05-9369-1137CE2C3B12}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\Aliens vs Predator\AvP_Launcher.exe
FirewallRules: [{93E3EA96-3893-4A90-AD08-477DA181FB26}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\batman arkham asylum goty\Binaries\BmLauncher.exe
FirewallRules: [{F02BC963-1E2C-466E-9A5E-ADB03CA05065}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\batman arkham asylum goty\Binaries\BmLauncher.exe
FirewallRules: [{80620860-0EAC-46B0-B441-8CB1D4D83A5E}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\Resident Evil 6\BH6.exe
FirewallRules: [{84D67E8F-F94C-4087-B2D2-5A6C487DA862}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\Resident Evil 6\BH6.exe
FirewallRules: [UDP Query User{DC9C3DBA-7920-4F5A-B0AB-5C93678D5B29}D:\juegos pc\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) D:\juegos pc\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe
FirewallRules: [TCP Query User{6BE5C227-378B-4B2C-B5C4-7AD79F2EC22D}D:\juegos pc\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) D:\juegos pc\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe
FirewallRules: [{22909804-C90A-4847-B3FA-A199F2F24E95}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{B4032CB3-35CB-4C9A-ABFA-7576000CF428}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{0206884C-338C-427C-8706-1478AED0D930}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{688D9646-A7A7-4A2E-9A15-2EA6CD2706C3}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{36CE0091-3E33-4960-8AF5-CB8EF1CE3801}] => (Allow) D:\uTorrent\uTorrent.exe
FirewallRules: [{3C2607B7-18BF-4AED-94AB-26BF1963B81B}] => (Allow) D:\uTorrent\uTorrent.exe
FirewallRules: [UDP Query User{FE08B9DE-1CA9-4DEB-924B-813116CD3E4A}C:\program files\jdownloader\jre\bin\java.exe] => (Allow) C:\program files\jdownloader\jre\bin\java.exe
FirewallRules: [TCP Query User{6A976146-AF9D-4B0D-8650-00E2BF482144}C:\program files\jdownloader\jre\bin\java.exe] => (Allow) C:\program files\jdownloader\jre\bin\java.exe
FirewallRules: [UDP Query User{4AAC89D9-CF21-4FC6-AA68-A250252C577E}C:\program files\jdownloader\jre\bin\javaw.exe] => (Allow) C:\program files\jdownloader\jre\bin\javaw.exe
FirewallRules: [TCP Query User{B216485F-D947-46BE-B989-BFF6216C5851}C:\program files\jdownloader\jre\bin\javaw.exe] => (Allow) C:\program files\jdownloader\jre\bin\javaw.exe
FirewallRules: [UDP Query User{09DDD6B7-42A5-4BE6-B08B-9507C70BA7DE}D:\juegos pc\starcraft ii\versions\base24944\sc2.exe] => (Allow) D:\juegos pc\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [TCP Query User{289D24AD-9CA9-42CC-B7F5-26D61E188D91}D:\juegos pc\starcraft ii\versions\base24944\sc2.exe] => (Allow) D:\juegos pc\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [UDP Query User{1E09E0BB-BA3C-451C-A3D5-DB2110E0A6C3}D:\juegos pc\starcraft ii\versions\base23260\sc2.exe] => (Allow) D:\juegos pc\starcraft ii\versions\base23260\sc2.exe
FirewallRules: [TCP Query User{9080D9C0-AD07-42C3-8A35-155ACD2E5B95}D:\juegos pc\starcraft ii\versions\base23260\sc2.exe] => (Allow) D:\juegos pc\starcraft ii\versions\base23260\sc2.exe
FirewallRules: [{AB44E00A-CCFB-4FA8-8C0A-C0B7FFB64C24}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B747826B-70EB-4B7D-A9F9-44440533C9AF}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{63930314-425B-4C45-808C-8F5DD2D4C0B4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4350EC91-E26C-4F0A-90C2-0B1920CCCBC7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{6D542FD2-DE7D-4CEA-8CF1-49E93E72039C}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\limbo\limbo.exe
FirewallRules: [{936B500D-702F-44F8-824A-0A2D12EFF466}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\limbo\limbo.exe
FirewallRules: [{44E629F3-3BA6-41D2-AC56-80C5A689F028}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\Super Street Fighter IV - Arcade Edition\SSFIV.exe
FirewallRules: [{32CA8A60-854E-475E-A012-C346AB8DDBF7}] => (Allow) D:\Juegos PC\Steam\SteamApps\common\Super Street Fighter IV - Arcade Edition\SSFIV.exe
FirewallRules: [UDP Query User{A27008E7-EAE5-45EC-9F2A-E5309C7CF3BA}D:\juegos pc\starcraft ii\versions\base22612\sc2.exe] => (Allow) D:\juegos pc\starcraft ii\versions\base22612\sc2.exe
FirewallRules: [TCP Query User{2A7A8882-9A42-455D-BFF2-4AAA5D931D27}D:\juegos pc\starcraft ii\versions\base22612\sc2.exe] => (Allow) D:\juegos pc\starcraft ii\versions\base22612\sc2.exe
FirewallRules: [{9EF05727-E2C9-4CF3-8369-25C5184B61FB}] => (Allow) D:\Juegos PC\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{61898E4E-0D3A-4E7A-87EE-4D40A94DB6DA}] => (Allow) D:\Juegos PC\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [UDP Query User{A9D6F4C4-91B1-48F5-BDE6-A6BFB5F826AD}D:\juegos pc\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) D:\juegos pc\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe
FirewallRules: [TCP Query User{7E31E601-0167-4B7C-A8A9-BBE7B7CEB791}D:\juegos pc\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) D:\juegos pc\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe
FirewallRules: [{4595FF7C-271D-4EAF-9853-8796CF1487BC}] => (Allow) D:\Juegos PC\Steam\Steam.exe
FirewallRules: [{110E2764-A878-4198-BED2-29F762BD398F}] => (Allow) D:\Juegos PC\Steam\Steam.exe
FirewallRules: [{326D8691-175F-4468-98FE-5B320437732C}] => (Allow) D:\Juegos PC\StarCraft II\StarCraft II.exe
FirewallRules: [{02CBCD3E-80C0-49EA-B44D-CF1E8362AAAD}] => (Allow) D:\Juegos PC\StarCraft II\StarCraft II.exe
FirewallRules: [{1AEBA63E-9CFC-42B4-AB08-547C4F330362}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{9A046958-846F-4008-B808-DF1945D83C66}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [UDP Query User{A8685B7E-B4E6-471E-849F-C4BD8CD2B903}D:\juegos pc\diablo iii\diablo iii.exe] => (Allow) D:\juegos pc\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{FD4CA006-617C-4EE6-8EF3-4872C3573388}D:\juegos pc\diablo iii\diablo iii.exe] => (Allow) D:\juegos pc\diablo iii\diablo iii.exe
FirewallRules: [{5783F036-5D50-4816-A86F-FF62500E03A2}] => (Allow) D:\Juegos PC\Diablo III\Diablo III.exe
FirewallRules: [{7494DA9E-1969-4CFD-BF2C-02D71A5ED8EB}] => (Allow) D:\Juegos PC\Diablo III\Diablo III.exe
FirewallRules: [{DD694650-D901-47AC-B7E3-C3CA57B642BF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{8745AE88-FEDC-4048-8277-AD2E9940F8CA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{6D1F8651-945B-441F-8266-8B69BE357D01}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/15/2015 07:28:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: OHub.exe, versión: 16.0.6106.2350, marca de tiempo: 0x55c40ea1
Nombre del módulo con errores: ntdll.dll, versión: 10.0.10240.16430, marca de tiempo: 0x55c59f92
Código de excepción: 0xc0000374
Desplazamiento de errores: 0x00000000000ea28c
Identificador del proceso con errores: 0x8ac
Hora de inicio de la aplicación con errores: 0xOHub.exe0
Ruta de acceso de la aplicación con errores: OHub.exe1
Ruta de acceso del módulo con errores: OHub.exe2
Identificador del informe: OHub.exe3
Nombre completo del paquete con errores: OHub.exe4
Identificador de aplicación relativa del paquete con errores: OHub.exe5

Error: (08/15/2015 06:53:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: EMILIO-PC)
Description: No se pudo activar la aplicación Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI debido al error: -2144927141. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

Error: (08/15/2015 06:34:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: OHub.exe, versión: 16.0.6106.2350, marca de tiempo: 0x55c40ea1
Nombre del módulo con errores: ntdll.dll, versión: 10.0.10240.16430, marca de tiempo: 0x55c59f92
Código de excepción: 0xc0000374
Desplazamiento de errores: 0x00000000000ea28c
Identificador del proceso con errores: 0x1ea4
Hora de inicio de la aplicación con errores: 0xOHub.exe0
Ruta de acceso de la aplicación con errores: OHub.exe1
Ruta de acceso del módulo con errores: OHub.exe2
Identificador del informe: OHub.exe3
Nombre completo del paquete con errores: OHub.exe4
Identificador de aplicación relativa del paquete con errores: OHub.exe5

Error: (08/15/2015 06:24:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: EMILIO-PC)
Description: No se pudo activar la aplicación Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI debido al error: -2144927141. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

Error: (08/15/2015 06:21:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa adwcleaner_5.000.exe, versión 5.0.0.0, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, comprueba el historial de problemas en la sección Seguridad y mantenimiento del Panel de control.

Identificador de proceso: 54c

Hora de inicio: 01d0d79c15f87af8

Hora de finalización: 4294967295

Ruta de la aplicación: C:\Users\Emilio\Downloads\Elimina troyanos\adwcleaner_5.000.exe

Identificador de informe: 96cac754-4393-11e5-9bc5-0016383a0224

Nombre completo de paquete con errores:

Identificador de aplicación relativa del paquete con errores:

Error: (08/15/2015 05:30:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: OHub.exe, versión: 16.0.6106.2350, marca de tiempo: 0x55c40ea1
Nombre del módulo con errores: ntdll.dll, versión: 10.0.10240.16430, marca de tiempo: 0x55c59f92
Código de excepción: 0xc0000374
Desplazamiento de errores: 0x00000000000ea28c
Identificador del proceso con errores: 0x1548
Hora de inicio de la aplicación con errores: 0xOHub.exe0
Ruta de acceso de la aplicación con errores: OHub.exe1
Ruta de acceso del módulo con errores: OHub.exe2
Identificador del informe: OHub.exe3
Nombre completo del paquete con errores: OHub.exe4
Identificador de aplicación relativa del paquete con errores: OHub.exe5

Error: (08/15/2015 04:52:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: MicrosoftEdge.exe, versión: 11.0.10240.16397, marca de tiempo: 0x55af15c9
Nombre del módulo con errores: Windows.UI.Xaml.dll, versión: 10.0.10240.16397, marca de tiempo: 0x55af16e7
Código de excepción: 0xc000027b
Desplazamiento de errores: 0x0000000000483497
Identificador del proceso con errores: 0x10f0
Hora de inicio de la aplicación con errores: 0xMicrosoftEdge.exe0
Ruta de acceso de la aplicación con errores: MicrosoftEdge.exe1
Ruta de acceso del módulo con errores: MicrosoftEdge.exe2
Identificador del informe: MicrosoftEdge.exe3
Nombre completo del paquete con errores: MicrosoftEdge.exe4
Identificador de aplicación relativa del paquete con errores: MicrosoftEdge.exe5

Error: (08/13/2015 07:20:36 PM) (Source: Perflib) (EventID: 1017) (User: )
Description: ASP.NET_2.0.50727

Error: (08/13/2015 07:20:36 PM) (Source: Perflib) (EventID: 1021) (User: )
Description: ASP.NET_2.0.507278

Error: (08/13/2015 07:07:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: OHub.exe, versión: 16.0.6106.2350, marca de tiempo: 0x55c40ea1
Nombre del módulo con errores: ntdll.dll, versión: 10.0.10240.16392, marca de tiempo: 0x55a864a2
Código de excepción: 0xc0000374
Desplazamiento de errores: 0x00000000000ea28c
Identificador del proceso con errores: 0x268c
Hora de inicio de la aplicación con errores: 0xOHub.exe0
Ruta de acceso de la aplicación con errores: OHub.exe1
Ruta de acceso del módulo con errores: OHub.exe2
Identificador del informe: OHub.exe3
Nombre completo del paquete con errores: OHub.exe4
Identificador de aplicación relativa del paquete con errores: OHub.exe5


System errors:
=============
Error: (08/15/2015 06:55:42 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Adaptador de escucha Net.Tcp depende del servicio Servicio de uso compartido de puertos Net.Tcp, el cual no pudo iniciarse debido al siguiente error:
%%1058

Error: (08/15/2015 06:55:19 PM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: La DLL de notificación de contraseña C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll no se pudo cargar y dio el error 126. Compruebe que la ruta de acceso de la DLL de notificación definida en el registro, HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages, haga referencia a una ruta de acceso correcta y absoluta (<unidad>:\<ruta de acceso>\<nombre de archivo>.<ext>) y no a una ruta de acceso relativa o no válida. Si la ruta de acceso de la DLL es correcta, valide que los archivos auxiliares se encuentren en el mismo directorio, y que la cuenta del sistema tenga acceso de lectura tanto en la ruta de acceso de la DLL, como en los archivos auxiliares. Póngase en contacto con el proveedor de la DLL de notificación para obtener soporte adicional. Si desea obtener más detalles visite http://go.microsoft.com/fwlink/?LinkId=245898.

Error: (08/15/2015 06:53:58 PM) (Source: DCOM) (EventID: 10010) (User: EMILIO-PC)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca

Error: (08/15/2015 06:53:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Acceso a datos de usuarios_Session1 terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 10000 milisegundos: Reiniciar el servicio.

Error: (08/15/2015 06:53:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Almacenamiento de datos de usuarios_Session1 terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 10000 milisegundos: Reiniciar el servicio.

Error: (08/15/2015 06:53:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Datos de contactos_Session1 terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 10000 milisegundos: Reiniciar el servicio.

Error: (08/15/2015 06:53:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Sincronizar host_Session1 terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 10000 milisegundos: Reiniciar el servicio.

Error: (08/15/2015 06:37:57 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: El Administrador de control de servicios intentó realizar una acción correctora (Reiniciar el servicio) después de la terminación inesperada del servicio Instalador de módulos de Windows, pero ocurrió el siguiente error:
%%1056

Error: (08/15/2015 06:35:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Instalador de módulos de Windows terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio.

Error: (08/15/2015 06:35:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio PDF Architect Service se terminó de manera inesperada. Esto ha sucedido 1 veces.


Microsoft Office:
=========================
Error: (08/15/2015 07:28:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OHub.exe16.0.6106.235055c40ea1ntdll.dll10.0.10240.1643055c59f92c000037400000000000ea28c8ac01d0d7a9ba88234eC:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbwe\OHub.exeC:\WINDOWS\SYSTEM32\ntdll.dlle409bdb9-2a6e-4063-99a1-9f89c82946d5Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbweMicrosoft.MicrosoftOfficeHub

Error: (08/15/2015 06:53:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: EMILIO-PC)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2144927141

Error: (08/15/2015 06:34:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OHub.exe16.0.6106.235055c40ea1ntdll.dll10.0.10240.1643055c59f92c000037400000000000ea28c1ea401d0d7a220f6fa6fC:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbwe\OHub.exeC:\WINDOWS\SYSTEM32\ntdll.dlla3c8d06f-38fd-43ba-b58e-628e4d4db4f7Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbweMicrosoft.MicrosoftOfficeHub

Error: (08/15/2015 06:24:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: EMILIO-PC)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2144927141

Error: (08/15/2015 06:21:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: adwcleaner_5.000.exe5.0.0.054c01d0d79c15f87af84294967295C:\Users\Emilio\Downloads\Elimina troyanos\adwcleaner_5.000.exe96cac754-4393-11e5-9bc5-0016383a0224

Error: (08/15/2015 05:30:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OHub.exe16.0.6106.235055c40ea1ntdll.dll10.0.10240.1643055c59f92c000037400000000000ea28c154801d0d7992b8c1882C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbwe\OHub.exeC:\WINDOWS\SYSTEM32\ntdll.dll24527f3c-1911-4e3e-ae43-726358e458caMicrosoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbweMicrosoft.MicrosoftOfficeHub

Error: (08/15/2015 04:52:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: MicrosoftEdge.exe11.0.10240.1639755af15c9Windows.UI.Xaml.dll10.0.10240.1639755af16e7c000027b000000000048349710f001d0d772b6a040d1C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exeC:\Windows\System32\Windows.UI.Xaml.dll912cd9a6-1c32-430b-95ce-b458a18e4b07Microsoft.MicrosoftEdge_20.10240.16384.0_neutral__8wekyb3d8bbweMicrosoftEdge

Error: (08/13/2015 07:20:36 PM) (Source: Perflib) (EventID: 1017) (User: )
Description: ASP.NET_2.0.50727

Error: (08/13/2015 07:20:36 PM) (Source: Perflib) (EventID: 1021) (User: )
Description: ASP.NET_2.0.507278

Error: (08/13/2015 07:07:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OHub.exe16.0.6106.235055c40ea1ntdll.dll10.0.10240.1639255a864a2c000037400000000000ea28c268c01d0d6146a66e5e4C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbwe\OHub.exeC:\WINDOWS\SYSTEM32\ntdll.dll7446c617-40f6-4531-ab70-a08c13c3934eMicrosoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbweMicrosoft.MicrosoftOfficeHub


==================== Memory info ===========================

Processor: AMD FX(tm)-8120 Eight-Core Processor
Percentage of memory in use: 26%
Total physical RAM: 8136.27 MB
Available physical RAM: 5949.51 MB
Total Virtual: 16328.27 MB
Available Virtual: 13830.12 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:103.89 GB) (Free:32.19 GB) NTFS
Drive d: (Bizarro) (Fixed) (Total:361.33 GB) (Free:124.44 GB) NTFS
Drive g: (Nuevo vol) (Fixed) (Total:97.66 GB) (Free:97.43 GB) NTFS
Drive h: (Nuevo vol) (Fixed) (Total:833.85 GB) (Free:643.93 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 9C14E587)
Partition 1: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=833.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 09625847)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=103.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=361.3 GB) - (Type=07 NTFS)

==================== End of log ============================
 
Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
 

Attachments

  • fixlist.txt
    2.1 KB · Views: 6
Fix result of Farbar Recovery Scan Tool (x64) Version:14-08-2015 01
Ran by Emilio (2015-08-15 20:36:44) Run:1
Running from C:\Users\Emilio\Downloads\Elimina troyanos
Loaded Profiles: Emilio (Available Profiles: Emilio & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
NETSVCx32: NetSetupSvc -> C:\Windows\SysWOW64\NetSetupSvc.dll ==> No File
NETSVCx32: UserManager -> C:\Windows\SysWOW64\usermgr.dll ==> No File
2008-02-05 15:28 - 2008-02-05 15:28 - 0000051 _____ () C:\Users\Emilio\AppData\Local\setup.txt
2012-05-19 17:18 - 2012-05-19 17:18 - 0000000 _____ () C:\Users\Emilio\AppData\Local\{E59A8083-9242-44D7-9BBC-A13A58223068}
2012-05-19 17:26 - 2014-07-06 20:03 - 0000000 _____ () C:\ProgramData\Gpu.log
2012-11-30 22:21 - 2012-11-30 22:21 - 0000040 _____ () C:\ProgramData\ra3.ini
C:\Users\Emilio\AppData\Local\Temp\dllnt_dump.dll
Task: {2DDA57B9-41F8-44C0-ACEF-A838C4639B02} - \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync -> No File <==== ATTENTION
Task: {44D2519B-E6AB-49D2-9D0D-19782011B85E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {4CEAEE32-D78B-42CE-B10C-A932EB0AF114} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {5A117250-4995-4F4A-8A59-83414A7D50BB} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {6669C4CB-627C-44C0-9EE6-8F9F71000FFF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {905A4642-E0BF-4B8A-947E-37A36E0CF193} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {B01D38E8-CA03-4B2B-9F13-B568758343C0} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {B24285CF-8D57-480A-BA12-02B8A167ACD8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B4049BD3-20C7-4CE7-9044-3C113128586A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {BEF86B9A-DCB3-4212-814B-CA1A444097DB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {C3F1285D-37C2-4D88-8DB8-1B7AF859A881} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {FC4A95B8-EBE8-40C1-BBD5-FC5ADFD4A509} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION

*****************

idsvc => service removed successfully
wpcsvc => service removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs NetSetupSvc => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs UserManager => removed successfully
C:\Users\Emilio\AppData\Local\setup.txt => moved successfully.
C:\Users\Emilio\AppData\Local\{E59A8083-9242-44D7-9BBC-A13A58223068} => moved successfully.
C:\ProgramData\Gpu.log => moved successfully.
C:\ProgramData\ra3.ini => moved successfully.
C:\Users\Emilio\AppData\Local\Temp\dllnt_dump.dll => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2DDA57B9-41F8-44C0-ACEF-A838C4639B02}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2DDA57B9-41F8-44C0-ACEF-A838C4639B02}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\File Classification Infrastructure\Property Definition Sync" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{44D2519B-E6AB-49D2-9D0D-19782011B85E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{44D2519B-E6AB-49D2-9D0D-19782011B85E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4CEAEE32-D78B-42CE-B10C-A932EB0AF114}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4CEAEE32-D78B-42CE-B10C-A932EB0AF114}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5A117250-4995-4F4A-8A59-83414A7D50BB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A117250-4995-4F4A-8A59-83414A7D50BB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6669C4CB-627C-44C0-9EE6-8F9F71000FFF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6669C4CB-627C-44C0-9EE6-8F9F71000FFF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{905A4642-E0BF-4B8A-947E-37A36E0CF193}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{905A4642-E0BF-4B8A-947E-37A36E0CF193}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B01D38E8-CA03-4B2B-9F13-B568758343C0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B01D38E8-CA03-4B2B-9F13-B568758343C0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B24285CF-8D57-480A-BA12-02B8A167ACD8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B24285CF-8D57-480A-BA12-02B8A167ACD8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B4049BD3-20C7-4CE7-9044-3C113128586A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B4049BD3-20C7-4CE7-9044-3C113128586A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BEF86B9A-DCB3-4212-814B-CA1A444097DB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BEF86B9A-DCB3-4212-814B-CA1A444097DB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C3F1285D-37C2-4D88-8DB8-1B7AF859A881}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C3F1285D-37C2-4D88-8DB8-1B7AF859A881}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FC4A95B8-EBE8-40C1-BBD5-FC5ADFD4A509}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FC4A95B8-EBE8-40C1-BBD5-FC5ADFD4A509}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully

==== End of Fixlog 20:36:44 ====
 
Last scans...

redtarget.gif
Download Security Check from here or here and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run


redtarget.gif
Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
Make sure the following options are checked:
  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center
  • Windows Update
  • Windows Defender
  • Other Services

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.


redtarget.gif
Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.


redtarget.gif
Download Sophos Free Virus Removal Tool and save it to your desktop.
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program
 
Results of screen317's Security Check version 1.006
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Defender
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Adobe Flash Player 18.0.0.209
Adobe Reader XI
Mozilla Firefox (39.0.3)
Google Chrome (44.0.2403.130)
Google Chrome (44.0.2403.155)
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
 
Farbar Service Scanner Version: 26-07-2015
Ran by Emilio (administrator) on 15-08-2015 at 22:44:46
Running from "C:\Users\Emilio\Downloads\Elimina troyanos"
Microsoft Windows 10 Pro (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Policy:
========================


Action Center:
============


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is set to Demand. The default start type is Auto.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend: ""%ProgramFiles%\Windows Defender\MsMpEng.exe"".


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****
 
You must log in or register to reply here.

Similar threads

uber_beetle
Infected with fake ad pop-ups - posting FRST and Addition
Replies
12
Views
792
uber_beetle
uber_beetle
wshknwntlprtmn
  • Locked
Inactive Not sure what's going on here....
Replies
12
Views
2K
Broni
Broni
A
Infected: Antivirus says it's Trojan:Script/Wacatac.H!ml
Replies
12
Views
2K
adidaman27
A

Latest posts

Back