This topic is locked
Hi there!
My friend is experiencing really slow boot up of laptop in past 1-2 months. She ask me to check it out.
This may not be infection at all because I just notice some minidum files in FRST.txt log.
If that is the case then I'm sorry.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:16-11-2015
Ran by Bretón (administrator) on LAURITA (17-11-2015 10:45:34)
Running from C:\Users\Bretón\Desktop\temp
Loaded Profiles: UpdatusUser & Bretón (Available Profiles: UpdatusUser & Bretón)
Platform: Windows 10 Home (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\TotalProtection\AVK\AVKWCtlx64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\TotalProtection\AVK\AVKService.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\TotalProtection\AVKBackup\AVKBackupService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\TotalProtection\Firewall\GDFwSvcx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS VivoBook\vivokey.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\TotalProtection\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
() C:\Windows\twain_32\Samsung\SCX4623\Scan2Pc.exe
(G DATA Software AG) C:\Program Files (x86)\G DATA\TotalProtection\Firewall\GDFirewallTray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSPanel.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [111976 2013-09-11] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13651672 2013-09-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [396688 2015-07-18] ()
HKLM\...\Run: [HotKeysCmds] => "C:\Windows\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\Windows\system32\igfxpers.exe"
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2013-12-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\ASUSWSLoader.exe [63296 2013-08-16] ()
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [SCX4623_Scan2Pc] => C:\Windows\Twain_32\Samsung\SCX4623\Scan2pc.exe
HKLM-x32\...\Run: [4623 Scan2PC] => "C:\Windows\twain_32\Samsung\SCX4623\Scan2Pc.exe"
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G DATA\TotalProtection\Firewall\GDFirewallTray.exe [1864312 2015-06-16] (G DATA Software AG)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G DATA\TotalProtection\AVKTray\AVKTray.exe,c:\program files (x86)\g data\totalprotection\avkkid\avkcks.exe
HKU\S-1-5-21-2710583665-1159995935-3744709580-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [48145024 2015-10-14] (Skype Technologies S.A.)
HKU\S-1-5-21-2710583665-1159995935-3744709580-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8551848 2015-10-19] (Piriform Ltd)
HKU\S-1-5-21-2710583665-1159995935-3744709580-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [805888 2015-07-10] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177088 2015-07-13] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Bretón\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64\FileSyncShell64.dll [2015-11-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Bretón\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64\FileSyncShell64.dll [2015-11-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Bretón\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64\FileSyncShell64.dll [2015-11-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Bretón\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileSyncShell.dll [2015-11-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Bretón\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileSyncShell.dll [2015-11-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Bretón\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileSyncShell.dll [2015-11-03] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{2dec0311-7247-4b8f-96fc-c38686fc6d2c}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{fcc9421e-e414-4016-8d24-b7c95d24c9f1}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2710583665-1159995935-3744709580-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2710583665-1159995935-3744709580-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKLM-x32 - BS Player ControlBar B Toolbar - {31264a33-a653-46c4-af49-1232c59a7da5} - C:\Users\Bretón\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll No File
URLSearchHook: HKLM-x32 - BS Player ControlBar B Toolbar - {31264a33-a653-46c4-af49-1232c59a7da5} - C:\Users\Bretón\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll No File
URLSearchHook: HKU\S-1-5-21-2710583665-1159995935-3744709580-1002 - BS Player ControlBar B Toolbar - {31264a33-a653-46c4-af49-1232c59a7da5} - C:\Users\Bretón\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll No File
URLSearchHook: HKU\S-1-5-21-2710583665-1159995935-3744709580-1002 - BS Player ControlBar B Toolbar - {31264a33-a653-46c4-af49-1232c59a7da5} - C:\Users\Bretón\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll No File
SearchScopes: HKLM-x32 -> DefaultScope {83E4419F-F26C-44EE-A6FF-1AA6CE109F61} URL =
SearchScopes: HKU\S-1-5-21-2710583665-1159995935-3744709580-1002 -> DefaultScope {83E4419F-F26C-44EE-A6FF-1AA6CE109F61} URL = hxxp://trovi.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3329621&CUI=UN25841148942790186&UM=4
SearchScopes: HKU\S-1-5-21-2710583665-1159995935-3744709580-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2710583665-1159995935-3744709580-1002 -> {83E4419F-F26C-44EE-A6FF-1AA6CE109F61} URL = hxxp://trovi.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3329621&CUI=UN25841148942790186&UM=4
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO-x32: BS Player ControlBar B Toolbar -> {31264a33-a653-46c4-af49-1232c59a7da5} -> C:\Users\Bretón\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll => No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
Toolbar: HKLM - BS Player ControlBar B Toolbar - {31264A33-A653-46C4-AF49-1232C59A7DA5} - C:\Users\Bretón\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll No File
Toolbar: HKLM-x32 - BS Player ControlBar B Toolbar - {31264a33-a653-46c4-af49-1232c59a7da5} - C:\Users\Bretón\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll No File
Toolbar: HKU\S-1-5-21-2710583665-1159995935-3744709580-1002 -> BS Player ControlBar B Toolbar - {31264A33-A653-46C4-AF49-1232C59A7DA5} - C:\Users\Bretón\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-04-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-11-26] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-04-22] (Microsoft Corporation)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP","hxxp://www.search.ask.com/?tpid=ATU4-V7C&o=APN11391&pf=V7&trgb=CR&p2=%5EBAY%5Eaaa023%5EYY%5ENA&gct=hp&apn_ptnrs=%5EBAY&apn_dtid=%5Eaaa023%5EYY%5ENA&apn_dbr=cr_32.0.1700.76&apn_uid=0F483119-9D6C-4D40-B6F9-014741B82A91&itbv=12.10.0.3723&doi=2014-01-20&psv="
CHR Profile: C:\Users\Bretón\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Presentaciones de Google) - C:\Users\Bretón\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-07]
CHR Extension: (Google Docs) - C:\Users\Bretón\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-07]
CHR Extension: (Google Drive) - C:\Users\Bretón\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Bretón\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Búsqueda de Google) - C:\Users\Bretón\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Hojas de cálculo de Google) - C:\Users\Bretón\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-07]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Bretón\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Bretón\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Gmail) - C:\Users\Bretón\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-13]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-08-29] (ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe [71680 2013-08-16] (ASUS Cloud Corporation) [File not signed]
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2738296 2015-09-16] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G DATA\TotalProtection\AVK\AVKService.exe [966776 2015-06-16] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G DATA\TotalProtection\AVK\AVKWCtlx64.exe [3842504 2015-09-16] (G Data Software AG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2780856 2015-10-07] (Microsoft Corporation)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [115632 2013-09-11] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116656 2013-09-11] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [148688 2013-09-11] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [124880 2013-09-11] (Intel Corporation)
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [828656 2013-10-07] (Condusiv Technologies)
R2 GDBackupSvc; C:\Program Files (x86)\G DATA\TotalProtection\AVKBackup\AVKBackupService.exe [3894904 2015-09-15] (G Data Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G DATA\TotalProtection\Firewall\GDFwSvcx64.exe [3203392 2015-09-15] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [789624 2015-06-16] (G Data Software AG)
S3 GDTunerSvc; C:\Program Files (x86)\G DATA\TotalProtection\AVKTuner\AVKTunerService.exe [2235512 2015-06-16] (G Data Software AG)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-18] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel® Corporation) [File not signed]
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 TSNxGService; C:\Program Files (x86)\G DATA\TotalProtection\TSNxG\TSNxGService.exe [255608 2014-07-01] (G DATA Software)
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2015-10-19] (Popcorn Time) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-07] (Atheros) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4325544 2015-06-26] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [101368 2015-09-23] (ASUS Corporation)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-07-10] (Microsoft Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-02-11] (Samsung Electronics Co., Ltd.)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [143568 2013-09-11] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [114680 2013-09-11] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [287160 2013-09-11] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [494272 2013-09-11] (Intel Corporation)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [25840 2013-10-07] (Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [117488 2013-10-07] (Condusiv Technologies)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [158720 2015-11-02] (G Data Software AG)
S0 GDElam; C:\Windows\System32\DRIVERS\GDElam.sys [117904 2015-01-08] (G Data Software AG)
R1 GDKBB; C:\Windows\system32\drivers\GDKBB64.sys [28672 2015-11-02] (G Data Software AG)
R1 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2015-11-02] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [231936 2015-11-02] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [91648 2015-11-02] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [69120 2015-11-02] (G DATA Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2015-05-22] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [126464 2015-11-02] (G Data Software AG)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-23] (Intel Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-08-29] (Windows ® Win 7 DDK provider)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-07-07] (Realtek )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402960 2015-05-14] (Realsil Semiconductor Corporation)
R0 TS4NT; C:\Windows\System32\Drivers\TS4nt.sys [100352 2015-11-02] (G DATA Software AG)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-17 10:45 - 2015-11-17 10:45 - 00000000 ____D C:\FRST
2015-11-17 10:35 - 2015-11-17 10:35 - 00002856 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-11-17 10:35 - 2015-11-17 10:35 - 00000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-11-17 10:35 - 2015-11-17 10:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-11-17 10:35 - 2015-11-17 10:35 - 00000000 ____D C:\Program Files\CCleaner
2015-11-17 10:32 - 2015-11-17 10:45 - 00000000 ____D C:\Users\Bretón\Desktop\temp
2015-11-17 10:22 - 2015-11-17 10:22 - 00000000 ___SH C:\DkHyperbootSync
2015-11-17 09:54 - 2015-11-17 09:54 - 00000000 ___HD C:\OneDriveTemp
2015-11-17 09:53 - 2015-11-17 09:53 - 00016148 _____ C:\WINDOWS\system32\LAURITA_Bretón_HistoryPrediction.bin
2015-11-17 09:50 - 2015-11-17 09:52 - 01902072 _____ C:\WINDOWS\Minidump\111715-138234-01.dmp
2015-11-17 08:35 - 2015-11-17 08:35 - 00000000 ___HD C:\$WINDOWS.~BT
2015-11-17 08:05 - 2015-11-17 08:07 - 01782096 _____ C:\WINDOWS\Minidump\111715-139796-01.dmp
2015-11-16 21:32 - 2015-11-16 21:34 - 02038024 _____ C:\WINDOWS\Minidump\111615-145515-01.dmp
2015-11-16 17:30 - 2015-11-16 17:31 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-11-16 17:30 - 2015-11-16 17:30 - 00001118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-11-16 17:30 - 2015-11-16 17:30 - 00001106 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-11-16 17:30 - 2015-11-16 17:30 - 00000000 ____D C:\Users\Bretón\AppData\Roaming\TeamViewer
2015-11-16 17:25 - 2015-11-16 17:29 - 08202576 _____ (TeamViewer GmbH) C:\Users\Bretón\Downloads\TeamViewer_Setup_es.exe
2015-11-16 15:05 - 2015-11-16 15:07 - 01666864 _____ C:\WINDOWS\Minidump\111615-138218-01.dmp
2015-11-16 09:16 - 2015-11-16 19:17 - 00000000 ____D C:\Users\Bretón\Documents\Brandon RP
2015-11-16 08:05 - 2015-11-16 08:06 - 01801200 _____ C:\WINDOWS\Minidump\111615-140765-01.dmp
2015-11-16 05:21 - 2015-11-16 05:21 - 01699088 _____ C:\WINDOWS\Minidump\111615-136718-01.dmp
2015-11-15 13:08 - 2015-11-15 13:08 - 00383116 _____ C:\Users\Bretón\Downloads\PTFFile (2).tif
2015-11-15 12:21 - 2015-11-15 12:21 - 01631952 _____ C:\WINDOWS\Minidump\111515-137468-01.dmp
2015-11-15 08:40 - 2015-11-15 08:42 - 02009936 _____ C:\WINDOWS\Minidump\111515-155468-01.dmp
2015-11-14 12:55 - 2015-11-14 16:26 - 00000000 ____D C:\Users\Bretón\Downloads\PopcornTime
2015-11-14 12:55 - 2015-11-14 12:55 - 00001272 _____ C:\Users\Public\Desktop\Popcorn Time.lnk
2015-11-14 12:55 - 2015-11-14 12:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Popcorn Time
2015-11-14 12:54 - 2015-11-14 12:55 - 00000000 ____D C:\Program Files (x86)\Popcorn Time
2015-11-14 12:42 - 2015-11-14 12:54 - 48332813 _____ (Popcorn Time ) C:\Users\Bretón\Downloads\PopcornTime-latest.exe
2015-11-14 12:31 - 2015-11-14 12:31 - 00001824 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-11-14 12:31 - 2015-11-14 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-11-14 12:31 - 2015-11-14 12:31 - 00000000 ____D C:\Program Files\iTunes
2015-11-14 12:31 - 2015-11-14 12:31 - 00000000 ____D C:\Program Files\iPod
2015-11-14 12:31 - 2015-11-14 12:31 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-11-14 12:30 - 2015-11-14 12:30 - 00000000 ____D C:\Program Files\Bonjour
2015-11-14 12:30 - 2015-11-14 12:30 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-11-14 11:55 - 2015-11-14 12:29 - 167839512 _____ (Apple Inc.) C:\Users\Bretón\Downloads\iTunes6464Setup.exe
2015-11-14 11:44 - 2015-11-14 11:52 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-11-14 11:30 - 2015-11-14 11:31 - 01850704 _____ C:\WINDOWS\Minidump\111415-146015-01.dmp
2015-11-14 09:22 - 2015-11-14 09:22 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2015-11-14 09:22 - 2015-11-14 09:22 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-11-13 22:11 - 2015-11-13 22:12 - 02006552 _____ C:\WINDOWS\Minidump\111315-135781-01.dmp
2015-11-12 11:23 - 2015-11-12 11:42 - 00000000 ____D C:\Users\Bretón\Documents\seguro médico
2015-11-12 10:45 - 2015-11-12 10:47 - 02017728 _____ C:\WINDOWS\Minidump\111215-144593-01.dmp
2015-11-12 08:34 - 2015-11-12 08:37 - 01874584 _____ C:\WINDOWS\Minidump\111215-143765-01.dmp
2015-11-11 22:04 - 2015-11-11 22:06 - 01857072 _____ C:\WINDOWS\Minidump\111115-138312-01.dmp
2015-11-11 18:08 - 2015-11-05 06:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-11-11 18:08 - 2015-11-05 05:54 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-11-11 18:08 - 2015-11-05 05:47 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-11-11 18:08 - 2015-11-05 05:35 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-11-11 18:08 - 2015-11-05 05:30 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-11 18:08 - 2015-11-05 05:28 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-11-11 18:08 - 2015-11-05 05:23 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-11-11 18:08 - 2015-10-06 05:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-11-11 18:08 - 2015-10-06 04:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-11-11 18:08 - 2015-09-25 05:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-11-11 18:08 - 2015-09-25 05:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-11-11 18:08 - 2015-09-25 05:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-11-11 18:08 - 2015-09-25 05:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-11-11 18:08 - 2015-09-25 04:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-11-11 18:08 - 2015-09-25 04:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-11-11 18:08 - 2015-09-25 04:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-11-11 18:08 - 2015-09-25 04:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-11-11 18:08 - 2015-09-25 04:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-11-11 18:08 - 2015-09-25 04:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-11-11 18:08 - 2015-09-25 04:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-11-11 18:08 - 2015-09-25 04:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-11-11 18:08 - 2015-09-25 04:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-11-11 18:07 - 2015-11-05 07:15 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-11-11 18:07 - 2015-11-05 07:15 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-11-11 18:07 - 2015-11-05 07:14 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-11-11 18:07 - 2015-11-05 07:13 - 00577888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-11 18:07 - 2015-11-05 07:11 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-11-11 18:07 - 2015-11-05 07:06 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-11 18:07 - 2015-11-05 07:06 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-11-11 18:07 - 2015-11-05 07:01 - 00607408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-11-11 18:07 - 2015-11-05 06:56 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-11-11 18:07 - 2015-11-05 06:56 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-11 18:07 - 2015-11-05 06:56 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-11-11 18:07 - 2015-11-05 06:30 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-11-11 18:07 - 2015-11-05 06:24 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-11 18:07 - 2015-11-05 06:23 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-11-11 18:07 - 2015-11-05 06:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-11-11 18:07 - 2015-11-05 06:20 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-11-11 18:07 - 2015-11-05 06:18 - 24597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-11-11 18:07 - 2015-11-05 06:18 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-11-11 18:07 - 2015-11-05 06:18 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-11-11 18:07 - 2015-11-05 06:17 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-11-11 18:07 - 2015-11-05 06:12 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2015-11-11 18:07 - 2015-11-05 06:11 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-11-11 18:07 - 2015-11-05 06:10 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-11-11 18:07 - 2015-11-05 06:10 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-11-11 18:07 - 2015-11-05 06:07 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-11-11 18:07 - 2015-11-05 06:06 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-11-11 18:07 - 2015-11-05 06:05 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-11-11 18:07 - 2015-11-05 06:05 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-11 18:07 - 2015-11-05 06:03 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-11-11 18:07 - 2015-11-05 06:03 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-11-11 18:07 - 2015-11-05 06:01 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-11 18:07 - 2015-11-05 06:01 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-11-11 18:07 - 2015-11-05 05:59 - 03587072 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-11-11 18:07 - 2015-11-05 05:59 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-11-11 18:07 - 2015-11-05 05:58 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-11-11 18:07 - 2015-11-05 05:58 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-11-11 18:07 - 2015-11-05 05:56 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-11-11 18:07 - 2015-11-05 05:55 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-11-11 18:07 - 2015-11-05 05:42 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-11-11 18:07 - 2015-11-05 05:40 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-11-11 18:07 - 2015-11-05 05:35 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-11-11 18:07 - 2015-11-05 05:34 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-11-11 18:07 - 2015-11-05 05:33 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-11-11 18:07 - 2015-11-05 05:33 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-11 18:07 - 2015-11-05 05:27 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-11-11 18:07 - 2015-11-05 05:27 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-11-11 18:07 - 2015-10-10 09:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-11-11 18:07 - 2015-10-01 06:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-11-11 18:07 - 2015-10-01 06:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-11-11 18:07 - 2015-10-01 06:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-11-11 18:07 - 2015-10-01 06:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-11-11 18:07 - 2015-10-01 05:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-11-11 18:07 - 2015-09-25 06:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-11-11 18:07 - 2015-09-25 06:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-11-11 18:07 - 2015-09-25 05:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-11-11 18:07 - 2015-09-25 05:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-11-11 18:07 - 2015-09-25 05:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-11-11 18:07 - 2015-09-25 05:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-11-11 18:07 - 2015-09-25 05:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-11-11 18:07 - 2015-09-25 05:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-11-11 18:07 - 2015-09-25 05:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-11-11 18:07 - 2015-09-25 05:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-11-11 18:07 - 2015-09-25 05:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-11-11 18:07 - 2015-09-25 05:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-11-11 18:07 - 2015-09-25 05:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-11-11 18:07 - 2015-09-25 05:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-11-11 18:07 - 2015-09-25 04:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-11-11 18:07 - 2015-09-25 04:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-11-11 18:07 - 2015-09-25 04:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-11-11 18:07 - 2015-09-25 04:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-11-11 18:07 - 2015-09-25 04:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-11-11 18:07 - 2015-09-25 04:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-11-11 18:07 - 2015-09-25 04:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-11-11 18:07 - 2015-09-25 04:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-11-11 18:07 - 2015-09-25 04:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-11-11 18:07 - 2015-09-25 04:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-11-11 18:07 - 2015-09-25 04:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-11-11 18:07 - 2015-09-25 04:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-11-11 18:07 - 2015-09-25 04:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-11-11 18:07 - 2015-09-25 04:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-11-11 14:46 - 2015-11-17 09:49 - 802785199 _____ C:\WINDOWS\MEMORY.DMP
2015-11-11 14:46 - 2015-11-11 14:48 - 01950416 _____ C:\WINDOWS\Minidump\111115-136171-01.dmp
2015-11-11 07:37 - 2015-11-11 07:37 - 00000287 _____ C:\Users\Bretón\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ADATA UFD (F).lnk
2015-11-09 19:00 - 2015-11-09 19:04 - 00079976 _____ C:\Users\Bretón\Downloads\LEL3800_Coconut.pptx
2015-11-09 19:00 - 2015-11-09 19:03 - 00000000 ____D C:\Users\Bretón\Downloads\com. post-colonial lit
2015-11-07 23:05 - 2015-11-07 23:06 - 00000022 _____ C:\Users\Bretón\Downloads\The-Lives-Of-Others-Das-Leben-Der-Anderen-2006-BRRip-XviD-VLiS-eng-10642557.zip
2015-11-07 22:44 - 2015-11-07 22:46 - 00000022 _____ C:\Users\Bretón\Downloads\The-Lives-of-Others-1836277.zip
2015-11-07 14:40 - 2015-11-07 14:42 - 00000022 _____ C:\Users\Bretón\Downloads\The-Kite-Runner-2007-1080p-BluRay-x264-anoXmous-eng-27339633.zip
2015-11-07 14:35 - 2015-11-07 14:35 - 00002375 _____ C:\Users\Bretón\Downloads\dmd-kiterunner-en-9469417 (1).zip
2015-11-07 14:34 - 2015-11-07 14:34 - 00002375 _____ C:\Users\Bretón\Downloads\dmd-kiterunner-en-9469417.zip
2015-11-04 09:01 - 2015-11-05 19:56 - 00000000 ____D C:\Users\Bretón\Documents\visa
2015-11-02 17:35 - 2015-11-16 12:20 - 00003544 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2015-11-02 16:19 - 2015-11-02 16:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA TOTAL PROTECTION
2015-10-30 06:53 - 2015-10-30 06:53 - 00000165 ____H C:\Users\Bretón\Desktop\~$IV QUIZZ 2015.pptx
2015-10-27 19:56 - 2015-10-27 19:56 - 00049579 _____ C:\Users\Bretón\Downloads\paymentnotificationfromndapewanakanyete_wgzyhrcb.zip
2015-10-27 19:56 - 2015-10-27 19:56 - 00049579 _____ C:\Users\Bretón\Downloads\paymentnotificationfromndapewanakanyete_wgzyhrcb (1).zip
2015-10-26 10:54 - 2015-11-16 07:22 - 00000000 ____D C:\Users\Bretón\Documents\viaje 2015 familia
2015-10-25 10:48 - 2015-10-25 20:19 - 00000000 ____D C:\Users\Bretón\AppData\Local\calibre-cache
2015-10-25 10:41 - 2015-10-25 10:49 - 00000000 ____D C:\Users\Bretón\AppData\Roaming\calibre
2015-10-25 10:41 - 2015-10-25 10:41 - 00001001 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2015-10-25 10:40 - 2015-10-25 10:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2015-10-25 10:40 - 2015-10-25 10:41 - 00000000 ____D C:\Program Files\Calibre2
2015-10-25 08:48 - 2015-10-25 10:40 - 71176192 _____ C:\Users\Bretón\Downloads\calibre-64bit-2.41.0.msi
2015-10-24 22:06 - 2015-10-24 22:06 - 00023659 _____ C:\Users\Bretón\Downloads\LaQPielQquehabito-DVDRip-XviD-BiDA-eng-8763670.zip
2015-10-23 16:58 - 2015-10-23 16:58 - 00000000 ____D C:\WINDOWS\PCHEALTH
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-17 10:08 - 2014-08-30 21:24 - 00001124 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-17 09:58 - 2015-10-03 08:08 - 01840872 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-17 09:58 - 2015-09-10 07:03 - 00824968 _____ C:\WINDOWS\system32\perfh00A.dat
2015-11-17 09:58 - 2015-09-10 07:03 - 00162898 _____ C:\WINDOWS\system32\perfc00A.dat
2015-11-17 09:56 - 2014-07-26 17:39 - 00000074 _____ C:\Users\Bretón\AppData\Roaming\sp_data.sys
2015-11-17 09:54 - 2015-10-09 11:40 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2015-11-17 09:54 - 2015-10-03 07:47 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-11-17 09:54 - 2014-09-11 15:54 - 00000000 __RDO C:\Users\Bretón\OneDrive
2015-11-17 09:53 - 2015-09-10 07:24 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-17 09:53 - 2014-08-30 21:24 - 00001120 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-17 09:50 - 2015-10-05 21:16 - 00000000 ____D C:\WINDOWS\Minidump
2015-11-17 09:50 - 2015-07-30 23:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-17 08:38 - 2015-10-03 08:41 - 00000000 ___DC C:\WINDOWS\Panther
2015-11-17 08:28 - 2014-07-26 17:39 - 00000000 ____D C:\Users\Bretón\AppData\Local\Packages
2015-11-17 08:18 - 2015-07-31 00:42 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-17 08:16 - 2015-07-31 00:42 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-17 08:13 - 2015-07-10 11:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-11-17 08:10 - 2014-07-26 19:58 - 00004206 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2663313B-46FD-410B-BA25-60B57DB30843}
2015-11-16 21:32 - 2015-07-30 23:49 - 00376056 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-11-16 19:18 - 2015-10-03 07:50 - 00000000 ____D C:\Users\Bretón
2015-11-16 17:13 - 2015-07-12 18:52 - 00000000 ____D C:\Users\Bretón\AppData\Roaming\Skype
2015-11-16 12:20 - 2015-05-16 17:56 - 00003534 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2015-11-14 17:17 - 2015-07-31 00:42 - 00000000 ____D C:\WINDOWS\rescache
2015-11-14 14:57 - 2014-11-09 12:24 - 00000000 ____D C:\Users\Bretón\AppData\Roaming\vlc
2015-11-14 12:31 - 2015-04-12 21:00 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-11-14 11:50 - 2015-07-31 00:25 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-14 11:32 - 2015-07-10 11:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-11-14 11:31 - 2015-07-31 00:42 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-14 11:30 - 2015-09-09 22:22 - 00001920 _____ C:\WINDOWS\PFRO.log
2015-11-14 09:22 - 2015-04-12 21:00 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-11-14 09:21 - 2015-07-30 23:50 - 00033345 _____ C:\WINDOWS\setupact.log
2015-11-14 08:31 - 2014-10-31 11:33 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-11-14 08:30 - 2014-10-31 11:36 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-13 22:21 - 2015-04-18 15:04 - 00000000 ____D C:\Users\Bretón\AppData\Roaming\dvdcss
2015-11-12 23:41 - 2014-11-03 19:47 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-12 23:38 - 2014-11-03 19:47 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-12 23:37 - 2013-08-22 15:25 - 00000199 _____ C:\WINDOWS\win.ini
2015-11-11 07:10 - 2015-08-29 01:06 - 00000000 __SHD C:\#GDATA.Recovery.Data#
2015-11-10 15:26 - 2013-01-29 11:46 - 00000000 ____D C:\Users\Bretón\Documents\lectorado
2015-11-05 19:56 - 2015-03-15 19:44 - 00000000 ____D C:\Users\Bretón\Documents\UNAM 2015
2015-11-05 10:01 - 2015-07-12 18:51 - 00000000 ____D C:\ProgramData\Skype
2015-11-04 13:12 - 2015-09-19 11:55 - 00000000 ____D C:\Users\Bretón\Documents\CV
2015-11-03 20:20 - 2015-07-31 00:43 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-11-03 20:20 - 2015-07-31 00:43 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-03 08:17 - 2015-10-03 08:14 - 00002414 _____ C:\Users\Bretón\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-11-02 16:19 - 2015-07-25 14:10 - 00002050 _____ C:\Users\Public\Desktop\G DATA TOTAL PROTECTION.lnk
2015-11-02 16:19 - 2015-05-22 17:19 - 00028672 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDKBB64.sys
2015-11-02 16:19 - 2014-10-22 20:57 - 00100352 _____ (G DATA Software AG) C:\WINDOWS\system32\Drivers\TS4nt.sys
2015-11-02 16:19 - 2014-10-22 20:57 - 00091648 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\PktIcpt.sys
2015-11-02 16:19 - 2014-10-22 20:57 - 00069120 _____ (G DATA Software AG) C:\WINDOWS\system32\Drivers\gdwfpcd64.sys
2015-11-02 16:19 - 2014-10-22 20:57 - 00020992 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDKBFlt64.sys
2015-11-02 16:19 - 2014-10-19 19:34 - 00000000 ____D C:\ProgramData\G Data
2015-11-02 16:18 - 2015-07-31 00:42 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-11-02 16:18 - 2014-10-22 20:57 - 00231936 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\MiniIcpt.sys
2015-11-02 16:18 - 2014-10-22 20:57 - 00158720 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDBehave.sys
2015-11-02 16:18 - 2014-10-22 20:57 - 00126464 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\HookCentre.sys
2015-11-02 16:18 - 2014-03-06 21:36 - 00077238 _____ C:\WINDOWS\DPINST.LOG
2015-10-27 20:21 - 2014-08-30 20:07 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-10-23 13:05 - 2014-10-19 15:36 - 00003838 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2015-10-23 13:05 - 2014-10-19 15:36 - 00003604 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
==================== Files in the root of some directories =======
2014-10-22 20:57 - 2014-10-22 20:57 - 0000000 _____ () C:\Users\Bretón\AppData\Roaming\gdfw.log
2014-10-22 20:57 - 2014-10-22 20:57 - 0000779 _____ () C:\Users\Bretón\AppData\Roaming\gdscan.log
2014-09-22 08:54 - 2015-06-03 11:30 - 0010969 _____ () C:\Users\Bretón\AppData\Roaming\SmarThruOptions.xml
2014-07-26 17:39 - 2015-11-17 09:56 - 0000074 _____ () C:\Users\Bretón\AppData\Roaming\sp_data.sys
2015-10-03 07:48 - 2015-10-03 07:48 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-02-10 07:12 - 2015-02-10 07:12 - 7706044 _____ () C:\ProgramData\SamPCFax00000FD40001
2013-12-13 19:14 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-12-13 19:14 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-12-13 19:14 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-11-12 23:34
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:16-11-2015
Ran by Bretón (2015-11-17 10:46:29)
Running from C:\Users\Bretón\Desktop\temp
Windows 10 Home (X64) (2015-10-03 06:10:41)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-2710583665-1159995935-3744709580-500 - Administrator - Disabled)
Bretón (S-1-5-21-2710583665-1159995935-3744709580-1002 - Administrator - Enabled) => C:\Users\Bretón
DefaultAccount (S-1-5-21-2710583665-1159995935-3744709580-503 - Limited - Disabled)
Invitado (S-1-5-21-2710583665-1159995935-3744709580-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-2710583665-1159995935-3744709580-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: G DATA TOTAL PROTECTION (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: G DATA TOTAL PROTECTION (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G DATA Cortafuegos personal (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Apple Application Support (32 bits) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Asus FaceID (HKLM-x32\...\{C4071085-DDF0-403F-90F9-27582FC22C9B}) (Version: 7.6.8.2 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.6 - ASUS)
ASUS Product Demo Kit (HKLM-x32\...\{1714AD6E-D517-40C0-9B19-4CE0078F7694}) (Version: 2.0.0 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.2 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.5 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0021 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.7 - ASUS)
ASUS VivoBook (HKLM\...\{04FDBE69-F9FD-42A2-9008-E5CE7F60C6BE}) (Version: 1.0.31 - ASUS)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5710.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.5710.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.311 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
calibre 64bit (HKLM\...\{DBF2A8AA-9EE9-454D-8958-F74F1FCB0789}) (Version: 2.41.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.11 - Piriform)
ExpressCache (HKLM\...\{E61C6104-EB91-471D-B1CB-7F21AA34103E}) (Version: 1.0.108.0 - Condusiv Technologies)
G DATA TOTAL PROTECTION (HKLM-x32\...\{2A1FF304-D778-49F1-B340-E4BF4CDA2EB0}) (Version: 25.1.0.9 - G DATA Software AG)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Intel Experience Center - Configuration (x32 Version: 1.7.0.179 - Intel) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2103 - Intel Corporation)
Intel® Experience Center Desktop Software (HKLM-x32\...\{3608ec0a-56b4-4d9d-b038-9b3e51d72582}) (Version: 1.7.0.179 - Intel)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel® Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.)
Mantenimiento Samsung SCX-4623 Series (HKLM-x32\...\Samsung SCX-4623 Series) (Version: - Samsung Electronics CO.,LTD)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4763.1003 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
NVIDIA Graphics Driver 327.45 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.45 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Panel de control de NVIDIA 353.54 (Version: 353.54 - NVIDIA Corporation) Hidden
Paquete de controladores de Windows - ASUS (ATP) Mouse (08/01/2015 10.0.0.5) (HKLM\...\B267A462F49A1ACD7A2EC5C262BA0DC7D7B23891) (Version: 08/01/2015 10.0.0.5 - ASUS)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 5.4.0.0 - Popcorn Time)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Readiris Pro 10 (HKLM-x32\...\{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}) (Version: - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7032 - Realtek Semiconductor Corp.)
Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 1.05.23.04 - Samsung Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.13 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.13.101 - Skype Technologies S.A.)
SmarThru 4 (HKLM-x32\...\{90F1943D-EA4A-4460-B59F-30023F3BA69A}) (Version: - )
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
Update for Skype for Business 2015 (KB2889853) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{BF1B3F01-93F3-4B83-93DB-132EB1AED259}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.0.3.226 - ASUS Cloud Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2710583665-1159995935-3744709580-1002_Classes\CLSID\{31264A33-A653-46C4-AF49-1232C59A7DA5}\InprocServer32 -> C:\Users\Bretón\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll => No File
CustomCLSID: HKU\S-1-5-21-2710583665-1159995935-3744709580-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Bretón\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0004C762-F908-46BD-BF0A-9013334668C1} - System32\Tasks\ASUS InstantOn Config => C:\Program Files\ASUS\P4G\InsOnCfg.exe
Task: {0281C236-F4EE-4B2C-A12B-248BF6E06BF1} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-10-07] (ASUSTeK Computer Inc.)
Task: {02E01D21-9C8D-4E4D-A353-C68B02ED36F8} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2013-01-09] (ASUSTek Computer INC.)
Task: {06C2A330-EDB9-444A-81E1-4B9E90F8CB3E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {11845383-19E9-4E09-B7C2-233D69E23EF1} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {13393E65-C82F-42C3-8B7F-821B191A9DD4} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-09-23] (AsusTek)
Task: {15F63B96-88DE-4994-A4B9-EA40437FCB36} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {1A9E9582-4AE6-45BA-8C7C-62EC298DC0AE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {1C9E60E7-A9B3-485C-818D-C9D05254F6B1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-11-12] (Microsoft Corporation)
Task: {256D19EE-F892-4BB1-88C4-D4DF17D0A827} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {25826690-E727-426F-8117-58AA49AA8434} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {28F05102-3BCC-4CDF-99CE-AD4889F2C60D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {2AC1129F-5662-4B4B-852A-439076ABC4EC} - \Microsoft\Windows\Setup\xtgt\refreshxtgtconfig -> No File <==== ATTENTION
Task: {37B459BC-22ED-4538-89FE-6DB590CE3335} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-10-07] (ASUS)
Task: {4EED5E08-7311-4DE8-BFDB-5C29E996C78E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {5F216B48-F5E6-42FE-925E-013F12D59A4E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {6E7300A3-CC67-48FE-8BF1-99011D7CD5B2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {79701209-D799-4383-B426-47A6BE1E9855} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()
Task: {7ECE54CE-7F2D-4284-8F2F-AD59FC39B326} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-10-27] (Microsoft Corporation)
Task: {7FF081B3-5FF3-42F3-BF0A-13B934F302CF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {A219E99F-C35E-457D-ACAA-5F74EC6FD73F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {A6240667-ED24-4308-A291-AF99307CEBA6} - System32\Tasks\P4GIntlCtrl => C:\Program Files\ASUS\P4G\IntlDPST.exe [2013-08-29] ()
Task: {BE9CB042-E664-4AA7-9B17-7A1FEB3AA3B6} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {C130F84C-35F0-4334-8567-27AAFD25FA77} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {C6CB3B82-6AE3-4524-98B8-6D7DC9FA65F8} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {C8558335-BC58-4E11-B332-C2056FA04DC4} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2013-08-29] (ASUS)
Task: {CA8EDCA7-D9CA-455A-BF2B-864A2570375E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {D11CC7D6-1FA9-4056-8689-64B667BF056F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {D1E1444B-3CFF-4226-9081-B49521C0E975} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {D5A4E42D-5F25-425B-8F7D-5B521EF70508} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {DCE70CE9-6850-4FF4-9596-30622179007C} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2013-08-29] (ASUSTek Computer Inc.)
Task: {E48588B2-3FE8-411D-8548-8E1AFFDE5951} - System32\Tasks\ASUS Vivokey => C:\Program Files\ASUS\ASUS VivoBook\vivokey.exe [2013-08-23] (ASUSTek Computer Inc.)
Task: {E5CDF362-C2D9-434E-8766-294093D261EF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {EB202D6C-B3AA-42C7-91C0-F846F2B88208} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {F056A2DE-ABE3-4485-9131-F4EB676F8A92} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {F3D61A63-E7B8-4A2F-A2DE-37CB50E61FA4} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-11-04] ()
Task: {F59AE582-D6BA-4C3A-8031-A1B94A654ACA} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {FEBDD6E7-910F-454A-8A1D-359D4A0B1C51} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-10-19] (Piriform Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2015-09-10 07:05 - 2015-09-10 07:05 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-10-03 07:48 - 2015-07-13 19:37 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-09-22 08:50 - 2008-11-11 14:23 - 00027648 _____ () C:\WINDOWS\System32\sso2ml6.dll
2015-09-10 07:05 - 2015-09-10 07:05 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-02-13 05:20 - 2015-02-13 05:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-31 20:40 - 2015-10-07 19:28 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-09-22 04:44 - 2015-09-22 04:44 - 00387192 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2015-10-03 08:38 - 2015-10-03 08:38 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2013-08-29 18:01 - 2013-08-29 18:01 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2015-10-03 08:38 - 2015-10-03 08:38 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-13 15:07 - 2015-10-13 15:07 - 08901184 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-07-18 00:35 - 2015-07-18 00:35 - 00396688 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-10-03 08:38 - 2015-10-03 08:38 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 05:13 - 2015-07-10 05:13 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-10-03 08:38 - 2015-10-03 08:38 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-03 08:38 - 2015-10-03 08:38 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-03 08:38 - 2015-10-03 08:38 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-03 08:38 - 2015-10-03 08:38 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 05:13 - 2015-09-10 07:05 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-06-03 11:26 - 2011-06-24 06:55 - 01990144 _____ () C:\Windows\twain_32\Samsung\SCX4623\Scan2Pc.exe
2014-03-06 21:28 - 2013-10-23 15:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2013-10-08 22:41 - 2013-10-08 22:41 - 00037968 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2013-09-09 20:23 - 2013-09-09 20:23 - 00162816 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2014-09-22 08:51 - 2008-11-11 13:51 - 01384520 _____ () C:\Windows\twain_32\Samsung\SCX4623\ssole.dll
2014-09-08 15:49 - 2014-11-26 21:09 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\Office15\AppVIsvStream32.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2710583665-1159995935-3744709580-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-2710583665-1159995935-3744709580-1002\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{C783A69F-E553-4F4D-873A-A4B7436C665A}] => (Allow) C:\Program Files (x86)\TicketCreator\BarcodeChecker\BarcodeChecker.exe
FirewallRules: [{1124658F-4491-49BF-8A73-F00C79EBED67}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{4448D500-CF9E-4770-A622-5E48B52F90AE}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{0509F8F6-7682-41E9-97C7-B4B9C6DDE4DC}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{0ADE535E-664C-4E14-B237-E15BBD4265A9}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [UDP Query User{B7FA7CB9-C089-4229-B945-ABCCFC3F87DE}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{87E5F486-3DBD-4955-A11B-F375258133A8}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{DFA95ADF-2B52-4E80-853F-4305DEAE1B73}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{745921C9-3B94-4065-A23A-1CF27812BCAC}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{E6167298-289E-4344-9A28-1664734E646E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{805B1FA1-451F-4B18-88F0-5B8AF4940954}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{DEBDD5C5-8E81-4DEE-B8E1-0407E151C11A}] => (Allow) C:\Windows\twain_32\Samsung\SCX4623\Sscan2io.exe
FirewallRules: [{D72F845B-B7DB-4242-94CB-FD2EB803118D}] => (Allow) C:\Windows\twain_32\Samsung\SCX4623\Sscan2io.exe
FirewallRules: [{6E95ED0A-6305-4A70-9543-5D654492D7D1}] => (Allow) C:\Windows\twain_32\Samsung\SCX4623\Scan2Pc.exe
FirewallRules: [{122EEE8B-178B-4222-AF8D-917FDF0D580F}] => (Allow) C:\Windows\twain_32\Samsung\SCX4623\Scan2Pc.exe
FirewallRules: [{83596D0F-3B31-41EF-BB50-77298CCF91DF}] => (Allow) C:\Windows\twain_32\Samsung\ScanMgr.exe
FirewallRules: [{6556BE52-7D62-480E-9A41-02461AEB5E90}] => (Allow) C:\Windows\twain_32\Samsung\ScanMgr.exe
FirewallRules: [{E5E3BEF4-97A1-451D-9A2A-6F24FE04A935}] => (Allow) C:\Users\Bretón\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{81F1D7BA-CAC5-4E11-B55A-E1C5B7CFEAB1}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{A57F298D-7142-4DA0-ABB1-BBC0EEFB4FEA}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{F19AF5AE-39B4-4D20-82E7-E5E9B7C954BF}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{D5434BFA-D2FC-44DE-8BAA-B3B507E6AFED}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{3DF1A82D-5E3E-47AE-B1DC-1DF89CAB6E19}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{6B75EC80-CDD3-4B2F-92B6-C23260CF6050}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{D19E5BD3-8808-4E21-90AB-A6115003CDA9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{30F3D3D8-8128-4DFD-A575-36721BDCC567}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{32002F22-A4F1-4F50-8967-0FF5EF732606}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E17CD4BD-1FBD-49B0-830B-EBC27EA2CA21}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{49AADF36-9682-46F3-BEEE-1DEDE9698D0E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3B6D7E67-259F-4959-B452-ACD32E8DAD0C}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{2C758583-6ED2-40FA-8DAE-8A0E540AAE96}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{EA0D262F-63E5-4884-8726-C22C8AEDD3E7}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{ECA3BAF8-1BD1-4F8F-9F38-E5AF8BE6AC22}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{BDFDF4F2-CC0B-4957-8353-755A65F68641}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{2226FAFD-5E6B-4630-A2C6-18027648F4B5}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{2108EBF8-B8F7-4779-9C82-FF78A922882E}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{2DD63A66-A161-4558-9216-68F22E0775ED}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{171A4A75-D292-4306-BC47-E167C0DE1FA5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C7465D73-A0ED-4AA0-B4B2-F3920DEB74AE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{271D2F19-123F-4338-A1F2-DB58669ADFE4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/16/2015 00:23:16 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (3908) No se puede crear un nuevo archivo de registro, la base de datos no puede escribir en la unidad de registro. Puede que la unidad sea de sólo lectura, no tenga espacio disponible, esté incorrectamente configurada o esté dañada. Error -1032.
Error: (11/16/2015 00:23:16 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (3908) Al intentar crear el archivo "C:\WINDOWS\system32\edbtmp.log" se produjo el error de sistema 5 (0x00000005): "Acceso denegado. ". La operación de creación del archivo se cerrará con el error -1032 (0xfffffbf8).
Error: (11/16/2015 00:23:06 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (3908) No se puede crear un nuevo archivo de registro, la base de datos no puede escribir en la unidad de registro. Puede que la unidad sea de sólo lectura, no tenga espacio disponible, esté incorrectamente configurada o esté dañada. Error -1032.
Error: (11/16/2015 00:23:06 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (3908) Al intentar crear el archivo "C:\WINDOWS\system32\edbtmp.log" se produjo el error de sistema 5 (0x00000005): "Acceso denegado. ". La operación de creación del archivo se cerrará con el error -1032 (0xfffffbf8).
Error: (11/16/2015 00:22:56 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (3908) No se puede crear un nuevo archivo de registro, la base de datos no puede escribir en la unidad de registro. Puede que la unidad sea de sólo lectura, no tenga espacio disponible, esté incorrectamente configurada o esté dañada. Error -1032.
Error: (11/16/2015 00:22:56 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (3908) Al intentar crear el archivo "C:\WINDOWS\system32\edbtmp.log" se produjo el error de sistema 5 (0x00000005): "Acceso denegado. ". La operación de creación del archivo se cerrará con el error -1032 (0xfffffbf8).
Error: (11/16/2015 00:22:45 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (3908) No se puede crear un nuevo archivo de registro, la base de datos no puede escribir en la unidad de registro. Puede que la unidad sea de sólo lectura, no tenga espacio disponible, esté incorrectamente configurada o esté dañada. Error -1032.
Error: (11/16/2015 00:22:45 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (3908) Al intentar crear el archivo "C:\WINDOWS\system32\edbtmp.log" se produjo el error de sistema 5 (0x00000005): "Acceso denegado. ". La operación de creación del archivo se cerrará con el error -1032 (0xfffffbf8).
Error: (11/16/2015 00:22:35 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (3908) No se puede crear un nuevo archivo de registro, la base de datos no puede escribir en la unidad de registro. Puede que la unidad sea de sólo lectura, no tenga espacio disponible, esté incorrectamente configurada o esté dañada. Error -1032.
Error: (11/16/2015 00:22:35 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (3908) Al intentar crear el archivo "C:\WINDOWS\system32\edbtmp.log" se produjo el error de sistema 5 (0x00000005): "Acceso denegado. ". La operación de creación del archivo se cerrará con el error -1032 (0xfffffbf8).
System errors:
=============
Error: (11/17/2015 09:56:56 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (11/17/2015 09:52:00 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000009f (0x0000000000000003, 0xffffe000f8067060, 0xfffff80106d4a990, 0xffffe000fabb9910)C:\WINDOWS\MEMORY.DMP111715-138234-01
Error: (11/17/2015 09:50:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio DgiVecp no pudo iniciarse debido al siguiente error:
%%20
Error: (11/17/2015 09:50:04 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: El cierre anterior del sistema a las 8:14:20 del 17/11/2015 resultó inesperado.
Error: (11/17/2015 09:47:43 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 32212254731194240
Error: (11/17/2015 08:38:07 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x8024200d: Actualizar a Windows 10 Home, versión 1511, 10586.
Error: (11/17/2015 08:10:36 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (11/17/2015 08:07:06 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000009f (0x0000000000000003, 0xffffe0002346a060, 0xfffff8012954a990, 0xffffe000239ce4e0)C:\WINDOWS\MEMORY.DMP111715-139796-01
Error: (11/17/2015 08:05:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio DgiVecp no pudo iniciarse debido al siguiente error:
%%20
Error: (11/17/2015 08:05:25 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: El cierre anterior del sistema a las 0:04:52 del 17/11/2015 resultó inesperado.
==================== Memory info ===========================
Processor: Intel® Core™ i7-4500U CPU @ 1.80GHz
Percentage of memory in use: 29%
Total physical RAM: 8075.2 MB
Available physical RAM: 5718.22 MB
Total Virtual: 9355.2 MB
Available Virtual: 6676 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:270.4 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:537.8 GB) (Free:286.9 GB) NTFS
Drive e: (FRINGE_SEASON_1_DISC_3) (CDROM) (Total:5.72 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: FAE7D78D)
Partition: GPT.
==================== End of Addition.txt ============================
It cut my boot from 5 minutes to 40 seconds
Sign In
Create Account
