Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Buyerschoice Malware [Solved]

Started by Vexen , Aug 21 2015 09:05 AM
chrome malware buyerschoice

  • This topic is locked This topic is locked

#1
Vexen
Posted 21 August 2015 - 09:05 AM

Vexen

    New Member

  • Member
  • Pip
  • 2 posts

Hi! My computer has been infected, it is constantly showing popups (only in Google Chrome). Here are my logs. I'd appreciate some input. Many thanks!

 

P.S.: I've tried to use Malwarebytes to fix the situation, but it didn't work out.

 

FRST.txt:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-08-2015

Ran by Alfredo (administrator) on ALFREDO-PC (21-08-2015 16:58:38)
Running from C:\Users\Alfredo\Desktop
Loaded Profiles: Alfredo (Available Profiles: Alfredo)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files\KMSpico\Service_KMS.exe
(Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13260944 2012-11-20] (Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [2419512 2012-11-04] (Logitech, Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [12697368 2014-10-14] (Logitech Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-236596440-1630658578-1866139-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-236596440-1630658578-1866139-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://es.msn.com/?ocid=iehp
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-06-18] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2012-11-04] (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-06-18] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-03-12] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 62.81.16.164 62.81.16.213
Tcpip\..\Interfaces\{B10124A2-7635-4042-9EE8-0B994BED93BB}: [DhcpNameServer] 62.81.16.164 62.81.16.213
 
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll [2014-04-15] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-05-06] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-09-05] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2014-06-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-06-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2013-05-11] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin HKU\S-1-5-21-236596440-1630658578-1866139-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Alfredo\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-01-10]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-10-20]
 
Chrome: 
=======
CHR Profile: C:\Users\Alfredo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Alfredo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-09]
CHR Extension: (YouTube) - C:\Users\Alfredo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-09]
CHR Extension: (Google Search) - C:\Users\Alfredo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-09]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Alfredo\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2013-10-20]
CHR Extension: (AdBlock) - C:\Users\Alfredo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-09-11]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Alfredo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2014-12-27]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Alfredo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Alfredo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (Gmail) - C:\Users\Alfredo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-09]
CHR HKLM-x32\...\Chrome\Extension: [edaibbiobngpbmeonadpbfafbkimjbdd] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx [2013-01-10]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2013-05-11]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4702568 2012-10-24] (INCA Internet Co., Ltd.) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2015-01-05] (Electronic Arts)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [37888 2013-03-02] () [File not signed]
S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-14] (Microsoft Corporation)
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2015-07-17] (Popcorn Time) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R5 ACPI; C:\Windows\System32\drivers\ACPI.sys [334208 2010-11-21] (Microsoft Corporation)
R5 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2011-03-11] (Advanced Micro Devices)
R5 atapi; C:\Windows\System32\drivers\atapi.sys [24128 2009-07-14] (Microsoft Corporation)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [312480 2014-12-14] ()
R5 CLFS; C:\Windows\System32\CLFS.sys [367552 2015-03-04] (Microsoft Corporation)
R5 CNG; C:\Windows\System32\Drivers\cng.sys [459336 2015-01-31] (Microsoft Corporation)
R5 Disk; C:\Windows\System32\drivers\disk.sys [73280 2009-07-14] (Microsoft Corporation)
R5 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-14] (Microsoft Corporation)
R5 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-21] (Microsoft Corporation)
U5 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2012-03-01] (Microsoft Corporation)
R5 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223752 2013-01-24] (Microsoft Corporation)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2014-11-29] ()
R5 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-21] (Microsoft Corporation)
R5 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95680 2015-07-15] (Microsoft Corporation)
R5 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [155584 2015-07-15] (Microsoft Corporation)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43168 2014-12-14] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-21] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R5 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94656 2015-07-15] (Microsoft Corporation)
R5 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-14] (Microsoft Corporation)
R5 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-14] (Microsoft Corporation)
R5 NDIS; C:\Windows\System32\drivers\ndis.sys [950128 2012-08-22] (Microsoft Corporation)
R5 partmgr; C:\Windows\System32\drivers\partmgr.sys [75120 2012-03-17] (Microsoft Corporation)
R5 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-21] (Microsoft Corporation)
R5 pciide; C:\Windows\System32\drivers\pciide.sys [12352 2009-07-14] (Microsoft Corporation)
R5 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-14] (Microsoft Corporation)
S3 ptun0901; C:\Windows\System32\DRIVERS\ptun0901.sys [27136 2014-04-24] (The OpenVPN Project)
R5 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-21] (Microsoft Corporation)
R5 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-14] (Microsoft Corporation)
R5 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2013-07-03] () [File not signed]
R5 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1903552 2014-04-05] (Microsoft Corporation)
R5 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-14] (Microsoft Corporation)
R5 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-21] (Microsoft Corporation)
R5 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-21] (Microsoft Corporation)
R5 volsnap; C:\Windows\System32\drivers\volsnap.sys [295808 2010-11-21] (Microsoft Corporation)
R5 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785624 2013-06-26] (Microsoft Corporation)
U3 aojs1i6w; C:\Windows\System32\Drivers\aojs1i6w.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-21 16:58 - 2015-08-21 16:59 - 00017470 _____ C:\Users\Alfredo\Desktop\FRST.txt
2015-08-21 16:58 - 2015-08-21 16:58 - 00000000 ____D C:\FRST
2015-08-21 16:57 - 2015-08-21 16:57 - 02173952 _____ (Farbar) C:\Users\Alfredo\Downloads\FRST64.exe
2015-08-21 16:57 - 2015-08-21 16:57 - 02173952 _____ (Farbar) C:\Users\Alfredo\Desktop\FRST64.exe
2015-08-21 16:15 - 2015-08-21 16:16 - 00000000 ____D C:\Program Files\CCleaner
2015-08-21 16:15 - 2015-08-21 16:15 - 00002798 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-08-21 16:15 - 2015-08-21 16:15 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-08-21 16:15 - 2015-08-21 16:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-08-21 16:11 - 2015-08-21 16:11 - 00000000 ____D C:\Users\Alfredo\Downloads\CCleaner 5.08.5308-Crack Inc.& Keys - By~[Bl4ckHaT]
2015-08-19 17:27 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 17:27 - 2015-08-11 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-19 17:27 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-19 17:27 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-19 14:50 - 2015-08-19 16:05 - 00000000 ____D C:\Users\Alfredo\Downloads\Mr.Robot.S01E01.1080p.HDTV.X264-DIMENSION[rarbg]
2015-08-19 09:33 - 2015-08-19 10:43 - 400502360 ____R C:\Users\Alfredo\Downloads\Crematorio.1x03.HDTV.DVB.By.Hero.avi
2015-08-19 09:33 - 2015-08-19 09:44 - 502050816 ____R C:\Users\Alfredo\Downloads\Crematorio.1x04.HDTV.DVB.By.Hero.avi
2015-08-18 19:19 - 2015-08-18 19:19 - 00000000 ____D C:\Users\Alfredo\Downloads\Shrek 2[HDrip][AC3 Spanish][www.lokotorrents.com]
2015-08-17 23:47 - 2015-08-17 23:47 - 00000000 ____D C:\Users\Alfredo\Downloads\En Un Mundo Mejor [dvdrip][spanish][AC3 5.1][www.lokotorrents.com]
2015-08-17 23:18 - 2015-08-17 23:29 - 616539438 ____R C:\Users\Alfredo\Downloads\Crematorio.1x02.HDTV.DVB.By.Hero.avi
2015-08-17 23:14 - 2015-08-17 23:49 - 1250585942 ____R C:\Users\Alfredo\Downloads\Perros de Paja (Spanish DVDRip).avi
2015-08-17 22:13 - 2015-08-17 22:42 - 535773184 ____R C:\Users\Alfredo\Downloads\Crematorio.1x01.HDTV.DVB.By.Hero.avi
2015-08-17 22:13 - 2015-08-17 22:34 - 00000000 ____D C:\Users\Alfredo\Downloads\Cadena Perpetua (1994)[HDRip-XviD-AC3-ESP]
2015-08-15 11:55 - 2015-08-15 11:57 - 00000000 ____D C:\Users\Alfredo\Downloads\The Martian - Andy Weir
2015-08-15 01:08 - 2015-08-15 01:08 - 01214204 ____R C:\Users\Alfredo\Downloads\0062301675 read lit like prof.epub
2015-08-13 22:54 - 2015-08-13 22:54 - 00049629 _____ C:\Users\Alfredo\Downloads\Pretty Little Liars - 06x10 - Game Over, Charles.DIMENSION.English.C.updated.Addic7ed.com.srt
2015-08-13 19:46 - 2015-08-13 19:47 - 00000000 ____D C:\Users\Alfredo\Downloads\Pretty.Little.Liars.S06E10.720p.HDTV.X264-DIMENSION[rarbg]
2015-08-13 19:46 - 2015-08-13 19:46 - 00000000 ____D C:\Users\Alfredo\Downloads\OST - Shrek 1-3
2015-08-13 14:19 - 2015-08-13 14:19 - 00000000 ____D C:\Users\Alfredo\Downloads\True.Detective.S02E08.1080p.HDTV.x264-BATV[rarbg]
2015-08-13 13:37 - 2015-08-13 13:37 - 00000000 ____D C:\Users\Alfredo\Downloads\La Cenicienta [dvdrip][1950][spanish][www.lokotorrents.com]
2015-08-13 13:17 - 2015-08-13 13:17 - 00000000 ____D C:\Users\Alfredo\Downloads\Jumanji[dvdrip][spanish][www.lokotorrents.com]
2015-08-13 03:17 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 03:17 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 22:12 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 22:12 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 22:12 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 22:12 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 22:12 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 22:12 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-12 22:12 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 22:12 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 22:12 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 22:12 - 2015-07-15 20:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-12 22:12 - 2015-07-15 20:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-12 22:12 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 22:12 - 2015-07-15 20:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 22:12 - 2015-07-15 20:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-12 22:12 - 2015-07-15 20:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-12 22:12 - 2015-07-15 20:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-12 22:12 - 2015-07-15 20:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-12 22:12 - 2015-07-15 20:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-12 22:12 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 22:12 - 2015-07-15 20:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-12 22:12 - 2015-07-15 20:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-12 22:12 - 2015-07-15 20:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-12 22:12 - 2015-07-15 20:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-12 22:12 - 2015-07-15 20:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-12 22:12 - 2015-07-15 20:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-12 22:12 - 2015-07-15 20:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-12 22:12 - 2015-07-15 20:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-12 22:12 - 2015-07-15 20:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-12 22:12 - 2015-07-15 20:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-12 22:12 - 2015-07-15 20:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-12 22:12 - 2015-07-15 20:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-12 22:12 - 2015-07-15 20:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-12 22:12 - 2015-07-15 20:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-12 22:12 - 2015-07-15 20:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-12 22:12 - 2015-07-15 20:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 22:12 - 2015-07-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-12 22:12 - 2015-07-15 20:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-12 22:12 - 2015-07-15 20:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-12 22:12 - 2015-07-15 20:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-12 22:12 - 2015-07-15 20:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-12 22:12 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 22:12 - 2015-07-15 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-12 22:12 - 2015-07-15 20:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-12 22:12 - 2015-07-15 20:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-12 22:12 - 2015-07-15 20:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-12 22:12 - 2015-07-15 20:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-12 22:12 - 2015-07-15 20:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-12 22:12 - 2015-07-15 20:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 20:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-12 22:12 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-12 22:12 - 2015-07-15 19:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 22:12 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-12 22:12 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-12 22:12 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-12 22:12 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-12 22:12 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-12 22:12 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-12 22:12 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-12 22:12 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-12 22:12 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-12 22:12 - 2015-07-15 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-12 22:12 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-12 22:12 - 2015-07-15 19:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-12 22:12 - 2015-07-15 19:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-12 22:12 - 2015-07-15 19:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-12 22:12 - 2015-07-15 19:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-12 22:12 - 2015-07-15 19:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-12 22:12 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-12 22:12 - 2015-07-15 19:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-12 22:12 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-12 22:12 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-12 22:12 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-12 22:12 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-12 22:12 - 2015-07-15 19:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 19:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 18:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-12 22:12 - 2015-07-15 18:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-12 22:12 - 2015-07-15 18:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-12 22:12 - 2015-07-15 18:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-12 22:12 - 2015-07-15 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-12 22:12 - 2015-07-15 18:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 18:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 18:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 22:12 - 2015-07-15 18:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-12 22:11 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 22:11 - 2015-07-10 19:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 22:11 - 2015-07-10 19:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-12 22:11 - 2015-07-10 19:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-12 22:11 - 2015-07-10 19:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 22:11 - 2015-07-10 19:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-12 22:11 - 2015-07-10 19:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-12 22:10 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 22:10 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 22:10 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 22:10 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-12 22:10 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 22:10 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-12 22:10 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-12 22:10 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 22:10 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 22:10 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-12 22:10 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 22:10 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-12 22:10 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-12 22:10 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 22:10 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 22:10 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 22:10 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-12 22:10 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-12 22:10 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-12 22:10 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-12 22:10 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 22:10 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 22:10 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-12 22:10 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 22:10 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-12 22:10 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 22:10 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 22:10 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-12 22:10 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 22:10 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 22:10 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-12 22:10 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 22:10 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-12 22:10 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-12 22:10 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 22:10 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 22:10 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-12 22:10 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 22:10 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 22:10 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 22:10 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-12 22:10 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 22:10 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-12 22:10 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-12 22:10 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 22:10 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 22:10 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-12 22:10 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 22:10 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 22:10 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 22:10 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-12 22:10 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 22:10 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-12 22:10 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 22:10 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-12 22:10 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 22:10 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 22:10 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-12 22:10 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-12 22:10 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 22:10 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 22:10 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 22:10 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 22:10 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 22:10 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 22:10 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 22:10 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-12 22:10 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 22:10 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 22:10 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 22:10 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 22:10 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 22:10 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 22:10 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 22:10 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-12 22:10 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-12 22:10 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 22:10 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 22:10 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-12 22:10 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-12 22:10 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 22:10 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 22:10 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 22:10 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 22:10 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 22:10 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 22:10 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 22:09 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 22:09 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 22:09 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 22:09 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 22:09 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 22:09 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 22:09 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-12 22:09 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-12 22:09 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 22:09 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-12 22:09 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-12 22:09 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 22:09 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 22:09 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 22:09 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 22:09 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-12 22:09 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 22:09 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-12 22:09 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-11 09:17 - 2015-08-11 09:17 - 03156540 _____ C:\Users\Alfredo\Downloads\The Catcher in the Rye.rar
2015-08-10 17:50 - 2015-08-10 17:50 - 00000000 ____D C:\Users\Alfredo\Downloads\En busca de la felicidad.HDrip
2015-08-09 12:45 - 2015-08-09 13:27 - 1919795200 ____R C:\Users\Alfredo\Downloads\Perdiendo el norte (HDRip) (Elitetorrent.net).avi
2015-08-08 20:17 - 2015-08-08 20:22 - 00000000 ____D C:\Users\Alfredo\Downloads\Talk To Her [Hable Con Ella].2002.DVDRip.XviD-VLiS
2015-08-08 16:15 - 2015-08-08 16:15 - 00067161 _____ C:\Users\Alfredo\Downloads\It's such a beautiful day.srt
2015-08-08 16:06 - 2015-08-08 16:06 - 00001117 _____ C:\Users\Public\Desktop\Popcorn Time.lnk
2015-08-08 16:06 - 2015-08-08 16:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Popcorn Time
2015-08-08 16:06 - 2015-08-08 16:06 - 00000000 ____D C:\Program Files (x86)\Popcorn Time
2015-08-08 16:05 - 2015-08-08 16:05 - 51551760 _____ (Popcorn Time ) C:\Users\Alfredo\Downloads\PopcornTime-latest.exe
2015-08-08 15:10 - 2015-08-08 15:10 - 13545694 _____ C:\Users\Alfredo\AppData\Local\package.nw.new
2015-08-07 12:58 - 2015-08-07 12:58 - 00000000 ____D C:\Users\Alfredo\Downloads\The Universe in a Nutshell
2015-08-05 21:51 - 2015-08-05 21:51 - 00104752 _____ C:\Users\Alfredo\Downloads\(500)Days of Summer.[2009].RETAIL.DVDRIP.XVID.[Eng]-DUQA.srt
2015-08-05 21:51 - 2015-08-05 21:51 - 00006271 _____ C:\Users\Alfredo\Downloads\500.days.of.summer.(3586543).nfo
2015-07-31 19:01 - 2015-07-31 19:01 - 02203152 _____ C:\Users\Alfredo\Downloads\Mstenosis.mpg
2015-07-30 02:15 - 2015-07-30 02:16 - 00061500 _____ C:\Users\Alfredo\Downloads\Pretty Little Liars - 06x08 - FrAmed.DIMENSION.English.C.updated.Addic7ed.com.srt
2015-07-28 21:35 - 2015-07-28 21:35 - 00000000 ____D C:\Users\Alfredo\Downloads\Alexander.2004.The.Ultimate.Cut.1080p.BluRay.AC3.x264-ETRG
2015-07-27 18:58 - 2015-07-27 18:58 - 00000000 ____D C:\Users\Alfredo\Downloads\Laura Branigan - Self Control [1984]
2015-07-27 18:11 - 2015-07-27 18:24 - 00000000 ____D C:\Users\Alfredo\Downloads\03.Rasputin-Boney M(Single Track)[FLAC]
2015-07-27 18:01 - 2015-07-27 18:02 - 03875496 _____ (foobar2000.org) C:\Users\Alfredo\Downloads\foobar2000_v1.3.8.exe
2015-07-27 18:01 - 2015-07-27 18:01 - 01529924 _____ (foobar2000.org) C:\Users\Alfredo\Downloads\Free_Encoder_Pack_2015-06-02.exe
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-21 16:51 - 2014-06-18 18:24 - 00000000 ____D C:\Program Files\OpenVPN
2015-08-21 16:50 - 2014-06-30 23:24 - 00000000 ___RD C:\Users\Alfredo\Desktop\Juegos
2015-08-21 16:43 - 2013-01-09 14:26 - 01584812 _____ C:\Windows\WindowsUpdate.log
2015-08-21 16:32 - 2014-11-29 16:28 - 00112304 _____ C:\Users\Alfredo\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-21 16:32 - 2013-01-09 15:51 - 00001100 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-21 16:30 - 2015-07-17 11:04 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-21 16:28 - 2013-05-22 21:51 - 00000000 ____D C:\Users\Alfredo\AppData\Local\Sony
2015-08-21 16:27 - 2013-09-13 17:07 - 00000000 ____D C:\Program Files (x86)\Total Video Converter
2015-08-21 16:27 - 2013-05-22 21:51 - 00000000 ____D C:\ProgramData\Sony
2015-08-21 16:26 - 2013-01-29 18:36 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-21 16:21 - 2013-11-17 13:35 - 00000000 ____D C:\Users\Alfredo\AppData\Local\Black_Tree_Gaming
2015-08-21 16:21 - 2013-06-25 00:17 - 00000000 ____D C:\Program Files (x86)\Mumble
2015-08-21 16:15 - 2015-06-02 20:21 - 00000000 ____D C:\Users\Alfredo\AppData\Roaming\uTorrent
2015-08-21 14:37 - 2014-05-02 17:32 - 00000936 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-236596440-1630658578-1866139-1000UA.job
2015-08-21 12:12 - 2013-09-04 14:00 - 00000000 ____D C:\Program Files\KMSpico
2015-08-21 08:24 - 2009-07-14 06:45 - 00029136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-21 08:24 - 2009-07-14 06:45 - 00029136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-21 00:32 - 2013-01-09 15:51 - 00001096 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-20 20:38 - 2013-01-12 16:07 - 00000000 ____D C:\Users\Alfredo\AppData\Roaming\vlc
2015-08-20 17:37 - 2014-05-02 17:32 - 00000914 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-236596440-1630658578-1866139-1000Core.job
2015-08-20 12:08 - 2014-11-29 16:28 - 00012855 _____ C:\Windows\setupact.log
2015-08-20 12:08 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-19 14:50 - 2015-07-08 12:39 - 00000000 ____D C:\Users\Alfredo\Downloads\True.Detective.S02E03.720p.HDTV.x264-0SEC[rarbg]
2015-08-18 23:48 - 2014-10-19 13:36 - 00000000 ____D C:\Users\Alfredo\Documents\Anki
2015-08-18 20:54 - 2011-04-12 11:10 - 00747720 _____ C:\Windows\system32\perfh00A.dat
2015-08-18 20:54 - 2011-04-12 11:10 - 00159192 _____ C:\Windows\system32\perfc00A.dat
2015-08-18 20:54 - 2009-07-14 07:13 - 01678218 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-15 21:02 - 2014-10-19 13:42 - 00000000 ____D C:\Users\Alfredo\Desktop\Deutsch Anki
2015-08-14 03:03 - 2013-09-04 13:52 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-13 06:05 - 2015-05-14 04:10 - 00000000 ____D C:\Windows\rescache
2015-08-13 03:39 - 2014-11-29 16:28 - 00462344 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-13 03:37 - 2014-12-11 00:38 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-13 03:37 - 2014-05-07 00:44 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-13 03:13 - 2013-09-04 13:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-08-12 22:35 - 2015-02-19 21:22 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-08 16:03 - 2015-06-23 14:54 - 00000000 ____D C:\Users\Alfredo\AppData\Local\Popcorn-Time
2015-08-08 16:03 - 2015-06-23 14:53 - 00000000 ____D C:\Users\Alfredo\AppData\Local\Popcorn Time
2015-08-06 18:30 - 2014-11-13 21:30 - 00000000 ____D C:\Users\Alfredo\Desktop\Assimil German With Ease
2015-07-30 01:02 - 2013-01-09 15:51 - 00000000 ____D C:\Users\Alfredo\AppData\Local\Google
2015-07-28 18:02 - 2013-01-09 14:23 - 00000000 ____D C:\Windows\Panther
2015-07-28 17:48 - 2015-07-10 19:09 - 00000000 ___HD C:\$Windows.~BT
2015-07-26 23:54 - 2015-04-05 03:00 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-22 16:35 - 2014-11-29 16:31 - 00486388 _____ C:\Windows\PFRO.log
 
==================== Files in the root of some directories =======
 
2014-11-15 11:39 - 2014-11-26 01:11 - 0000004 _____ () C:\Users\Alfredo\AppData\Roaming\appdataFr2.bin
2015-03-20 17:13 - 2015-03-20 17:13 - 0000000 ___SH () C:\Users\Alfredo\AppData\Local\LumaEmu
2015-08-08 15:10 - 2015-08-08 15:10 - 13545694 _____ () C:\Users\Alfredo\AppData\Local\package.nw.new
2015-04-12 11:17 - 2015-04-12 11:17 - 0007609 _____ () C:\Users\Alfredo\AppData\Local\Resmon.ResmonCfg
 
Some files in TEMP:
====================
C:\Users\Alfredo\AppData\Local\Temp\DJAPI.dll
C:\Users\Alfredo\AppData\Local\Temp\Foxit Updater.exe
C:\Users\Alfredo\AppData\Local\Temp\raptrpatch.exe
C:\Users\Alfredo\AppData\Local\Temp\raptr_stub.exe
C:\Users\Alfredo\AppData\Local\Temp\ubiC2F1.tmp.exe
C:\Users\Alfredo\AppData\Local\Temp\Uninstall.exe
C:\Users\Alfredo\AppData\Local\Temp\update.exe
C:\Users\Alfredo\AppData\Local\Temp\vlc-2.2.1-win32.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-08-13 05:57
 
==================== End of log ============================
 
Addition.txt:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:21-08-2015
Ran by Alfredo (2015-08-21 16:59:22)
Running from C:\Users\Alfredo\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrador (S-1-5-21-236596440-1630658578-1866139-500 - Administrator - Disabled)
Alfredo (S-1-5-21-236596440-1630658578-1866139-1000 - Administrator - Enabled) => C:\Users\Alfredo
HomeGroupUser$ (S-1-5-21-236596440-1630658578-1866139-1002 - Limited - Enabled)
Invitado (S-1-5-21-236596440-1630658578-1866139-501 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-236596440-1630658578-1866139-1000\...\uTorrent) (Version: 3.4.3.40760 - BitTorrent Inc.)
A Game of Thrones version 0.6.1 (HKU\S-1-5-21-236596440-1630658578-1866139-1000\...\{7C82709E-75FE-4C3A-976A-8C97908DDD7B}_is1) (Version: 0.6.1 - AGOT TEAM)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.03 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.117 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Anki (HKLM-x32\...\Anki) (Version:  - )
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
Compatibilidad con Aplicaciones de Apple (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Crusader Kings II (HKLM-x32\...\Crusader Kings II_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
DAEMON Tools Pro Advanced v5.2.0.0348 (HKLM-x32\...\DAEMON Tools Pro Advanced v5.2.0.03485.2.0.0348) (Version: 5.2.0.0348 - Friends in War)
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
DjVuLibre DjView  3.5.25.4+4.9.2 (HKLM-x32\...\DjVuLibre+DjView) (Version: 3.5.25.4+4.9.2 - DjVuZone)
Dxtory version 2.0.119 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.119 - Dxtory Software)
Eines de correcció del Microsoft Office 2013: català (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Epson Easy Photo Print 2 (HKLM-x32\...\{02A312B5-1542-47B6-BFE9-F51358C39E86}) (Version: 2.4.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
EPUB File Reader (HKLM-x32\...\{818C5857-5C74-4CAC-9F43-E5597086852D}_is1) (Version:  - )
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Europa Universalis IV (HKLM-x32\...\Europa Universalis IV_is1) (Version:  - Paradox Interactive)
Europa Universalis IV: Common Sense (HKLM-x32\...\Europa Universalis IV: Common Sense_is1) (Version:  - )
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Ferramentas de verificación de Microsoft Office 2013 - Galego (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Game of Thrones version 1.0 (HKLM-x32\...\{95F04096-90B5-4E44-86AA-93D1F856B04D}_is1) (Version: 1.0 - Telltale Games)
Git version 1.9.4-preview20140815 (HKLM-x32\...\Git_is1) (Version: 1.9.4-preview20140815 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.)
Google Earth (HKLM-x32\...\{A2264E8F-1649-11E3-8BED-B8AC6F98CCE3}) (Version: 7.1.2.2019 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.20.1337 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
K-Lite Codec Pack 10.6.5 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.6.5 - )
KMSpico 4.1 (HKLM\...\KMSpico v4.1_is1) (Version: 4 - )
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
LEGO® Harry Potter™: Years 1-4 (HKLM-x32\...\{C5A8DF48-580B-44D3-B2B2-E965A9368F28}) (Version: 1.0.0.0 - WB Games)
Logitech SetPoint 6.51 (HKLM\...\sp6) (Version: 6.51.8 - Logitech)
Malwarebytes Anti-Malware versión 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Mass Effect 3 © Bioware version 1 (HKLM-x32\...\TWFzcyBFZmZlY3QgMyAoYykgQmlvd2FyZQ==_is1) (Version: 1 - )
Mass Effect™ 3 (HKLM-x32\...\{6A9D1594-7791-48f5-9CAA-DE9BCB968320}) (Version: 1.01.0.0 - Electronic Arts)
Microsoft .NET Framework 4.5.1 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{B45FABE7-D101-4D99-A671-E16DA40AF7F0}) (Version: 3.0.86.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{B578C85A-A84C-4230-A177-C5B2AF565B8C}) (Version: 3.0.17.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NVIDIA PhysX (HKLM-x32\...\{9530AE42-DAE1-4619-9594-B23487285D17}) (Version: 9.11.1107 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.3.636 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 5.3.1.1 - Popcorn Time)
PowerISO (HKLM-x32\...\PowerISO) (Version: 4.7 - PowerISO Computing, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.65.1025.2012 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6650 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6788 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Rosetta Stone TOTALe (x32 Version: 4.1.15.1 - Rosetta Stone, Ltd) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Software de impresora EPSON (HKLM\...\EPSON Printer and Utilities) (Version:  - SEIKO EPSON Corporation)
Software Logitech para juegos 8.57 (HKLM\...\Logitech Gaming Software) (Version: 8.57.145 - Logitech Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
STEAM/Steamapps/common/The Talos Principle (HKLM-x32\...\STEAM/Steamapps/common/The Talos Principle_is1) (Version: Unknown - StarDima Repack Games)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
The Walking Dead - Season 2 (HKLM-x32\...\The Walking Dead - Season 21.0) (Version: 1.0 - Friends in War)
The Witcher Enhanced Edition (HKLM-x32\...\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}) (Version: 1.00.0000 - CD Projekt Red)
Tombraider (HKLM-x32\...\Tombraider_is1) (Version:  - )
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUSR_{DAFCD7DE-1531-4483-9F53-170766074E85}) (Version:  - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Walking Dead (HKLM-x32\...\Walking Dead_is1) (Version:  - Audioslave)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-236596440-1630658578-1866139-1000_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()
 
==================== Restore Points =========================
 
21-08-2015 16:18:07 Removed Bonjour
21-08-2015 16:21:35 Removed Mumble 1.2.4
21-08-2015 16:21:58 Quitado OpenOffice 4.0.1
21-08-2015 16:27:30 Removed Vegas Pro 12.0 (64-bit)
21-08-2015 16:32:18 Removed Windows 7 USB/DVD Download Tool
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-11-02 21:16 - 2013-12-28 22:21 - 00000881 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.01 www.4game.com
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {13029673-BB62-453E-AD82-7556934CAC10} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {18F0A5E7-5F46-40F2-B1A7-5A82A5228E67} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-09] (Google Inc.)
Task: {253AC2AC-C1E9-4478-9C39-6CECCA7376BA} - System32\Tasks\{A6A4A394-D87B-416F-B3F8-4280DD06094A} => pcalua.exe -a E:\Drivers\W7\setup.exe -d E:\Drivers\W7
Task: {36C3B21D-A01A-419B-81E5-6C6DD87EF661} - System32\Tasks\{EDBE27BB-883F-482D-B384-CDD563F1A91E} => E:\Install.exe
Task: {3CA250C9-40F0-45D6-AFA5-04D9173ED439} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-236596440-1630658578-1866139-1000UA => C:\Users\Alfredo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-05-02] (Facebook Inc.)
Task: {58FAF583-0180-4641-9E9E-08BE097D055A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {5DCD1233-D223-48DA-9EE5-1AB3D673379E} - System32\Tasks\{89A939E3-06AB-425B-BA00-5A09F67E0843} => pcalua.exe -a "C:\Program Files\TeamSpeak 3 Client\plugins\ts3overlay\InstallHook.exe" -d "C:\Program Files\TeamSpeak 3 Client\plugins\ts3overlay\" -c ts3overlay_hook_win32.dll 10000
Task: {7DB328A0-2FA2-4FE6-80F9-7E29A32D3BB5} - System32\Tasks\{EA73298B-5D9A-4C74-B942-7358DAD4D1D5} => pcalua.exe -a "C:\Users\Alfredo\Downloads\dxwebsetup (1).exe" -d C:\Users\Alfredo\Downloads
Task: {8232969A-1051-4DBF-9063-DA07D395BDE8} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-236596440-1630658578-1866139-1000Core => C:\Users\Alfredo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-05-02] (Facebook Inc.)
Task: {847232B9-AC84-4110-8878-98E6ADC1FC3E} - System32\Tasks\{C6973D95-EE4F-4C41-B93E-9B9C03E44366} => pcalua.exe -a "C:\Users\Alfredo\Downloads\Metal Gear Solid.exe" -d C:\Users\Alfredo\Downloads
Task: {8E3A4D57-5AB3-482D-8622-F8DE9B8955F3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-09] (Google Inc.)
Task: {9BA5930C-E177-46EC-B79A-B74DD1384FAB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9FD15847-03BB-4AED-B57A-F0351F21B351} - System32\Tasks\{5772B169-EB3C-4710-8101-914DC47C1972} => E:\Install.exe
Task: {A3E36B4A-2731-4DDD-891F-4189C5C7B017} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {ABF1F87E-7D4C-4098-9CEB-DBC005F8562F} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {AD65BBE1-9B2E-46CD-BB52-A0965A01FCA6} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe
Task: {B5166D97-8D22-4C41-9FBF-AB90B1162A61} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {D3879B5A-823F-4BBD-9CF1-A68D5C728C07} - System32\Tasks\{AF4339EC-5D77-4B8A-AFF9-AB5F5D95F550} => pcalua.exe -a "C:\Program Files (x86)\Metal Gear Solid\Uninstal.exe" -d "C:\Program Files (x86)\Metal Gear Solid"
Task: {E5EA0FF3-E73F-40D9-8BA6-48DED909ED59} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-236596440-1630658578-1866139-1000Core.job => C:\Users\Alfredo\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-236596440-1630658578-1866139-1000UA.job => C:\Users\Alfredo\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2013-09-04 14:00 - 2013-03-02 23:06 - 00037888 ___SH () C:\Program Files\KMSpico\Service_KMS.exe
2014-09-09 20:46 - 2014-08-15 18:33 - 00736962 _____ () C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll
2014-09-18 09:23 - 2014-09-18 09:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-10-14 20:51 - 2014-10-14 20:51 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 09:23 - 2014-09-18 09:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-10-14 20:51 - 2014-10-14 20:51 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-08-21 16:16 - 2012-07-27 04:27 - 00020288 _____ () C:\Program Files\CCleaner\branding.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-01-10 00:21 - 2012-10-22 15:22 - 01199648 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2015-08-12 22:35 - 2015-08-08 02:13 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libglesv2.dll
2015-08-12 22:35 - 2015-08-08 02:13 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libegl.dll
2015-08-12 22:35 - 2015-08-08 02:13 - 16393032 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-236596440-1630658578-1866139-1000\...\4game.com -> hxxps://4game.com
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-236596440-1630658578-1866139-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Alfredo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 62.81.16.164 - 62.81.16.213
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: f.lux => "C:\Users\Alfredo\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
MSCONFIG\startupreg: Facebook Update => "C:\Users\Alfredo\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: FlashPlayerUpdate => C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_117_ActiveX.exe -update activex
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: uTorrent => "C:\Users\Alfredo\AppData\Roaming\uTorrent\uTorrent.exe"
MSCONFIG\startupreg: Viber => "C:\Users\Alfredo\AppData\Local\Viber\Viber.exe"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [TelnetServer-TlntSvr-TCP-In] => (Allow) %systemroot%\system32\tlntsvr.exe
FirewallRules: [TelnetServer-Tlntadmn-RPC-In] => (Allow) %systemroot%\system32\tlntsvr.exe
FirewallRules: [{DEA988E2-0119-4FA8-8376-7B40CDA5ED6A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D6C74694-74BB-4AAC-9B7B-DBC704AB9B95}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AB50F148-896D-4900-A14B-8A3DBD386842}] => (Allow) C:\Games\Mass Effect 3\Binaries\Win32\MassEffect3.exe
FirewallRules: [{7C4BE8B0-B2E9-418E-B933-D73C00478B8A}] => (Allow) C:\Games\Mass Effect 3\Binaries\Win32\MassEffect3.exe
FirewallRules: [{27796865-9E51-47FB-83BF-F165342686DB}] => (Allow) C:\Program Files\KMSpico\A65MJBPDSZG.exe
FirewallRules: [{38E25B70-85C7-490F-8BFC-046DFE7956F6}] => (Allow) C:\Program Files\KMSpico\A65MJBPDSZG.exe
FirewallRules: [{523F31BB-99E1-4618-8800-A287DCEAAEE6}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{798CDAAE-7171-461C-ABF2-CE6234E41ADC}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{2E5C9198-B8E1-4DB3-AAC3-8A40A71547B5}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{4BDDF9A2-C579-4134-84CD-12D63F140287}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{78C40A62-052C-4606-90C5-54E0C6E50BC5}] => (Allow) C:\Users\Alfredo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{42B089EB-EB97-42B1-9E5D-99F579E7584A}] => (Allow) C:\Users\Alfredo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E634F1A4-BD95-4EE3-B88C-6EF6072C09FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{AE651C8D-80C8-4D75-A850-1E49C0FB3A2B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{B16B0E3F-CFAF-49C6-A050-CBD42E7CA6A6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{068404FF-9865-4C85-9EAC-47173423B373}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{C298586E-D4B5-41EF-8296-00D510C3F274}C:\users\alfredo\desktop\juegos\2kgames\the misadventures of p.b. winterbottom\winterbottom.exe] => (Block) C:\users\alfredo\desktop\juegos\2kgames\the misadventures of p.b. winterbottom\winterbottom.exe
FirewallRules: [UDP Query User{F2967574-284A-451D-883F-F71330F1439C}C:\users\alfredo\desktop\juegos\2kgames\the misadventures of p.b. winterbottom\winterbottom.exe] => (Block) C:\users\alfredo\desktop\juegos\2kgames\the misadventures of p.b. winterbottom\winterbottom.exe
FirewallRules: [{A7E9C9F3-8043-4BE2-911D-3BC0DB9A5FAC}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{3CA08165-2814-4E33-9F34-20336B2854BA}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{C51FBB30-35A3-4D5A-87A6-9E2BE296BFD8}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{29833C1E-515F-47D1-8BC2-532BCEE58BDF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{0BB4A807-4A85-45CE-9152-2E94A55A3ABE}] => (Allow) C:\Users\Alfredo\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [TCP Query User{8BDAF4F1-D627-445F-BD3A-A6E9461A09E3}C:\program files (x86)\valve\portal\hl2.exe] => (Block) C:\program files (x86)\valve\portal\hl2.exe
FirewallRules: [UDP Query User{884EE28E-4782-4494-AA76-02E4927468B7}C:\program files (x86)\valve\portal\hl2.exe] => (Block) C:\program files (x86)\valve\portal\hl2.exe
FirewallRules: [{F6791BC3-1EC6-4C8A-823C-223A27EF3D38}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{3B8A0358-53EE-424A-B870-81CDDC0F2478}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2A84CD42-DC00-4F2B-9E5D-BCDCB6511232}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B04DFCDF-B59B-4CEE-8040-E2CCBB6C8D78}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{1172808E-C8E6-43F1-859F-CBD6A791819D}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{525ADA29-0F5C-4030-B460-1ABDFBBCB4A8}] => (Allow) C:\Users\Alfredo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8C57529F-F560-4C17-ACE0-025FBFCD994A}] => (Allow) C:\Users\Alfredo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{065FEE11-2B0A-4EB9-8938-1CA09605B44C}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{F8BA7A3E-9E5E-4369-9501-BCC697AF2E96}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{675F4B3E-3E83-45A0-AD68-1EB3CD939B26}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{111D9CB4-5216-45DE-AC26-919BB81CAFFA}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{EB1266BD-9AAF-49A3-83A7-0BAD7A423A0E}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{D8D55D11-0347-4E37-ADBC-1A509DFC4BCF}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{60CE305C-ED2D-4CD3-BB25-D6B60A6FB042}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/21/2015 01:41:49 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418225
 
Error: (08/20/2015 12:17:05 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Error al inicializar la infraestructura de asociación de la API de generación de perfiles. Este proceso no permitirá que se asocie un generador de perfiles. HRESULT: 0x80004005.  Id. de proceso (decimal): 5940. Id. de mensaje: [0x2509].
 
Error: (08/20/2015 12:09:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/19/2015 05:24:42 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Error al inicializar la infraestructura de asociación de la API de generación de perfiles. Este proceso no permitirá que se asocie un generador de perfiles. HRESULT: 0x80004005.  Id. de proceso (decimal): 3364. Id. de mensaje: [0x2509].
 
Error: (08/19/2015 04:21:53 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Error al inicializar la infraestructura de asociación de la API de generación de perfiles. Este proceso no permitirá que se asocie un generador de perfiles. HRESULT: 0x80004005.  Id. de proceso (decimal): 10152. Id. de mensaje: [0x2509].
 
Error: (08/19/2015 10:46:55 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application bug: DNSServiceResolve(c0:63:94:4e:0d:1c@fe80::c263:94ff:fe4e:d1c._apple-mobdev2._tcp.local.) active for over two minutes. This places considerable burden on the network.
 
Error: (08/19/2015 05:35:33 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418225
 
Error: (08/18/2015 08:50:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: WINWORD.EXE, versión: 15.0.4745.1001, marca de tiempo: 0x55ae1b97
Nombre del módulo con errores: ltc_game64-94307.dll, versión: 1.0.0.1, marca de tiempo: 0x5511f6fc
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000000fa0c
Id. del proceso con errores: 0x2034
Hora de inicio de la aplicación con errores: 0xWINWORD.EXE0
Ruta de acceso de la aplicación con errores: WINWORD.EXE1
Ruta de acceso del módulo con errores: WINWORD.EXE2
Id. del informe: WINWORD.EXE3
 
Error: (08/18/2015 09:10:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application bug: DNSServiceResolve(c0:63:94:4e:0d:1c@fe80::c263:94ff:fe4e:d1c._apple-mobdev2._tcp.local.) active for over two minutes. This places considerable burden on the network.
 
Error: (08/18/2015 09:10:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application bug: DNSServiceResolve(c0:63:94:4e:0d:1c@fe80::c263:94ff:fe4e:d1c._apple-mobdev2._tcp.local.) active for over two minutes. This places considerable burden on the network.
 
 
System errors:
=============
Error: (08/21/2015 07:45:52 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x80240020: Actualizar a Windows 10 Home.
 
Error: (08/20/2015 01:36:41 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Se anularon las instantáneas del volumen C: porque el almacenamiento de instantáneas no pudo crecer debido a un límite impuesto por el usuario.
 
Error: (08/20/2015 01:29:53 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Se anularon las instantáneas del volumen C: porque el almacenamiento de instantáneas no pudo crecer debido a un límite impuesto por el usuario.
 
Error: (08/20/2015 12:27:18 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x80240020: Actualizar a Windows 10 Home.
 
Error: (08/20/2015 12:08:50 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Agrupación de red del mismo nivel depende del servicio Protocolo de resolución de nombres de mismo nivel, el cual no pudo iniciarse debido al siguiente error: 
%%-2140993535
 
Error: (08/20/2015 12:08:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio Protocolo de resolución de nombres de mismo nivel se cerró con el siguiente error: 
%%-2140993535
 
Error: (08/20/2015 12:08:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio Protocolo de resolución de nombres de mismo nivel se cerró con el siguiente error: 
%%-2140993535
 
Error: (08/20/2015 12:08:50 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Agrupación de red del mismo nivel depende del servicio Protocolo de resolución de nombres de mismo nivel, el cual no pudo iniciarse debido al siguiente error: 
%%-2140993535
 
Error: (08/20/2015 12:08:50 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
 
Error: (08/20/2015 12:08:50 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
 
 
Microsoft Office:
=========================
Error: (08/21/2015 01:41:49 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418225
 
Error: (08/20/2015 12:17:05 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Error al inicializar la infraestructura de asociación de la API de generación de perfiles. Este proceso no permitirá que se asocie un generador de perfiles. HRESULT: 0x80004005.  Id. de proceso (decimal): 5940. Id. de mensaje: [0x2509].
 
Error: (08/20/2015 12:09:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/19/2015 05:24:42 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Error al inicializar la infraestructura de asociación de la API de generación de perfiles. Este proceso no permitirá que se asocie un generador de perfiles. HRESULT: 0x80004005.  Id. de proceso (decimal): 3364. Id. de mensaje: [0x2509].
 
Error: (08/19/2015 04:21:53 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Error al inicializar la infraestructura de asociación de la API de generación de perfiles. Este proceso no permitirá que se asocie un generador de perfiles. HRESULT: 0x80004005.  Id. de proceso (decimal): 10152. Id. de mensaje: [0x2509].
 
Error: (08/19/2015 10:46:55 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application bug: DNSServiceResolve(c0:63:94:4e:0d:1c@fe80::c263:94ff:fe4e:d1c._apple-mobdev2._tcp.local.) active for over two minutes. This places considerable burden on the network.
 
Error: (08/19/2015 05:35:33 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418225
 
Error: (08/18/2015 08:50:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WINWORD.EXE15.0.4745.100155ae1b97ltc_game64-94307.dll1.0.0.15511f6fcc0000005000000000000fa0c203401d0d9e6b99a28a8C:\Program Files\Microsoft Office\Office15\WINWORD.EXEC:\PROGRA~2\Raptr\ltc_game64-94307.dll0f22ef79-45da-11e5-9911-50e549272205
 
Error: (08/18/2015 09:10:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application bug: DNSServiceResolve(c0:63:94:4e:0d:1c@fe80::c263:94ff:fe4e:d1c._apple-mobdev2._tcp.local.) active for over two minutes. This places considerable burden on the network.
 
Error: (08/18/2015 09:10:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application bug: DNSServiceResolve(c0:63:94:4e:0d:1c@fe80::c263:94ff:fe4e:d1c._apple-mobdev2._tcp.local.) active for over two minutes. This places considerable burden on the network.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2400 CPU @ 3.10GHz
Percentage of memory in use: 53%
Total physical RAM: 4079.43 MB
Available physical RAM: 1896.94 MB
Total Virtual: 7780.83 MB
Available Virtual: 4755.96 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:931.41 GB) (Free:15.91 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 15083DC2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
 
==================== End of log ============================

 


  • 0

Advertisements

#2
Vexen
Posted 24 August 2015 - 11:26 AM

Vexen

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts

After 3 days, I was able to solve the problem (I will write down what I did should anyone have the same infection). I ran SpyHunter and fixed the found malware. After that, I restarted Google Chrome (you can do this in the Options menu). The pop-ups were finally gone.

 

You can close the topic now. Many thanks.


  • 0

#3
BrianDrab
Posted 24 August 2015 - 06:22 PM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics


Also tagged with one or more of these keywords: chrome, malware, buyerschoice

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP