OTL logfile created on: 2/14/2014 11:23:55 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\graciela\Downloads\AV 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16750) Locale: 00000409 | Country: Estados Unidos | Language: ENU | Date Format: M/d/yyyy 3.87 Gb Total Physical Memory | 1.08 Gb Available Physical Memory | 28.01% Memory free 7.74 Gb Paging File | 5.05 Gb Available in Paging File | 65.24% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 148.95 Gb Total Space | 28.04 Gb Free Space | 18.83% Space Free | Partition Type: NTFS Computer Name: CHROMASOMALAPTO | User Name: graciela | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2014/02/14 11:23:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\graciela\Downloads\AV\OTL.exe PRC - [2014/02/13 15:51:43 | 003,767,096 | ---- | M] (AVAST Software) -- C:\Archivos de programa\AVAST Software\Avast\AvastUI.exe PRC - [2014/02/13 15:51:43 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe PRC - [2014/01/28 18:36:04 | 000,380,416 | ---- | M] () -- C:\Users\graciela\Downloads\AV\gmer\gmer.exe PRC - [2014/01/14 01:06:01 | 000,885,056 | ---- | M] (Torch Media Inc.) -- C:\Users\graciela\AppData\Local\Torch\Application\torch.exe PRC - [2014/01/14 01:05:57 | 001,124,160 | ---- | M] (Torch Media Inc.) -- C:\Users\graciela\AppData\Local\Torch\Update\29.0.0.5530\TorchUpdate.exe PRC - [2013/09/03 19:24:56 | 000,395,120 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe PRC - [2013/09/03 14:58:26 | 002,237,328 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe PRC - [2013/08/30 09:01:00 | 004,579,696 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe PRC - [2013/07/25 17:11:36 | 001,102,872 | ---- | M] (Trend Micro Inc.) -- C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe PRC - [2013/06/05 13:18:06 | 001,039,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe PRC - [2013/05/30 14:18:06 | 000,071,280 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\nlssrv32.exe PRC - [2012/12/18 15:28:26 | 000,825,560 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe PRC - [2012/12/18 06:28:10 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012/10/02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012/08/21 13:43:58 | 000,794,272 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe PRC - [2012/08/21 13:43:58 | 000,105,120 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe PRC - [2010/12/31 18:14:56 | 011,474,272 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files (x86)\Ralink\Common\RaUI.exe PRC - [2010/11/11 10:00:24 | 000,374,112 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files (x86)\Ralink\Common\RaRegistry.exe PRC - [2010/03/25 13:39:22 | 000,490,280 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe PRC - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2010/02/12 10:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2014/02/13 15:51:44 | 019,336,120 | ---- | M] () -- C:\Archivos de programa\AVAST Software\Avast\libcef.dll MOD - [2014/01/28 18:36:04 | 000,380,416 | ---- | M] () -- C:\Users\graciela\Downloads\AV\gmer\gmer.exe MOD - [2014/01/14 01:06:01 | 012,456,040 | ---- | M] () -- C:\Users\graciela\AppData\Local\Torch\Application\29.0.0.5530\PepperFlash\pepflashplayer.dll MOD - [2014/01/14 01:06:01 | 004,008,040 | ---- | M] () -- C:\Users\graciela\AppData\Local\Torch\Application\29.0.0.5530\pdf.dll MOD - [2014/01/14 01:06:01 | 001,870,656 | ---- | M] () -- C:\Users\graciela\AppData\Local\Torch\Application\29.0.0.5530\ffmpegsumo.dll MOD - [2014/01/14 01:06:01 | 000,884,032 | ---- | M] () -- C:\Users\graciela\AppData\Local\Torch\Application\29.0.0.5530\libglesv2.dll MOD - [2014/01/14 01:06:01 | 000,478,528 | ---- | M] () -- C:\Users\graciela\AppData\Local\Torch\Application\29.0.0.5530\ppGoogleNaClPluginChrome.dll MOD - [2014/01/14 01:06:01 | 000,105,792 | ---- | M] () -- C:\Users\graciela\AppData\Local\Torch\Application\29.0.0.5530\libegl.dll MOD - [2013/09/03 14:25:58 | 032,726,528 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll MOD - [2013/08/30 09:01:00 | 004,579,696 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe MOD - [2013/08/30 09:00:58 | 000,381,808 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CCInvokeAAM.dll MOD - [2013/06/05 13:21:18 | 000,071,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\zlib1.dll MOD - [2012/01/08 14:41:12 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll MOD - [2010/12/30 14:46:10 | 001,033,568 | ---- | M] () -- C:\Program Files (x86)\Ralink\Common\RaWLAPI.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:[b]64bit:[/b] - [2009/07/14 02:39:47 | 000,010,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\TCPSVCS.EXE -- (simptcp) SRV - [2014/02/13 15:51:43 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2014/02/06 10:45:23 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/12/17 08:49:08 | 000,374,600 | ---- | M] (Privacyware/PWI, Inc.) [Auto | Running] -- C:\Program Files (x86)\Privacyware\Privatefirewall 7.0\pfsvc.exe -- (PFNet) SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013/08/20 11:04:12 | 000,218,112 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe -- (DirMngr) SRV - [2013/07/25 17:11:38 | 000,443,416 | ---- | M] (Trend Micro Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Trend Micro\RUBotted\RUBotSrv.exe -- (RUBotSrv) SRV - [2013/05/30 14:18:06 | 000,071,280 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\nlssrv32.exe -- (nlsX86cc) SRV - [2013/03/10 18:11:53 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service) SRV - [2012/12/18 06:28:10 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012/10/02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012/08/21 13:43:58 | 000,794,272 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc) SRV - [2010/12/31 10:05:46 | 000,619,872 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe -- (RaMediaServer) SRV - [2010/11/21 04:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS) SRV - [2010/11/21 04:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC) SRV - [2010/11/21 04:24:51 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc) SRV - [2010/11/11 10:00:48 | 000,451,936 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe -- (RalinkRegistryWriter64) SRV - [2010/11/11 10:00:24 | 000,374,112 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files (x86)\Ralink\Common\RaRegistry.exe -- (RalinkRegistryWriter) SRV - [2010/03/25 13:39:22 | 000,490,280 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2010/02/12 10:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService) SRV - [2009/07/14 02:14:42 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\TCPSVCS.EXE -- (simptcp) SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2004/06/13 16:00:00 | 000,057,344 | ---- | M] (brother Industries Ltd) [Disabled | Stopped] -- C:\Windows\SysWOW64\brsvc01a.exe -- (Brother XP spl Service) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2014/02/13 15:51:45 | 001,038,072 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:[b]64bit:[/b] - [2014/02/13 15:51:45 | 000,421,704 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:[b]64bit:[/b] - [2014/02/13 15:51:45 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm) DRV:[b]64bit:[/b] - [2014/02/13 15:51:45 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:[b]64bit:[/b] - [2014/02/13 15:51:45 | 000,080,184 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm) DRV:[b]64bit:[/b] - [2014/02/13 15:51:45 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:[b]64bit:[/b] - [2014/02/13 15:51:45 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt) DRV:[b]64bit:[/b] - [2014/01/22 15:52:21 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:[b]64bit:[/b] - [2013/09/29 21:24:02 | 000,133,152 | ---- | M] (Privacyware/PWI, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\pwipf6.sys -- (pwipf6) DRV:[b]64bit:[/b] - [2013/07/11 15:04:25 | 000,056,016 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fsbts.sys -- (fsbts) DRV:[b]64bit:[/b] - [2012/08/23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2012/08/23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:[b]64bit:[/b] - [2012/08/23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2012/07/06 06:32:04 | 000,415,560 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci) DRV:[b]64bit:[/b] - [2012/07/06 06:32:04 | 000,138,568 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3) DRV:[b]64bit:[/b] - [2012/05/15 09:30:06 | 000,106,808 | ---- | M] (e2eSoft) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VCam_WDM.sys -- (VCam_WDM) DRV:[b]64bit:[/b] - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2011/11/03 02:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:[b]64bit:[/b] - [2011/10/13 11:05:48 | 010,629,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2011/07/06 10:10:44 | 001,148,288 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ksaud.sys -- (ksaud) DRV:[b]64bit:[/b] - [2011/06/10 05:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2011/01/26 11:31:28 | 000,821,888 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SmiUsbGrabber3C.sys -- (SMIGrabber3C) DRV:[b]64bit:[/b] - [2010/12/28 18:55:30 | 001,547,616 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux) DRV:[b]64bit:[/b] - [2010/11/21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:[b]64bit:[/b] - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010/01/13 15:37:18 | 007,675,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) DRV:[b]64bit:[/b] - [2010/01/05 19:23:18 | 001,847,296 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athurx.sys -- (athur) DRV:[b]64bit:[/b] - [2009/12/30 10:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt) DRV:[b]64bit:[/b] - [2009/09/23 02:32:39 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb) DRV:[b]64bit:[/b] - [2009/09/23 02:32:33 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus) DRV:[b]64bit:[/b] - [2009/07/14 15:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ) DRV:[b]64bit:[/b] - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009/07/14 01:06:43 | 000,060,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\61883.sys -- (61883) DRV:[b]64bit:[/b] - [2009/07/14 01:06:43 | 000,048,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avc.sys -- (Avc) DRV:[b]64bit:[/b] - [2009/07/14 01:06:42 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msdv.sys -- (MSDV) DRV:[b]64bit:[/b] - [2009/07/14 01:06:40 | 000,017,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avcstrm.sys -- (AVCSTRM) DRV:[b]64bit:[/b] - [2009/07/14 01:06:39 | 000,056,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mstape.sys -- (MSTAPE) DRV:[b]64bit:[/b] - [2009/06/10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92) DRV:[b]64bit:[/b] - [2009/06/10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac) DRV:[b]64bit:[/b] - [2009/06/10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA) DRV:[b]64bit:[/b] - [2009/06/10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) DRV:[b]64bit:[/b] - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009/02/12 15:11:26 | 000,026,024 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\rsdrvx64.sys -- (ElRawDisk) DRV:[b]64bit:[/b] - [2008/08/14 09:40:44 | 000,260,144 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:[b]64bit:[/b] - [2008/07/26 15:26:34 | 000,050,072 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64) DRV:[b]64bit:[/b] - [2008/07/26 15:22:34 | 002,624,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LV302V64.SYS -- (PID_PEPI) DRV:[b]64bit:[/b] - [2008/07/11 07:05:00 | 000,145,448 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\sentinel64.sys -- (Sentinel64) DRV:[b]64bit:[/b] - [2006/11/19 21:11:06 | 000,008,704 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk) DRV - [2013/10/06 09:14:29 | 000,035,816 | ---- | M] (Greatis Software) [Kernel | Boot | Unknown] -- C:\Windows\SysWOW64\drivers\Partizan.sys -- (Partizan) DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\URLSearchHook: - No CLSID value found IE - HKLM\..\URLSearchHook: {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - No CLSID value found IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4C F9 06 FF 30 97 CD 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledAddons: {ad06fb5f-fef7-4a84-8c58-dca34f8e3d36}:3.13.0.6 FF - prefs.js..extensions.enabledAddons: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:6.0.0.10297 FF - prefs.js..extensions.enabledAddons: SQLiteManager@mrinalkant.blogspot.com:0.7.7 FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems) FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems) FF - HKCU\Software\MozillaPlugins\@spoon.net/Spoon Plugin 3.33: File not found FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\graciela\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\graciela\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\graciela\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\graciela\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\graciela\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/02/13 15:51:47 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013/03/02 14:31:45 | 000,000,000 | ---D | M] [2012/07/11 22:46:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\graciela\AppData\Roaming\mozilla\Firefox\Profiles\2inrggy3.default.old\extensions [2012/07/02 23:38:41 | 000,000,000 | ---D | M] (BittorrentBar_ES Community Toolbar) -- C:\Users\graciela\AppData\Roaming\mozilla\Firefox\Profiles\2inrggy3.default.old\extensions\{ad06fb5f-fef7-4a84-8c58-dca34f8e3d36} [2011/07/10 20:16:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\graciela\AppData\Roaming\mozilla\Firefox\Profiles\2inrggy3.default.oldd\extensions [2012/07/11 22:46:38 | 000,255,318 | ---- | M] () (No name found) -- C:\Users\graciela\AppData\Roaming\mozilla\firefox\profiles\2inrggy3.default.old\extensions\SQLiteManager@mrinalkant.blogspot.com.xpi File not found (No name found) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\EXTENSIONS\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} File not found (No name found) -- C:\USERS\GRACIELA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2INRGGY3.DEFAULT\EXTENSIONS\{AD06FB5F-FEF7-4A84-8C58-DCA34F8E3D36} File not found (No name found) -- C:\USERS\GRACIELA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2INRGGY3.DEFAULT\EXTENSIONS\SQLITEMANAGER@MRINALKANT.BLOGSPOT.COM.XPI [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Web (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}, CHR - homepage: CHR - plugin: Widevine Content Decryption Module (Enabled) = C:\Users\graciela\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Disabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll CHR - plugin: AdobeAAMDetect (Enabled) = C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll CHR - plugin: AdobeExManDetect (Enabled) = C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Java(TM) Platform SE 7 U25 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll CHR - plugin: Google Update (Enabled) = C:\Users\graciela\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\graciela\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\graciela\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Users\graciela\AppData\Roaming\Mozilla\plugins\npo1d.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll CHR - Extension: FVD Video Downloader Launcher = C:\Users\graciela\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahlokhnddogldlplgkdgmfidibpgenoi\3.0.1_0\ CHR - Extension: DownloadAll = C:\Users\graciela\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajffocjdcmpgjmdfdfkdfdbkjafbkcke\2.1.1_0\ CHR - Extension: Xmarks Bookmark Sync = C:\Users\graciela\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla\1.0.27_0\ CHR - Extension: Adblock Plus = C:\Users\graciela\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.4_0\ CHR - Extension: Torrentz Magnet Links for Google Chrome\u2122 = C:\Users\graciela\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmknbldjfdgmfecaaiapjfcpofncdlmh\1.3.2_0\ CHR - Extension: Awesome Color Picker = C:\Users\graciela\AppData\Local\Google\Chrome\User Data\Default\Extensions\flkdgmgdgnpdecpaaoggnbjcdmbnagbj\0.5.8_0\ CHR - Extension: The QR Code Generator = C:\Users\graciela\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcmhlmapohffdglflokbgknlknnmogbb\0.2.5_0\ CHR - Extension: Eye Dropper = C:\Users\graciela\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmdcmlfkchdmnmnmheododdhjedfccka\0.3.3_0\ CHR - Extension: HTML5 Flash Warning Fix for YouTube\u2122 = C:\Users\graciela\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipdkokhdeppifjgcmhbfgmjmdllfpkln\0.0.1_0\ CHR - Extension: FVD Downloader = C:\Users\graciela\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\5.6.6_0\ CHR - Extension: FVD Downloader = C:\Users\graciela\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\5.6.6_0\modules\clickberry\_ CHR - Extension: BittorrentBar_ES = C:\Users\graciela\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhpgolofjlpnkdafbgejgnclbjnpgfee\2.3.18.20_0\ CHR - Extension: YSlow = C:\Users\graciela\AppData\Local\Google\Chrome\User Data\Default\Extensions\ninejjcohidippngpapiilnmkgllmakh\3.1.2_0\ CHR - Extension: Get Torrent = C:\Users\graciela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkfhaigiecjnddldaekokjcgjppnfmih\3.0_0\ CHR - Extension: Google Wallet = C:\Users\graciela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\ O1 HOSTS File: ([2014/02/12 23:21:35 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:[b]64bit:[/b] - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:[b]64bit:[/b] - BHO: (no name) - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - No CLSID value found. O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:[b]64bit:[/b] - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Archivos de programa\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:[b]64bit:[/b] - HKLM..\Run: [Creative SB Monitoring Utility] C:\Windows\SysNative\SBAVMon.dll (Creative Technology Ltd.) O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Archivos de programa\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe Creative Cloud] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) O4 - HKLM..\Run: [Privatefirewall] C:\Program Files (x86)\Privacyware\Privatefirewall 7.0\PFGUI.exe (Privacyware/PWI, Inc.) O4 - HKLM..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Trend Micro RUBotted V2.0 Beta] C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe (Trend Micro Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O8:[b]64bit:[/b] - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:[b]64bit:[/b] - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:[b]64bit:[/b] - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:[b]64bit:[/b] - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O9:[b]64bit:[/b] - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Archivos de programa\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16:[b]64bit:[/b] - DPF: {3234EB1E-733E-4E6A-A8AB-EBB6287E5A7E} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel64_4.5.13.0.cab (Reg Error: Key error.) O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.5.0.cab (SysInfo Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5CE74A0C-A8C0-45BE-86E4-440F906152C1}: DhcpNameServer = 192.168.0.1 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A1340BA2-9132-4737-8111-BDCCAFD0D21C}: DhcpNameServer = 87.216.1.65 87.216.1.66 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AEEB93B4-E81B-4A21-BD16-1198B00AAE53}: DhcpNameServer = 192.168.10.1 O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (Partizan) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = ComFile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2014/02/13 18:49:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Doctor Web [2014/02/13 18:49:03 | 000,000,000 | ---D | C] -- C:\Users\graciela\Doctor Web [2014/02/13 15:57:47 | 000,000,000 | ---D | C] -- C:\Users\graciela\AppData\Roaming\AVAST Software [2014/02/13 15:52:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast [2014/02/13 15:52:00 | 000,080,184 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys [2014/02/12 23:21:44 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2014/02/12 23:18:17 | 000,000,000 | ---D | C] -- C:\Windows\temp [2014/02/12 22:58:01 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2014/02/12 22:58:01 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2014/02/12 22:58:01 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2014/02/12 22:57:25 | 000,000,000 | ---D | C] -- C:\Qoobox [2014/02/12 22:56:35 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2014/02/11 17:45:55 | 000,000,000 | ---D | C] -- C:\Users\graciela\AppData\Local\Pokki [2014/02/11 17:43:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo [2014/02/11 17:43:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CrystalDiskInfo [2014/02/08 11:10:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ KillDisk 8.0 [2014/02/08 11:10:06 | 000,000,000 | ---D | C] -- C:\Program Files\LSoft Technologies [2014/02/08 09:52:47 | 000,000,000 | ---D | C] -- C:\Users\graciela\Documents\videosCarboners [2014/02/07 15:18:27 | 000,000,000 | ---D | C] -- C:\Users\graciela\AppData\Roaming\TuneUp Software [2014/02/07 15:16:57 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software [2014/02/07 15:16:52 | 000,000,000 | -HSD | C] -- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} [2014/02/07 14:50:46 | 000,000,000 | ---D | C] -- C:\Users\graciela\AppData\Roaming\Youtube Downloader HD [2014/02/07 14:50:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Youtube Downloader HD [2014/02/07 14:50:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Youtube Downloader HD [2014/02/05 09:48:41 | 000,026,024 | ---- | C] (EldoS Corporation) -- C:\Windows\SysNative\drivers\rsdrvx64.sys [2014/02/05 09:48:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yodot Hard Drive Recovery [2014/02/05 09:48:12 | 000,000,000 | ---D | C] -- C:\Program Files\Yodot Hard Drive Recovery [2014/02/04 21:13:59 | 000,000,000 | ---D | C] -- C:\Users\graciela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDFT [2014/02/04 21:13:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinDFT [2014/02/02 23:31:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2014/02/02 23:30:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle [2014/02/02 22:28:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit [2014/02/02 22:28:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [2014/02/02 21:19:08 | 000,000,000 | ---D | C] -- C:\Users\graciela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch [2014/02/02 20:04:42 | 000,000,000 | ---D | C] -- C:\Users\graciela\AppData\Local\Torch [2014/01/31 22:47:15 | 000,000,000 | ---D | C] -- C:\Users\graciela\Documents\Olivos [2014/01/27 21:41:09 | 000,000,000 | ---D | C] -- C:\Users\graciela\AppData\Local\MetaGeek,_LLC [2014/01/27 21:40:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaGeek [2014/01/27 21:40:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MetaGeek [2014/01/23 12:54:07 | 000,000,000 | ---D | C] -- C:\Users\graciela\Documents\PONENT [2014/01/22 16:13:33 | 000,000,000 | ---D | C] -- C:\Users\graciela\Documents\FOTOS MAGNETOFON [2014/01/19 12:23:29 | 000,000,000 | ---D | C] -- C:\Users\graciela\AppData\Local\Noël Danjou [2014/01/19 12:18:01 | 000,000,000 | ---D | C] -- C:\Users\graciela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMCap [2014/01/19 12:18:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Noël Danjou [2014/01/18 16:13:59 | 000,000,000 | ---D | C] -- C:\Users\graciela\Documents\Ulead VideoStudio SE [2014/01/18 16:13:38 | 000,000,000 | ---D | C] -- C:\Users\graciela\AppData\Roaming\Ulead Systems [2014/01/18 16:08:01 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield [2014/01/18 16:07:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Media Components [2014/01/18 16:06:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Ulead Systems [2014/01/15 13:25:25 | 000,000,000 | ---D | C] -- C:\Users\graciela\AppData\Roaming\CoreFTP [2014/01/15 13:24:59 | 000,000,000 | ---D | C] -- C:\Users\graciela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Core FTP (x64) [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2014/02/14 11:05:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2014/02/14 10:45:00 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2014/02/14 10:42:01 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-398901971-3902456197-246332107-1000UA.job [2014/02/14 10:42:01 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-398901971-3902456197-246332107-1000Core.job [2014/02/14 10:05:00 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2014/02/14 09:38:27 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\RMAutoUpdate.job [2014/02/14 09:35:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014/02/13 22:36:51 | 000,035,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014/02/13 22:36:50 | 000,035,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014/02/13 22:24:54 | 000,015,362 | ---- | M] () -- C:\Windows\SysNative\results.xml [2014/02/13 18:49:44 | 000,001,014 | ---- | M] () -- C:\octE83E.tmp.png [2014/02/13 18:49:44 | 000,000,663 | ---- | M] () -- C:\octE79E.tmp.png [2014/02/13 18:49:44 | 000,000,659 | ---- | M] () -- C:\octE41C.tmp.png [2014/02/13 18:49:44 | 000,000,557 | ---- | M] () -- C:\octE5F1.tmp.png [2014/02/13 18:49:44 | 000,000,431 | ---- | M] () -- C:\octE652.tmp.png [2014/02/13 18:49:44 | 000,000,431 | ---- | M] () -- C:\octE570.tmp.png [2014/02/13 18:49:44 | 000,000,431 | ---- | M] () -- C:\octE4E0.tmp.png [2014/02/13 18:49:44 | 000,000,431 | ---- | M] () -- C:\octE46E.tmp.png [2014/02/13 18:49:44 | 000,000,431 | ---- | M] () -- C:\octE3AB.tmp.png [2014/02/13 18:49:44 | 000,000,431 | ---- | M] () -- C:\octE32A.tmp.png [2014/02/13 18:49:44 | 000,000,217 | ---- | M] () -- C:\octE22D.tmp.png [2014/02/13 18:49:43 | 000,000,913 | ---- | M] () -- C:\octDD19.tmp.png [2014/02/13 18:49:43 | 000,000,904 | ---- | M] () -- C:\octDF4B.tmp.png [2014/02/13 18:49:43 | 000,000,802 | ---- | M] () -- C:\octDE1B.tmp.png [2014/02/13 18:49:43 | 000,000,431 | ---- | M] () -- C:\octE0DD.tmp.png [2014/02/13 18:49:43 | 000,000,431 | ---- | M] () -- C:\octE03D.tmp.png [2014/02/13 18:49:43 | 000,000,431 | ---- | M] () -- C:\octDFBC.tmp.png [2014/02/13 18:49:43 | 000,000,431 | ---- | M] () -- C:\octDE8C.tmp.png [2014/02/13 18:49:43 | 000,000,431 | ---- | M] () -- C:\octDD6B.tmp.png [2014/02/13 18:49:43 | 000,000,431 | ---- | M] () -- C:\octDCA8.tmp.png [2014/02/13 18:49:43 | 000,000,431 | ---- | M] () -- C:\octDC18.tmp.png [2014/02/13 18:49:43 | 000,000,431 | ---- | M] () -- C:\octDBC6.tmp.png [2014/02/13 18:49:43 | 000,000,431 | ---- | M] () -- C:\octDB06.tmp.png [2014/02/13 18:49:43 | 000,000,344 | ---- | M] () -- C:\octD9E9.tmp.png [2014/02/13 18:49:43 | 000,000,246 | ---- | M] () -- C:\octE16E.tmp.png [2014/02/13 17:05:26 | 000,071,829 | ---- | M] () -- C:\octE623.tmp.png [2014/02/13 17:05:26 | 000,057,698 | ---- | M] () -- C:\octE7FF.tmp.png [2014/02/13 17:05:26 | 000,022,809 | ---- | M] () -- C:\octE6A3.tmp.png [2014/02/13 17:05:26 | 000,022,809 | ---- | M] () -- C:\octE5A2.tmp.png [2014/02/13 17:05:26 | 000,007,986 | ---- | M] () -- C:\octE87F.tmp.png [2014/02/13 17:05:26 | 000,005,184 | ---- | M] () -- C:\octE612.tmp.png [2014/02/13 17:05:26 | 000,004,133 | ---- | M] () -- C:\octE850.tmp.png [2014/02/13 17:05:26 | 000,002,974 | ---- | M] () -- C:\octE7CF.tmp.png [2014/02/13 17:05:26 | 000,002,961 | ---- | M] () -- C:\octE83F.tmp.png [2014/02/13 17:05:26 | 000,002,691 | ---- | M] () -- C:\octE601.tmp.png [2014/02/13 17:05:26 | 000,001,579 | ---- | M] () -- C:\octE7CE.tmp.png [2014/02/13 17:05:26 | 000,001,472 | ---- | M] () -- C:\octE674.tmp.png [2014/02/13 17:05:26 | 000,001,472 | ---- | M] () -- C:\octE591.tmp.png [2014/02/13 17:05:26 | 000,001,193 | ---- | M] () -- C:\octE663.tmp.png [2014/02/13 17:05:26 | 000,001,193 | ---- | M] () -- C:\octE581.tmp.png [2014/02/13 17:05:25 | 000,037,565 | ---- | M] () -- C:\octE1ED.tmp.png [2014/02/13 17:05:25 | 000,022,809 | ---- | M] () -- C:\octE511.tmp.png [2014/02/13 17:05:25 | 000,022,809 | ---- | M] () -- C:\octE4B0.tmp.png [2014/02/13 17:05:25 | 000,022,809 | ---- | M] () -- C:\octE3DD.tmp.png [2014/02/13 17:05:25 | 000,022,809 | ---- | M] () -- C:\octE35C.tmp.png [2014/02/13 17:05:25 | 000,015,569 | ---- | M] () -- C:\octE2BC.tmp.png [2014/02/13 17:05:25 | 000,014,356 | ---- | M] () -- C:\octE44E.tmp.png [2014/02/13 17:05:25 | 000,002,608 | ---- | M] () -- C:\octE43E.tmp.png [2014/02/13 17:05:25 | 000,002,344 | ---- | M] () -- C:\octE41D.tmp.png [2014/02/13 17:05:25 | 000,002,290 | ---- | M] () -- C:\octE17F.tmp.png [2014/02/13 17:05:25 | 000,001,472 | ---- | M] () -- C:\octE4F1.tmp.png [2014/02/13 17:05:25 | 000,001,472 | ---- | M] () -- C:\octE480.tmp.png [2014/02/13 17:05:25 | 000,001,472 | ---- | M] () -- C:\octE3BD.tmp.png [2014/02/13 17:05:25 | 000,001,472 | ---- | M] () -- C:\octE34C.tmp.png [2014/02/13 17:05:25 | 000,001,193 | ---- | M] () -- C:\octE4E1.tmp.png [2014/02/13 17:05:25 | 000,001,193 | ---- | M] () -- C:\octE47F.tmp.png [2014/02/13 17:05:25 | 000,001,193 | ---- | M] () -- C:\octE3AC.tmp.png [2014/02/13 17:05:25 | 000,001,193 | ---- | M] () -- C:\octE32B.tmp.png [2014/02/13 17:05:25 | 000,001,031 | ---- | M] () -- C:\octE26D.tmp.png [2014/02/13 17:05:25 | 000,000,415 | ---- | M] () -- C:\octE17E.tmp.png [2014/02/13 17:05:25 | 000,000,391 | ---- | M] () -- C:\octE23D.tmp.png [2014/02/13 17:05:24 | 000,062,430 | ---- | M] () -- C:\octDE5C.tmp.png [2014/02/13 17:05:24 | 000,047,098 | ---- | M] () -- C:\octDD3B.tmp.png [2014/02/13 17:05:24 | 000,022,809 | ---- | M] () -- C:\octE10F.tmp.png [2014/02/13 17:05:24 | 000,022,809 | ---- | M] () -- C:\octE09E.tmp.png [2014/02/13 17:05:24 | 000,022,809 | ---- | M] () -- C:\octE00D.tmp.png [2014/02/13 17:05:24 | 000,022,809 | ---- | M] () -- C:\octDF0C.tmp.png [2014/02/13 17:05:24 | 000,022,809 | ---- | M] () -- C:\octDD9D.tmp.png [2014/02/13 17:05:24 | 000,007,528 | ---- | M] () -- C:\octDF8D.tmp.png [2014/02/13 17:05:24 | 000,004,920 | ---- | M] () -- C:\octDE4C.tmp.png [2014/02/13 17:05:24 | 000,004,062 | ---- | M] () -- C:\octDF7C.tmp.png [2014/02/13 17:05:24 | 000,002,555 | ---- | M] () -- C:\octDF6B.tmp.png [2014/02/13 17:05:24 | 000,002,432 | ---- | M] () -- C:\octDE2B.tmp.png [2014/02/13 17:05:24 | 000,001,472 | ---- | M] () -- C:\octE0FE.tmp.png [2014/02/13 17:05:24 | 000,001,472 | ---- | M] () -- C:\octE09D.tmp.png [2014/02/13 17:05:24 | 000,001,472 | ---- | M] () -- C:\octDFFD.tmp.png [2014/02/13 17:05:24 | 000,001,472 | ---- | M] () -- C:\octDECC.tmp.png [2014/02/13 17:05:24 | 000,001,472 | ---- | M] () -- C:\octDD8C.tmp.png [2014/02/13 17:05:24 | 000,001,193 | ---- | M] () -- C:\octE0FD.tmp.png [2014/02/13 17:05:24 | 000,001,193 | ---- | M] () -- C:\octE06D.tmp.png [2014/02/13 17:05:24 | 000,001,193 | ---- | M] () -- C:\octDFCD.tmp.png [2014/02/13 17:05:24 | 000,001,193 | ---- | M] () -- C:\octDEBC.tmp.png [2014/02/13 17:05:24 | 000,001,193 | ---- | M] () -- C:\octDD7C.tmp.png [2014/02/13 17:05:23 | 000,033,101 | ---- | M] () -- C:\octDA98.tmp.png [2014/02/13 17:05:23 | 000,022,809 | ---- | M] () -- C:\octDCDA.tmp.png [2014/02/13 17:05:23 | 000,022,809 | ---- | M] () -- C:\octDC59.tmp.png [2014/02/13 17:05:23 | 000,022,809 | ---- | M] () -- C:\octDBE8.tmp.png [2014/02/13 17:05:23 | 000,022,809 | ---- | M] () -- C:\octDB67.tmp.png [2014/02/13 17:05:23 | 000,004,824 | ---- | M] () -- C:\octDD2B.tmp.png [2014/02/13 17:05:23 | 000,002,451 | ---- | M] () -- C:\octDD2A.tmp.png [2014/02/13 17:05:23 | 000,001,939 | ---- | M] () -- C:\octDA49.tmp.png [2014/02/13 17:05:23 | 000,001,472 | ---- | M] () -- C:\octDCC9.tmp.png [2014/02/13 17:05:23 | 000,001,472 | ---- | M] () -- C:\octDC48.tmp.png [2014/02/13 17:05:23 | 000,001,472 | ---- | M] () -- C:\octDBE7.tmp.png [2014/02/13 17:05:23 | 000,001,472 | ---- | M] () -- C:\octDB27.tmp.png [2014/02/13 17:05:23 | 000,001,193 | ---- | M] () -- C:\octDCB9.tmp.png [2014/02/13 17:05:23 | 000,001,193 | ---- | M] () -- C:\octDC38.tmp.png [2014/02/13 17:05:23 | 000,001,193 | ---- | M] () -- C:\octDBD6.tmp.png [2014/02/13 17:05:23 | 000,001,193 | ---- | M] () -- C:\octDB07.tmp.png [2014/02/13 17:05:23 | 000,000,395 | ---- | M] () -- C:\octDA29.tmp.png [2014/02/13 16:23:22 | 000,000,061 | ---- | M] () -- C:\Windows\wininit.ini [2014/02/13 15:52:16 | 000,001,966 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2014/02/13 15:51:45 | 001,038,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2014/02/13 15:51:45 | 000,421,704 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2014/02/13 15:51:45 | 000,334,136 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2014/02/13 15:51:45 | 000,207,904 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys [2014/02/13 15:51:45 | 000,092,544 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2014/02/13 15:51:45 | 000,080,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys [2014/02/13 15:51:45 | 000,078,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2014/02/13 15:51:45 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys [2014/02/13 15:51:45 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2014/02/13 15:48:11 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2014/02/13 11:06:23 | 001,850,430 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2014/02/13 11:06:23 | 000,815,160 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat [2014/02/13 11:06:23 | 000,710,724 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2014/02/13 11:06:23 | 000,186,058 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat [2014/02/13 11:06:23 | 000,141,220 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2014/02/13 09:21:27 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2014/02/12 23:21:35 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2014/02/11 17:43:04 | 000,001,192 | ---- | M] () -- C:\Users\graciela\Desktop\CrystalDiskInfo.lnk [2014/02/10 17:26:54 | 000,015,795 | ---- | M] () -- C:\Users\graciela\Documents\64GB-test.odt [2014/02/08 09:34:06 | 000,001,175 | ---- | M] () -- C:\Users\graciela\Desktop\Youtube Downloader HD.lnk [2014/02/06 21:28:52 | 000,001,931 | ---- | M] () -- C:\Users\graciela\Desktop\Adobe Master Collection CS6 - Acceso directo.lnk [2014/02/05 11:06:28 | 000,017,989 | ---- | M] () -- C:\Users\graciela\Documents\ubuntuHDDrecover.odt [2014/02/05 09:48:21 | 000,000,964 | ---- | M] () -- C:\Users\graciela\Desktop\Yodot Hard Drive Recovery.lnk [2014/02/04 21:13:59 | 000,003,081 | ---- | M] () -- C:\Users\graciela\Desktop\WinDFT.lnk [2014/02/04 09:08:51 | 000,002,181 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2014/02/03 20:52:02 | 000,007,652 | ---- | M] () -- C:\Users\graciela\AppData\Local\resmon.resmoncfg [2014/02/03 18:58:20 | 000,002,067 | ---- | M] () -- C:\Users\Public\Desktop\GetDataBack for NTFS.lnk [2014/02/02 21:20:06 | 000,001,390 | ---- | M] () -- C:\Users\graciela\Desktop\Torch.lnk [2014/02/02 13:21:43 | 000,001,456 | ---- | M] () -- C:\Users\graciela\AppData\Local\Adobe Save for Web 13.0 Prefs [2014/02/02 12:21:36 | 000,000,132 | ---- | M] () -- C:\Users\graciela\AppData\Roaming\Adobe PNG Format CS6 Prefs [2014/02/01 10:40:13 | 000,000,284 | RH-- | M] () -- C:\Windows\ctfile.rfc [2014/01/28 18:36:29 | 000,233,279 | ---- | M] () -- C:\Users\graciela\AppData\Local\census.cache [2014/01/28 18:36:12 | 000,128,400 | ---- | M] () -- C:\Users\graciela\AppData\Local\ars.cache [2014/01/27 21:40:57 | 000,002,513 | ---- | M] () -- C:\Users\Public\Desktop\inSSIDer 3.lnk [2014/01/26 23:08:52 | 000,017,488 | ---- | M] () -- C:\Users\graciela\Desktop\MultiAttack3-26-01-2014.odt [2014/01/25 22:34:27 | 000,012,163 | ---- | M] () -- C:\Users\graciela\Documents\32Gigats-test.odt [2014/01/25 12:42:02 | 473,076,105 | ---- | M] () -- C:\Users\graciela\Documents\LipdubFinalHD-14Kbps.mp4 [2014/01/25 12:08:21 | 589,071,430 | ---- | M] () -- C:\Users\graciela\Documents\LipdubFinalHD-16Kbps.mp4 [2014/01/22 15:52:21 | 000,064,288 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2014/01/19 12:18:01 | 000,001,233 | ---- | M] () -- C:\Users\graciela\Desktop\AMCap.lnk [2014/01/18 16:10:15 | 005,138,528 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [color=#E56717]========== Files Created - No Company Name ==========[/color] [2014/02/13 19:20:20 | 000,001,986 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk [2014/02/13 17:05:26 | 000,071,829 | ---- | C] () -- C:\octE623.tmp.png [2014/02/13 17:05:26 | 000,057,698 | ---- | C] () -- C:\octE7FF.tmp.png [2014/02/13 17:05:26 | 000,022,809 | ---- | C] () -- C:\octE6A3.tmp.png [2014/02/13 17:05:26 | 000,022,809 | ---- | C] () -- C:\octE5A2.tmp.png [2014/02/13 17:05:26 | 000,007,986 | ---- | C] () -- C:\octE87F.tmp.png [2014/02/13 17:05:26 | 000,005,184 | ---- | C] () -- C:\octE612.tmp.png [2014/02/13 17:05:26 | 000,004,133 | ---- | C] () -- C:\octE850.tmp.png [2014/02/13 17:05:26 | 000,002,974 | ---- | C] () -- C:\octE7CF.tmp.png [2014/02/13 17:05:26 | 000,002,961 | ---- | C] () -- C:\octE83F.tmp.png [2014/02/13 17:05:26 | 000,002,691 | ---- | C] () -- C:\octE601.tmp.png [2014/02/13 17:05:26 | 000,001,579 | ---- | C] () -- C:\octE7CE.tmp.png [2014/02/13 17:05:26 | 000,001,472 | ---- | C] () -- C:\octE674.tmp.png [2014/02/13 17:05:26 | 000,001,472 | ---- | C] () -- C:\octE591.tmp.png [2014/02/13 17:05:26 | 000,001,193 | ---- | C] () -- C:\octE663.tmp.png [2014/02/13 17:05:26 | 000,001,193 | ---- | C] () -- C:\octE581.tmp.png [2014/02/13 17:05:26 | 000,001,014 | ---- | C] () -- C:\octE83E.tmp.png [2014/02/13 17:05:26 | 000,000,663 | ---- | C] () -- C:\octE79E.tmp.png [2014/02/13 17:05:26 | 000,000,557 | ---- | C] () -- C:\octE5F1.tmp.png [2014/02/13 17:05:26 | 000,000,431 | ---- | C] () -- C:\octE652.tmp.png [2014/02/13 17:05:26 | 000,000,431 | ---- | C] () -- C:\octE570.tmp.png [2014/02/13 17:05:25 | 000,037,565 | ---- | C] () -- C:\octE1ED.tmp.png [2014/02/13 17:05:25 | 000,022,809 | ---- | C] () -- C:\octE511.tmp.png [2014/02/13 17:05:25 | 000,022,809 | ---- | C] () -- C:\octE4B0.tmp.png [2014/02/13 17:05:25 | 000,022,809 | ---- | C] () -- C:\octE3DD.tmp.png [2014/02/13 17:05:25 | 000,022,809 | ---- | C] () -- C:\octE35C.tmp.png [2014/02/13 17:05:25 | 000,015,569 | ---- | C] () -- C:\octE2BC.tmp.png [2014/02/13 17:05:25 | 000,014,356 | ---- | C] () -- C:\octE44E.tmp.png [2014/02/13 17:05:25 | 000,002,608 | ---- | C] () -- C:\octE43E.tmp.png [2014/02/13 17:05:25 | 000,002,344 | ---- | C] () -- C:\octE41D.tmp.png [2014/02/13 17:05:25 | 000,002,290 | ---- | C] () -- C:\octE17F.tmp.png [2014/02/13 17:05:25 | 000,001,472 | ---- | C] () -- C:\octE4F1.tmp.png [2014/02/13 17:05:25 | 000,001,472 | ---- | C] () -- C:\octE480.tmp.png [2014/02/13 17:05:25 | 000,001,472 | ---- | C] () -- C:\octE3BD.tmp.png [2014/02/13 17:05:25 | 000,001,472 | ---- | C] () -- C:\octE34C.tmp.png [2014/02/13 17:05:25 | 000,001,193 | ---- | C] () -- C:\octE4E1.tmp.png [2014/02/13 17:05:25 | 000,001,193 | ---- | C] () -- C:\octE47F.tmp.png [2014/02/13 17:05:25 | 000,001,193 | ---- | C] () -- C:\octE3AC.tmp.png [2014/02/13 17:05:25 | 000,001,193 | ---- | C] () -- C:\octE32B.tmp.png [2014/02/13 17:05:25 | 000,001,031 | ---- | C] () -- C:\octE26D.tmp.png [2014/02/13 17:05:25 | 000,000,659 | ---- | C] () -- C:\octE41C.tmp.png [2014/02/13 17:05:25 | 000,000,431 | ---- | C] () -- C:\octE4E0.tmp.png [2014/02/13 17:05:25 | 000,000,431 | ---- | C] () -- C:\octE46E.tmp.png [2014/02/13 17:05:25 | 000,000,431 | ---- | C] () -- C:\octE3AB.tmp.png [2014/02/13 17:05:25 | 000,000,431 | ---- | C] () -- C:\octE32A.tmp.png [2014/02/13 17:05:25 | 000,000,415 | ---- | C] () -- C:\octE17E.tmp.png [2014/02/13 17:05:25 | 000,000,391 | ---- | C] () -- C:\octE23D.tmp.png [2014/02/13 17:05:25 | 000,000,246 | ---- | C] () -- C:\octE16E.tmp.png [2014/02/13 17:05:25 | 000,000,217 | ---- | C] () -- C:\octE22D.tmp.png [2014/02/13 17:05:24 | 000,062,430 | ---- | C] () -- C:\octDE5C.tmp.png [2014/02/13 17:05:24 | 000,022,809 | ---- | C] () -- C:\octE10F.tmp.png [2014/02/13 17:05:24 | 000,022,809 | ---- | C] () -- C:\octE09E.tmp.png [2014/02/13 17:05:24 | 000,022,809 | ---- | C] () -- C:\octE00D.tmp.png [2014/02/13 17:05:24 | 000,022,809 | ---- | C] () -- C:\octDF0C.tmp.png [2014/02/13 17:05:24 | 000,022,809 | ---- | C] () -- C:\octDD9D.tmp.png [2014/02/13 17:05:24 | 000,007,528 | ---- | C] () -- C:\octDF8D.tmp.png [2014/02/13 17:05:24 | 000,004,920 | ---- | C] () -- C:\octDE4C.tmp.png [2014/02/13 17:05:24 | 000,004,062 | ---- | C] () -- C:\octDF7C.tmp.png [2014/02/13 17:05:24 | 000,002,555 | ---- | C] () -- C:\octDF6B.tmp.png [2014/02/13 17:05:24 | 000,002,432 | ---- | C] () -- C:\octDE2B.tmp.png [2014/02/13 17:05:24 | 000,001,472 | ---- | C] () -- C:\octE0FE.tmp.png [2014/02/13 17:05:24 | 000,001,472 | ---- | C] () -- C:\octE09D.tmp.png [2014/02/13 17:05:24 | 000,001,472 | ---- | C] () -- C:\octDFFD.tmp.png [2014/02/13 17:05:24 | 000,001,472 | ---- | C] () -- C:\octDECC.tmp.png [2014/02/13 17:05:24 | 000,001,472 | ---- | C] () -- C:\octDD8C.tmp.png [2014/02/13 17:05:24 | 000,001,193 | ---- | C] () -- C:\octE0FD.tmp.png [2014/02/13 17:05:24 | 000,001,193 | ---- | C] () -- C:\octE06D.tmp.png [2014/02/13 17:05:24 | 000,001,193 | ---- | C] () -- C:\octDFCD.tmp.png [2014/02/13 17:05:24 | 000,001,193 | ---- | C] () -- C:\octDEBC.tmp.png [2014/02/13 17:05:24 | 000,001,193 | ---- | C] () -- C:\octDD7C.tmp.png [2014/02/13 17:05:24 | 000,000,904 | ---- | C] () -- C:\octDF4B.tmp.png [2014/02/13 17:05:24 | 000,000,802 | ---- | C] () -- C:\octDE1B.tmp.png [2014/02/13 17:05:24 | 000,000,431 | ---- | C] () -- C:\octE0DD.tmp.png [2014/02/13 17:05:24 | 000,000,431 | ---- | C] () -- C:\octE03D.tmp.png [2014/02/13 17:05:24 | 000,000,431 | ---- | C] () -- C:\octDFBC.tmp.png [2014/02/13 17:05:24 | 000,000,431 | ---- | C] () -- C:\octDE8C.tmp.png [2014/02/13 17:05:24 | 000,000,431 | ---- | C] () -- C:\octDD6B.tmp.png [2014/02/13 17:05:23 | 000,047,098 | ---- | C] () -- C:\octDD3B.tmp.png [2014/02/13 17:05:23 | 000,033,101 | ---- | C] () -- C:\octDA98.tmp.png [2014/02/13 17:05:23 | 000,022,809 | ---- | C] () -- C:\octDCDA.tmp.png [2014/02/13 17:05:23 | 000,022,809 | ---- | C] () -- C:\octDC59.tmp.png [2014/02/13 17:05:23 | 000,022,809 | ---- | C] () -- C:\octDBE8.tmp.png [2014/02/13 17:05:23 | 000,022,809 | ---- | C] () -- C:\octDB67.tmp.png [2014/02/13 17:05:23 | 000,004,824 | ---- | C] () -- C:\octDD2B.tmp.png [2014/02/13 17:05:23 | 000,002,451 | ---- | C] () -- C:\octDD2A.tmp.png [2014/02/13 17:05:23 | 000,001,939 | ---- | C] () -- C:\octDA49.tmp.png [2014/02/13 17:05:23 | 000,001,472 | ---- | C] () -- C:\octDCC9.tmp.png [2014/02/13 17:05:23 | 000,001,472 | ---- | C] () -- C:\octDC48.tmp.png [2014/02/13 17:05:23 | 000,001,472 | ---- | C] () -- C:\octDBE7.tmp.png [2014/02/13 17:05:23 | 000,001,472 | ---- | C] () -- C:\octDB27.tmp.png [2014/02/13 17:05:23 | 000,001,193 | ---- | C] () -- C:\octDCB9.tmp.png [2014/02/13 17:05:23 | 000,001,193 | ---- | C] () -- C:\octDC38.tmp.png [2014/02/13 17:05:23 | 000,001,193 | ---- | C] () -- C:\octDBD6.tmp.png [2014/02/13 17:05:23 | 000,001,193 | ---- | C] () -- C:\octDB07.tmp.png [2014/02/13 17:05:23 | 000,000,913 | ---- | C] () -- C:\octDD19.tmp.png [2014/02/13 17:05:23 | 000,000,431 | ---- | C] () -- C:\octDCA8.tmp.png [2014/02/13 17:05:23 | 000,000,431 | ---- | C] () -- C:\octDC18.tmp.png [2014/02/13 17:05:23 | 000,000,431 | ---- | C] () -- C:\octDBC6.tmp.png [2014/02/13 17:05:23 | 000,000,431 | ---- | C] () -- C:\octDB06.tmp.png [2014/02/13 17:05:23 | 000,000,395 | ---- | C] () -- C:\octDA29.tmp.png [2014/02/13 17:05:23 | 000,000,344 | ---- | C] () -- C:\octD9E9.tmp.png [2014/02/13 16:23:22 | 000,000,061 | ---- | C] () -- C:\Windows\wininit.ini [2014/02/13 15:48:13 | 000,065,776 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys [2014/02/13 15:48:11 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt [2014/02/12 22:58:01 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2014/02/12 22:58:01 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2014/02/12 22:58:01 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2014/02/12 22:58:01 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2014/02/12 22:58:01 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2014/02/11 17:43:04 | 000,001,192 | ---- | C] () -- C:\Users\graciela\Desktop\CrystalDiskInfo.lnk [2014/02/10 14:34:19 | 000,015,795 | ---- | C] () -- C:\Users\graciela\Documents\64GB-test.odt [2014/02/07 14:56:28 | 000,002,457 | ---- | C] () -- C:\Users\graciela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk [2014/02/07 14:50:37 | 000,001,175 | ---- | C] () -- C:\Users\graciela\Desktop\Youtube Downloader HD.lnk [2014/02/06 21:28:52 | 000,001,931 | ---- | C] () -- C:\Users\graciela\Desktop\Adobe Master Collection CS6 - Acceso directo.lnk [2014/02/05 11:06:19 | 000,017,989 | ---- | C] () -- C:\Users\graciela\Documents\ubuntuHDDrecover.odt [2014/02/05 09:48:21 | 000,000,964 | ---- | C] () -- C:\Users\graciela\Desktop\Yodot Hard Drive Recovery.lnk [2014/02/04 21:13:59 | 000,003,081 | ---- | C] () -- C:\Users\graciela\Desktop\WinDFT.lnk [2014/02/03 18:58:20 | 000,002,067 | ---- | C] () -- C:\Users\Public\Desktop\GetDataBack for NTFS.lnk [2014/02/02 21:19:34 | 000,001,415 | ---- | C] () -- C:\Users\graciela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk [2014/02/02 21:19:08 | 000,001,390 | ---- | C] () -- C:\Users\graciela\Desktop\Torch.lnk [2014/01/28 18:36:29 | 000,233,279 | ---- | C] () -- C:\Users\graciela\AppData\Local\census.cache [2014/01/28 18:36:12 | 000,128,400 | ---- | C] () -- C:\Users\graciela\AppData\Local\ars.cache [2014/01/27 21:40:57 | 000,002,513 | ---- | C] () -- C:\Users\Public\Desktop\inSSIDer 3.lnk [2014/01/26 20:41:11 | 000,017,488 | ---- | C] () -- C:\Users\graciela\Desktop\MultiAttack3-26-01-2014.odt [2014/01/25 22:34:25 | 000,012,163 | ---- | C] () -- C:\Users\graciela\Documents\32Gigats-test.odt [2014/01/25 12:40:49 | 473,076,105 | ---- | C] () -- C:\Users\graciela\Documents\LipdubFinalHD-14Kbps.mp4 [2014/01/25 12:06:38 | 589,071,430 | ---- | C] () -- C:\Users\graciela\Documents\LipdubFinalHD-16Kbps.mp4 [2014/01/24 12:25:52 | 000,055,296 | ---- | C] () -- C:\Windows\SysNative\HUFFYUV.DLL [2014/01/23 09:44:44 | 015,823,233 | ---- | C] () -- C:\Users\graciela\Documents\Denny Dent.mp4 [2014/01/23 09:44:44 | 011,342,683 | ---- | C] () -- C:\Users\graciela\Documents\Denny Dent Paints Jimi Hendrix.mp4 [2014/01/19 12:18:01 | 000,001,233 | ---- | C] () -- C:\Users\graciela\Desktop\AMCap.lnk [2013/12/21 13:31:49 | 000,000,026 | ---- | C] () -- C:\Windows\brpp2ka.ini [2013/09/29 13:26:04 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin [2013/09/29 13:26:03 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin [2013/09/29 13:26:02 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin [2013/09/21 12:04:53 | 000,003,584 | ---- | C] () -- C:\Users\graciela\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013/06/25 10:56:45 | 000,014,051 | R--- | C] () -- C:\Windows\SysWow64\RaCoInst.dat [2013/06/25 10:56:16 | 000,000,451 | ---- | C] () -- C:\Windows\SysWow64\DiagFunc.ini [2013/06/25 10:56:16 | 000,000,072 | ---- | C] () -- C:\Windows\SysWow64\RaCertMgr.ini [2013/06/25 10:56:15 | 000,792,416 | ---- | C] () -- C:\Windows\SysWow64\DiagFunc.dll [2013/06/04 14:00:29 | 000,000,098 | ---- | C] () -- C:\Windows\MSUTIL.INI [2013/05/19 18:15:24 | 000,000,132 | ---- | C] () -- C:\Users\graciela\AppData\Roaming\Adobe BMP Format CS6 Prefs [2013/04/11 15:29:38 | 161,615,634 | ---- | C] () -- C:\Users\graciela\Backup.abr [2013/03/10 18:13:59 | 000,177,664 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL [2013/03/10 18:13:59 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL [2013/01/18 10:22:59 | 000,000,146 | ---- | C] () -- C:\Windows\ODBC.INI [2013/01/03 14:20:09 | 000,000,036 | ---- | C] () -- C:\Users\graciela\AppData\Local\housecall.guid.cache [2012/12/26 19:31:48 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI [2012/11/21 00:16:28 | 000,001,456 | ---- | C] () -- C:\Users\graciela\AppData\Local\Adobe Save for Web 12.0 Prefs [2012/10/19 19:44:47 | 000,000,030 | ---- | C] () -- C:\Windows\SysWow64\brss01a.ini [2012/10/19 19:44:42 | 000,000,410 | ---- | C] () -- C:\Windows\BRWMARK.INI [2012/07/28 20:38:12 | 000,001,248 | ---- | C] () -- C:\Windows\ARPR.INI [2012/07/28 20:34:39 | 000,083,968 | ---- | C] () -- C:\Windows\UnGins.exe [2012/07/28 19:16:45 | 000,007,652 | ---- | C] () -- C:\Users\graciela\AppData\Local\resmon.resmoncfg [2012/07/22 03:12:45 | 000,000,132 | ---- | C] () -- C:\Users\graciela\AppData\Roaming\Adobe PNG Format CS6 Prefs [2012/07/20 02:54:16 | 000,001,456 | ---- | C] () -- C:\Users\graciela\AppData\Local\Adobe Save for Web 13.0 Prefs [2012/07/04 17:21:05 | 001,828,404 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012/06/19 09:42:42 | 004,178,432 | ---- | C] () -- C:\Windows\SysWow64\PhotoLooksRenderer.dll [2009/02/24 12:40:02 | 000,001,352 | ---- | C] () -- C:\ProgramData\cfSB1090.ini [2009/02/24 12:40:02 | 000,001,352 | ---- | C] () -- C:\ProgramData\cfSB0910.ini [2009/02/24 12:40:02 | 000,001,346 | ---- | C] () -- C:\ProgramData\cfSB1100.ini [2009/02/24 12:40:02 | 000,001,302 | ---- | C] () -- C:\ProgramData\cfSB0300.ini [2009/02/24 12:40:02 | 000,001,282 | ---- | C] () -- C:\ProgramData\cfSB0471.ini [2009/02/24 12:40:02 | 000,001,208 | ---- | C] () -- C:\ProgramData\cfSB0490.ini [2009/02/24 12:40:02 | 000,001,027 | ---- | C] () -- C:\ProgramData\cfSB0560.ini [2009/02/24 12:40:02 | 000,001,026 | ---- | C] () -- C:\ProgramData\cfSB0271.ini [2009/02/24 12:40:02 | 000,001,026 | ---- | C] () -- C:\ProgramData\cfSB0270.ini [2009/02/24 12:40:02 | 000,000,590 | ---- | C] () -- C:\ProgramData\cfSB0950.ini [color=#E56717]========== ZeroAccess Check ==========[/color] [2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2013/09/12 08:30:17 | 000,000,000 | ---D | M] -- C:\Users\graciela\AppData\Roaming\.kde [2012/07/14 09:00:58 | 000,000,000 | ---D | M] -- C:\Users\graciela\AppData\Roaming\Aleo Software [2013/06/06 09:18:43 | 000,000,000 | ---D | M] -- C:\Users\graciela\AppData\Roaming\Alien Skin [2014/02/13 15:57:47 | 000,000,000 | ---D | M] -- C:\Users\graciela\AppData\Roaming\AVAST Software [2014/02/12 13:08:22 | 000,000,000 | ---D | M] -- C:\Users\graciela\AppData\Roaming\BitTorrent [2013/02/19 20:53:04 | 000,000,000 | ---D | M] -- C:\Users\graciela\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2013/02/11 19:51:54 | 000,000,000 | ---D | M] -- C:\Users\graciela\AppData\Roaming\com.adobe.WidgetBrowser [2014/01/17 18:45:24 | 000,000,000 | ---D | M] -- C:\Users\graciela\AppData\Roaming\CoreFTP [2013/06/19 13:48:01 | 000,000,000 | ---D | M] -- C:\Users\graciela\AppData\Roaming\corz [2012/09/12 21:59:04 | 000,000,000 | ---D | M] -- C:\Users\graciela\AppData\Roaming\DroidExplorer [2014/02/09 10:42:35 | 000,000,000 | ---D | M] -- C:\Users\graciela\AppData\Roaming\FileZilla [2013/10/03 14:29:43 | 000,000,000 | ---D | M] -- C:\Users\graciela\AppData\Roaming\Fresco Logic Inc [2013/06/06 10:57:26 | 000,000,000 | ---D | M] -- C:\Users\graciela\AppData\Roaming\GenArts [2013/09/12 08:37:18 | 000,000,000 | ---D | M] -- C:\Users\graciela\AppData\Roaming\gnupg [2013/09/14 10:20:20 | 000,000,000 | ---D | M] -- C:\Users\graciela\AppData\Roaming\HandBrake [2013/10/10 12:33:49 | 000,000,000 | ---D | M] -- C:\Users\graciela\AppData\Roaming\iZotope [2013/03/19 20:11:33 | 000,000,000 | ---D | M] -- C:\Users\graciela\AppData\Roaming\Kits [2013/03/19 20:15:09 | 000,000,000 | ---D | M] -- C:\Users\graciela\AppData\Roaming\Luxology [2013/03/25 23:57:31 | 000,000,000 | ---D | M] -- C:\Users\graciela\AppData\Roaming\MPEG Streamclip [2012/07/12 17:44:28 | 000,000,000 | ---D | M] -- C:\Users\graciela\AppData\Roaming\NASA [2013/09/29 09:12:43 | 000,000,000 | ---D | M] -- C:\Users\graciela\AppData\Roaming\onOne Software [2012/07/04 16:41:32 | 000,000,000 | ---D | M] -- C:\Users\graciela\AppData\Roaming\OpenOffice.org [2014/02/02 21:01:01 | 000,000,000 | ---D | M] -- C:\Users\graciela\AppData\Roaming\Opera [2013/12/12 18:56:29 | 000,000,000 | ---D | M] -- C:\Users\graciela\AppData\Roaming\PACE Anti-Piracy [2012/07/17 01:02:08 | 000,000,000 | ---D | M] -- C:\Users\graciela\AppData\Roaming\PDAppFlex [2013/09/08 15:16:22 | 000,000,000 | ---D | M] -- C:\Users\graciela\AppData\Roaming\Product_RM [2013/03/01 20:28:04 | 000,000,000 | ---D | M] -- C:\Users\graciela\AppData\Roaming\Publish Providers [2013/02/21 23:12:39 | 000,000,000 | ---D | M] -- C:\Users\graciela\AppData\Roaming\Red Giant Link [2013/09/08 16:03:03 | 000,000,000 | ---D | M] -- C:\Users\graciela\AppData\Roaming\Registry Mechanic [2013/03/01 20:45:13 | 000,000,000 | ---D | M] -- C:\Users\graciela\AppData\Roaming\Sony [2012/07/17 00:55:27 | 000,000,000 | ---D | M] -- C:\Users\graciela\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2014/02/07 15:18:27 | 000,000,000 | ---D | M] -- C:\Users\graciela\AppData\Roaming\TuneUp Software [2014/01/18 18:07:47 | 000,000,000 | ---D | M] -- C:\Users\graciela\AppData\Roaming\Ulead Systems [2013/05/23 16:24:46 | 000,000,000 | ---D | M] -- C:\Users\graciela\AppData\Roaming\VS Revo Group [2012/07/02 14:12:57 | 000,000,000 | ---D | M] -- C:\Users\graciela\AppData\Roaming\WinBatch [2013/09/29 09:26:50 | 000,000,000 | ---D | M] -- C:\Users\graciela\AppData\Roaming\WinZip [2014/02/08 09:49:55 | 000,000,000 | ---D | M] -- C:\Users\graciela\AppData\Roaming\Youtube Downloader HD [2013/10/10 15:25:47 | 000,000,000 | ---D | M] -- C:\Users\graciela\AppData\Roaming\Zaxwerks [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 337 bytes -> C:\ProgramData\TEMP:E0EFB096 @Alternate Data Stream - 182 bytes -> C:\ProgramData\TEMP:9638A27E @Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:D1B5B4F1 @Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:8E236DBE @Alternate Data Stream - 1134 bytes -> C:\Users\graciela\AppData\Local\Temp:hNOWfo14MzG6utf81U @Alternate Data Stream - 1068 bytes -> C:\Users\graciela\AppData\Local\kiQr62wfqC5u:V0kXmgfTbNGWrgIcmAd3q3 < End of report >