Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Encrypted .vvv files and pop-ups offering solutions

malware

  • Please log in to reply

#1
Khronolupus

Khronolupus

    Member

  • Member
  • PipPip
  • 17 posts

Hi, recently my computer have this weird pop ups .text and websites everytime i start it, something about buy keys to decrypt? my files. I can find this .txt and .html pop-ups files everywhere in my pc.

 

Most files in my desktop and documents are in this .vvv format that i cant open.

 

I scan my pc and delete everything found with AVG and Malwarebytes, but the pop-ups persist.

 

I search and looks like my files are [bleep]*d, but i want this pop-ups stop appearing and protect the non-encrypted files.

 

No idea how i get the malware.

 

FRS

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-12-2015
Ran by HP (administrator) on HP-VAIO (23-12-2015 01:20:45)
Running from C:\Users\HP\Desktop
Loaded Profiles: HP (Available Profiles: HP)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
() C:\ProgramData\Banda Ancha Movil\OnlineUpdate\ouc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(BitTorrent Inc.) C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(ScanSoft, Inc.) C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\main.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(BitTorrent Inc.) C:\Users\HP\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe
(BitTorrent Inc.) C:\Users\HP\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Personalization Manager\VpmIfPav.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Cortex\Cef\CefSharp.BrowserSubprocess.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-09] (Conexant Systems, Inc.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [788640 2011-02-24] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-02-24] (Atheros Commnucations)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [1875048 2011-02-11] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2284328 2011-02-15] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [OpwareSE4] => C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [69632 2006-03-21] (ScanSoft, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [98256 2015-11-13] (Razer Inc.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1136552 2015-11-12] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3855272 2015-12-09] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKU\S-1-5-21-3617482536-3663022080-2132115498-1000\...\Run: [Elbserver] => C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe [83344 2011-04-02] (Sony Corporation)
HKU\S-1-5-21-3617482536-3663022080-2132115498-1000\...\Run: [VRLPHelper] => C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe [186768 2011-04-02] (Sony Corporation)
HKU\S-1-5-21-3617482536-3663022080-2132115498-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671904 2012-08-28] (DT Soft Ltd)
HKU\S-1-5-21-3617482536-3663022080-2132115498-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3617482536-3663022080-2132115498-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50749056 2015-12-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3617482536-3663022080-2132115498-1000\...\Run: [uTorrent] => C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe [2026520 2015-12-01] (BitTorrent Inc.)
HKU\S-1-5-21-3617482536-3663022080-2132115498-1000\...\MountPoints2: {4c699f27-251f-11e2-920c-90004ebb96fe} - G:\Autorun_By_VictorVal.exe
HKU\S-1-5-21-3617482536-3663022080-2132115498-1000\...\MountPoints2: {5ea1cd3f-1d58-11e3-8587-90004ebb96fe} - F:\AutoRun.exe
HKU\S-1-5-21-3617482536-3663022080-2132115498-1000\...\MountPoints2: {5ea1cd6b-1d58-11e3-8587-90004ebb96fe} - F:\AutoRun.exe
HKU\S-1-5-21-3617482536-3663022080-2132115498-1000\...\MountPoints2: {6fdc1a2d-6f5d-11e3-9eb7-90004ebb96fe} - F:\AutoRun.exe
HKU\S-1-5-21-3617482536-3663022080-2132115498-1000\...\MountPoints2: {bb5ac00e-701d-11e3-8336-90004ebb96fe} - F:\AutoRun.exe
HKU\S-1-5-21-3617482536-3663022080-2132115498-1000\...\MountPoints2: {e2877f85-ebc8-11e2-9823-90004ebb96fe} - F:\AutoRun.exe
HKU\S-1-5-21-3617482536-3663022080-2132115498-1000\...\MountPoints2: {eb10d77e-4cb1-11e2-b7a7-806e6f6e6963} - F:\AutoRun.exe
HKU\S-1-5-21-3617482536-3663022080-2132115498-1000\...\MountPoints2: {eb10d7c5-4cb1-11e2-b7a7-90004ebb96fe} - F:\AutoRun.exe
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+itp.html [2015-12-22] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+itp.txt [2015-12-22] ()
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\..\Interfaces\{4445D7F9-2D28-48FA-8654-FCB59BED631B}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{82BDDC8A-99BE-4AB8-9734-8A49B8D0F260}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{A9773BDD-09CD-44F1-8F3D-B1D5D538414B}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{FB4E2350-D2D2-4C7F-AD83-565B714F0EB3}: [NameServer] 172.18.236.99 200.63.56.5
 
Internet Explorer:
==================
HKU\S-1-5-21-3617482536-3663022080-2132115498-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://sony.msn.com/
HKU\S-1-5-21-3617482536-3663022080-2132115498-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.sony-latin.com/vaiohome
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2015-10-20] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-20] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27] (Adobe Systems Incorporated)
BHO-x32: EWPBrowseObject Class -> {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} -> C:\Program Files (x86)\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-04-18] ()
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-20] (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll [2015-05-28] (Perfect World Entertainment Inc)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-02-24] (Atheros Commnucations)
BHO-x32: Aplicación auxiliar de inicio de sesión de Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01] (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-20] (Oracle Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files (x86)\Canon\Easy-WebPrint\Toolband.dll [2006-04-18] ()
DPF: HKLM-x32 {26ACAE6F-BC95-44B4-9150-61E4D20D5C2E} hxxp://www.onlinemania.org/n64/super_mario_64/loadgame_et.cab
 
FireFox:
========
FF ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\f4ezxdo5.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [No File]
FF Plugin: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-20] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [No File]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-05-07] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2012-08-08] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-20] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2011-03-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2011-03-01] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll [2015-05-28] (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-07-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3617482536-3663022080-2132115498-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\HP\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-03-27] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3617482536-3663022080-2132115498-1000: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll [2013-11-17] (The Happy Cloud)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolibre-cl.xml [2014-08-26]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\gcswf32.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll => No File
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll => No File
CHR Plugin: (Java™ Platform SE 6 U22) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll => No File
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\pdf.dll => No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll => No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Le Lenny Face) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apbjhmeabebkfjlofaofoilpinafalom [2015-12-22]
CHR Extension: (YouTube) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-22]
CHR Extension: (Búsqueda de Google) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-22]
CHR Extension: (AdBlock) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-12-22]
CHR Extension: (Mira Game of Thrones) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gplehagehojnbajhfcoegeikbgnmeejd [2015-12-22] [UpdateUrl: hxxp://www.miragameofthrones.com/player/plugins/chrome.xml] <==== ATTENTION
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-22]
CHR Extension: (Cuevana Stream) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooagbcohbmlpkfkdnodbomgphbcecalj [2015-12-22] [UpdateUrl: hxxp://www.cuevana.tv/player/plugins/chrome.xml] <==== ATTENTION
CHR Extension: (Gmail) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-22]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88400 2015-05-28] (Perfect World Entertainment Inc)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-02-24] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [73376 2011-02-24] (Atheros Commnucations) [File not signed]
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [615584 2015-12-09] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3857272 2015-12-09] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1046952 2015-11-12] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [579776 2015-12-09] (AVG Technologies CZ, s.r.o.)
S2 Banda Ancha Movil. RunOuc; C:\Program Files (x86)\Banda Ancha Movil\UpdateDog\ouc.exe [657504 2013-01-17] ()
S2 HiPatchService; C:\Users\HP\Documents\SMITE_PORTABLE\GameData\HiPatchService.exe [8704 2015-09-02] (Hi-Rez Studios) [File not signed]
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1817088 2011-03-28] (Realsil Microelectronics Inc.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 Oasis2Service; C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe [46080 2010-03-25] () [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1997168 2015-06-11] (Electronic Arts)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [188072 2015-09-23] ()
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [129168 2015-11-13] (Razer Inc.)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
S3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1369136 2013-09-25] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313776 2015-11-06] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [298416 2015-08-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [256432 2015-11-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [302000 2015-10-08] (AVG Technologies CZ, s.r.o.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-11-03] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [241152 2013-01-20] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-23] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-09-22] (Razer, Inc.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-12-23 01:20 - 2015-12-23 01:23 - 00028810 _____ C:\Users\HP\Desktop\FRST.txt
2015-12-23 01:20 - 2015-12-23 01:20 - 00000000 ____D C:\FRST
2015-12-23 01:19 - 2015-12-23 01:19 - 02370560 _____ (Farbar) C:\Users\HP\Desktop\FRST64.exe
2015-12-23 01:09 - 2015-12-23 01:09 - 00000000 ___RD C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-12-22 20:48 - 2015-12-23 01:20 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-22 20:47 - 2015-12-22 20:47 - 00001066 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-12-22 20:47 - 2015-12-22 20:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-22 20:47 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-22 20:47 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-22 20:47 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-22 20:46 - 2015-12-22 20:47 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-22 20:46 - 2015-12-22 20:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-22 20:45 - 2015-12-22 20:45 - 22908888 _____ (Malwarebytes ) C:\Users\HP\Desktop\mbam-setup-org-2.2.0.1024.exe
2015-12-22 15:28 - 2015-12-22 15:45 - 00010654 _____ C:\Users\Public\how_recover+itp.html
2015-12-22 15:28 - 2015-12-22 15:45 - 00002411 _____ C:\Users\Public\how_recover+itp.txt
2015-12-22 14:44 - 2015-12-22 15:43 - 00010654 _____ C:\Users\Public\Downloads\how_recover+itp.html
2015-12-22 14:44 - 2015-12-22 15:43 - 00010654 _____ C:\Users\HP\how_recover+itp.html
2015-12-22 14:44 - 2015-12-22 15:43 - 00002411 _____ C:\Users\Public\Downloads\how_recover+itp.txt
2015-12-22 14:44 - 2015-12-22 15:43 - 00002411 _____ C:\Users\HP\how_recover+itp.txt
2015-12-22 14:40 - 2015-12-22 15:43 - 00010654 _____ C:\Users\HP\Downloads\how_recover+itp.html
2015-12-22 14:40 - 2015-12-22 15:43 - 00002411 _____ C:\Users\HP\Downloads\how_recover+itp.txt
2015-12-22 14:39 - 2015-12-22 15:43 - 00010654 _____ C:\Users\HP\Documents\how_recover+itp.html
2015-12-22 14:39 - 2015-12-22 15:43 - 00002411 _____ C:\Users\HP\Documents\how_recover+itp.txt
2015-12-22 14:14 - 2015-12-22 15:42 - 00010654 _____ C:\Users\HP\AppData\Roaming\how_recover+itp.html
2015-12-22 14:14 - 2015-12-22 15:42 - 00010654 _____ C:\Users\HP\AppData\how_recover+itp.html
2015-12-22 14:14 - 2015-12-22 15:42 - 00002411 _____ C:\Users\HP\AppData\Roaming\how_recover+itp.txt
2015-12-22 14:14 - 2015-12-22 15:42 - 00002411 _____ C:\Users\HP\AppData\how_recover+itp.txt
2015-12-22 14:11 - 2015-12-22 15:41 - 00010654 _____ C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+itp.html
2015-12-22 14:11 - 2015-12-22 15:41 - 00010654 _____ C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+itp.html
2015-12-22 14:11 - 2015-12-22 15:41 - 00002411 _____ C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+itp.txt
2015-12-22 14:11 - 2015-12-22 15:41 - 00002411 _____ C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+itp.txt
2015-12-22 14:10 - 2015-12-22 15:40 - 00010654 _____ C:\Users\HP\AppData\LocalLow\how_recover+itp.html
2015-12-22 14:10 - 2015-12-22 15:40 - 00002411 _____ C:\Users\HP\AppData\LocalLow\how_recover+itp.txt
2015-12-22 13:52 - 2015-12-22 15:40 - 00010654 _____ C:\Users\HP\AppData\Local\how_recover+itp.html
2015-12-22 13:52 - 2015-12-22 15:40 - 00002411 _____ C:\Users\HP\AppData\Local\how_recover+itp.txt
2015-12-22 13:48 - 2015-12-22 15:43 - 00010654 _____ C:\Users\Public\Documents\how_recover+itp.html
2015-12-22 13:48 - 2015-12-22 15:43 - 00002411 _____ C:\Users\Public\Documents\how_recover+itp.txt
2015-12-22 13:48 - 2015-12-22 13:51 - 00010654 _____ C:\ProgramData\how_recover+itp.html
2015-12-22 13:48 - 2015-12-22 13:51 - 00002411 _____ C:\ProgramData\how_recover+itp.txt
2015-12-22 13:06 - 2015-12-22 13:06 - 00000254 _____ C:\Users\HP\Documents\recover_file_rknsnepdp.txt
2015-12-22 13:03 - 2015-12-22 13:03 - 00000254 _____ C:\Users\HP\Documents\recover_file_crbisfkei.txt
2015-12-22 13:03 - 2015-12-22 13:03 - 00000000 ____D C:\9e0bb6f82125e4d51b0a652bf25d5b
2015-12-22 13:01 - 2015-12-22 14:11 - 00000000 ____D C:\Users\HP\AppData\Roaming\BrowserMe
2015-12-22 13:01 - 2015-12-22 13:01 - 00000576 ____H C:\ProgramData\@system3.att
2015-12-22 13:01 - 2015-12-22 13:01 - 00000480 ____H C:\Users\HP\AppData\Roaming\½Ó
2015-12-22 12:56 - 2015-12-22 12:56 - 00000254 _____ C:\Users\HP\Documents\recover_file_hlkavxiss.txt
2015-12-21 16:15 - 2015-12-21 16:15 - 00000000 ____D C:\10be8744fc3bc6ee07
2015-12-21 16:10 - 2015-12-21 16:10 - 00000254 _____ C:\Users\HP\Documents\recover_file_ehvacotue.txt
2015-12-21 16:07 - 2015-12-21 16:07 - 00000000 ____D C:\0b47f28cfaa7e700f3c3a1be
2015-12-21 16:00 - 2015-12-21 16:00 - 00000254 _____ C:\Users\HP\Documents\recover_file_pyotajtjg.txt
2015-12-21 02:03 - 2015-12-21 02:03 - 00000254 _____ C:\Users\HP\Documents\recover_file_skqjvdvha.txt
2015-12-17 03:09 - 2015-12-17 03:09 - 00001234 _____ C:\Users\HP\Desktop\Dont Starve Reign of Giants.lnk
2015-12-17 03:09 - 2015-12-17 03:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dont Starve Reign of Giants
2015-12-17 03:07 - 2015-12-17 03:09 - 00000000 ____D C:\Program Files (x86)\Dont Starve Reign of Giants
2015-12-17 03:02 - 2015-12-17 03:02 - 00001092 _____ C:\Users\Public\Desktop\Dont Starve.lnk
2015-12-17 03:02 - 2015-12-17 03:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dont Starve
2015-12-17 03:02 - 2015-12-17 03:02 - 00000000 ____D C:\Program Files (x86)\Dont Starve
2015-12-15 23:09 - 2015-12-22 13:51 - 00000000 ____D C:\Users\HP\AppData\Local\Azxzworks
2015-12-15 23:08 - 2015-12-15 23:08 - 00000254 _____ C:\Users\HP\Documents\recover_file_kiijrihsv.txt
2015-12-13 15:36 - 2015-12-23 01:11 - 00000000 ____D C:\Users\HP\AppData\LocalLow\uTorrent
2015-12-12 00:32 - 2015-12-22 14:14 - 00000000 ____D C:\Users\HP\AppData\Roaming\Steam
2015-12-12 00:26 - 2015-12-12 00:45 - 00000000 ____D C:\Program Files (x86)\Age of Empires II HD
2015-12-11 13:41 - 2015-12-11 13:41 - 00002697 _____ C:\Users\Public\Desktop\Skype.lnk
2015-12-09 03:26 - 2015-12-22 14:10 - 00000000 ____D C:\Users\HP\AppData\LocalLow\Defiant Development
2015-12-09 03:02 - 2015-12-22 13:51 - 00000000 ____D C:\Users\HP\AppData\Local\8BitBoy
2015-12-09 03:01 - 2015-12-09 03:01 - 00000000 ____D C:\Program Files (x86)\8BitBoy
2015-12-09 02:59 - 2015-12-22 14:22 - 00000000 ____D C:\Users\HP\Documents\Juegos
2015-12-09 02:42 - 2015-12-22 14:11 - 00000000 ____D C:\Users\HP\AppData\Roaming\Broken Rules
2015-12-01 23:23 - 2015-12-22 14:11 - 00000000 ____D C:\Users\HP\AppData\Roaming\OBS
2015-12-01 23:23 - 2015-12-22 14:11 - 00000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2015-12-01 23:23 - 2015-12-01 23:23 - 00000899 _____ C:\Users\HP\Desktop\Open Broadcaster Software.lnk
2015-12-01 23:23 - 2015-12-01 23:23 - 00000000 ____D C:\Program Files\OBS
2015-12-01 23:23 - 2015-12-01 23:23 - 00000000 ____D C:\Program Files (x86)\OBS
2015-11-24 02:44 - 2015-12-22 14:14 - 00002750 _____ C:\Users\HP\Desktop\Nuevo documento de texto.txt.vvv
2015-11-23 17:18 - 2015-12-22 14:14 - 00000000 ____D C:\Users\HP\Desktop\fisio 3
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-12-23 01:21 - 2012-11-26 02:15 - 00000000 ____D C:\Users\HP\AppData\Roaming\uTorrent
2015-12-23 01:20 - 2009-07-14 00:20 - 00000000 ____D C:\Windows
2015-12-23 01:14 - 2009-07-14 01:45 - 00028848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-23 01:14 - 2009-07-14 01:45 - 00028848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-23 01:11 - 2013-01-31 01:11 - 00000000 ____D C:\Users\HP\AppData\Roaming\Skype
2015-12-23 01:09 - 2013-04-17 17:52 - 00000000 ____D C:\Users\HP\AppData\Local\LogMeIn Hamachi
2015-12-23 01:08 - 2011-05-25 23:08 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-23 01:06 - 2015-09-22 21:27 - 00000000 ____D C:\ProgramData\MFAData
2015-12-23 01:05 - 2015-11-20 12:24 - 00001032 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d123a79d062379.job
2015-12-23 01:05 - 2012-05-06 21:01 - 00000838 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-23 01:05 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-23 01:04 - 2009-07-14 02:32 - 00000000 ____D C:\Windows\Performance
2015-12-23 00:59 - 2015-01-29 11:53 - 00000000 ____D C:\ProgramData\APN
2015-12-23 00:36 - 2015-11-20 12:24 - 00001036 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d123a79d406e33.job
2015-12-22 15:28 - 2012-09-29 15:38 - 00000000 ____D C:\Users\Public\Sony Online Entertainment
2015-12-22 15:28 - 2011-11-23 20:06 - 00000000 ____D C:\VAIO Entertainment
2015-12-22 15:28 - 2011-10-11 02:07 - 00000000 ____D C:\Users\Public\Symantec
2015-12-22 15:28 - 2011-05-26 00:04 - 00000000 ____D C:\VAIO Sample Contents
2015-12-22 15:28 - 2011-05-25 23:26 - 00000000 ____D C:\_FS_SWRINFO
2015-12-22 14:44 - 2015-09-06 19:41 - 00000000 ____D C:\Users\Public\Documents\DAEMON Tools Images
2015-12-22 14:44 - 2015-06-11 22:55 - 00000000 ____D C:\Users\Public\Documents\Arc
2015-12-22 14:44 - 2011-10-11 02:06 - 00000000 ____D C:\Users\HP
2015-12-22 14:44 - 2011-03-14 23:36 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-12-22 14:44 - 2009-07-14 00:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-12-22 14:42 - 2012-10-09 03:29 - 00000000 ____D C:\Users\HP\SystemRequirementsLab
2015-12-22 14:42 - 2011-11-06 20:42 - 00000000 ____D C:\Users\HP\Tracing
2015-12-22 14:40 - 2015-09-06 19:49 - 00666606 _____ C:\Users\HP\Downloads\pSX_1_13.rar.vvv
2015-12-22 14:40 - 2015-09-06 19:49 - 00000000 ____D C:\Users\HP\Downloads\PSX
2015-12-22 14:40 - 2015-09-06 19:27 - 00250446 _____ C:\Users\HP\Downloads\Scph1000.zip.vvv
2015-12-22 14:40 - 2014-12-23 13:58 - 00137662 _____ C:\Users\HP\Downloads\skinlist Sarunman.jpg.vvv
2015-12-22 14:40 - 2014-09-05 01:55 - 00000000 ____D C:\Users\HP\jagexcache1
2015-12-22 14:40 - 2014-09-05 00:35 - 00000000 ____D C:\Users\HP\jagexcache
2015-12-22 14:40 - 2013-09-30 22:12 - 00027982 _____ C:\Users\HP\Downloads\ROTACION_1_-8,30_a_11hrs-.pdf.vvv
2015-12-22 14:39 - 2015-11-20 17:33 - 00037854 _____ C:\Users\HP\Downloads\isi la fea.jpg.vvv
2015-12-22 14:39 - 2015-11-20 17:32 - 00034110 _____ C:\Users\HP\Downloads\Isi la boticelli.jpg.vvv
2015-12-22 14:39 - 2015-11-20 17:31 - 00033022 _____ C:\Users\HP\Downloads\Isi la vieja.jpg.vvv
2015-12-22 14:39 - 2015-11-20 17:30 - 00039342 _____ C:\Users\HP\Downloads\isi la mucha.jpg.vvv
2015-12-22 14:39 - 2015-11-20 17:30 - 00031310 _____ C:\Users\HP\Downloads\Isi la negra.jpg.vvv
2015-12-22 14:39 - 2015-11-20 17:29 - 00031262 _____ C:\Users\HP\Downloads\Isi la china.jpg.vvv
2015-12-22 14:39 - 2015-09-28 05:37 - 00542494 _____ C:\Users\HP\Downloads\D&D.docx.vvv
2015-12-22 14:39 - 2015-09-06 19:32 - 00175742 _____ C:\Users\HP\Downloads\gpupeteogl209.zip.vvv
2015-12-22 14:39 - 2015-09-06 19:25 - 00639262 _____ C:\Users\HP\Downloads\ePSXe190.zip.vvv
2015-12-22 14:39 - 2015-08-07 13:43 - 00000590 ____H C:\Users\HP\Documents\~$RRICULUM VITAE SERGIO GONZALEZ LIZANA.docx.vvv
2015-12-22 14:39 - 2015-08-06 02:49 - 00546014 _____ C:\Users\HP\Downloads\Gráficos de asd... D.docx.vvv
2015-12-22 14:39 - 2015-08-06 02:49 - 00368558 _____ C:\Users\HP\Downloads\Graficando Funciones.docx.vvv
2015-12-22 14:39 - 2015-08-06 02:48 - 01174846 _____ C:\Users\HP\Downloads\asdasdsadmatematicas.zip.vvv
2015-12-22 14:39 - 2015-07-30 00:50 - 11372958 _____ C:\Users\HP\Documents\Thug life.mp4.vvv
2015-12-22 14:39 - 2015-07-29 23:14 - 32425486 _____ C:\Users\HP\Documents\Turn down for what.mp4.vvv
2015-12-22 14:39 - 2015-07-29 22:51 - 15125982 _____ C:\Users\HP\Documents\turn down for maca.wmv.vvv
2015-12-22 14:39 - 2015-07-29 21:08 - 01917742 _____ C:\Users\HP\Documents\VID-20150729-WA0001.mp4.vvv
2015-12-22 14:39 - 2015-07-29 21:06 - 03195582 _____ C:\Users\HP\Documents\VID-20150729-WA0002.mp4.vvv
2015-12-22 14:39 - 2015-06-30 01:27 - 00065966 _____ C:\Users\HP\Downloads\100977-tenacious_d_617_409.jpg.vvv
2015-12-22 14:39 - 2015-06-30 01:21 - 00059102 _____ C:\Users\HP\Downloads\ox281271098767323570.jpg.vvv
2015-12-22 14:39 - 2015-06-30 01:06 - 00220046 _____ C:\Users\HP\Downloads\19.Jack-Black-807x1024.jpg.vvv
2015-12-22 14:39 - 2015-06-29 18:43 - 00155662 _____ C:\Users\HP\Downloads\jack_black (1).jpg.vvv
2015-12-22 14:39 - 2015-05-11 21:07 - 00099838 _____ C:\Users\HP\Downloads\Fig 1-3.png.vvv
2015-12-22 14:39 - 2015-05-11 21:04 - 00092350 _____ C:\Users\HP\Downloads\400px-Diagrama_Mitosis.svg.jpeg.vvv
2015-12-22 14:39 - 2015-04-20 19:14 - 00039390 _____ C:\Users\HP\Downloads\orga1.png.vvv
2015-12-22 14:39 - 2015-04-20 17:20 - 00057294 _____ C:\Users\HP\Downloads\EscudoAnunciata2.jpg.vvv
2015-12-22 14:39 - 2015-01-10 01:28 - 153919118 _____ C:\Users\HP\Documents\StarcraftnBW+1.16.1.rar.vvv
2015-12-22 14:39 - 2015-01-08 16:19 - 00000000 ____D C:\Users\HP\Documents\W3+Frozen.T. Por Nagato
2015-12-22 14:39 - 2015-01-07 19:07 - 00000000 ____D C:\Users\HP\Documents\Telltale Games
2015-12-22 14:39 - 2014-11-23 13:41 - 00000000 ____D C:\Users\HP\Documents\Witcher 2
2015-12-22 14:39 - 2014-11-23 13:34 - 05285342 _____ C:\Users\HP\Documents\The_Witcher_2_ee_triss_playboy.zip.vvv
2015-12-22 14:39 - 2014-10-16 02:07 - 00000000 ____D C:\Users\HP\Documents\Ultimate Spider-Man
2015-12-22 14:39 - 2013-09-10 15:32 - 00480574 _____ C:\Users\HP\Downloads\ECOE_HABILIDADES_SEMIOLOGIA_I,_informacion_alumnos.pdf.vvv
2015-12-22 14:39 - 2013-07-06 15:51 - 00016462 _____ C:\Users\HP\Downloads\LISTA_EXIMIDOS_MICRO_I.docx.vvv
2015-12-22 14:39 - 2012-11-26 22:00 - 00000000 ____D C:\Users\HP\Downloads\Comics
2015-12-22 14:39 - 2012-11-26 02:19 - 00000000 ____D C:\Users\HP\Downloads\Avengers v4
2015-12-22 14:39 - 2012-11-24 20:41 - 00038590 _____ C:\Users\HP\Downloads\NOTAS POSTERS Sección 2.pdf.vvv
2015-12-22 14:39 - 2012-10-10 16:34 - 00015230 _____ C:\Users\HP\Downloads\GUIA_BIOLOGIA_MOLECULAR_Y_GENETICA.docx.vvv
2015-12-22 14:39 - 2012-10-01 05:01 - 23979246 _____ C:\Users\HP\Downloads\Anatomía II corazón Final.pptx.vvv
2015-12-22 14:39 - 2012-10-01 04:37 - 62125822 _____ C:\Users\HP\Downloads\Anatomía II.pptx.vvv
2015-12-22 14:39 - 2012-10-01 02:08 - 63018046 _____ C:\Users\HP\Downloads\Anatomía II corazón.pptx.vvv
2015-12-22 14:38 - 2015-09-17 16:02 - 00000000 ____D C:\Users\HP\Documents\SMITE_PORTABLE
2015-12-22 14:38 - 2015-07-29 19:50 - 00000000 ____D C:\Users\HP\Documents\Sony Vegas
2015-12-22 14:38 - 2015-01-10 01:45 - 00000000 ____D C:\Users\HP\Documents\StarcraftnBW 1.16.1
2015-12-22 14:38 - 2015-01-04 03:05 - 00000000 ____D C:\Users\HP\Documents\Starbound
2015-12-22 14:38 - 2011-11-24 17:58 - 00000000 ____D C:\Users\HP\Documents\Sony PMB
2015-12-22 14:25 - 2015-11-22 18:42 - 00000000 ____D C:\Users\HP\Documents\PCSX2
2015-12-22 14:25 - 2015-07-30 00:27 - 00001614 _____ C:\Users\HP\Documents\README.TXT.vvv
2015-12-22 14:25 - 2015-07-29 23:09 - 27799358 _____ C:\Users\HP\Documents\Sin título.mp4.vvv
2015-12-22 14:25 - 2015-04-08 16:14 - 07018222 _____ C:\Users\HP\Documents\RAM piel-completa versión 2.pptx.vvv
2015-12-22 14:25 - 2015-02-04 19:24 - 00000000 ____D C:\Users\HP\Documents\Recettear
2015-12-22 14:25 - 2014-11-23 14:20 - 02398126 _____ C:\Users\HP\Documents\Poster Asma 2.ppt.vvv
2015-12-22 14:25 - 2014-11-18 00:03 - 00000000 ____D C:\Users\HP\Documents\Neverwinter Nights Diamond
2015-12-22 14:25 - 2014-05-28 22:35 - 00000000 ____D C:\Users\HP\Documents\Minecraft
2015-12-22 14:25 - 2014-04-22 22:27 - 00000000 ____D C:\Users\HP\Documents\Medicina
2015-12-22 14:25 - 2013-09-19 17:32 - 00000000 ____D C:\Users\HP\Documents\Razer
2015-12-22 14:25 - 2013-06-26 15:27 - 01400526 _____ C:\Users\HP\Documents\Postre.rar.vvv
2015-12-22 14:25 - 2013-01-13 18:25 - 00000000 ____D C:\Users\HP\Documents\Mis archivos recibidos
2015-12-22 14:25 - 2012-09-30 23:41 - 00000000 ____D C:\Users\HP\Documents\My Games
2015-12-22 14:22 - 2015-11-16 18:06 - 00000000 ____D C:\Users\HP\Documents\Manga
2015-12-22 14:22 - 2015-09-30 21:13 - 00060622 _____ C:\Users\HP\Documents\GEN-09220222-9479183.pdf.vvv
2015-12-22 14:22 - 2015-07-29 21:27 - 00002494 _____ C:\Users\HP\Documents\lentes der.png.vvv
2015-12-22 14:22 - 2015-02-03 18:30 - 29160942 _____ C:\Users\HP\Documents\DJ_Sona_Music.zip.vvv
2015-12-22 14:22 - 2015-01-11 04:46 - 00000000 ____D C:\Users\HP\Documents\Heroes of Might and Magic III Complete
2015-12-22 14:22 - 2014-10-25 00:21 - 00000000 ____D C:\Users\HP\Documents\Heroes of the Storm
2015-12-22 14:22 - 2014-06-10 03:26 - 00000000 ____D C:\Users\HP\Documents\Game Dev Tycoon
2015-12-22 14:22 - 2014-05-28 22:34 - 00000000 ____D C:\Users\HP\Documents\Libros
2015-12-22 14:22 - 2014-05-09 01:04 - 00000000 ____D C:\Users\HP\Documents\Light Novels maybe
2015-12-22 14:22 - 2014-01-26 03:38 - 00000000 ____D C:\Users\HP\Documents\InfiniteCrisis
2015-12-22 14:22 - 2013-05-20 22:25 - 00000000 ____D C:\Users\HP\Documents\Fotos Mama
2015-12-22 14:22 - 2013-02-10 17:41 - 00000000 ____D C:\Users\HP\Documents\Fotos Marchigue 2013
2015-12-22 14:22 - 2013-02-03 16:45 - 00000000 ____D C:\Users\HP\Documents\Isadora
2015-12-22 14:22 - 2013-01-21 01:27 - 00000000 ____D C:\Users\HP\Documents\Hora de Aventura
2015-12-22 14:22 - 2012-12-02 19:08 - 00000000 ____D C:\Users\HP\Documents\DVDFab
2015-12-22 14:22 - 2012-11-29 22:17 - 00000000 ____D C:\Users\HP\Documents\doukutsu
2015-12-22 14:21 - 2015-11-22 18:35 - 00000000 ____D C:\Users\HP\Documents\Digimon 4
2015-12-22 14:21 - 2015-07-31 16:53 - 00054270 _____ C:\Users\HP\Documents\CURRICULUM VITAE SERGIO GONZALEZ LIZANA.docx.vvv
2015-12-22 14:21 - 2015-07-29 20:58 - 00002638 _____ C:\Users\HP\Documents\deal_with_it_glasses_by_stewartisme-d5tuvbk.png.vvv
2015-12-22 14:21 - 2015-07-07 18:10 - 01142654 _____ C:\Users\HP\Documents\Cédula Sergio González 02.jpg.vvv
2015-12-22 14:21 - 2014-06-24 19:46 - 00000000 ____D C:\Users\HP\Documents\cosas ps
2015-12-22 14:21 - 2014-04-30 00:13 - 00000000 ____D C:\Users\HP\Documents\Comics
2015-12-22 14:18 - 2015-07-30 00:26 - 00030318 _____ C:\Users\HP\Documents\beckett.zip.vvv
2015-12-22 14:18 - 2015-07-29 22:19 - 01758430 _____ C:\Users\HP\Documents\AUD-20150509-WA0007.m4a.vvv
2015-12-22 14:18 - 2015-04-09 20:20 - 00000000 ____D C:\Users\HP\Documents\1er semestre 2014
2015-12-22 14:18 - 2015-01-10 01:35 - 00000000 ____D C:\Users\HP\Documents\Age of Empires II + The Conquerors [Portable]
2015-12-22 14:18 - 2015-01-10 01:34 - 94541614 _____ C:\Users\HP\Documents\AOEII+TC[P]ByAngeloxGB.part2.rar.vvv
2015-12-22 14:18 - 2015-01-10 01:33 - 262144430 _____ C:\Users\HP\Documents\AOEII+TC[P]ByAngeloxGB.part1.rar.vvv
2015-12-22 14:18 - 2014-10-10 03:28 - 00000000 ____D C:\Users\HP\Documents\BioWare
2015-12-22 14:18 - 2014-08-26 14:18 - 00000000 ____D C:\Users\HP\Documents\Archivos adjuntos_2014826
2015-12-22 14:18 - 2012-09-30 21:02 - 00000000 ____D C:\Users\HP\Documents\Bluetooth Folder
2015-12-22 14:14 - 2015-11-16 17:47 - 00000000 ____D C:\Users\HP\Desktop\Solemen 3 farmaco
2015-12-22 14:14 - 2015-11-15 21:40 - 00000000 ____D C:\Users\HP\Desktop\Simio Solemne 3
2015-12-22 14:14 - 2015-11-10 23:56 - 01945566 _____ C:\Users\HP\Desktop\HIPERTENSIÓN-PULMONAR.docx.vvv
2015-12-22 14:14 - 2015-10-31 20:32 - 00000000 ____D C:\Users\HP\Desktop\Solemne 2 fármaco
2015-12-22 14:14 - 2015-10-20 16:17 - 00000000 ____D C:\Users\HP\AppData\Roaming\Sun
2015-12-22 14:14 - 2015-09-23 01:09 - 113184814 _____ C:\Users\HP\Desktop\Lippincott Illustrated Reviews, Pharmacology - Whalen, Karen.pdf.vvv
2015-12-22 14:14 - 2015-09-22 21:33 - 00000000 ____D C:\Users\HP\AppData\Roaming\TuneUp Software
2015-12-22 14:14 - 2015-09-20 21:23 - 00000000 ____D C:\Users\HP\Desktop\Solemne farmaco
2015-12-22 14:14 - 2015-09-13 01:27 - 00219598 _____ C:\Users\HP\Desktop\Sin título.jpg.vvv
2015-12-22 14:14 - 2015-09-01 21:44 - 00953710 _____ C:\Users\HP\Desktop\Hearthstone Screenshot 09-01-15 21.44.55.png.vvv
2015-12-22 14:14 - 2015-08-31 21:12 - 00000000 ____D C:\Users\HP\Desktop\Semio
2015-12-22 14:14 - 2015-08-11 20:43 - 00000000 ____D C:\Users\HP\Desktop\Cosas
2015-12-22 14:14 - 2015-08-11 02:06 - 00000000 ____D C:\Users\HP\Desktop\Juegos
2015-12-22 14:14 - 2015-07-29 20:17 - 00000000 ____D C:\Users\HP\AppData\Roaming\Sony
2015-12-22 14:14 - 2015-06-15 22:16 - 00000000 ____D C:\Users\HP\AppData\Roaming\Tera_Awesomium
2015-12-22 14:14 - 2015-04-01 08:39 - 00000000 ____D C:\Users\HP\AppData\Roaming\Unity
2015-12-22 14:14 - 2015-02-07 03:00 - 00000000 ____D C:\Users\HP\AppData\Roaming\Wargaming.net
2015-12-22 14:14 - 2015-01-03 21:56 - 00000000 ____D C:\Users\HP\AppData\Roaming\The Wolf Among Us
2015-12-22 14:14 - 2014-11-01 01:30 - 00000000 ____D C:\Users\HP\AppData\Roaming\TeamViewer
2015-12-22 14:14 - 2013-11-23 20:40 - 00000000 ____D C:\Users\HP\AppData\Roaming\vlc
2015-12-22 14:14 - 2013-03-21 21:40 - 00000000 ____D C:\Users\HP\AppData\Roaming\TS3Client
2015-12-22 14:14 - 2012-02-08 01:19 - 00000000 ____D C:\Users\HP\AppData\Roaming\WinRAR
2015-12-22 14:14 - 2011-10-11 02:08 - 00000000 ____D C:\Users\HP\AppData\Roaming\Sony Corporation
2015-12-22 14:11 - 2015-09-22 21:34 - 00000000 ____D C:\Users\HP\AppData\Roaming\AVG
2015-12-22 14:11 - 2015-07-29 20:48 - 00000000 ____D C:\Users\HP\AppData\Roaming\Publish Providers
2015-12-22 14:11 - 2015-06-13 08:31 - 00000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TERA
2015-12-22 14:11 - 2015-06-13 08:30 - 00000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Happy Cloud
2015-12-22 14:11 - 2015-05-22 01:50 - 00000000 ____D C:\Users\HP\AppData\Roaming\java
2015-12-22 14:11 - 2015-02-07 01:01 - 00000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks
2015-12-22 14:11 - 2014-10-10 01:57 - 00000000 ____D C:\Users\HP\AppData\Roaming\Origin
2015-12-22 14:11 - 2014-07-05 01:34 - 00000000 ____D C:\Users\HP\AppData\Roaming\Arc
2015-12-22 14:11 - 2014-01-13 22:07 - 00000000 ____D C:\Users\HP\AppData\Roaming\Canneverbe Limited
2015-12-22 14:11 - 2013-12-14 19:55 - 00000000 ____D C:\Users\HP\AppData\Roaming\Battle.net
2015-12-22 14:11 - 2013-11-26 13:07 - 00000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokémon Trading Card Game Online
2015-12-22 14:11 - 2013-11-09 14:31 - 00000000 ____D C:\Users\HP\AppData\Roaming\PDAppFlex
2015-12-22 14:11 - 2013-04-17 17:29 - 00000000 ____D C:\Users\HP\AppData\Roaming\.minecraft
2015-12-22 14:11 - 2013-02-18 13:58 - 00000000 ____D C:\Users\HP\AppData\Roaming\EPSON
2015-12-22 14:11 - 2013-01-09 00:42 - 00000000 ____D C:\Users\HP\AppData\Roaming\LolClient
2015-12-22 14:11 - 2012-11-03 03:04 - 00000000 ____D C:\Users\HP\AppData\Roaming\DAEMON Tools Lite
2015-12-22 14:11 - 2012-11-03 02:02 - 00000000 ____D C:\Users\HP\AppData\Roaming\Mozilla
2015-12-22 14:11 - 2012-11-01 20:23 - 00000000 ____D C:\Users\HP\AppData\Roaming\AMPSoft
2015-12-22 14:11 - 2012-10-13 01:32 - 00000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-12-22 14:11 - 2012-10-08 00:52 - 00000000 ____D C:\Users\HP\AppData\Roaming\Apple Computer
2015-12-22 14:11 - 2012-09-29 23:27 - 00000000 ____D C:\Users\HP\AppData\Roaming\GameRanger
2015-12-22 14:11 - 2012-09-25 17:34 - 00000000 ____D C:\Users\HP\AppData\Roaming\.mono
2015-12-22 14:11 - 2012-09-25 17:27 - 00000000 ____D C:\Users\HP\AppData\Roaming\Pokémon Trading Card Game Online
2015-12-22 14:11 - 2012-07-10 23:05 - 00000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-12-22 14:11 - 2012-02-08 01:19 - 00000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-22 14:11 - 2011-11-23 20:07 - 00000000 ____D C:\Users\HP\AppData\Roaming\ArcSoft
2015-12-22 14:11 - 2011-11-23 20:06 - 00000000 ____D C:\Users\HP\AppData\Roaming\NVIDIA
2015-12-22 14:11 - 2011-11-06 21:34 - 00000000 ____D C:\Users\HP\AppData\Roaming\Canon
2015-12-22 14:11 - 2011-11-06 20:49 - 00000000 ____D C:\Users\HP\AppData\Roaming\ScanSoft
2015-12-22 14:11 - 2011-10-11 06:18 - 00000000 ____D C:\Users\HP\AppData\Roaming\Macromedia
2015-12-22 14:11 - 2011-10-11 06:18 - 00000000 ____D C:\Users\HP\AppData\Roaming\Adobe
2015-12-22 14:11 - 2011-10-11 02:09 - 00000000 ____D C:\Users\HP\AppData\Roaming\Intel Corporation
2015-12-22 14:11 - 2011-10-11 02:09 - 00000000 ____D C:\Users\HP\AppData\Roaming\Atheros
2015-12-22 14:11 - 2011-10-11 02:06 - 00000000 ____D C:\Users\HP\AppData\Roaming\Media Center Programs
2015-12-22 14:10 - 2015-10-20 16:06 - 00000000 ____D C:\Users\HP\AppData\LocalLow\Oracle
2015-12-22 14:10 - 2015-06-13 09:11 - 00000000 ____D C:\Users\HP\AppData\Local\TERA
2015-12-22 14:10 - 2015-04-01 08:35 - 00000000 ____D C:\Users\HP\AppData\Local\Unity
2015-12-22 14:10 - 2015-01-09 15:51 - 00000000 __SHD C:\Users\HP\AppData\LocalLow\EmieBrowserModeList
2015-12-22 14:10 - 2014-12-03 01:06 - 00000000 ____D C:\Users\HP\AppData\Local\The Witcher 2
2015-12-22 14:10 - 2014-09-10 01:03 - 00000000 __SHD C:\Users\HP\AppData\LocalLow\EmieUserList
2015-12-22 14:10 - 2014-09-10 01:02 - 00000000 __SHD C:\Users\HP\AppData\LocalLow\EmieSiteList
2015-12-22 14:10 - 2014-02-22 23:17 - 00000000 ____D C:\Users\HP\AppData\LocalLow\Unity
2015-12-22 14:10 - 2013-06-01 15:09 - 00000000 ____D C:\Users\HP\AppData\Local\{CFDB214E-68E7-4C82-A1DB-F9E89E58DC87}
2015-12-22 14:10 - 2013-03-06 19:37 - 00000000 ____D C:\Users\HP\AppData\Local\{EC914A9E-F6CC-416F-8831-7DBC30C7C770}
2015-12-22 14:10 - 2013-02-28 19:46 - 00000000 ____D C:\Users\HP\AppData\Local\{AFCD4AA8-4C6A-451A-94E9-F5D8C27E0BD9}
2015-12-22 14:10 - 2013-02-27 20:20 - 00000000 ____D C:\Users\HP\AppData\Local\{55FF7A93-B430-4265-9146-855B26064BFD}
2015-12-22 14:10 - 2013-02-25 22:05 - 00000000 ____D C:\Users\HP\AppData\Local\{4A0B8931-9F2A-4973-A9E3-F6C7EE550BBF}
2015-12-22 14:10 - 2013-01-25 20:16 - 00000000 ____D C:\Users\HP\AppData\Local\{BBC224BC-A48D-4E4F-B0EE-42AE745C5C44}
2015-12-22 14:10 - 2013-01-17 17:19 - 00000000 ____D C:\Users\HP\AppData\Local\{BC2300FC-2285-4F83-B5C9-54CB450C9435}
2015-12-22 14:10 - 2013-01-13 18:24 - 00000000 ____D C:\Users\HP\AppData\Local\{F8818A30-DD44-43BE-BE70-3433B519A77A}
2015-12-22 14:10 - 2013-01-11 20:46 - 00000000 ____D C:\Users\HP\AppData\Local\{5968B506-A7C0-463A-82D8-7ECA836BDCBD}
2015-12-22 14:10 - 2013-01-09 21:01 - 00000000 ____D C:\Users\HP\AppData\Local\{3956EE2F-8C98-441A-8E60-48E0458541EC}
2015-12-22 14:10 - 2013-01-07 19:41 - 00000000 ____D C:\Users\HP\AppData\Local\{5CA34522-AD48-4D04-9170-E86342D2FF3F}
2015-12-22 14:10 - 2013-01-06 20:22 - 00000000 ____D C:\Users\HP\AppData\Local\{37C0DB32-853E-4D08-B4B3-59507679900E}
2015-12-22 14:10 - 2013-01-03 20:59 - 00000000 ____D C:\Users\HP\AppData\Local\{07615A23-909D-4BBD-B85E-60E2CC7FD44D}
2015-12-22 14:10 - 2013-01-02 18:35 - 00000000 ____D C:\Users\HP\AppData\Local\{DFCA870D-07B1-4E31-8189-324D5E290D6B}
2015-12-22 14:10 - 2013-01-01 18:02 - 00000000 ____D C:\Users\HP\AppData\Local\{5DAF145C-B514-4C5C-852E-15C588CF8273}
2015-12-22 14:10 - 2012-12-27 22:27 - 00000000 ____D C:\Users\HP\AppData\Local\{212688FA-FC94-4906-BC57-6B658E955351}
2015-12-22 14:10 - 2012-12-25 16:37 - 00000000 ____D C:\Users\HP\AppData\Local\The Lord of the Rings Online
2015-12-22 14:10 - 2012-12-22 15:00 - 00000000 ____D C:\Users\HP\AppData\Local\Turbine
2015-12-22 14:10 - 2012-12-21 22:50 - 00000000 ____D C:\Users\HP\AppData\Local\{18385DBF-4DCD-445C-84A9-8FFFBCDA314A}
2015-12-22 14:10 - 2012-12-19 17:36 - 00000000 ____D C:\Users\HP\AppData\Local\{80281BE6-9DFB-4FF7-A303-2E0540098349}
2015-12-22 14:10 - 2012-12-18 19:04 - 00000000 ____D C:\Users\HP\AppData\Local\{F04E0CA7-4335-4B9D-95FD-3F229A2597FA}
2015-12-22 14:10 - 2012-12-16 19:54 - 00000000 ____D C:\Users\HP\AppData\Local\{D58F5AEF-F6D7-49A3-809A-8A7C25C7E25E}
2015-12-22 14:10 - 2012-12-09 18:19 - 00000000 ____D C:\Users\HP\AppData\Local\{F80690A1-6A82-487C-AF38-A8227125C5D6}
2015-12-22 14:10 - 2012-12-08 17:51 - 00000000 ____D C:\Users\HP\AppData\Local\{9C77AADA-2A3D-49F0-BF3A-AB93A68900FC}
2015-12-22 14:10 - 2012-12-02 17:41 - 00000000 ____D C:\Users\HP\AppData\Local\{BA8BD53D-BAA9-48C6-8FAF-2B96F66CCA09}
2015-12-22 14:10 - 2012-11-29 20:52 - 00000000 ____D C:\Users\HP\AppData\Local\{153EFD12-0EA1-4CF0-9332-E7071C9BD45C}
2015-12-22 14:10 - 2012-11-27 21:19 - 00000000 ____D C:\Users\HP\AppData\Local\{D55896DB-27E0-4558-9684-EA1BFF4C4EBE}
2015-12-22 14:10 - 2012-11-25 17:55 - 00000000 ____D C:\Users\HP\AppData\Local\{DA16808B-4EA1-413F-BC0E-DC8C92C8D7BA}
2015-12-22 14:10 - 2012-11-24 20:35 - 00000000 ____D C:\Users\HP\AppData\Local\{47AED0A4-40EF-4BA5-9977-AA9DC4FB762C}
2015-12-22 14:10 - 2012-11-18 18:42 - 00000000 ____D C:\Users\HP\AppData\Local\{D3719F4B-79B9-435A-8C67-FA0CEAAD5421}
2015-12-22 14:10 - 2012-11-17 17:26 - 00000000 ____D C:\Users\HP\AppData\Local\{61CD5342-26CF-4D43-AB4F-60BC766F6A7B}
2015-12-22 14:10 - 2012-11-10 22:17 - 00000000 ____D C:\Users\HP\AppData\Local\{EFA29E56-866F-4970-9D97-424918CE43A5}
2015-12-22 14:10 - 2012-11-03 20:33 - 00000000 ____D C:\Users\HP\AppData\Local\{C5280876-1E44-4909-BB20-BE7B4CBF16B2}
2015-12-22 14:10 - 2012-11-01 17:50 - 00000000 ____D C:\Users\HP\AppData\Local\{EF2392DB-D21D-4395-ADC9-4525B72833D2}
2015-12-22 14:10 - 2012-10-30 19:29 - 00000000 ____D C:\Users\HP\AppData\Local\{29427793-26B1-47CD-A511-D6CAEF5BA2D7}
2015-12-22 14:10 - 2012-10-28 17:05 - 00000000 ____D C:\Users\HP\AppData\Local\{654F5DA0-52E2-4B28-BC14-AB009AD7D925}
2015-12-22 14:10 - 2012-10-25 21:50 - 00000000 ____D C:\Users\HP\AppData\Local\{953203DC-2319-47DC-B37F-8023B94B8F35}
2015-12-22 14:10 - 2012-10-24 22:46 - 00000000 ____D C:\Users\HP\AppData\Local\{95E4A7DA-0176-4D54-8CB7-9B3828BAF418}
2015-12-22 14:10 - 2012-10-21 18:50 - 00000000 ____D C:\Users\HP\AppData\Local\{92B3E7EB-DE07-4295-8F5B-1295C51212C7}
2015-12-22 14:10 - 2012-10-20 14:07 - 00000000 ____D C:\Users\HP\AppData\Local\{2DD6769A-AC1B-40E5-8716-F523CD125696}
2015-12-22 14:10 - 2012-10-19 23:49 - 00000000 ____D C:\Users\HP\AppData\Local\{D17DA67B-18D3-4DCF-9E49-1EA06480A61E}
2015-12-22 14:10 - 2012-10-17 22:20 - 00000000 ____D C:\Users\HP\AppData\Local\{C55C8BBC-51DF-4EBF-8C51-73496CA1433E}
2015-12-22 14:10 - 2012-10-15 17:59 - 00000000 ____D C:\Users\HP\AppData\Local\{A2ECEFBB-AA84-4927-9DD3-9896EE036285}
2015-12-22 14:10 - 2012-10-13 15:56 - 00000000 ____D C:\Users\HP\AppData\Local\{50788E58-0B90-4A38-8B10-2F2D438F7133}
2015-12-22 14:10 - 2012-10-13 00:42 - 00000000 ____D C:\Users\HP\AppData\Local\{3ABFB9EF-B337-44FB-812D-EA8C5AFF3629}
2015-12-22 14:10 - 2012-10-11 16:11 - 00000000 ____D C:\Users\HP\AppData\Local\{58784F2F-3E63-4A9B-95A5-DC7D42C272F6}
2015-12-22 14:10 - 2012-10-11 11:44 - 00000000 ____D C:\Users\HP\AppData\Local\{03F75A82-9CD7-409C-878A-1706B1C60A04}
2015-12-22 14:10 - 2012-10-10 15:52 - 00000000 ____D C:\Users\HP\AppData\Local\{F2148356-DE48-4A5C-BA5E-BA88B5D9AB3A}
2015-12-22 14:10 - 2012-10-10 14:53 - 00000000 ____D C:\Users\HP\AppData\Local\{D19277A9-1482-41AA-9E54-5BF44A2956F0}
2015-12-22 14:10 - 2012-10-09 16:32 - 00000000 ____D C:\Users\HP\AppData\Local\{027B391F-15B6-4449-947F-632BFA4DEE64}
2015-12-22 14:10 - 2012-10-08 23:19 - 00000000 ____D C:\Users\HP\AppData\Local\{E855628B-6BAF-4C25-AD6B-CC992DE65C0A}
2015-12-22 14:10 - 2012-10-07 17:00 - 00000000 ____D C:\Users\HP\AppData\Local\{F1E88432-8EBE-4D13-93D8-B7BA22B92C22}
2015-12-22 14:10 - 2012-10-06 22:05 - 00000000 ____D C:\Users\HP\AppData\Local\{7EA785A2-61C8-4D6E-9B20-795FFF4DE07F}
2015-12-22 14:10 - 2012-10-05 21:15 - 00000000 ____D C:\Users\HP\AppData\Local\{3BC8229C-5189-4793-BC31-2265EF8B2C96}
2015-12-22 14:10 - 2012-10-04 22:20 - 00000000 ____D C:\Users\HP\AppData\Local\{1D4DE1FF-145F-4AE9-8D85-F5F43619CAEC}
2015-12-22 14:10 - 2012-10-03 22:25 - 00000000 ____D C:\Users\HP\AppData\Local\{83A18489-4B97-48C2-B57C-208D96E92D80}
2015-12-22 14:10 - 2012-10-03 15:53 - 00000000 ____D C:\Users\HP\AppData\Local\{DEDF937D-4FF6-4474-8365-8D00F8395019}
2015-12-22 14:10 - 2012-10-03 14:40 - 00000000 ____D C:\Users\HP\AppData\Local\{2F540A5C-F9F7-48F4-B4DA-33F4AC7261B4}
2015-12-22 14:10 - 2012-10-03 13:28 - 00000000 ____D C:\Users\HP\AppData\Local\{E349347D-4DD9-43F3-BA81-C498C18EB6D3}
2015-12-22 14:10 - 2012-10-02 16:29 - 00000000 ____D C:\Users\HP\AppData\Local\{E6E62BB0-E8CB-4C97-8F77-8CCE41E0B374}
2015-12-22 14:10 - 2012-10-01 19:38 - 00000000 ____D C:\Users\HP\AppData\Local\{2B54133D-B33D-44CC-AB15-A0A5F700C2FD}
2015-12-22 14:10 - 2012-09-30 21:59 - 00000000 ____D C:\Users\HP\AppData\Local\{52F61B9B-7A40-4711-A3C9-530B03965BEA}
2015-12-22 14:10 - 2012-09-30 21:03 - 00000000 ____D C:\Users\HP\AppData\Local\{8232BF6E-BFD2-47DE-86B7-B5BD7ED1C510}
2015-12-22 14:10 - 2012-09-30 17:17 - 00000000 ____D C:\Users\HP\AppData\Local\{1B3BAA63-52BD-4146-A6BB-6684540D6006}
2015-12-22 14:10 - 2012-09-29 15:39 - 00000000 ____D C:\Users\HP\AppData\LocalLow\Sony Online Entertainment
2015-12-22 14:10 - 2012-09-29 15:30 - 00000000 ____D C:\Users\HP\AppData\Local\{784F8B0A-297B-4391-9239-E3E25B2A89A5}
2015-12-22 14:10 - 2012-09-25 17:31 - 00000000 ____D C:\Users\HP\AppData\LocalLow\The Pok__mon Company International
2015-12-22 14:10 - 2012-09-25 15:23 - 00000000 ____D C:\Users\HP\AppData\Local\{B56E110F-5330-4BAF-81D7-924BF8D2DD8A}
2015-12-22 14:10 - 2012-09-22 23:01 - 00000000 ____D C:\Users\HP\AppData\Local\{1F42B120-4BD5-47F2-A32C-523DBEB8BAC5}
2015-12-22 14:10 - 2012-09-22 15:43 - 00000000 ____D C:\Users\HP\AppData\Local\{09B5E062-A177-4E3C-A361-2A2C93BA82DC}
2015-12-22 14:10 - 2012-09-22 10:36 - 00000000 ____D C:\Users\HP\AppData\Local\{947C7874-749A-47DD-BF7A-97E96D8D9F9A}
2015-12-22 14:10 - 2012-09-20 16:41 - 00000000 ____D C:\Users\HP\AppData\Local\{BBDAF846-0CA8-47F5-92F4-0412DB9823A0}
2015-12-22 14:10 - 2012-09-19 14:41 - 00000000 ____D C:\Users\HP\AppData\Local\{124CDD18-E7BF-49B8-9410-A697176A83C4}
2015-12-22 14:10 - 2012-09-18 12:07 - 00000000 ____D C:\Users\HP\AppData\Local\{47A44828-821F-4FFE-8230-1A1793CDDDA7}
2015-12-22 14:10 - 2012-09-09 13:06 - 00000000 ____D C:\Users\HP\AppData\Local\{346DD8B9-9B16-458B-ADA5-5A2D70D59E5C}
2015-12-22 14:10 - 2012-09-02 13:22 - 00000000 ____D C:\Users\HP\AppData\Local\{D1A83427-68E4-4BAC-81BE-8A621960B6C7}
2015-12-22 14:10 - 2012-08-12 22:18 - 00000000 ____D C:\Users\HP\AppData\Local\{CE8A78D3-E172-4A75-BC3C-8D77B62C3280}
2015-12-22 14:10 - 2012-08-12 22:18 - 00000000 ____D C:\Users\HP\AppData\Local\{1A2EF0B2-A42D-4F4B-A626-609BFA9B4747}
2015-12-22 14:10 - 2012-08-07 22:26 - 00000000 ____D C:\Users\HP\AppData\Local\{769948F8-982C-474A-882B-7FDCB5C995A9}
2015-12-22 14:10 - 2012-08-07 22:26 - 00000000 ____D C:\Users\HP\AppData\Local\{00994AC4-462B-4937-A704-55953EFD6E13}
2015-12-22 14:10 - 2012-07-29 20:59 - 00000000 ____D C:\Users\HP\AppData\Local\{01ECB751-038E-48E7-A526-1944E9ACBA3F}
2015-12-22 14:10 - 2012-07-29 20:58 - 00000000 ____D C:\Users\HP\AppData\Local\{3484CDE3-25D7-4577-9F76-2F8606AB9507}
2015-12-22 14:10 - 2012-07-24 14:50 - 00000000 ____D C:\Users\HP\AppData\Local\{417EB627-D8D4-4882-8957-95AE8609A1EA}
2015-12-22 14:10 - 2012-07-24 14:49 - 00000000 ____D C:\Users\HP\AppData\Local\{D80A7840-E9A5-4527-9AB9-B05D102D65ED}
2015-12-22 14:10 - 2012-07-23 08:12 - 00000000 ____D C:\Users\HP\AppData\Local\{D8D43946-0DF3-48C3-B796-47EF4344EAF9}
2015-12-22 14:10 - 2012-07-23 08:11 - 00000000 ____D C:\Users\HP\AppData\Local\{E999B742-9C87-468B-ADD4-F464FF520650}
2015-12-22 14:10 - 2012-07-20 14:27 - 00000000 ____D C:\Users\HP\AppData\Local\{E2E4E523-3705-4563-86E9-D30D8F5810C1}
2015-12-22 14:10 - 2012-07-20 14:27 - 00000000 ____D C:\Users\HP\AppData\Local\{45276918-233C-4BB5-92C0-B3B58E9C3F3E}
2015-12-22 14:10 - 2012-07-18 16:16 - 00000000 ____D C:\Users\HP\AppData\Local\{CA4CB291-8905-46FD-A615-6F27A2081F70}
2015-12-22 14:10 - 2012-07-18 16:16 - 00000000 ____D C:\Users\HP\AppData\Local\{B81B20AD-7B9E-45C0-AA02-A29EB18455ED}
2015-12-22 14:10 - 2012-07-17 14:06 - 00000000 ____D C:\Users\HP\AppData\Local\{EF32F698-393D-4BB4-B156-C08AC89C3740}
2015-12-22 14:10 - 2012-07-17 14:05 - 00000000 ____D C:\Users\HP\AppData\Local\{3D348D6C-EF33-45D3-8ABC-1A96F0781F35}
2015-12-22 14:10 - 2012-07-17 00:07 - 00000000 ____D C:\Users\HP\AppData\Local\{EC35F44A-44A5-48E6-9AD8-7F5542CFCA03}
2015-12-22 14:10 - 2012-07-17 00:07 - 00000000 ____D C:\Users\HP\AppData\Local\{DBD48615-D8E4-4B09-AF62-011416B9485D}
2015-12-22 14:10 - 2012-07-12 17:13 - 00000000 ____D C:\Users\HP\AppData\Local\{92D23B2D-CA6F-4A0F-80AE-BFE97E00C560}
2015-12-22 14:10 - 2012-07-12 17:13 - 00000000 ____D C:\Users\HP\AppData\Local\{0E78BF0F-B131-4432-8399-83370209F39E}
2015-12-22 14:10 - 2012-07-11 17:02 - 00000000 ____D C:\Users\HP\AppData\Local\{7D8AA546-499A-44C6-A860-8AB881A7F56F}
2015-12-22 14:10 - 2012-07-11 17:02 - 00000000 ____D C:\Users\HP\AppData\Local\{7D007A71-920A-4700-8B3F-41EDB4B350F8}
2015-12-22 14:10 - 2012-07-10 19:06 - 00000000 ____D C:\Users\HP\AppData\Local\{7AA3BE21-B289-4AE0-B6C4-6FDA3B445EA3}
2015-12-22 14:10 - 2012-07-10 19:06 - 00000000 ____D C:\Users\HP\AppData\Local\{5FAD6FFB-0941-4E21-8312-9D344D14118C}
2015-12-22 14:10 - 2012-07-09 13:39 - 00000000 ____D C:\Users\HP\AppData\Local\{B4FF5D08-2464-4901-854A-BEAEF6B14E72}
2015-12-22 14:10 - 2012-07-09 13:39 - 00000000 ____D C:\Users\HP\AppData\Local\{A895EA12-9464-43B4-A946-88DD1F1327E8}
2015-12-22 14:10 - 2012-07-08 13:26 - 00000000 ____D C:\Users\HP\AppData\Local\{16799DDB-AD8F-4621-B8F0-5C1DB562F0A4}
2015-12-22 14:10 - 2012-07-07 18:29 - 00000000 ____D C:\Users\HP\AppData\Local\{28E689BD-5DA9-4312-A87D-5D92141FFBCA}
2015-12-22 14:10 - 2012-07-07 18:28 - 00000000 ____D C:\Users\HP\AppData\Local\{B80A54A5-8DFF-4C45-ABA1-7C9EA893298A}
2015-12-22 14:10 - 2012-07-04 16:52 - 00000000 ____D C:\Users\HP\AppData\Local\{8F3F72A6-E628-4F3A-9EE7-5F7A53943342}
2015-12-22 14:10 - 2012-07-04 16:52 - 00000000 ____D C:\Users\HP\AppData\Local\{73B65F7F-87F9-4EA6-88EB-5030863028F1}
2015-12-22 14:10 - 2012-07-04 16:52 - 00000000 ____D C:\Users\HP\AppData\Local\{34252DCD-3EDA-4D5D-B3D9-B49896A91ED2}
2015-12-22 14:10 - 2012-07-01 17:44 - 00000000 ____D C:\Users\HP\AppData\Local\{6BA0CB6B-6DC8-4F80-A0AC-20933F7444B8}
2015-12-22 14:10 - 2012-07-01 17:44 - 00000000 ____D C:\Users\HP\AppData\Local\{56F1C014-60F9-4890-BB7F-F14D5F24F03A}
2015-12-22 14:10 - 2012-06-28 19:39 - 00000000 ____D C:\Users\HP\AppData\Local\{BFA79B89-8F41-47E4-81FD-3806CE654325}
2015-12-22 14:10 - 2012-06-28 19:39 - 00000000 ____D C:\Users\HP\AppData\Local\{20B80B8D-62F3-4BDA-8231-9514A4EB893C}
2015-12-22 14:10 - 2012-06-26 16:51 - 00000000 ____D C:\Users\HP\AppData\Local\{59DC5344-CC85-4CAC-8164-180C72D9781F}
2015-12-22 14:10 - 2012-06-26 16:50 - 00000000 ____D C:\Users\HP\AppData\Local\{D809D83E-8FD6-4478-8C95-19843DA70898}
2015-12-22 14:10 - 2012-06-25 22:42 - 00000000 ____D C:\Users\HP\AppData\Local\{72B4978D-A90D-47F1-9294-4019D43FFC9C}
2015-12-22 14:10 - 2012-06-25 22:41 - 00000000 ____D C:\Users\HP\AppData\Local\{9F5E64ED-993B-4136-ABF0-C7B53CA176D4}
2015-12-22 14:10 - 2012-06-24 23:36 - 00000000 ____D C:\Users\HP\AppData\Local\{C628D61D-1BD0-4587-815C-D9199677DC22}
2015-12-22 14:10 - 2012-06-24 23:36 - 00000000 ____D C:\Users\HP\AppData\Local\{639521A8-0264-4B18-B38F-A77F05655254}
2015-12-22 14:10 - 2012-06-24 22:51 - 00000000 ____D C:\Users\HP\AppData\Local\{B867F0DA-D3A2-40C1-8228-D65F05BDEE81}
2015-12-22 14:10 - 2012-06-22 22:36 - 00000000 ____D C:\Users\HP\AppData\Local\{B50CFFF1-1F4E-477E-A9FA-F56981995927}
2015-12-22 14:10 - 2012-06-10 22:40 - 00000000 ____D C:\Users\HP\AppData\Local\{25AAE763-CB4C-4493-AA07-72F8A8D211C2}
2015-12-22 14:10 - 2012-06-06 23:16 - 00000000 ____D C:\Users\HP\AppData\Local\{82F3ADB6-DC3D-4443-B907-D92A964900F0}
2015-12-22 14:10 - 2012-06-04 22:33 - 00000000 ____D C:\Users\HP\AppData\Local\{0B9A270F-392D-4D95-B26C-99AD77DBBD46}
2015-12-22 14:10 - 2012-05-29 18:45 - 00000000 ____D C:\Users\HP\AppData\Local\{7284BAFF-29E6-479E-8103-6D5865DAF704}
2015-12-22 14:10 - 2012-05-28 23:20 - 00000000 ____D C:\Users\HP\AppData\Local\{BC1EA9E2-2639-4A09-99ED-CEB50932E2AD}
2015-12-22 14:10 - 2012-05-21 19:35 - 00000000 ____D C:\Users\HP\AppData\Local\{8A9D2DBD-8C0C-48A8-8213-844155C884E9}
2015-12-22 14:10 - 2012-05-20 15:26 - 00000000 ____D C:\Users\HP\AppData\Local\{58C5A9E2-7DAA-4733-B18B-B15C29872004}
2015-12-22 14:10 - 2012-05-20 00:49 - 00000000 ____D C:\Users\HP\AppData\Local\{A883C2EE-AFF3-4733-8305-BC196DF43E1E}
2015-12-22 14:10 - 2012-05-20 00:47 - 00000000 ____D C:\Users\HP\AppData\Local\{3D14818B-FE7E-45D9-84C4-8C5980757D96}
2015-12-22 14:10 - 2012-05-19 16:39 - 00000000 ____D C:\Users\HP\AppData\Local\{F74F1BC1-B69C-4AAF-ACC1-7760594AF40D}
2015-12-22 14:10 - 2012-05-14 01:14 - 00000000 ____D C:\Users\HP\AppData\Local\{A4819695-ADB3-44E2-A485-886ED7268A16}
2015-12-22 14:10 - 2012-05-13 23:54 - 00000000 ____D C:\Users\HP\AppData\Local\{EF8E38B5-E123-47AC-908A-B52CDE9D901C}
2015-12-22 14:10 - 2012-05-08 23:26 - 00000000 ____D C:\Users\HP\AppData\Local\{FD52E14D-63B8-45D5-A992-02CFA785EB33}
2015-12-22 14:10 - 2012-05-06 22:13 - 00000000 ____D C:\Users\HP\AppData\Local\{0DCF53F9-2B35-4043-9F47-2BA25E090B48}
2015-12-22 14:10 - 2012-05-06 20:59 - 00000000 ____D C:\Users\HP\AppData\Local\{152C93DF-4299-4064-B750-F28F03A4BEF1}
2015-12-22 14:10 - 2012-03-27 21:32 - 00000000 ____D C:\Users\HP\AppData\Local\{B4F93F81-F857-445F-8EFC-56EDFD8D8D76}
2015-12-22 14:10 - 2012-03-21 17:21 - 00000000 ____D C:\Users\HP\AppData\Local\{EAA7A07D-3FF9-4D57-8A29-9ED8C41A32C1}
2015-12-22 14:10 - 2012-03-21 09:15 - 00000000 ____D C:\Users\HP\AppData\Local\{F49AD7A8-891B-4A65-B3A3-200920D4867A}
2015-12-22 14:10 - 2012-03-16 22:27 - 00000000 ____D C:\Users\HP\AppData\Local\{2737EFAF-C3F6-4054-AF39-AE6473D8C90D}
2015-12-22 14:10 - 2012-03-15 20:29 - 00000000 ____D C:\Users\HP\AppData\Local\{A9DA7B0C-269F-4C2D-AAAB-0960BD9808FB}
2015-12-22 14:10 - 2012-03-15 19:59 - 00000000 ____D C:\Users\HP\AppData\Local\{065255A1-A6FF-4232-9570-0454010121F6}
2015-12-22 14:10 - 2012-03-14 21:52 - 00000000 ____D C:\Users\HP\AppData\Local\{328A6C2A-CE50-44B4-A0AB-72F4E90154C0}
2015-12-22 14:10 - 2012-03-14 21:32 - 00000000 ____D C:\Users\HP\AppData\Local\{EF51715C-A43F-4FEF-AE69-F42E8EA471E2}
2015-12-22 14:10 - 2012-03-09 22:44 - 00000000 ____D C:\Users\HP\AppData\Local\{E1C84238-0164-4433-8B86-8588D2426759}
2015-12-22 14:10 - 2012-03-08 11:17 - 00000000 ____D C:\Users\HP\AppData\Local\{B22D7E8D-917C-4943-8FF3-98BCFC1C1620}
2015-12-22 14:10 - 2012-03-08 09:39 - 00000000 ____D C:\Users\HP\AppData\Local\{AD2D87A0-B44F-441A-A28A-05D7967A0A70}
2015-12-22 14:10 - 2012-03-05 18:23 - 00000000 ____D C:\Users\HP\AppData\Local\{3656B26B-0218-4F3D-A086-52FA72D37D85}
2015-12-22 14:10 - 2012-03-04 22:12 - 00000000 ____D C:\Users\HP\AppData\Local\{A11269BD-B9CC-4771-B6A4-E114EFCB25D5}
2015-12-22 14:10 - 2012-03-03 14:59 - 00000000 ____D C:\Users\HP\AppData\Local\{C548FD36-8B78-4355-B395-061A303C9628}
2015-12-22 14:10 - 2012-03-02 19:59 - 00000000 ____D C:\Users\HP\AppData\Local\{3C09DFDC-CE22-40E9-AA5B-43A35CFC26C1}
2015-12-22 14:10 - 2012-02-26 20:48 - 00000000 ____D C:\Users\HP\AppData\Local\{88124D03-B430-4B1B-A529-93439571E2D8}
2015-12-22 14:10 - 2012-02-19 21:59 - 00000000 ____D C:\Users\HP\AppData\Local\{B918602E-582E-48FF-BB93-14DECF30A771}
2015-12-22 14:10 - 2012-02-17 23:23 - 00000000 ____D C:\Users\HP\AppData\Local\{08AF902A-81FA-4AB6-9F9E-2F8DE8EE926D}
2015-12-22 14:10 - 2012-02-14 21:43 - 00000000 ____D C:\Users\HP\AppData\Local\{2AE64375-A5B9-4C3A-B8B9-895FF3466DE9}
2015-12-22 14:10 - 2012-02-11 09:03 - 00000000 ____D C:\Users\HP\AppData\Local\{A2210D31-7C6F-4E64-B847-6081C1B13783}
2015-12-22 14:10 - 2012-02-11 08:57 - 00000000 ____D C:\Users\HP\AppData\Local\{5EC0994F-CFBF-45D3-9838-EA52E4C621B0}
2015-12-22 14:10 - 2012-02-09 14:21 - 00000000 ____D C:\Users\HP\AppData\Local\{237A568B-17F6-485D-8442-EF8AFF621490}
2015-12-22 14:10 - 2012-02-07 15:42 - 00000000 ____D C:\Users\HP\AppData\Local\{A3AB8152-39F3-42FA-B233-730D2816DF70}
2015-12-22 14:10 - 2012-02-06 13:08 - 00000000 ____D C:\Users\HP\AppData\Local\{9E609757-D1AA-4D6D-BA56-AEE21C8A4521}
2015-12-22 14:10 - 2012-02-05 21:27 - 00000000 ____D C:\Users\HP\AppData\Local\{8B750828-37B6-45F6-B763-647B88E14283}
2015-12-22 14:10 - 2012-02-04 23:16 - 00000000 ____D C:\Users\HP\AppData\LocalLow\Sun
2015-12-22 14:10 - 2012-02-04 15:05 - 00000000 ____D C:\Users\HP\AppData\Local\{4E0741F5-D6AE-4456-AB8F-EE0081D66EFE}
2015-12-22 14:10 - 2012-02-04 02:00 - 00000000 ____D C:\Users\HP\AppData\Local\{99747EB4-A0B9-4366-A787-94B639468B1D}
2015-12-22 14:10 - 2012-02-03 14:28 - 00000000 ____D C:\Users\HP\AppData\Local\{8218786B-9888-4128-8112-341B3678DB5A}
2015-12-22 14:10 - 2012-02-02 20:27 - 00000000 ____D C:\Users\HP\AppData\Local\{6716B553-2267-4480-9C46-9B480AE82351}
2015-12-22 14:10 - 2012-02-02 13:11 - 00000000 ____D C:\Users\HP\AppData\Local\{72F6ACE7-65DD-4F58-95F2-268002A0F842}
2015-12-22 14:10 - 2012-02-01 20:36 - 00000000 ____D C:\Users\HP\AppData\Local\{D0DD915B-14F3-4AAC-968D-246C296B0BAF}
2015-12-22 14:10 - 2012-02-01 11:47 - 00000000 ____D C:\Users\HP\AppData\Local\{11B6C08E-697E-4F6D-8901-6592BDCF6ECE}
2015-12-22 14:10 - 2012-01-31 19:19 - 00000000 ____D C:\Users\HP\AppData\Local\{21129BA5-414C-49E2-B652-760CCB9841B8}
2015-12-22 14:10 - 2012-01-31 15:41 - 00000000 ____D C:\Users\HP\AppData\Local\{A3E6BF25-EE59-45A7-8F1F-050B845CA227}
2015-12-22 14:10 - 2012-01-31 14:38 - 00000000 ____D C:\Users\HP\AppData\Local\{D64E4651-EF63-436A-ADA5-639C1523DE79}
2015-12-22 14:10 - 2012-01-30 20:35 - 00000000 ____D C:\Users\HP\AppData\Local\{7F7BFCD3-93C6-454E-AE53-9F431E609F0C}
2015-12-22 14:10 - 2012-01-30 14:53 - 00000000 ____D C:\Users\HP\AppData\Local\{D7F531AA-29E6-45A2-AEC2-D61F8F5472A7}
2015-12-22 14:10 - 2012-01-29 14:38 - 00000000 ____D C:\Users\HP\AppData\Local\{C7F95296-20B2-486F-AECE-160C08CBA18C}
2015-12-22 14:10 - 2012-01-28 20:37 - 00000000 ____D C:\Users\HP\AppData\Local\{22B0AF78-4E65-4E16-BC83-2ADE6BA300B3}
2015-12-22 14:10 - 2012-01-28 18:00 - 00000000 ____D C:\Users\HP\AppData\Local\{5E904BF2-1EB2-4033-9FD6-2DB66A3EAE8C}
2015-12-22 14:10 - 2012-01-23 15:56 - 00000000 ____D C:\Users\HP\AppData\Local\{0BF4204D-E40A-4044-A49D-9D7E7C7AF0A9}
2015-12-22 14:10 - 2012-01-23 15:35 - 00000000 ____D C:\Users\HP\AppData\Local\{DBBC791B-F309-40D1-B942-01DF5979435C}
2015-12-22 14:10 - 2012-01-23 15:28 - 00000000 ____D C:\Users\HP\AppData\Local\{20C6671D-7FA4-4DDB-B061-6599DF52F8C4}
2015-12-22 14:10 - 2012-01-23 14:23 - 00000000 ____D C:\Users\HP\AppData\Local\{78A59387-244D-438A-8081-FF1E21108316}
2015-12-22 14:10 - 2012-01-23 14:13 - 00000000 ____D C:\Users\HP\AppData\Local\{FBBB6131-096B-4858-A3D6-093CCD074F10}
2015-12-22 14:10 - 2012-01-22 17:29 - 00000000 ____D C:\Users\HP\AppData\Local\{13958AD5-667A-4875-B4F1-11D829308979}
2015-12-22 14:10 - 2012-01-22 17:23 - 00000000 ____D C:\Users\HP\AppData\Local\{2E53E68F-4EE0-4F2F-B5B1-3981167244D8}
2015-12-22 14:10 - 2012-01-22 17:20 - 00000000 ____D C:\Users\HP\AppData\Local\{E8609E5C-9AF7-4C63-9F2F-07C8D0D0A785}
2015-12-22 14:10 - 2012-01-22 16:37 - 00000000 ____D C:\Users\HP\AppData\Local\{2DEAB8FB-AD83-4CB5-9F38-ED8233B262A8}
2015-12-22 14:10 - 2012-01-22 16:35 - 00000000 ____D C:\Users\HP\AppData\Local\{667E3B15-C0E5-4684-9A15-D6BF408539C6}
2015-12-22 14:10 - 2012-01-22 16:32 - 00000000 ____D C:\Users\HP\AppData\Local\{6AA0D223-665D-444A-BF41-EFD241B16D17}
2015-12-22 14:10 - 2012-01-22 15:26 - 00000000 ____D C:\Users\HP\AppData\Local\{CCEA0357-6C96-4A79-9E81-C772A8659CFD}
2015-12-22 14:10 - 2012-01-22 15:24 - 00000000 ____D C:\Users\HP\AppData\Local\{C8187C98-1FDB-4E1F-9CDC-DE882B468417}
2015-12-22 14:10 - 2012-01-22 15:19 - 00000000 ____D C:\Users\HP\AppData\Local\{78B60352-61CD-4EE0-8154-F6CFBA161296}
2015-12-22 14:10 - 2012-01-22 15:18 - 00000000 ____D C:\Users\HP\AppData\Local\{196FD0B1-3AFA-473D-9BDA-81286FAD4E53}
2015-12-22 14:10 - 2012-01-22 12:50 - 00000000 ____D C:\Users\HP\AppData\Local\{EF228D8D-E56C-4511-87B3-6EBE064296CD}
2015-12-22 14:10 - 2012-01-22 12:49 - 00000000 ____D C:\Users\HP\AppData\Local\{70A680E6-9069-4918-BF15-A3CCC58D9FA1}
2015-12-22 14:10 - 2011-12-15 21:32 - 00000000 ____D C:\Users\HP\AppData\Local\{B8074AD6-BD60-498F-B2B2-D0C8E32E776D}
2015-12-22 14:10 - 2011-12-15 21:26 - 00000000 ____D C:\Users\HP\AppData\Local\{D7CED57D-6A2F-4651-B00D-4722DDE79366}
2015-12-22 14:10 - 2011-12-10 23:13 - 00000000 ____D C:\Users\HP\AppData\LocalLow\Google
2015-12-22 14:10 - 2011-11-24 18:36 - 00000000 ____D C:\Users\HP\AppData\Local\{60F86292-7F92-4E1D-9B18-8F205A3DB175}
2015-12-22 14:10 - 2011-11-23 22:22 - 00000000 ____D C:\Users\HP\AppData\Local\{F52DEEBD-C5FD-49FE-88C3-916D07E7A39E}
2015-12-22 14:10 - 2011-11-19 22:17 - 00000000 ____D C:\Users\HP\AppData\Local\{2553E83F-50BE-4383-B17A-3819F4A20DDB}
2015-12-22 14:10 - 2011-11-12 18:44 - 00000000 ____D C:\Users\HP\AppData\Local\{3B98464C-3DBE-49DF-8CEF-D8AC73AB146D}
2015-12-22 14:10 - 2011-11-12 18:34 - 00000000 ____D C:\Users\HP\AppData\Local\{2FC656F5-AE5C-4449-8494-38EAE4933059}
2015-12-22 14:10 - 2011-11-12 16:13 - 00000000 ____D C:\Users\HP\AppData\Local\Windows Live
2015-12-22 14:10 - 2011-10-15 22:40 - 00000000 ____D C:\Users\HP\AppData\LocalLow\Adobe
2015-12-22 14:10 - 2011-10-11 02:08 - 00000000 ____D C:\Users\HP\AppData\Local\VirtualStore
2015-12-22 14:08 - 2015-07-29 20:19 - 00000000 ____D C:\Users\HP\AppData\Local\Sony
2015-12-22 14:08 - 2015-06-11 22:37 - 00000000 ____D C:\Users\HP\AppData\Local\openvr
2015-12-22 14:08 - 2015-03-10 17:41 - 00000000 ____D C:\Users\HP\AppData\Local\Steam
2015-12-22 14:08 - 2014-10-10 01:57 - 00000000 ____D C:\Users\HP\AppData\Local\Origin
2015-12-22 14:08 - 2014-09-10 00:42 - 00000000 ____D C:\Users\HP\AppData\Local\Mozilla
2015-12-22 14:08 - 2014-08-03 02:19 - 00000000 ____D C:\Users\HP\AppData\Local\Skype
2015-12-22 14:08 - 2013-12-22 19:50 - 00000000 ____D C:\Users\HP\AppData\Local\Razer_Inc
2015-12-22 14:08 - 2013-09-19 17:29 - 00000000 ____D C:\Users\HP\AppData\Local\Razer
2015-12-22 14:08 - 2012-09-29 15:39 - 00000000 ____D C:\Users\HP\AppData\Local\SCE
2015-12-22 14:08 - 2012-03-03 17:32 - 00000000 ____D C:\Users\HP\AppData\Local\Microsoft Games
2015-12-22 14:08 - 2011-11-23 19:19 - 00000000 ____D C:\Users\HP\AppData\Local\Sony Corporation
2015-12-22 14:08 - 2011-10-11 02:14 - 00000000 ____D C:\Users\HP\AppData\Local\Microsoft Help
2015-12-22 13:53 - 2015-09-22 21:27 - 00000000 ____D C:\Users\HP\AppData\Local\MFAData
2015-12-22 13:53 - 2015-08-03 21:44 - 00000000 ____D C:\Users\HP\AppData\Local\GWX
2015-12-22 13:53 - 2014-12-02 20:15 - 00000000 ____D C:\Users\HP\AppData\Local\HearthstoneTracker
2015-12-22 13:53 - 2014-09-10 00:47 - 00000000 ____D C:\Users\HP\AppData\Local\Macromedia
2015-12-22 13:53 - 2014-04-21 18:32 - 00000000 ____D C:\Users\HP\AppData\Local\IE Tab
2015-12-22 13:53 - 2014-01-26 03:38 - 00000000 ____D C:\Users\HP\AppData\Local\InfiniteCrisis
2015-12-22 13:53 - 2013-10-05 00:21 - 00000000 ____D C:\Users\HP\AppData\Local\LogMeIn
2015-12-22 13:53 - 2011-12-10 23:06 - 00000000 ____D C:\Users\HP\AppData\Local\Google
2015-12-22 13:52 - 2015-08-03 21:07 - 00000000 ____D C:\Users\HP\AppData\Local\CEF
2015-12-22 13:52 - 2015-01-09 15:52 - 00000000 __SHD C:\Users\HP\AppData\Local\EmieBrowserModeList
2015-12-22 13:52 - 2014-09-29 18:46 - 00000000 ____D C:\Users\HP\AppData\Local\Glyph
2015-12-22 13:52 - 2014-09-10 01:03 - 00000000 __SHD C:\Users\HP\AppData\Local\EmieUserList
2015-12-22 13:52 - 2014-09-10 01:03 - 00000000 __SHD C:\Users\HP\AppData\Local\EmieSiteList
2015-12-22 13:52 - 2014-06-10 03:30 - 00000000 ____D C:\Users\HP\AppData\Local\Game Dev Tycoon
2015-12-22 13:52 - 2013-12-14 22:14 - 00000000 ____D C:\Users\HP\AppData\Local\Blizzard
2015-12-22 13:52 - 2013-12-14 19:55 - 00000000 ____D C:\Users\HP\AppData\Local\Blizzard Entertainment
2015-12-22 13:52 - 2013-12-14 19:55 - 00000000 ____D C:\Users\HP\AppData\Local\Battle.net
2015-12-22 13:52 - 2012-12-22 15:12 - 00000000 ____D C:\Users\HP\AppData\Local\Chromium
2015-12-22 13:52 - 2011-10-15 22:46 - 00000000 ____D C:\Users\HP\AppData\Local\CrashDumps
2015-12-22 13:52 - 2011-10-11 02:23 - 00000000 ____D C:\Users\HP\AppData\Local\BMExplorer
2015-12-22 13:51 - 2015-10-20 16:17 - 00000000 ____D C:\Users\HP\.oracle_jre_usage
2015-12-22 13:51 - 2015-09-22 21:23 - 00000000 ____D C:\Users\HP\AppData\Local\AvgSetupLog
2015-12-22 13:51 - 2015-09-22 21:23 - 00000000 ____D C:\Users\HP\AppData\Local\Avg
2015-12-22 13:51 - 2015-09-17 17:29 - 00000000 ____D C:\ProgramData\Hi-Rez Studios
2015-12-22 13:51 - 2015-07-29 20:19 - 00000000 ____D C:\ProgramData\Sony
2015-12-22 13:51 - 2015-06-13 08:30 - 00000000 ____D C:\ProgramData\HappyCloud
2015-12-22 13:51 - 2015-01-07 16:33 - 00000000 ____D C:\ProgramData\LGMOBILEAX
2015-12-22 13:51 - 2014-10-24 23:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2015-12-22 13:51 - 2014-10-10 01:53 - 00000000 ____D C:\ProgramData\Origin
2015-12-22 13:51 - 2014-09-13 15:15 - 00000000 ____D C:\ProgramData\SystemRequirementsLab
2015-12-22 13:51 - 2014-09-10 00:41 - 00000000 ____D C:\ProgramData\Mozilla
2015-12-22 13:51 - 2014-09-05 00:34 - 00000000 ____D C:\ProgramData\Oracle
2015-12-22 13:51 - 2014-07-17 15:03 - 00000000 ____D C:\ProgramData\Riot Games
2015-12-22 13:51 - 2014-06-25 16:39 - 00000000 ____D C:\Users\HP\AppData\Local\Adobe
2015-12-22 13:51 - 2014-02-06 19:39 - 00000000 ____D C:\Users\HP\AppData\Local\Ahri.tw
2015-12-22 13:51 - 2014-01-26 02:18 - 00000000 ____D C:\ProgramData\Turbine
2015-12-22 13:51 - 2013-12-28 21:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Banda Ancha Movil
2015-12-22 13:51 - 2013-12-14 19:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2015-12-22 13:51 - 2013-12-14 19:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-12-22 13:51 - 2013-10-05 00:21 - 00000000 ____D C:\ProgramData\LogMeIn
2015-12-22 13:51 - 2013-09-19 17:28 - 00000000 ____D C:\ProgramData\Razer
2015-12-22 13:51 - 2013-08-17 19:55 - 00000000 ____D C:\Users\HP\amsn
2015-12-22 13:51 - 2013-01-31 01:11 - 00000000 ____D C:\ProgramData\Skype
2015-12-22 13:51 - 2012-12-22 13:23 - 00000000 ____D C:\Users\HP\AppData\Local\ApplicationHistory
2015-12-22 13:51 - 2012-12-22 01:12 - 00000000 ____D C:\Users\HP\.swt
2015-12-22 13:51 - 2012-11-01 20:02 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-12-22 13:51 - 2012-10-08 00:52 - 00000000 ____D C:\Users\HP\AppData\Local\Apple Computer
2015-12-22 13:51 - 2012-10-08 00:50 - 00000000 ____D C:\Users\HP\AppData\Local\Apple
2015-12-22 13:51 - 2012-07-10 22:49 - 00000000 ____D C:\ProgramData\MTA San Andreas All
2015-12-22 13:51 - 2011-11-23 20:07 - 00000000 ____D C:\Users\HP\AppData\Local\ArcSoft
2015-12-22 13:51 - 2011-11-06 20:49 - 00000000 ____D C:\ProgramData\InstallShield
2015-12-22 13:51 - 2011-11-06 20:48 - 00000000 ____D C:\ProgramData\ScanSoft
2015-12-22 13:51 - 2011-05-26 00:09 - 00000000 ____D C:\ProgramData\Norton
2015-12-22 13:51 - 2011-05-26 00:08 - 00000000 ____D C:\ProgramData\NortonInstaller
2015-12-22 13:51 - 2011-05-25 23:25 - 00000000 ____D C:\ProgramData\Sony Corporation
2015-12-22 13:51 - 2011-05-25 23:15 - 00000000 ____D C:\ProgramData\Sun
2015-12-22 13:51 - 2011-05-25 23:08 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-12-22 13:51 - 2011-05-25 22:51 - 00000000 __HDC C:\ProgramData\{122DEDD6-6836-4B5F-BC64-5B214DA18102}
2015-12-22 13:48 - 2015-09-22 21:25 - 00000000 ____D C:\ProgramData\Avg
2015-12-22 13:48 - 2015-06-13 09:11 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-12-22 13:48 - 2015-01-07 19:07 - 00000000 ____D C:\ProgramData\CODEX
2015-12-22 13:48 - 2014-10-10 01:53 - 00000000 ____D C:\ProgramData\Electronic Arts
2015-12-22 13:48 - 2014-09-29 18:46 - 00000000 ____D C:\ProgramData\Glyph
2015-12-22 13:48 - 2014-01-13 22:07 - 00000000 ____D C:\ProgramData\Canneverbe Limited
2015-12-22 13:48 - 2013-12-14 19:54 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2015-12-22 13:48 - 2013-12-14 19:50 - 00000000 ____D C:\ProgramData\Battle.net
2015-12-22 13:48 - 2013-11-09 14:23 - 00000000 ____D C:\ProgramData\ALM
2015-12-22 13:48 - 2013-01-03 20:06 - 00000000 ____D C:\Riot Games
2015-12-22 13:48 - 2012-12-23 00:41 - 00000000 ____D C:\ProgramData\Banda Ancha Movil
2015-12-22 13:48 - 2012-12-23 00:39 - 00000000 ____D C:\ProgramData\DatacardService
2015-12-22 13:48 - 2012-12-02 19:15 - 00000000 ____D C:\ProgramData\dvdfab
2015-12-22 13:48 - 2012-11-03 03:04 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2015-12-22 13:48 - 2012-10-08 00:50 - 00000000 ____D C:\ProgramData\Apple Computer
2015-12-22 13:48 - 2012-10-08 00:49 - 00000000 ____D C:\ProgramData\Apple
2015-12-22 13:48 - 2012-09-25 17:34 - 00000000 ____D C:\ProgramData\.mono
2015-12-22 13:48 - 2011-11-06 20:31 - 00000000 ___HD C:\ProgramData\CanonBJ
2015-12-22 13:48 - 2011-10-11 06:21 - 00000000 ____D C:\Update
2015-12-22 13:48 - 2011-05-26 00:35 - 00000000 ____D C:\ProgramData\Atheros
2015-12-22 13:48 - 2011-05-25 23:51 - 00000000 ___HD C:\SPLASH.000
2015-12-22 13:48 - 2011-05-25 23:50 - 00000000 ___HD C:\SPLASH.SYS
2015-12-22 13:48 - 2011-05-25 23:35 - 00000000 ____D C:\ProgramData\ArcSoft
2015-12-22 13:48 - 2011-05-25 23:31 - 00000000 ____D C:\ProgramData\Adobe
2015-12-22 13:48 - 2011-05-25 22:52 - 00000000 ____D C:\ProgramData\DDNi
2015-12-22 13:23 - 2013-07-09 14:46 - 00000000 ____D C:\Program Files\Starcraft
2015-12-22 13:22 - 2012-11-04 19:38 - 00000000 ____D C:\NeverwinterNights
2015-12-22 13:22 - 2011-05-25 23:20 - 00000000 ____D C:\Nobu_Icon
2015-12-22 13:22 - 2009-07-14 00:20 - 00000000 ____D C:\PerfLogs
2015-12-22 13:21 - 2015-10-09 23:45 - 00000000 ____D C:\MATS
2015-12-22 13:21 - 2015-07-13 21:09 - 00000000 ____D C:\gravity
2015-12-22 13:21 - 2014-11-18 00:30 - 00000000 ____D C:\GOG Games
2015-12-22 13:21 - 2011-05-25 22:54 - 00000000 ____D C:\Intel
2015-12-22 13:14 - 2015-02-07 01:01 - 00000000 ____D C:\Games
2015-12-22 13:10 - 2014-09-29 21:58 - 00000000 ____D C:\Users\HP\Documents\ArcheAge
2015-12-22 13:10 - 2014-09-29 21:58 - 00000000 ____D C:\ArcheAge
2015-12-22 13:10 - 2014-07-05 01:37 - 00000000 ___HD C:\ArcTemp
2015-12-22 13:10 - 2013-05-10 22:14 - 00000000 ____D C:\Fraps
2015-12-22 13:10 - 2011-05-25 23:26 - 00000000 ____D C:\Documentation
2015-12-22 13:08 - 2015-08-04 02:56 - 00000000 ___HD C:\$Windows.~WS
2015-12-22 13:08 - 2012-06-24 00:41 - 00000000 ____D C:\6459d19b80a2d124cfc28ec463
2015-12-22 13:07 - 2015-08-31 02:39 - 00000000 ____D C:\$SysReset
2015-12-21 03:29 - 2013-12-14 19:57 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-12-21 03:27 - 2013-12-14 19:54 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-12-17 21:38 - 2014-10-24 23:34 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2015-12-15 23:45 - 2011-12-10 23:10 - 00002141 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-11 13:41 - 2015-10-10 00:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-11 02:04 - 2015-09-22 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-12-09 12:21 - 2014-12-25 17:51 - 00001216 _____ C:\Users\Public\Desktop\Razer Cortex.lnk
2015-12-09 03:30 - 2014-11-18 00:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-12-09 03:30 - 2009-07-14 02:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-12-09 03:01 - 2011-05-26 01:44 - 00762028 _____ C:\Windows\system32\perfh00A.dat
2015-12-09 03:01 - 2011-05-26 01:44 - 00166830 _____ C:\Windows\system32\perfc00A.dat
2015-12-09 03:01 - 2009-07-14 02:13 - 01718700 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-09 03:01 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2015-12-03 22:30 - 2015-11-20 12:24 - 00004032 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d123a79d406e33
2015-12-03 22:30 - 2015-11-20 12:24 - 00003780 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d123a79d062379
 
==================== Files in the root of some directories =======
 
2015-07-29 21:27 - 2015-07-29 21:27 - 0000132 _____ () C:\Users\HP\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-12-22 14:14 - 2015-12-22 15:42 - 0010654 _____ () C:\Users\HP\AppData\Roaming\how_recover+itp.html
2015-12-22 14:14 - 2015-12-22 15:42 - 0002411 _____ () C:\Users\HP\AppData\Roaming\how_recover+itp.txt
2015-12-22 13:01 - 2015-12-22 13:01 - 0000480 ____H () C:\Users\HP\AppData\Roaming\½Ó
2015-12-22 14:11 - 2015-12-22 15:41 - 0010654 _____ () C:\Users\HP\AppData\Roaming\Microsoft\how_recover+itp.html
2015-12-22 14:11 - 2015-12-22 15:41 - 0002411 _____ () C:\Users\HP\AppData\Roaming\Microsoft\how_recover+itp.txt
2015-04-18 17:59 - 2015-04-20 17:21 - 0003584 _____ () C:\Users\HP\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-12-22 13:23 - 2012-12-22 13:23 - 0000090 _____ () C:\Users\HP\AppData\Local\fusioncache.dat
2015-12-22 13:52 - 2015-12-22 15:40 - 0010654 _____ () C:\Users\HP\AppData\Local\how_recover+itp.html
2015-12-22 13:52 - 2015-12-22 15:40 - 0002411 _____ () C:\Users\HP\AppData\Local\how_recover+itp.txt
2015-12-22 13:01 - 2015-12-22 13:01 - 0000576 ____H () C:\ProgramData\@system3.att
2011-05-26 00:34 - 2011-05-26 00:34 - 0000035 _____ () C:\ProgramData\AtherosServiceConfig.ini
2015-12-22 13:48 - 2015-12-22 13:51 - 0010654 _____ () C:\ProgramData\how_recover+itp.html
2015-12-22 13:48 - 2015-12-22 13:51 - 0002411 _____ () C:\ProgramData\how_recover+itp.txt
2014-12-02 20:15 - 2014-12-02 20:15 - 0000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
 
Some files in TEMP:
====================
C:\Users\HP\AppData\Local\Temp\avguirn_081884933233.exe
C:\Users\HP\AppData\Local\Temp\avguirn_08426950284.exe
C:\Users\HP\AppData\Local\Temp\avguirn_08531452546.exe
C:\Users\HP\AppData\Local\Temp\Creative Cloud Helper.exe
C:\Users\HP\AppData\Local\Temp\dt_998C.tmp.exe
C:\Users\HP\AppData\Local\Temp\dxwebsetup.exe
C:\Users\HP\AppData\Local\Temp\GLF1BB.EXE
C:\Users\HP\AppData\Local\Temp\GLF33B2.EXE
C:\Users\HP\AppData\Local\Temp\GLF4D1C.EXE
C:\Users\HP\AppData\Local\Temp\GLF547B.EXE
C:\Users\HP\AppData\Local\Temp\GLF5805.EXE
C:\Users\HP\AppData\Local\Temp\GLF5EB8.EXE
C:\Users\HP\AppData\Local\Temp\GLF6445.EXE
C:\Users\HP\AppData\Local\Temp\GLF87DB.EXE
C:\Users\HP\AppData\Local\Temp\GLF8DB5.EXE
C:\Users\HP\AppData\Local\Temp\GLFAF38.EXE
C:\Users\HP\AppData\Local\Temp\GLFB2B2.EXE
C:\Users\HP\AppData\Local\Temp\GLFD7EC.EXE
C:\Users\HP\AppData\Local\Temp\GLFDE82.EXE
C:\Users\HP\AppData\Local\Temp\GLFEE69.EXE
C:\Users\HP\AppData\Local\Temp\GLFF1F3.EXE
C:\Users\HP\AppData\Local\Temp\GLFFA2C.EXE
C:\Users\HP\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
C:\Users\HP\AppData\Local\Temp\HiRezLauncherControls.dll
C:\Users\HP\AppData\Local\Temp\HOST1192.exe
C:\Users\HP\AppData\Local\Temp\HOST1224.exe
C:\Users\HP\AppData\Local\Temp\HOST1264.exe
C:\Users\HP\AppData\Local\Temp\HOST1308.exe
C:\Users\HP\AppData\Local\Temp\HOST1364.exe
C:\Users\HP\AppData\Local\Temp\HOST1472.exe
C:\Users\HP\AppData\Local\Temp\HOST1540.exe
C:\Users\HP\AppData\Local\Temp\HOST1544.exe
C:\Users\HP\AppData\Local\Temp\HOST1568.exe
C:\Users\HP\AppData\Local\Temp\HOST1616.exe
C:\Users\HP\AppData\Local\Temp\HOST1648.exe
C:\Users\HP\AppData\Local\Temp\HOST1684.exe
C:\Users\HP\AppData\Local\Temp\HOST1764.exe
C:\Users\HP\AppData\Local\Temp\HOST1808.exe
C:\Users\HP\AppData\Local\Temp\HOST1820.exe
C:\Users\HP\AppData\Local\Temp\HOST1828.exe
C:\Users\HP\AppData\Local\Temp\HOST1856.exe
C:\Users\HP\AppData\Local\Temp\HOST1984.exe
C:\Users\HP\AppData\Local\Temp\HOST2024.exe
C:\Users\HP\AppData\Local\Temp\HOST2028.exe
C:\Users\HP\AppData\Local\Temp\HOST2208.exe
C:\Users\HP\AppData\Local\Temp\HOST2872.exe
C:\Users\HP\AppData\Local\Temp\HOST4308.exe
C:\Users\HP\AppData\Local\Temp\HOST456.exe
C:\Users\HP\AppData\Local\Temp\jre-7u10-windows-i586-iftw.exe
C:\Users\HP\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\HP\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\HP\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\HP\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\HP\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\HP\AppData\Local\Temp\SkypeSetup.exe
C:\Users\HP\AppData\Local\Temp\SRLDetectionLibrary3677212924457031100.dll
C:\Users\HP\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\HP\AppData\Local\Temp\swt-win32-3740.dll
C:\Users\HP\AppData\Local\Temp\uttD919.tmp.exe
C:\Users\HP\AppData\Local\Temp\vcredist_x86.exe
C:\Users\HP\AppData\Local\Temp\vlc-2.1.5-win32.exe
C:\Users\HP\AppData\Local\Temp\vlc-2.2.1-win32.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-12-21 21:31
 
==================== End of FRST.txt ============================
 
Addition
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:20-12-2015
Ran by HP (2015-12-23 01:24:32)
Running from C:\Users\HP\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-05-26 03:34:38)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrador (S-1-5-21-3617482536-3663022080-2132115498-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3617482536-3663022080-2132115498-1004 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3617482536-3663022080-2132115498-1002 - Limited - Enabled)
HP (S-1-5-21-3617482536-3663022080-2132115498-1000 - Administrator - Enabled) => C:\Users\HP
Invitado (S-1-5-21-3617482536-3663022080-2132115498-501 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-3617482536-3663022080-2132115498-1000\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
8BitBoy v1.3.4 (HKLM-x32\...\OEJpdEJveQ==_is1) (Version: 1 - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Illustrator CC (HKLM-x32\...\{F2321021-08A2-44D6-B1DF-BDB415F23EC3}) (Version: 17.0 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.4) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
Age of Empires II HD (HKLM-x32\...\Age of Empires II HD_is1) (Version: 1.0 - PLAZA)
Apple Mobile Device Support (HKLM\...\{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}) (Version: 6.0.0.59 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.142 - ArcSoft)
ArcSoft PhotoStudio 5.5 (HKLM-x32\...\{85309D89-7BE9-4094-BB17-24999C6118FC}) (Version:  - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.392 - ArcSoft)
Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Atheros)
AVG (HKLM\...\AvgZen) (Version: 1.22.1.40089 - AVG Technologies)
AVG (Version: 16.12.7303 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4489 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.12.7303 - AVG Technologies)
AVG Zen (Version: 1.22.1 - AVG Technologies) Hidden
Banda Ancha Movil (HKLM-x32\...\Banda Ancha Movil) (Version: 23.009.09.01.110 - Huawei Technologies Co.,Ltd)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.90 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version:  - )
Canon MP Navigator 3.0 (HKLM-x32\...\MP Navigator 3.0) (Version:  - )
Canon MP160 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP160) (Version:  - )
Canon Utilities Easy-PhotoPrint (HKLM-x32\...\Easy-PhotoPrint) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 3.27 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4478 - CDBurnerXP)
CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version:  - dvd8n)
CLEO v3.0.950 (HKLM-x32\...\{8FB91814-FE42-4B62-9B54-4B677A420715}_is1) (Version:  - Seemann (www.sannybuilder.com))
Compatibilidad con Aplicaciones de Apple (HKLM-x32\...\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}) (Version: 2.2.2 - Apple Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.0.53 - Conexant)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0316 - DT Soft Ltd)
DC Universe Online Live (HKU\S-1-5-21-3617482536-3663022080-2132115498-1000\...\SOE-DC Universe Online Live) (Version:  - Sony Online Entertainment)
Deadpool Repack (HKLM-x32\...\Deadpool Repack) (Version: 9.99 - VictorVal)
Digimon World 3 (HKLM-x32\...\Digimon World 3_is1) (Version:  - BlizzBoyGames - hxxp://www.blizzboygames.com)
Dont Starve Reign of Giants (HKLM-x32\...\Dont Starve Reign of Giants_is1) (Version:  - )
Dont Starve version 1.88179 (HKLM-x32\...\Dont Starve_is1) (Version: 1.88179 - Klei Entertainment)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.0.0 - Electronic Arts)
Easy-WebPrint (HKLM-x32\...\Easy-WebPrint) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
FMW 1 (Version: 1.32.2 - AVG Technologies) Hidden
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Game Dev Tycoon versión 1.4.5 (HKLM-x32\...\{5BBB8682-1335-410F-A79F-8E5611A54BD0}_is1) (Version: 1.4.5 - Greenheart Games Pty. Ltd.)
GameRanger (HKU\S-1-5-21-3617482536-3663022080-2132115498-1000\...\GameRanger) (Version:  - GameRanger Technologies)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Hand of Fate (HKLM-x32\...\1424100574_is1) (Version: 2.2.0.6 - GOG.com)
Happy Cloud Client (HKU\S-1-5-21-3617482536-3663022080-2132115498-1000\...\HappyCloud) (Version: 4.54 - Happy Cloud, Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
iTunes (HKLM\...\{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}) (Version: 10.7.0.21 - Apple Inc.)
Java 8 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.410 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.410 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware versión 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Manual de VAIO (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 2.0.0.02250 - Sony Corporation)
Media Gallery (Version: 1.5.0.16020 - Your Company Name) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 4.5.1 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM-x32\...\{90120000-0016-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM-x32\...\{90120000-001A-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version:  - Microsoft)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM-x32\...\{90120000-0018-0C0A-0000-0000000FF1CE}_ENTERPRISE_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version:  - Microsoft)
Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM-x32\...\{90120000-001B-0C0A-0000-0000000FF1CE}_ENTERPRISE_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version:  - Microsoft)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 32.0 (x86 es-CL) (HKLM-x32\...\Mozilla Firefox 32.0 (x86 es-CL)) (Version: 32.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MTA:SA v1.3 (HKLM-x32\...\MTA:SA 1.3) (Version: v1.3 - Multi Theft Auto)
Neverwinter Nights (HKLM-x32\...\{7C503E58-B2BC-11D5-978A-0050BA84F5F7}) (Version:  - )
Neverwinter Nights Diamond Edition (Spanish) (HKLM-x32\...\GOGPACKNWNDIAMOND_is1) (Version: 2.0.0.15 - GOG.com)
NVIDIA Controlador de 3D Vision 267.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 267.43 - NVIDIA Corporation)
NVIDIA Controlador de audio HD 1.2.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.18.0 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 267.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.43 - NVIDIA Corporation)
NVIDIA nView 135.68 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 135.68 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation)
Oasis2Service 1.0 (HKLM-x32\...\{E50FC5DB-7CBD-407D-A46E-0C13E45BC386}) (Version: 1.0.0 - DDNi)
OOBE (HKLM-x32\...\{18894D16-5448-4BF9-A128-F7E937322F91}) (Version: 11.2.1.10 - Sony Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
Panel de control de NVIDIA 267.43 (Version: 267.43 - NVIDIA Corporation) Hidden
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.5.02.12220 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.5.00.02250 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.5.00.04010 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.5.00.02250 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.5.00.04060 - Sony Corporation) Hidden
Pokémon Trading Card Game Online (HKLM-x32\...\{C6300674-A394-4B0F-B457-7A6E76794AEB}) (Version: 1.0.0 - The Pokémon Company International)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 6.4.6.10930 - Razer Inc.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.74 - Realtek Semiconductor Corp.)
Recettear: An Item Shop's Tale (HKLM-x32\...\Recettear: An Item Shop's Tale_is1) (Version:  - )
Remote Keyboard (x32 Version: 1.1.1.03020 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (x32 Version: 1.1.0.15070 - Sony Corporation) Hidden
ScanSoft OmniPage SE 4.0 (HKLM-x32\...\{29D851C2-048C-4B5E-8D1F-25D473342BB5}) (Version: 15.00.0020 - ScanSoft, Inc.)
Skype™ 7.16 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.16.102 - Skype Technologies S.A.)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
Smite Level Up LATAM (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF310}) (Version: 2.13.2948.3 - Hi-Rez Studios)
Sony Corporation (Version: 1.0.0 - Default Company Name) Hidden
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.9.0 - Synaptics Incorporated)
System Requirements Lab CYRI (HKLM-x32\...\{705216C1-BA52-4B16-AFE4-4143B340D62D}) (Version: 6.0.12.6 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
TERA (HKU\S-1-5-21-3617482536-3663022080-2132115498-1000\...\teraenmasse) (Version:  - )
The Mighty Quest For Epic Loot (HKLM-x32\...\Steam App 239220) (Version:  - Ubisoft Montreal)
The Witcher 2 - Assassins of Kings Enhanced Edition (HKLM-x32\...\GOGPACKTHEWITCHER2EE_is1) (Version: 3.4.0.25 - GOG.com)
The Wolf Among Us (HKLM-x32\...\The Wolf Among Us_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
Transferencias VAIO (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.4.0.14230 - Sony Corporation)
Unity Web Player (HKU\S-1-5-21-3617482536-3663022080-2132115498-1000\...\UnityWebPlayer) (Version: 5.0.1f1 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VAIO - Media Gallery (HKLM-x32\...\{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}) (Version: 1.5.0.16020 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}) (Version: 1.5.00.02250 - Sony Corporation)
VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}) (Version: 1.5.00.04060 - Sony Corporation)
VAIO - Teclado a distancia (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.0.1.03020 - Sony Corporation)
VAIO - Uso a distancia con PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.1.0.15070 - Sony Corporation)
VAIO Care (HKLM-x32\...\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}) (Version: 6.4.1.05290 - Sony Corporation)
VAIO Care (x32 Version: 6.4.0.15030 - Sony Corporation) Hidden
VAIO Care (x32 Version: 6.4.1.05290 - Sony Corporation) Hidden
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.5.0.03040 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.6.0.13140 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.6.0.13140 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.0.0.03050 - Sony Corporation)
VAIO Event Service (HKLM-x32\...\{73D8886A-D416-4687-B609-0D3836BA410C}) (Version: 5.5.0.03040 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.0.06210 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.4.0.03240 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.2.0.14280 - Sony Corporation) Hidden
VAIO Help and Support (HKLM-x32\...\{F5248E24-F52C-4FD1-B76F-102460BAFD6B}) (Version: 14.00.0125 - Sony Corporation)
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 1.0.0.14150 - Sony Corporation)
VAIO Messenger (HKLM-x32\...\VAIO Messenger) (Version: 2.0.118.0 - DDNi)
VAIO Messenger (x32 Version: 2.0.118.0 - DDNi) Hidden
VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.5.5 - Sony Corporation)
VAIO Quick Web Access (x32 Version: 1.4.5.5 - Sony Corporation) Hidden
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.0.09010 - Sony Corporation)
VAIO Satisfaction Survey. (HKLM-x32\...\VAIO Satisfaction Survey.3.0) (Version: 3.0 - Sony Electronics Inc.)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.5.0.02280 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 6.3.1.10120 - Sony Corporation)
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Vegas Pro 11.0 (HKLM-x32\...\{09771440-269F-11E1-89B1-F04DA23A5C58}) (Version: 11.0.510 - Sony)
VESx64 (Version: 1.0.0 - Sony Corporation) Hidden
VESx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinRAR 4.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-3617482536-3663022080-2132115498-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812NA}_is1) (Version:  - Wargaming.net)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Restore Points =========================
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 23:34 - 2012-11-01 20:10 - 00000833 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {1B4A0BFB-C5C3-4293-A6BC-F5E5BF1EF6AF} - System32\Tasks\{91736B31-347A-4F31-9EF6-142E6660CE97} => Iexplore.exe hxxp://ui.skype.com/ui/0/7.5.85.101/es/abandoninstall?page=tsProgressBar
Task: {1F0FA582-F7B1-4AE8-9689-C56D4A00080E} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-06-21] (Sony Corporation)
Task: {2013EA33-0BD0-4FC2-BDC9-CC41FC0B6603} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2013-09-27] (Sony Corporation)
Task: {21B7E5A9-F024-49E5-8B1C-0E56BFFCC935} - System32\Tasks\Sony\OOBESendInfo => C:\Program Files\Sony\OOBE\OOBESendInfo.exe [2011-03-24] ()
Task: {2E639535-66CA-404E-B0B1-DC2D6394927B} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {348D7418-9ECD-489F-8E42-8A15CF338B58} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2011-02-16] (Sony Corporation)
Task: {365C4619-C725-4295-AB49-628D4A5B8C14} - System32\Tasks\GoogleUpdateTaskMachineCore1d123a79d062379 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {3E37C8B1-D410-4947-ACAF-075484C4DD28} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {3ECC6C0F-839B-4FBC-8663-2814C6D3AD18} - System32\Tasks\{5E0224E1-D396-4C52-9F4E-3CAAD48EA084} => Iexplore.exe hxxp://ui.skype.com/ui/0/7.5.85.101/es/abandoninstall?page=tsProgressBar
Task: {45016F19-1CDA-47EC-9076-5FECACE8BAFA} - System32\Tasks\{BFA62FEC-04D6-4EDD-AA9C-FA35E140E719} => Iexplore.exe hxxp://ui.skype.com/ui/0/7.3.0.101/es/abandoninstall?page=tsProgressBar
Task: {5701DF12-1CC4-49AA-9B54-038C418B83ED} - System32\Tasks\Sony Corporation\VAIO First Logon Setup Tool\VAIO First Logon Setup Tool => C:\Program Files (x86)\Sony\VAIO First Logon Setup Tool\VWSet.exe [2011-03-10] ()
Task: {575167F1-2E55-457C-9884-D7D2CE5A3DA7} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib TaskTray => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [2011-02-23] (Sony Corporation)
Task: {64205592-47E6-41B4-88A8-DF8D954C7A18} - System32\Tasks\AdobeAAMUpdater-1.0-HP-VAIO-HP => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-09-25] (Adobe Systems Incorporated)
Task: {73DA83F3-B023-4115-9AF1-00BFF6B17929} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient
Task: {7E441D28-3DD0-41A1-8DA9-383F332EAF54} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {8E7B47A9-B29E-47DB-A534-9A757CB50A87} - System32\Tasks\BaronReplays => C:\Users\HP\Documents\BaronReplays\BaronReplays.exe
Task: {97F6B408-32E3-4DDB-8ADE-B81341F9979C} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {A79136A7-6289-486C-9A44-1E61423AED9D} - System32\Tasks\Sony Corporation\VAIO Personalization Manager\VpmLM Task Music HP => C:\Program Files\Sony\VAIO Personalization Manager\VpmLM.exe [2011-02-08] (Sony Corporation)
Task: {A863981D-3C64-40D6-95BB-208009D6D3CE} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2013-09-19] (Sony Corporation)
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {ACF321FA-6431-4C10-BCAF-6676D40D881C} - System32\Tasks\{E75A80A0-7507-4282-A962-8239AA83A8BB} => Chrome.exe hxxp://ui.skype.com/ui/0/7.9.0.103/es/go/help.faq.installer?source=lightinstaller&amp;LastError=1603
Task: {B10AF300-60F1-41BA-9857-64F3A0CB13BC} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-02-15] (Sony Corporation)
Task: {BC3F72F3-D0C0-42C5-81F1-1C82BE0096CD} - System32\Tasks\GoogleUpdateTaskMachineUA1d123a79d406e33 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {C0D52967-559F-4239-B953-0071D3D2EDE3} - System32\Tasks\{2CEEB2AA-7A72-47C6-A24B-DE94BEB62322} => Chrome.exe hxxp://ui.skype.com/ui/0/7.9.0.103/es/go/help.faq.installer?source=lightinstaller&amp;LastError=1603
Task: {C5967D3F-62F3-4FD0-A5F7-BED360E0319D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {D210D9BA-8D1F-469C-87E1-6BDE0DD6A845} - System32\Tasks\{3257CBDA-649B-453D-96B7-CE6FBC0186CC} => Chrome.exe hxxp://ui.skype.com/ui/0/7.8.0.102.272/es/go/help.faq.installer?LastError=1603
Task: {E47E88F5-BB61-4F0E-A889-7D0BBF10C106} - System32\Tasks\{4B870DD5-A98B-4F74-900F-F641336D823E} => Chrome.exe hxxp://ui.skype.com/ui/0/7.9.0.103/es/go/help.faq.installer?source=lightinstaller&amp;LastError=1603
Task: {E6C8706B-941F-4596-B392-2F1EB43843F1} - System32\Tasks\SONY\VAIO Startup Setting Tool\VAIO Startup Setting Tool => C:\Program Files (x86)\Sony\VAIO Startup Setting Tool\Save.exe [2011-02-15] (Sony Corporation)
Task: {EF555701-F89A-4030-8134-8AC0EB335756} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2011-06-21] (Sony Corporation)
Task: {F68CA973-E669-42C1-9B90-901F20489C99} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCOneClick.exe [2011-02-16] (Sony Corporation)
Task: {F92FAF98-F596-4920-BA23-BF700F136DEA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated)
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d123a79d062379.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d123a79d406e33.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\HP\Desktop\Juegos\Digimon World 3.lnk -> C:\Program Files (x86)\Digimon World 3\Launch.bat ()
 
==================== Loaded Modules (Whitelisted) ==============
 
2011-05-25 23:08 - 2011-02-11 18:45 - 00615016 _____ () C:\Program Files\NVIDIA Corporation\nView\nvshell.dll
2012-02-08 01:19 - 2012-01-09 19:44 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2012-12-23 00:41 - 2013-01-17 08:00 - 00657504 _____ () C:\ProgramData\Banda Ancha Movil\OnlineUpdate\ouc.exe
2011-03-14 12:27 - 2011-03-14 12:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2010-03-25 21:07 - 2010-03-25 21:07 - 00046080 _____ () C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
2015-09-23 17:41 - 2015-09-23 17:41 - 00188072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2012-08-27 22:33 - 2012-08-27 22:33 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-08-27 22:33 - 2012-08-27 22:33 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-12-23 00:41 - 2012-12-23 00:40 - 00011362 _____ () C:\ProgramData\Banda Ancha Movil\OnlineUpdate\mingwm10.dll
2012-12-23 00:41 - 2012-12-23 00:40 - 00043008 _____ () C:\ProgramData\Banda Ancha Movil\OnlineUpdate\libgcc_s_dw2-1.dll
2012-12-23 00:41 - 2013-01-17 08:00 - 02417152 _____ () C:\ProgramData\Banda Ancha Movil\OnlineUpdate\QtCore4.dll
2012-12-23 00:41 - 2013-01-17 08:00 - 01148416 _____ () C:\ProgramData\Banda Ancha Movil\OnlineUpdate\QtNetwork4.dll
2013-12-28 21:22 - 2013-01-17 08:00 - 00843264 _____ () C:\ProgramData\Banda Ancha Movil\OnlineUpdate\QueryStrategy.dll
2012-12-23 00:41 - 2013-01-17 08:00 - 00398336 _____ () C:\ProgramData\Banda Ancha Movil\OnlineUpdate\QtXml4.dll
2010-03-25 21:07 - 2010-03-25 21:07 - 00046592 _____ () C:\Program Files (x86)\DDNi\Oasis2Service 1.0\DdniCore.dll
2010-03-25 21:07 - 2010-03-25 21:07 - 00032256 _____ () C:\Program Files (x86)\DDNi\Oasis2Service 1.0\AspUpdate.dll
2014-12-25 17:51 - 2015-10-28 16:50 - 00264192 _____ () C:\Program Files (x86)\Razer\Razer Cortex\D3DX8Wrapper.dll
2011-05-25 23:26 - 2011-03-05 18:42 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2015-09-22 21:25 - 2015-09-22 21:24 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2015-07-19 17:31 - 2015-10-28 16:50 - 00724480 _____ () C:\Program Files (x86)\Razer\Razer Cortex\Cef\CefSharp.Core.dll
2015-07-19 17:31 - 2015-10-28 16:50 - 41289216 _____ () C:\Program Files (x86)\Razer\Razer Cortex\Cef\libcef.dll
2015-01-07 20:10 - 2015-01-07 20:10 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\93182e9779b8be0f688fd0784df6d7fb\IsdiInterop.ni.dll
2011-05-25 22:58 - 2010-11-06 01:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2015-07-19 17:31 - 2015-10-28 16:50 - 00544256 _____ () C:\Program Files (x86)\Razer\Razer Cortex\Cef\CefSharp.BrowserSubprocess.Core.dll
2015-07-19 17:31 - 2015-10-28 16:50 - 01482240 _____ () C:\Program Files (x86)\Razer\Razer Cortex\Cef\libglesv2.dll
2015-07-19 17:31 - 2015-10-28 16:50 - 00073728 _____ () C:\Program Files (x86)\Razer\Razer Cortex\Cef\libegl.dll
2015-12-15 23:45 - 2015-12-11 00:54 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
2015-12-15 23:45 - 2015-12-11 00:54 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll
2015-12-15 23:45 - 2015-12-11 00:54 - 16573256 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\HP\Datos de programa:NT
AlternateDataStreams: C:\Users\HP\AppData\Roaming:NT
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-3617482536-3663022080-2132115498-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-3617482536-3663022080-2132115498-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-3617482536-3663022080-2132115498-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-3617482536-3663022080-2132115498-1000\...\sony.com -> sony.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3617482536-3663022080-2132115498-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\HP\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: SSBkgdUpdate => "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: uTorrent => "C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{77C8E536-FC09-4B31-A5C6-6667884BD6A4}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1D06AE15-2622-4EE4-9CB7-41CF002E475E}] => (Allow) LPort=2869
FirewallRules: [{984FEB7A-9EBB-4A40-807D-0C90A585D7A1}] => (Allow) LPort=1900
FirewallRules: [{CC8454F4-DAB0-4374-AE21-4BC702F6D762}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{1478D519-BC4A-4A79-9960-BE09EDA28CF7}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{83E89DAB-2EA2-442E-9B3C-255BB460EFB2}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
FirewallRules: [{E21A7F4E-666D-4F48-BD57-11A258C94D83}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
FirewallRules: [TCP Query User{0C5F6C0E-9E51-437C-A316-D7337A2BDD91}F:\age of empire 2\age of empire ii\empires2.exe] => (Allow) F:\age of empire 2\age of empire ii\empires2.exe
FirewallRules: [UDP Query User{9D262337-DA7D-4245-AE77-BE7FF6320AAC}F:\age of empire 2\age of empire ii\empires2.exe] => (Allow) F:\age of empire 2\age of empire ii\empires2.exe
FirewallRules: [TCP Query User{8F87BC83-4BE2-478B-97E0-A1AE1469180C}C:\users\hp\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\hp\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [UDP Query User{26C03DBA-486B-48CC-AA42-DF52A0B1371C}C:\users\hp\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\hp\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [TCP Query User{8B51E6DE-7A3A-46EC-9158-30533186EF43}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{98742C50-2057-40C2-B21E-597A2FC1B058}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{9829931E-CBE7-4BDE-ABD8-F995F42CBBEB}C:\users\public\sony online entertainment\installed games\dc universe online live\unreal3\binaries\win32\dcgame.exe] => (Allow) C:\users\public\sony online entertainment\installed games\dc universe online live\unreal3\binaries\win32\dcgame.exe
FirewallRules: [UDP Query User{CE03B718-5797-4D3A-97DA-B2F9951B9B9C}C:\users\public\sony online entertainment\installed games\dc universe online live\unreal3\binaries\win32\dcgame.exe] => (Allow) C:\users\public\sony online entertainment\installed games\dc universe online live\unreal3\binaries\win32\dcgame.exe
FirewallRules: [{4C96853F-DEB3-4D9B-BF93-89D95A3AFC4D}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{FAE46D06-A615-4C87-865B-839F69951E68}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{754BAB57-C23E-429C-AF75-BFB0FA5A79DF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D27B4CB3-07A3-4136-AB9A-2B7E70E7AD5A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{45428AA3-62C5-4E39-BA6C-29084C00D043}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{40298E5E-575F-42AE-BD66-715903C97912}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [TCP Query User{523CDC5F-AF91-40B3-8EA2-7777596B8D98}F:\age of empire 2\age of empire ii\age2_x1\age2_x1.exe] => (Allow) F:\age of empire 2\age of empire ii\age2_x1\age2_x1.exe
FirewallRules: [UDP Query User{8E28407A-0ECF-4988-A143-2A9504164AE6}F:\age of empire 2\age of empire ii\age2_x1\age2_x1.exe] => (Allow) F:\age of empire 2\age of empire ii\age2_x1\age2_x1.exe
FirewallRules: [TCP Query User{8D51C4C0-C315-4B39-8E9A-83AAC5549FB4}F:\age of empire 2\age of empire ii\age2_x1\age2_x1.exe] => (Allow) F:\age of empire 2\age of empire ii\age2_x1\age2_x1.exe
FirewallRules: [UDP Query User{1F1DB87B-2891-4C5D-978B-236DB7D54706}F:\age of empire 2\age of empire ii\age2_x1\age2_x1.exe] => (Allow) F:\age of empire 2\age of empire ii\age2_x1\age2_x1.exe
FirewallRules: [{7CBF7932-62AD-4443-AF04-5C854722CA8D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{705483E9-A0AB-4E8C-9E7F-23299EBE6D56}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{BAF39D7A-E837-439B-83DB-917D6AC86F69}C:\program files (x86)\steam\steamapps\khronolupus\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\khronolupus\team fortress 2\hl2.exe
FirewallRules: [UDP Query User{F44EDFFA-1E7E-4FED-88B8-2633110755C5}C:\program files (x86)\steam\steamapps\khronolupus\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\khronolupus\team fortress 2\hl2.exe
FirewallRules: [TCP Query User{931C1C95-9A8D-41B1-9E56-9FFD9ABCA8E9}C:\program files (x86)\turbine\ddo unlimited\dndclient.exe] => (Allow) C:\program files (x86)\turbine\ddo unlimited\dndclient.exe
FirewallRules: [UDP Query User{6A6E0754-66A8-4FCF-ACE8-75B799B114A1}C:\program files (x86)\turbine\ddo unlimited\dndclient.exe] => (Allow) C:\program files (x86)\turbine\ddo unlimited\dndclient.exe
FirewallRules: [TCP Query User{49F88E76-B562-4F97-BBE3-F80E2F7E0927}I:\age of empire 2\age of empire ii\age2_x1\age2_x1.exe] => (Allow) I:\age of empire 2\age of empire ii\age2_x1\age2_x1.exe
FirewallRules: [UDP Query User{391A0BE3-F843-4EB2-B054-3275EAD7F3FE}I:\age of empire 2\age of empire ii\age2_x1\age2_x1.exe] => (Allow) I:\age of empire 2\age of empire ii\age2_x1\age2_x1.exe
FirewallRules: [TCP Query User{C11B0878-830E-44E9-B5A2-7FF2A07212FF}C:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe] => (Allow) C:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe
FirewallRules: [UDP Query User{99B71A5E-14A8-4B32-AE2C-FC05E4EB9FC1}C:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe] => (Allow) C:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe
FirewallRules: [{9C620CC0-6C97-4EC2-AF48-E4FDBE49D2B1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{CA1FFB41-5F7E-4E49-83BD-972D4077089A}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{24156E45-E46A-4327-8F64-C314C93170B1}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{5B43C931-610D-406E-9FBB-76CEC4E1572F}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe
FirewallRules: [UDP Query User{E2C7F8BA-3F4B-43DA-9119-E3CCDE8ACEB4}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe
FirewallRules: [TCP Query User{30F909A5-3D44-411F-9161-C2AF9C8559BB}C:\program files (x86)\amsn\bin\wish.exe] => (Block) C:\program files (x86)\amsn\bin\wish.exe
FirewallRules: [UDP Query User{61812920-8A96-412F-BC7F-873E76FC3A4C}C:\program files (x86)\amsn\bin\wish.exe] => (Block) C:\program files (x86)\amsn\bin\wish.exe
FirewallRules: [TCP Query User{1764C9D7-8327-4D54-987E-D37A4A33D41D}C:\neverwinternights\nwn\nwmain.exe] => (Allow) C:\neverwinternights\nwn\nwmain.exe
FirewallRules: [UDP Query User{1F10C145-5699-46B6-9DBE-3BFBC8B83504}C:\neverwinternights\nwn\nwmain.exe] => (Allow) C:\neverwinternights\nwn\nwmain.exe
FirewallRules: [{F8BEAF6A-BDF0-4FC6-9AE8-2197E16FA914}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{F247BCD9-F4BD-4DD5-AF0B-C04AF6362F9D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{74EBD99C-252C-4504-913F-EA37C6C43F57}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2426\Agent.exe
FirewallRules: [{FE662DF1-6F30-45E0-89F4-4F889F6A2751}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2426\Agent.exe
FirewallRules: [{50C46B5C-6924-43D0-A7F6-AB1A8BFF130B}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{4B215103-3F36-486E-A468-C45EA367AF98}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{5766F4BF-BD80-463C-AFC7-1F724699AB84}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{297DD89B-2896-4DFD-B31F-75CF2E2153EA}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{A5FD73AD-C49A-4BEC-874E-AF7DC3ED04AB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe
FirewallRules: [{19809C15-3913-4452-9E35-F5E5A35AD50D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe
FirewallRules: [TCP Query User{2B9E8C4F-126C-4079-9DE1-4FEA18BC46FD}C:\users\hp\documents\starbound\win32\starbound_server.exe] => (Allow) C:\users\hp\documents\starbound\win32\starbound_server.exe
FirewallRules: [UDP Query User{CC9BC046-8634-4C01-80AA-8F0816BD0ADB}C:\users\hp\documents\starbound\win32\starbound_server.exe] => (Allow) C:\users\hp\documents\starbound\win32\starbound_server.exe
FirewallRules: [{798688EF-DE01-416D-BAAD-19EBBF2FB066}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{7E9BF9DA-9BC2-480C-A618-BDE52DECBBD9}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{74D94672-537A-4A82-837B-764853A12FA0}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{47A1E7A6-33DB-4BC0-8845-7E32BF8D2FB3}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [TCP Query User{3A44F441-D1DC-499D-A558-C98EF9890164}C:\program files (x86)\infinitecrisis\infinitecrisis.exe] => (Allow) C:\program files (x86)\infinitecrisis\infinitecrisis.exe
FirewallRules: [UDP Query User{C2E557C2-CC1D-49CF-841F-F85376D35EB5}C:\program files (x86)\infinitecrisis\infinitecrisis.exe] => (Allow) C:\program files (x86)\infinitecrisis\infinitecrisis.exe
FirewallRules: [{47CDCFC2-340B-409C-9E5C-3FB58C2C3A99}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
FirewallRules: [{99BA92CB-FDCB-4C15-833A-B4E523B126BE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
FirewallRules: [{FE22ECBC-7C52-4F40-B13E-25C9F12C03E4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{FD709078-1B85-4CFD-B1BC-940B77CCC3AC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{61BD8E7B-A3A8-4B40-9199-07F1FE184CB8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{3911DF4A-B92E-4BB1-9654-4F8A9A265E8E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{5FDC5C22-3E17-4049-83CF-F08D1C5A0DE3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{B0FA0069-EB23-42A4-A54A-6DFF50EC2658}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{136AF0E7-92ED-4065-A9A9-5B0FA321295F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{A84A80B7-97BD-4A52-9EAD-1AD6CC291733}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{898305C2-C141-46CF-B243-76EC64101FB6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{B3F0102E-7738-4D0C-A2BF-28A70ED6D288}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{AB809322-28C8-4D98-B1E0-C55CDD9BF4B0}] => (Allow) C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{380EB95D-FAED-4991-AD08-8E6140C80FCA}] => (Allow) C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C147DE96-6530-4559-B72A-D00E4847E41B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{A2CD6FE1-0B17-4E2C-AA28-D01A6FAE0ECB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [TCP Query User{C45C3788-1A25-4A4C-B649-6AE00FBE213D}C:\program files (x86)\perfect world entertainment\neverwinter_en\neverwinter\live\gameclient.exe] => (Allow) C:\program files (x86)\perfect world entertainment\neverwinter_en\neverwinter\live\gameclient.exe
FirewallRules: [UDP Query User{D7C17D38-C57B-46D7-B7A8-CB4C3B4BBEAD}C:\program files (x86)\perfect world entertainment\neverwinter_en\neverwinter\live\gameclient.exe] => (Allow) C:\program files (x86)\perfect world entertainment\neverwinter_en\neverwinter\live\gameclient.exe
FirewallRules: [{7A38CBE6-3442-4A55-B935-A35D9B35639B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{7A7189AF-335E-463C-89E9-999E52026B09}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{8C945D22-6032-4766-B8EE-B1C6C0F46646}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{D9BD7E79-C94C-414A-9979-066EEAB22B7B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{E40EDAE4-29E4-422D-9521-06080BBA7DBF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{78423102-35C7-4687-842B-455123CE1906}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{9064E515-B07A-4047-876E-0ED5581E7679}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{CC0D982B-5261-43F1-96B0-AD25CA079179}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{A4AA2F80-B8CB-43D3-A639-A81930A5D056}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{3829F6A6-CA63-4497-887C-F45D28EBD456}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{DBA9E026-159B-4106-BFD7-8B3C35077C12}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{5357FC93-C3F0-4855-A5FB-3F96398B4C3B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{697F5509-61BD-4DDB-8BB8-AFEDA2C1FA06}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3322\Agent.exe
FirewallRules: [{0596A679-FBC4-460E-9518-6116EC13C178}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3322\Agent.exe
FirewallRules: [{90E6BB20-2F0F-44EC-B3D1-DECC467D67E4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{560604C4-4F68-4A5B-8144-215431CA5B9C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{8FFC9AE8-663D-4D9F-B703-3BB338DF133A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3332\Agent.exe
FirewallRules: [{8B4FB32A-2707-47F1-91E7-FBFCDB7AAD80}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3332\Agent.exe
FirewallRules: [{9E0C8216-C27A-49EF-B96C-D14B21A5F47E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{F1CE83F8-DF2F-4E32-8D9D-FEB67CBFD1B1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{7E57F9CB-5768-492D-93D4-E5A6013FA61A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{C9AFC06D-B405-4E81-9F83-0FA8F66810B8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{EC91E15A-36B5-4709-A3B1-01D20FC0B948}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{35130EE6-CCC9-40DA-93B6-B6B21EA2BC8A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{BA86E476-83D8-41BC-BD95-432CC24FFAA9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{B94D99AB-E582-42DC-808E-41E3710236A0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{B8B61C15-095E-4446-AA4D-8A75EA56E67A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{99348AE7-6B99-40C6-B2ED-ED1297CF4C5E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{42DE06E1-3B3D-487E-9F42-4BF911FF842B}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{D745A2F4-2E5A-40CB-8EAD-13E7BD85B36B}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{CBC7E1B7-B357-407B-8C51-368818B3AF86}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{D8911FB4-1822-489A-8894-AFD1E63C4693}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [TCP Query User{16726D6E-0E8B-4151-BA67-9FD54181635D}C:\program files (x86)\heroes of the storm\versions\base32524\heroesofthestorm.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base32524\heroesofthestorm.exe
FirewallRules: [UDP Query User{7DB1C05C-A855-4808-9E36-E47397D1A5EC}C:\program files (x86)\heroes of the storm\versions\base32524\heroesofthestorm.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base32524\heroesofthestorm.exe
FirewallRules: [{3BEFCF7B-6A0E-4758-9A3B-BC8CEC828D40}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{79AD1898-E8C8-484A-BBC7-3DFA5C00F1DB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{7DEF7A5B-9C92-48A3-BD10-45217633E504}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{17691639-F4F1-4755-9A29-C3E2BE4A8B45}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{94020F3A-4D35-4CE4-AE70-EA63184A1429}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{0BBE3299-41A7-4571-964A-064E791CFD32}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{6E78BF73-0680-4CDA-BBC0-F159CEC1AD0D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{A67D0B76-0B2F-4E75-B7B2-FC6F5EB070D5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{DA951943-B8FB-4A91-AE06-F9B0240F2FE7}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{E9E5C1D6-B830-48C4-8E0E-460C50755698}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{48A995B1-CB5A-41C6-8D89-0823AEC0BB7F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{D825DDBE-426F-40FA-8622-E570454E5994}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{C8B614BF-3135-46EF-8D5A-07166C4A85E7}C:\gog games\neverwinter nights diamond edition (spanish)\nwmain.exe] => (Allow) C:\gog games\neverwinter nights diamond edition (spanish)\nwmain.exe
FirewallRules: [UDP Query User{8B330802-D1A1-4DC7-971A-818D442A5B55}C:\gog games\neverwinter nights diamond edition (spanish)\nwmain.exe] => (Allow) C:\gog games\neverwinter nights diamond edition (spanish)\nwmain.exe
FirewallRules: [TCP Query User{6F00DE87-D5E0-491D-B951-D5B7D59B7F4E}C:\gog games\the witcher 2 enhanced edition\bin\witcher2.exe] => (Allow) C:\gog games\the witcher 2 enhanced edition\bin\witcher2.exe
FirewallRules: [UDP Query User{38407EC6-A5AC-4FF0-B700-4D51ECAC4A85}C:\gog games\the witcher 2 enhanced edition\bin\witcher2.exe] => (Allow) C:\gog games\the witcher 2 enhanced edition\bin\witcher2.exe
FirewallRules: [TCP Query User{F08D0121-A828-430C-983C-6F0B5CE005D9}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [UDP Query User{1C23C2D3-304A-4D6C-994D-D4CC5702BFCA}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [TCP Query User{D28C1A22-96D8-4180-A4CB-C48689D9D521}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [UDP Query User{B111CFF0-C910-4DA3-9F53-4B0BEA898CDF}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [{65F149AA-3D8F-46DE-8406-49127A2F5402}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{76186B28-ADB0-47F8-81F6-9A446B787EBB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{62F13B18-7261-4DFB-8D78-9242CC398E34}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{97C15E75-1E31-45AE-A2BA-7F5C48B95FC6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [TCP Query User{02D8ADB9-CC28-44B4-A35A-52D2A47C97A8}C:\users\hp\documents\w3+frozen.t. por nagato\war3.exe] => (Allow) C:\users\hp\documents\w3+frozen.t. por nagato\war3.exe
FirewallRules: [UDP Query User{40625060-A019-47E5-94EC-4728915E73E2}C:\users\hp\documents\w3+frozen.t. por nagato\war3.exe] => (Allow) C:\users\hp\documents\w3+frozen.t. por nagato\war3.exe
FirewallRules: [TCP Query User{06710599-612E-48C0-BC7C-2C2B70542131}C:\users\hp\documents\age of empires ii + the conquerors [portable]\age2_x1\age2_x1.exe] => (Allow) C:\users\hp\documents\age of empires ii + the conquerors [portable]\age2_x1\age2_x1.exe
FirewallRules: [UDP Query User{9E1B110A-4F68-4EA9-ACFF-3588643386FC}C:\users\hp\documents\age of empires ii + the conquerors [portable]\age2_x1\age2_x1.exe] => (Allow) C:\users\hp\documents\age of empires ii + the conquerors [portable]\age2_x1\age2_x1.exe
FirewallRules: [TCP Query User{907B0E32-6733-4D80-9A08-72EF6E691683}C:\users\hp\documents\starcraftnbw 1.16.1\starcraft.exe] => (Allow) C:\users\hp\documents\starcraftnbw 1.16.1\starcraft.exe
FirewallRules: [UDP Query User{109B034B-DE33-4A5A-A69A-6FEC132F1D5B}C:\users\hp\documents\starcraftnbw 1.16.1\starcraft.exe] => (Allow) C:\users\hp\documents\starcraftnbw 1.16.1\starcraft.exe
FirewallRules: [TCP Query User{42DD95EB-BE74-4128-8538-10E64FA3B9B3}C:\users\hp\documents\heroes of might and magic iii complete\heroes3.exe] => (Allow) C:\users\hp\documents\heroes of might and magic iii complete\heroes3.exe
FirewallRules: [UDP Query User{55894DBE-5105-466A-86C7-EFC69788365C}C:\users\hp\documents\heroes of might and magic iii complete\heroes3.exe] => (Allow) C:\users\hp\documents\heroes of might and magic iii complete\heroes3.exe
FirewallRules: [{5504C2B6-9BD0-498F-8F7C-BA51F28F8AFB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{F998374C-FCF6-4F60-9C7C-828B5FC72C0C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{F6F53DFF-8AA3-4132-8968-C8B505505FC5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{44BA11AC-A499-4FB4-B9B9-0008124451A3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{0A491078-E895-4D6A-BE6F-F677DBF94527}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\PublicLauncher.exe
FirewallRules: [{DABA4BA7-B662-431E-9A94-60F8C48BB67C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\PublicLauncher.exe
FirewallRules: [{AC429ACB-7314-40EB-A355-C772A950DAEB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\MQELDiagnostics.exe
FirewallRules: [{1ACA8470-D33C-4CDC-AF99-61808E23BBD6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\MQELDiagnostics.exe
FirewallRules: [{D48B1299-3E3A-46AC-A820-14F4EED2966B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{EA3048D4-ED10-40BB-AF8D-FEADCE71E1F1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [TCP Query User{53D3BA0A-B11C-4026-A8F6-2BB63F26CBBB}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{488A8BE7-19A9-41E0-BD68-BAC08275A94E}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{7C5435CF-9D7E-434A-894D-9BAD46223682}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{81031DC3-2C0C-4454-BD96-0DB0FF7BAF6B}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{8554505D-2F99-45E2-940C-589990551AD0}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{0CE64F8D-8FB9-4FF6-8F26-7954FE2DB38D}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{B28BC642-0E23-42EE-985C-4BBE31FCDD99}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{32AEB617-34AB-411E-925F-2BB10104977E}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{D57EF243-7A9B-4312-A264-A5035ECF694A}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{B6D7B3A9-387A-4183-8F0C-E609A30CD846}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{9D6E17AB-4A22-48E6-A09A-94FF8B4A53A9}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{83DBFA0A-58E4-437F-BC3F-30C8A4AD875E}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{7D570762-2AF0-43D9-8131-ADFE07E2336F}C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{D82D8FD5-45A1-455C-AAE2-B4EC29A85834}C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{3E1330AA-1029-47F4-9132-33AA384A326A}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{489D7DA2-85DF-46CD-97F1-3CA8348CB75A}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [{DD4E63B9-56D4-46C3-8DE3-A63A6F07489A}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\TERA-Launcher.exe
FirewallRules: [{EE5AEE0B-BB63-4977-966D-ED901954C8C5}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\TERA-Launcher.exe
FirewallRules: [{D848EB29-A0FF-47F6-BEA2-DDDA4827C100}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\TL.exe
FirewallRules: [{A62590AF-6915-497E-B130-2C10F7DAAB33}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\TL.exe
FirewallRules: [{A65CF001-616D-4C6C-9570-2F8151C350C8}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\Binaries\TERA.exe
FirewallRules: [{2C1B8331-E488-4DAF-9AE5-C7727374E3C7}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\Binaries\TERA.exe
FirewallRules: [TCP Query User{19BE6BB0-BC4E-4BC9-BFD2-6ABBFE7BC5C7}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{FB97265F-12AA-427B-B9AD-CFA5E1FBA2F9}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{B7A9AD1C-C9F5-48B9-846D-6F366C0C590B}C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{8859562B-521C-45F5-8280-7823EAB387A8}C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{7B022ED9-0867-4138-977F-85EB5AADDAEA}C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{1CDFA61D-DAAD-4716-92DD-E73AB5539C4F}C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{661DA8C4-E948-44D4-B302-1DA6FBD8E90A}C:\users\hp\documents\smite_portable\gamedata\hirezgames\smite levelup latam\binaries\win32\smite.exe] => (Allow) C:\users\hp\documents\smite_portable\gamedata\hirezgames\smite levelup latam\binaries\win32\smite.exe
FirewallRules: [UDP Query User{CDBAC6D8-03B6-46A9-89D8-81F490F141B8}C:\users\hp\documents\smite_portable\gamedata\hirezgames\smite levelup latam\binaries\win32\smite.exe] => (Allow) C:\users\hp\documents\smite_portable\gamedata\hirezgames\smite levelup latam\binaries\win32\smite.exe
FirewallRules: [{4AA575AE-8952-44AD-88F4-89FC0EFD8110}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{97F5601D-EC89-4A13-90FF-CC664600854E}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{CF9C790F-6079-4FE0-9765-85FD0E7A9B58}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{829F1080-95C9-4B95-AC0E-94EB79EE554F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{C064DAE4-C8A3-4402-AD78-B59959BCC3F7}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{B9F32730-362D-40EC-BA70-43FA5258ACF4}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{3ABF9AF2-28CB-4844-B804-432F8EB2C9FB}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{B7261F32-C301-442E-BE80-140B900C81AA}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{C3C6CAEE-E700-4F5D-8FAE-84A125547F35}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
Name: Dispositivo periférico Bluetooth
Description: Dispositivo periférico Bluetooth
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/23/2015 01:10:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_DiagTrack, versión: 6.1.7600.16385, marca de tiempo: 0x4a5bc3c1
Nombre del módulo con errores: diagtrack.dll, versión: 10.0.10033.0, marca de tiempo: 0x555fe434
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000075ec8
Id. del proceso con errores: 0x1538
Hora de inicio de la aplicación con errores: 0xsvchost.exe_DiagTrack0
Ruta de acceso de la aplicación con errores: svchost.exe_DiagTrack1
Ruta de acceso del módulo con errores: svchost.exe_DiagTrack2
Id. del informe: svchost.exe_DiagTrack3
 
Error: (12/23/2015 01:09:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_DiagTrack, versión: 6.1.7600.16385, marca de tiempo: 0x4a5bc3c1
Nombre del módulo con errores: diagtrack.dll, versión: 10.0.10033.0, marca de tiempo: 0x555fe434
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000075ec8
Id. del proceso con errores: 0x153c
Hora de inicio de la aplicación con errores: 0xsvchost.exe_DiagTrack0
Ruta de acceso de la aplicación con errores: svchost.exe_DiagTrack1
Ruta de acceso del módulo con errores: svchost.exe_DiagTrack2
Id. del informe: svchost.exe_DiagTrack3
 
Error: (12/23/2015 01:08:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/23/2015 01:06:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_DiagTrack, versión: 6.1.7600.16385, marca de tiempo: 0x4a5bc3c1
Nombre del módulo con errores: diagtrack.dll, versión: 10.0.10033.0, marca de tiempo: 0x555fe434
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000075ec8
Id. del proceso con errores: 0xb64
Hora de inicio de la aplicación con errores: 0xsvchost.exe_DiagTrack0
Ruta de acceso de la aplicación con errores: svchost.exe_DiagTrack1
Ruta de acceso del módulo con errores: svchost.exe_DiagTrack2
Id. del informe: svchost.exe_DiagTrack3
 
Error: (12/22/2015 01:12:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_DiagTrack, versión: 6.1.7600.16385, marca de tiempo: 0x4a5bc3c1
Nombre del módulo con errores: diagtrack.dll, versión: 10.0.10033.0, marca de tiempo: 0x555fe434
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000075ec8
Id. del proceso con errores: 0x1580
Hora de inicio de la aplicación con errores: 0xsvchost.exe_DiagTrack0
Ruta de acceso de la aplicación con errores: svchost.exe_DiagTrack1
Ruta de acceso del módulo con errores: svchost.exe_DiagTrack2
Id. del informe: svchost.exe_DiagTrack3
 
Error: (12/22/2015 01:12:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_DiagTrack, versión: 6.1.7600.16385, marca de tiempo: 0x4a5bc3c1
Nombre del módulo con errores: diagtrack.dll, versión: 10.0.10033.0, marca de tiempo: 0x555fe434
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000075ec8
Id. del proceso con errores: 0x1e9c
Hora de inicio de la aplicación con errores: 0xsvchost.exe_DiagTrack0
Ruta de acceso de la aplicación con errores: svchost.exe_DiagTrack1
Ruta de acceso del módulo con errores: svchost.exe_DiagTrack2
Id. del informe: svchost.exe_DiagTrack3
 
Error: (12/22/2015 01:11:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/22/2015 01:07:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_DiagTrack, versión: 6.1.7600.16385, marca de tiempo: 0x4a5bc3c1
Nombre del módulo con errores: diagtrack.dll, versión: 10.0.10033.0, marca de tiempo: 0x555fe434
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000075ec8
Id. del proceso con errores: 0xf90
Hora de inicio de la aplicación con errores: 0xsvchost.exe_DiagTrack0
Ruta de acceso de la aplicación con errores: svchost.exe_DiagTrack1
Ruta de acceso del módulo con errores: svchost.exe_DiagTrack2
Id. del informe: svchost.exe_DiagTrack3
 
Error: (12/22/2015 01:01:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_DiagTrack, versión: 6.1.7600.16385, marca de tiempo: 0x4a5bc3c1
Nombre del módulo con errores: diagtrack.dll, versión: 10.0.10033.0, marca de tiempo: 0x555fe434
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000075ec8
Id. del proceso con errores: 0x880
Hora de inicio de la aplicación con errores: 0xsvchost.exe_DiagTrack0
Ruta de acceso de la aplicación con errores: svchost.exe_DiagTrack1
Ruta de acceso del módulo con errores: svchost.exe_DiagTrack2
Id. del informe: svchost.exe_DiagTrack3
 
Error: (12/22/2015 01:00:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_DiagTrack, versión: 6.1.7600.16385, marca de tiempo: 0x4a5bc3c1
Nombre del módulo con errores: diagtrack.dll, versión: 10.0.10033.0, marca de tiempo: 0x555fe434
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000075ec8
Id. del proceso con errores: 0x1b90
Hora de inicio de la aplicación con errores: 0xsvchost.exe_DiagTrack0
Ruta de acceso de la aplicación con errores: svchost.exe_DiagTrack1
Ruta de acceso del módulo con errores: svchost.exe_DiagTrack2
Id. del informe: svchost.exe_DiagTrack3
 
 
System errors:
=============
Error: (12/23/2015 01:12:49 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: El servicio VAIO Care Performance Service no respondió después de iniciar.
 
Error: (12/23/2015 01:11:40 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Se generó la siguiente alerta irrecuperable: 10. El estado del error interno es 10.
 
Error: (12/23/2015 01:11:40 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Se generó la siguiente alerta irrecuperable: 10. El estado del error interno es 10.
 
Error: (12/23/2015 01:10:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Diagnostics Tracking Service se terminó de manera inesperada. Esto ha sucedido 3 veces.
 
Error: (12/23/2015 01:09:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Diagnostics Tracking Service terminó inesperadamente. Esto se ha repetido 2 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.
 
Error: (12/23/2015 01:08:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Diagnostics Tracking Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.
 
Error: (12/23/2015 01:06:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Hi-Rez Studios Authenticate and Update Service no pudo iniciarse debido al siguiente error: 
%%1053
 
Error: (12/23/2015 01:06:44 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Hi-Rez Studios Authenticate and Update Service.
 
Error: (12/23/2015 01:06:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Banda Ancha Movil. OUC no pudo iniciarse debido al siguiente error: 
%%1053
 
Error: (12/23/2015 01:06:11 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Banda Ancha Movil. OUC.
 
 
CodeIntegrity:
===================================
  Date: 2015-08-05 18:54:08.507
  Description: Windows no puede comprobar la integridad del archivo \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe porque se revocó el certificado de firma. Compruebe con el editor si hay disponible una nueva versión firmada del módulo de kernel.
 
  Date: 2015-08-05 18:54:08.402
  Description: Windows no puede comprobar la integridad del archivo \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe porque se revocó el certificado de firma. Compruebe con el editor si hay disponible una nueva versión firmada del módulo de kernel.
 
  Date: 2015-08-05 18:54:08.301
  Description: Windows no puede comprobar la integridad del archivo \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe porque se revocó el certificado de firma. Compruebe con el editor si hay disponible una nueva versión firmada del módulo de kernel.
 
  Date: 2015-08-05 18:54:08.219
  Description: Windows no puede comprobar la integridad del archivo \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe porque se revocó el certificado de firma. Compruebe con el editor si hay disponible una nueva versión firmada del módulo de kernel.
 
  Date: 2015-08-05 18:54:07.995
  Description: Windows no puede comprobar la integridad del archivo \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe porque se revocó el certificado de firma. Compruebe con el editor si hay disponible una nueva versión firmada del módulo de kernel.
 
  Date: 2015-08-05 18:54:07.891
  Description: Windows no puede comprobar la integridad del archivo \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe porque se revocó el certificado de firma. Compruebe con el editor si hay disponible una nueva versión firmada del módulo de kernel.
 
  Date: 2015-08-05 18:54:07.787
  Description: Windows no puede comprobar la integridad del archivo \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe porque se revocó el certificado de firma. Compruebe con el editor si hay disponible una nueva versión firmada del módulo de kernel.
 
  Date: 2015-08-05 18:54:07.699
  Description: Windows no puede comprobar la integridad del archivo \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe porque se revocó el certificado de firma. Compruebe con el editor si hay disponible una nueva versión firmada del módulo de kernel.
 
  Date: 2015-08-05 18:54:07.525
  Description: Windows no puede comprobar la integridad del archivo \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe porque se revocó el certificado de firma. Compruebe con el editor si hay disponible una nueva versión firmada del módulo de kernel.
 
  Date: 2015-08-05 18:54:07.399
  Description: Windows no puede comprobar la integridad del archivo \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe porque se revocó el certificado de firma. Compruebe con el editor si hay disponible una nueva versión firmada del módulo de kernel.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 70%
Total physical RAM: 4077.86 MB
Available physical RAM: 1196.42 MB
Total Virtual: 8153.93 MB
Available Virtual: 4621.92 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:455.24 GB) (Free:25.71 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 015A2088)
Partition 1: (Not Active) - (Size=10.4 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=455.2 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

 


  • 0

Advertisements


#2
DonnaB

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 7,501 posts
Hi Khronolupus,

Welcome to GeeksToGo! :)

I regret to have to tell you that you are the victim of the newest version of TeslaCrypt. :) You can read more about how you became infected by this dastardly threat here. At this time there is no way to decrypt the files, unless of course you pay the ransom, which is currently between $300-$500 USD's (or more) which I would not suggest you do since you would only be encouraging the developers to continue creating ransomeware. In my opinion, that would be no different than supporting terrorism against the innocent.

You can clean the mess this had made to your computer but the files, at this time, can not be decrypted. That is the chances you take when you choose to share files and access shady sites. Personally, if this were me, I would transfer the encrypted files to a safe place then reformat.

Let me know what you choose to do.

Donna :)
  • 0

#3
Khronolupus

Khronolupus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

but what i did (using avg and malwarebyte) can stop this malware? or my unaffected files gonna be encrypted too?

 

i dont like the idea of reformat, i didnt lose anything important (i always get those files backed), but i'll do it if there's no other way to stop this thing from encrypt my files :c


  • 0

#4
DonnaB

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 7,501 posts
Could you post the logs for AVG and malwarebytes for me to look at please? I would like to see what was removed.

TeslaCrypt is not the only infection on your computer. There is also an indication of a backdoor trojan by the name of Fleercivet. This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. AVG and malwarebytes might have removed some of the infection but there are still malicious files on your system that were not removed.

Can this effect your unaffected files? Possibly, if the infection is still active and as long as it is on your system the trojan is still active. Because Fleercivet is a back door trojan it is best to disconnect the computer from the internet because the backdoor is still open and more malware can be downloaded onto your system. Once a backdoor is open the initial infection can be cleansed but you can not guarantee the system is secure. That is why reformatting is the best answer.
  • 0

#5
Khronolupus

Khronolupus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

Ok, i'll reformat then.

 

Is there an easy way to do it? I got a Windows 7 home premium, service pack 1, original, 64bits.

 

Don't know how to get the logs form avg/malwarebytes :/

 

Edit: i attached some logs from malwarebytes, i think.

Attached Files


Edited by Khronolupus, 24 December 2015 - 12:06 AM.

  • 0

#6
DonnaB

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 7,501 posts
Hi Khronolupus,

Sorry for the delay. The Christmas holiday came upon me fast. santa.gif

I am going to link you to a tutorial that explains how to preform a clean install.

Windows 7: Clean Install Windows 7

I have spoken with one of our expert computer technicians and he said he would be more than happy to answer any questions you have if you would like to start a topic in the Windows Vista and Windows 7 section of the forum. Please include a link to this topic.

If you would like, I would be more than happy to help you once the reformat is complete by introducing some programs that could possibly prevent this from happening in the future, but I must say that using utorrent and visiting file sharing sites is more than likely how the infection found it's way onto your computer. Safe surfing habits is the best preventative measures you can take to avoid such a travesty.

I'll keep this topic open in case you do want to return for further guidance, and also keep an eye out for the topic you start in the computer help section of GeeksToGo so I can follow your progress.

Good luck and Happy Holidays to you.

Donna santa.gif
  • 1

#7
Khronolupus

Khronolupus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

Hello DonnaB, i already reformat my computer. Would you like to recommend me some programs for protection?


  • 0

#8
DonnaB

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 7,501 posts
Hi Khronolupus,

I certainly would at that! :)

Please reply to phillpower2's last question in your other topic.

Let's get some diagnostic logs. I would like to check for any outdated software, bloatware you may want to uninstall, etc, etc...

Please download Farbar Recovery Scan Tool and save it to your desktop. <<< Very Important!

Note: You will need to download the 64-bit version.
  • Make sure that FRST is on the desktop.
  • Right click and choose Run as administrator. When the tool opens click Yes to disclaimer.
  • Make sure all the options are checked under Whitelist.
  • Make sure the box to the left of Addition.txt is checked.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates a second log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
In your next reply, please post the following logs:

FRST.txt
Addition.txt


Thank you,
Donna :)
  • 1

#9
Khronolupus

Khronolupus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-12-2015
Ran by Roberto (administrator) on ROBERTO-VAIO (27-12-2015 20:16:24)
Running from C:\Users\Roberto\Desktop
Loaded Profiles: Roberto (Available Profiles: Roberto)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.1.0.37\ccSvcHst.exe
() C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.1.0.37\ccSvcHst.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-08] (Conexant Systems, Inc.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [788640 2011-02-24] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-02-24] (Atheros Commnucations)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [1875048 2011-02-11] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2284328 2011-02-15] (Synaptics Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D821223A-BAA2-407F-A707-FD526C9C168F}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKU\S-1-5-21-3373465647-1595986680-2991297842-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://sony.msn.com
HKU\S-1-5-21-3373465647-1595986680-2991297842-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony.msn.com
HKU\S-1-5-21-3373465647-1595986680-2991297842-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.sony-latin.com/vaiohome
HKU\S-1-5-21-3373465647-1595986680-2991297842-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.sony-latin.com/vaiohome
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3373465647-1595986680-2991297842-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3373465647-1595986680-2991297842-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2015-12-27] (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15] (Adobe Systems Incorporated)
BHO-x32: Symantec NCO BHO -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\18.1.0.37\coIEPlg.dll [2010-08-13] (Symantec Corporation)
BHO-x32: Symantec Intrusion Prevention -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\18.1.0.37\IPSBHO.DLL [2010-06-13] (Symantec Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-02-24] (Atheros Commnucations)
BHO-x32: Aplicación auxiliar de inicio de sesión de Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01] (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2015-12-27] (Sun Microsystems, Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.1.0.37\coIEPlg.dll [2010-08-13] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-3373465647-1595986680-2991297842-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)
 
FireFox:
========
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2015-12-27] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2015-12-27] ()
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2015-12-27] (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [2010-04-01] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2011-03-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2011-03-01] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-27] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn
FF Extension: Norton IPS - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn [2015-12-27] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn [2015-12-27] [not signed]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.searchqu.com/415
CHR StartupUrls: Default -> "hxxp://www.searchqu.com/415"
CHR Profile: C:\Users\Roberto\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Presentaciones de Google) - C:\Users\Roberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-27]
CHR Extension: (Google Docs) - C:\Users\Roberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-27]
CHR Extension: (Google Drive) - C:\Users\Roberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-27]
CHR Extension: (YouTube) - C:\Users\Roberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-27]
CHR Extension: (Búsqueda de Google) - C:\Users\Roberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-27]
CHR Extension: (Hojas de cálculo de Google) - C:\Users\Roberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-27]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Roberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-27]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Roberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-27]
CHR Extension: (Gmail) - C:\Users\Roberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-27]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-02-24] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [73376 2011-02-24] (Atheros Commnucations) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1817088 2011-03-28] (Realsil Microelectronics Inc.) [File not signed]
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\18.1.0.37\ccSvcHst.exe [126904 2010-07-23] (Symantec Corporation)
R2 Oasis2Service; C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe [46080 2010-03-25] () [File not signed]
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
S3 VUAgent; C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [1021112 2011-03-30] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20100810.004\BHDrvx64.sys [945200 2010-08-08] (Symantec Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-12-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [157520 2015-12-27] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20100706.002\IDSVia64.sys [463408 2010-06-27] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20151226.019\ENG64.SYS [138488 2015-12-27] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20151226.019\EX64.SYS [2148080 2015-12-27] (Symantec Corporation)
R3 SRTSP; C:\Windows\system32\drivers\NISx64\1201000.025\SRTSP64.SYS [715824 2010-07-28] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1201000.025\SRTSPX64.SYS [40496 2010-07-28] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1201000.025\SYMDS64.SYS [450096 2010-06-13] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1201000.025\SYMEFA64.SYS [821808 2010-07-28] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [174640 2015-12-27] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1201000.025\Ironx64.SYS [168496 2010-06-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NISx64\1201000.025\SYMNETS.SYS [381488 2010-07-12] (Symantec Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-12-27 20:16 - 2015-12-27 20:16 - 00018428 _____ C:\Users\Roberto\Desktop\FRST.txt
2015-12-27 20:15 - 2015-12-27 20:16 - 00000000 ____D C:\FRST
2015-12-27 20:15 - 2015-12-27 20:15 - 02370560 _____ (Farbar) C:\Users\Roberto\Desktop\FRST64.exe
2015-12-27 20:04 - 2015-12-27 20:04 - 00000000 ___RD C:\Users\Roberto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-12-27 19:35 - 2015-12-27 18:39 - 00000000 ____D C:\ProgramData\Atheros
2015-12-27 19:34 - 2015-12-27 19:34 - 00000035 _____ C:\ProgramData\AtherosServiceConfig.ini
2015-12-27 19:31 - 2015-12-27 19:31 - 00002197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Smart Network.lnk
2015-12-27 19:29 - 2015-12-27 19:29 - 00002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2015-12-27 19:29 - 2015-12-27 19:29 - 00001458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2015-12-27 19:29 - 2015-12-27 19:29 - 00001374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2015-12-27 19:29 - 2015-12-27 19:29 - 00001305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2015-12-27 19:29 - 2015-12-27 19:29 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-12-27 19:29 - 2015-12-27 19:29 - 00000000 ____D C:\Windows\PCHEALTH
2015-12-27 19:29 - 2015-12-27 19:29 - 00000000 ____D C:\Windows\es
2015-12-27 19:29 - 2015-12-27 19:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-27 19:29 - 2015-12-27 19:29 - 00000000 ____D C:\Program Files\Windows Live
2015-12-27 19:29 - 2015-12-27 19:29 - 00000000 ____D C:\Program Files (x86)\Windows Live
2015-12-27 19:29 - 2009-09-04 19:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2015-12-27 19:29 - 2009-09-04 19:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2015-12-27 19:29 - 2006-11-29 15:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-12-27 19:29 - 2006-11-29 15:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-12-27 19:28 - 2015-12-27 19:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-27 19:26 - 2015-12-27 19:26 - 00131072 _____ C:\Windows\ocsetup_install_OEMHelpCustomization.etl
2015-12-27 19:26 - 2015-12-27 19:26 - 00028728 _____ C:\Windows\ocsetup_cbs_install_OEMHelpCustomization.txt
2015-12-27 19:26 - 2015-12-27 19:26 - 00002027 _____ C:\Users\Public\Desktop\Microsoft Office 2010.lnk
2015-12-27 19:24 - 2015-12-27 19:24 - 00002017 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care.lnk
2015-12-27 19:24 - 2015-12-27 19:24 - 00000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
2015-12-27 19:22 - 2015-12-27 19:22 - 00174640 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2015-12-27 19:22 - 2015-12-27 19:22 - 00007440 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2015-12-27 19:22 - 2015-12-27 19:22 - 00002561 _____ C:\Users\Public\Desktop\Norton Internet Security.lnk
2015-12-27 19:22 - 2015-12-27 19:22 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2015-12-27 19:22 - 2015-12-27 19:22 - 00000000 ____D C:\Windows\system32\Drivers\NISx64
2015-12-27 19:22 - 2015-12-27 19:22 - 00000000 ____D C:\Program Files\Symantec
2015-12-27 19:22 - 2015-12-27 19:22 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2015-12-27 19:22 - 2015-12-27 19:22 - 00000000 ____D C:\Program Files (x86)\Norton Internet Security
2015-12-27 19:22 - 2015-12-27 17:39 - 00000000 ____D C:\ProgramData\Norton
2015-12-27 19:21 - 2015-12-27 19:21 - 00000000 ____D C:\ProgramData\NortonInstaller
2015-12-27 19:21 - 2015-12-27 19:21 - 00000000 ____D C:\Program Files (x86)\NortonInstaller
2015-12-27 19:16 - 2015-12-27 19:16 - 00001275 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Transfer.lnk
2015-12-27 19:16 - 2015-12-27 19:16 - 00000000 ____D C:\VAIO Sample Contents
2015-12-27 19:15 - 2015-12-27 19:15 - 00002072 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Gate.lnk
2015-12-27 19:14 - 2015-12-27 19:14 - 00001852 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Easy Connect.lnk
2015-12-27 19:13 - 2015-12-27 19:13 - 00002269 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Data Restore Tool.lnk
2015-12-27 19:11 - 2012-02-17 02:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2015-12-27 19:11 - 2012-02-17 01:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2015-12-27 19:11 - 2012-02-17 00:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-12-27 19:11 - 2012-02-17 00:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2015-12-27 19:11 - 2009-09-04 19:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-12-27 19:11 - 2009-09-04 19:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2015-12-27 19:11 - 2009-09-04 19:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-12-27 19:11 - 2009-09-04 19:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2015-12-27 19:09 - 2015-12-27 19:11 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayStation Herramientas
2015-12-27 19:09 - 2015-12-27 19:09 - 00001189 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Keyboard.lnk
2015-12-27 19:09 - 2015-12-27 19:09 - 00000000 ___HD C:\SPLASH.000
2015-12-27 19:08 - 2015-12-27 19:08 - 00000000 ___HD C:\SPLASH.SYS
2015-12-27 19:08 - 2015-12-27 19:08 - 00000000 ____D C:\Program Files (x86)\Downloaded Installations
2015-12-27 18:58 - 2015-12-27 18:58 - 00001123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMB.lnk
2015-12-27 18:58 - 2015-12-27 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMB
2015-12-27 18:58 - 2015-12-27 18:58 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2015-12-27 18:58 - 2007-07-19 20:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-12-27 18:58 - 2006-03-31 14:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-12-27 18:58 - 2006-03-31 14:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-12-27 18:56 - 2015-12-27 18:56 - 00001303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Gallery.lnk
2015-12-27 18:56 - 2010-06-02 06:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-12-27 18:56 - 2010-06-02 06:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-12-27 18:56 - 2010-06-02 06:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-12-27 18:56 - 2010-06-02 06:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-12-27 18:56 - 2010-06-02 06:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-12-27 18:56 - 2010-06-02 06:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-12-27 18:56 - 2010-05-26 13:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-12-27 18:56 - 2010-05-26 13:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-12-27 18:56 - 2010-05-26 13:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-12-27 18:56 - 2010-05-26 13:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2015-12-27 18:56 - 2010-05-26 13:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-12-27 18:56 - 2010-05-26 13:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-12-27 18:56 - 2010-05-26 13:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-12-27 18:56 - 2010-05-26 13:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2015-12-27 18:56 - 2010-05-26 13:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-12-27 18:56 - 2010-05-26 13:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-12-27 18:53 - 2009-05-26 16:32 - 00019968 _____ (ArcSoft, Inc.) C:\Windows\system32\Drivers\ArcSoftKsUFilter.sys
2015-12-27 18:53 - 2008-09-04 19:06 - 00055808 _____ (ArcSoft, Inc.) C:\Windows\system\ArcSoftKsUFilter.dll
2015-12-27 18:53 - 2005-04-27 18:36 - 00245408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unicows.dll
2015-12-27 18:53 - 2003-03-19 00:14 - 00499712 ____R (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2015-12-27 18:53 - 2003-02-21 06:42 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2015-12-27 18:53 - 1995-07-31 15:44 - 00212480 _____ (Eastman Kodak) C:\Windows\SysWOW64\PCDLIB32.DLL
2015-12-27 18:51 - 2015-12-27 18:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Webcam Suite
2015-12-27 18:51 - 2015-12-27 18:53 - 00000000 ____D C:\Program Files (x86)\ArcSoft
2015-12-27 18:51 - 2015-12-27 18:51 - 00000000 ____D C:\ProgramData\ArcSoft
2015-12-27 18:47 - 2015-12-27 18:47 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-12-27 18:47 - 2015-12-27 18:47 - 00000000 ____D C:\ProgramData\Adobe
2015-12-27 18:47 - 2015-12-27 18:47 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-12-27 18:46 - 2015-12-27 18:46 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2015-12-27 18:44 - 2015-12-27 18:44 - 00001155 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2015-12-27 18:44 - 2015-12-27 17:41 - 00000000 ____D C:\Windows\System32\Tasks\SONY
2015-12-27 18:43 - 2015-12-27 18:43 - 00001995 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Manual.lnk
2015-12-27 18:43 - 2015-12-27 18:43 - 00000000 ____D C:\Documentation
2015-12-27 18:43 - 2015-12-27 18:43 - 00000000 ____D C:\_FS_SWRINFO
2015-12-27 18:41 - 2015-12-27 18:41 - 00001531 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Control Center.lnk
2015-12-27 18:37 - 2015-12-27 18:37 - 00000000 ____D C:\Nobu_Icon
2015-12-27 18:37 - 2015-12-27 18:18 - 00000000 ____D C:\Program Files\Microsoft Office
2015-12-27 18:37 - 2010-06-23 17:58 - 00000193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Online Backup Trial.url
2015-12-27 18:36 - 2015-12-27 18:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-12-27 18:34 - 2015-12-27 19:26 - 00000000 ____D C:\Windows\Sonysys
2015-12-27 18:33 - 2015-12-27 18:33 - 00000000 ____D C:\ProgramData\Riot Games
2015-12-27 18:32 - 2015-12-27 18:32 - 00521448 _____ (Sun Microsystems, Inc.) C:\Windows\system32\deployJava1.dll
2015-12-27 18:32 - 2015-12-27 18:32 - 00472808 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\deployJava1.dll
2015-12-27 18:32 - 2015-12-27 18:32 - 00189216 _____ (Sun Microsystems, Inc.) C:\Windows\system32\javaws.exe
2015-12-27 18:32 - 2015-12-27 18:32 - 00171808 _____ (Sun Microsystems, Inc.) C:\Windows\system32\javaw.exe
2015-12-27 18:32 - 2015-12-27 18:32 - 00171808 _____ (Sun Microsystems, Inc.) C:\Windows\system32\java.exe
2015-12-27 18:32 - 2015-12-27 18:32 - 00153376 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaws.exe
2015-12-27 18:32 - 2015-12-27 18:32 - 00145184 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaw.exe
2015-12-27 18:32 - 2015-12-27 18:32 - 00145184 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\java.exe
2015-12-27 18:32 - 2015-12-27 18:32 - 00001613 _____ C:\Users\Public\Desktop\League of Legends.lnk
2015-12-27 18:32 - 2015-12-27 18:32 - 00000000 ____D C:\Riot Games
2015-12-27 18:32 - 2015-12-27 18:32 - 00000000 ____D C:\ProgramData\Sun
2015-12-27 18:32 - 2015-12-27 18:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2015-12-27 18:32 - 2015-12-27 18:32 - 00000000 ____D C:\Program Files\Java
2015-12-27 18:32 - 2015-12-27 18:32 - 00000000 ____D C:\Program Files (x86)\Java
2015-12-27 18:32 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-12-27 18:32 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-12-27 18:32 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-12-27 18:32 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-12-27 18:32 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-12-27 18:30 - 2015-12-27 18:55 - 00000000 ____D C:\Program Files\Common Files\Sony Shared
2015-12-27 18:28 - 2015-12-27 19:16 - 00000000 ____D C:\Program Files (x86)\Sony
2015-12-27 18:28 - 2015-12-27 17:43 - 00000000 ____D C:\Windows\System32\Tasks\Sony Corporation
2015-12-27 18:27 - 2015-12-27 18:27 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2015-12-27 18:27 - 2015-12-27 18:27 - 00000000 ____D C:\Program Files\Synaptics
2015-12-27 18:25 - 2015-12-27 18:25 - 00000000 ____D C:\Windows\SysWOW64\sda
2015-12-27 18:25 - 2015-12-27 18:25 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-12-27 18:25 - 2011-03-28 03:48 - 09888360 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtsPStorIcon.dll
2015-12-27 18:25 - 2011-03-28 03:48 - 00333928 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsPStor.sys
2015-12-27 18:23 - 2011-02-14 02:15 - 00008192 _____ C:\Windows\system32\Drivers\IntelMEFWVer.dll
2015-12-27 18:21 - 2015-12-27 20:02 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-27 18:21 - 2015-12-27 18:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-12-27 18:21 - 2015-12-27 18:21 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-12-27 18:20 - 2015-12-27 18:21 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-12-27 18:20 - 2015-12-27 18:21 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-12-27 18:20 - 2011-03-11 05:25 - 01359976 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco642040.dll
2015-12-27 18:20 - 2011-03-11 05:25 - 00172648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-12-27 18:20 - 2011-03-11 05:25 - 00029288 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-12-27 18:20 - 2011-03-11 05:24 - 07715944 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-12-27 18:20 - 2011-03-11 05:24 - 05639784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-12-27 18:20 - 2011-03-11 05:23 - 20457064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-12-27 18:20 - 2011-03-11 05:21 - 15039080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-12-27 18:20 - 2011-03-11 05:20 - 13061224 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-12-27 18:20 - 2011-03-11 05:19 - 01359976 _____ (NVIDIA Corporation) C:\Windows\system32\nvgenco642040.dll
2015-12-27 18:20 - 2011-03-11 05:19 - 00007621 _____ C:\Windows\system32\nvinfo.pb
2015-12-27 18:20 - 2011-03-11 05:18 - 12839528 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-12-27 18:20 - 2011-03-11 05:18 - 01614440 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco642090.dll
2015-12-27 18:20 - 2011-03-11 05:17 - 10059368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-12-27 18:20 - 2011-03-11 05:16 - 02954856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-12-27 18:20 - 2011-03-11 05:15 - 03182184 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-12-27 18:20 - 2011-03-11 05:15 - 02871400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2015-12-27 18:20 - 2011-03-11 05:15 - 02579560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2015-12-27 18:20 - 2011-03-11 05:14 - 06597736 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-12-27 18:20 - 2011-03-11 05:14 - 04936808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-12-27 18:20 - 2011-03-11 05:13 - 13011560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-12-27 18:20 - 2011-03-11 05:12 - 18580072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-12-27 18:20 - 2011-03-11 05:10 - 02206824 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-12-27 18:20 - 2011-03-11 05:10 - 01969768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-12-27 18:20 - 2011-03-11 05:10 - 00067176 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-12-27 18:20 - 2011-03-11 05:10 - 00057960 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-12-27 18:20 - 2011-03-11 05:10 - 00011240 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvBridge.kmd
2015-12-27 18:19 - 2015-12-27 18:32 - 00000000 ____D C:\Users\Roberto\AppData\Roaming\Riot Games
2015-12-27 18:19 - 2015-12-27 18:19 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2015-12-27 18:18 - 2015-12-27 18:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2015-12-27 18:17 - 2015-12-27 18:18 - 27874912 _____ (Riot Games) C:\Users\Roberto\Desktop\LeagueofLegends_LA2_Installer_9_15_2014.exe
2015-12-27 18:17 - 2015-12-27 18:17 - 00000000 ____D C:\Users\Roberto\AppData\Local\Microsoft Help
2015-12-27 18:16 - 2015-12-27 18:16 - 00000000 __RHD C:\MSOCache
2015-12-27 18:16 - 2015-12-27 18:16 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_btath_hcrp_01009.Wdf
2015-12-27 18:15 - 2015-12-27 18:15 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program
2015-12-27 18:15 - 2015-12-27 18:15 - 00000000 ____D C:\Program Files (x86)\Bluetooth Suite
2015-12-27 18:13 - 2015-12-27 18:13 - 00000000 ____D C:\Program Files\CONEXANT
2015-12-27 18:11 - 2015-12-27 19:31 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-12-27 18:11 - 2015-12-27 18:11 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-12-27 18:10 - 2015-12-27 18:23 - 00000000 ____D C:\Program Files (x86)\Intel
2015-12-27 18:10 - 2015-12-27 18:10 - 00000000 ____D C:\Intel
2015-12-27 18:10 - 2011-02-11 03:32 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2015-12-27 18:04 - 2015-12-27 19:29 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-12-27 18:04 - 2015-12-27 18:04 - 00000000 __HDC C:\ProgramData\{122DEDD6-6836-4B5F-BC64-5B214DA18102}
2015-12-27 18:04 - 2015-12-27 18:04 - 00000000 ____D C:\ProgramData\DDNi
2015-12-27 18:04 - 2015-12-27 18:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2015-12-27 18:04 - 2015-12-27 18:04 - 00000000 ____D C:\Program Files (x86)\DDNi
2015-12-27 18:03 - 2015-12-27 17:40 - 00000000 ____D C:\ProgramData\Sony Corporation
2015-12-27 18:01 - 2015-12-27 18:01 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-12-27 18:01 - 2015-12-27 18:01 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-12-27 17:58 - 2015-12-27 20:04 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-27 17:58 - 2015-12-27 20:03 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-27 17:58 - 2015-12-27 19:34 - 00000000 ____D C:\Program Files\Sony
2015-12-27 17:58 - 2015-12-27 19:29 - 00000000 ____D C:\Users\Roberto\AppData\Local\Google
2015-12-27 17:58 - 2015-12-27 17:58 - 00004098 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-27 17:58 - 2015-12-27 17:58 - 00003846 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-27 17:58 - 2015-12-27 17:58 - 00002257 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-27 17:58 - 2015-12-27 17:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-27 17:58 - 2015-12-27 17:58 - 00000000 ____D C:\Program Files (x86)\Google
2015-12-27 17:56 - 2015-12-27 20:07 - 00744986 _____ C:\Windows\system32\perfh00A.dat
2015-12-27 17:56 - 2015-12-27 20:07 - 00157454 _____ C:\Windows\system32\perfc00A.dat
2015-12-27 17:56 - 2015-12-27 17:57 - 00000000 ____D C:\Users\Roberto\AppData\Local\Deployment
2015-12-27 17:56 - 2015-12-27 17:56 - 00341432 _____ C:\Windows\system32\perfi00A.dat
2015-12-27 17:56 - 2015-12-27 17:56 - 00041390 _____ C:\Windows\system32\perfd00A.dat
2015-12-27 17:56 - 2015-12-27 17:56 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2015-12-27 17:56 - 2015-12-27 17:56 - 00000000 ____D C:\Windows\SysWOW64\winrm
2015-12-27 17:56 - 2015-12-27 17:56 - 00000000 ____D C:\Windows\SysWOW64\WCN
2015-12-27 17:56 - 2015-12-27 17:56 - 00000000 ____D C:\Windows\SysWOW64\sysprep
2015-12-27 17:56 - 2015-12-27 17:56 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2015-12-27 17:56 - 2015-12-27 17:56 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2015-12-27 17:56 - 2015-12-27 17:56 - 00000000 ____D C:\Windows\SysWOW64\es
2015-12-27 17:56 - 2015-12-27 17:56 - 00000000 ____D C:\Windows\SysWOW64\0C0A
2015-12-27 17:56 - 2015-12-27 17:56 - 00000000 ____D C:\Windows\system32\winrm
2015-12-27 17:56 - 2015-12-27 17:56 - 00000000 ____D C:\Windows\system32\WCN
2015-12-27 17:56 - 2015-12-27 17:56 - 00000000 ____D C:\Windows\system32\slmgr
2015-12-27 17:56 - 2015-12-27 17:56 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2015-12-27 17:56 - 2015-12-27 17:56 - 00000000 ____D C:\Windows\system32\es
2015-12-27 17:56 - 2015-12-27 17:56 - 00000000 ____D C:\Windows\system32\0C0A
2015-12-27 17:56 - 2015-12-27 17:56 - 00000000 ____D C:\Users\Roberto\AppData\Roaming\Adobe
2015-12-27 17:56 - 2015-12-27 17:56 - 00000000 ____D C:\Users\Roberto\AppData\Local\Apps\2.0
2015-12-27 17:43 - 2015-12-27 20:04 - 00004002 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{84E62790-FC46-4FAA-AB82-1E92A599B354}
2015-12-27 17:43 - 2015-12-27 17:43 - 00000000 ____D C:\Users\Roberto\Documents\Bluetooth Folder
2015-12-27 17:43 - 2015-12-27 17:43 - 00000000 ____D C:\Users\Roberto\AppData\Roaming\Intel Corporation
2015-12-27 17:43 - 2015-12-27 17:43 - 00000000 ____D C:\Users\Roberto\AppData\Local\BMExplorer
2015-12-27 17:42 - 2015-12-27 17:42 - 00001397 _____ C:\Users\Roberto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-12-27 17:42 - 2015-12-27 17:42 - 00000000 ____D C:\Users\Roberto\AppData\Roaming\Atheros
2015-12-27 17:41 - 2015-12-27 17:42 - 00001431 _____ C:\Users\Roberto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-12-27 17:41 - 2015-12-27 17:41 - 00000000 ___RH C:\Windows\SysWOW64\Drivers\104D_Sony_VPCEG15FL.mrk
2015-12-27 17:41 - 2015-12-27 17:41 - 00000000 ___RH C:\Windows\system32\Drivers\104D_Sony_VPCEG15FL.mrk
2015-12-27 17:41 - 2015-12-27 17:41 - 00000000 ____D C:\Users\Roberto\AppData\Local\VirtualStore
2015-12-27 17:41 - 2014-05-14 12:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-27 17:41 - 2014-05-14 12:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-27 17:41 - 2014-05-14 12:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-27 17:41 - 2014-05-14 12:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-27 17:40 - 2014-05-14 12:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-27 17:40 - 2014-05-14 12:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-27 17:40 - 2014-05-14 12:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-27 17:40 - 2014-05-14 12:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-27 17:40 - 2014-05-14 12:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-27 17:40 - 2014-05-14 12:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-27 17:40 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-27 17:40 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-27 17:40 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-27 17:40 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-27 17:39 - 2015-12-27 20:04 - 00093792 _____ C:\Users\Roberto\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-27 17:39 - 2015-12-27 17:43 - 00000000 ____D C:\Users\Roberto\AppData\Roaming\Sony Corporation
2015-12-27 17:39 - 2015-12-27 17:41 - 00000000 ____D C:\Users\Roberto
2015-12-27 17:39 - 2015-12-27 17:39 - 00000020 ___SH C:\Users\Roberto\ntuser.ini
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Users\Roberto\Reciente
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Users\Roberto\Plantillas
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Users\Roberto\Mis documentos
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Users\Roberto\Menú Inicio
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Users\Roberto\Impresoras
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Users\Roberto\Entorno de red
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Users\Roberto\Documents\Mis vídeos
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Users\Roberto\Documents\Mis imágenes
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Users\Roberto\Documents\Mi música
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Users\Roberto\Datos de programa
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Users\Roberto\Configuración local
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Users\Roberto\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Users\Roberto\AppData\Local\Historial
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Users\Roberto\AppData\Local\Datos de programa
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Users\Roberto\AppData\Local\Archivos temporales de Internet
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Users\Public\Documents\Mis vídeos
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Users\Public\Documents\Mis imágenes
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Users\Public\Documents\Mi música
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Users\Default\Reciente
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Users\Default\Plantillas
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Users\Default\Mis documentos
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Users\Default\Menú Inicio
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Users\Default\Impresoras
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Users\Default\Entorno de red
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Users\Default\Documents\Mis vídeos
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Users\Default\Documents\Mis imágenes
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Users\Default\Documents\Mi música
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Users\Default\Datos de programa
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Users\Default\Configuración local
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Users\Default\AppData\Local\Historial
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Users\Default\AppData\Local\Datos de programa
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Users\Default\AppData\Local\Archivos temporales de Internet
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Users\Default User\Documents\Mis vídeos
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Users\Default User\Documents\Mis imágenes
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Users\Default User\Documents\Mi música
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Historial
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Datos de programa
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Archivos temporales de Internet
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\ProgramData\Plantillas
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\ProgramData\Menú Inicio
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\ProgramData\Favoritos
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\ProgramData\Escritorio
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\ProgramData\Documentos
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\ProgramData\Datos de programa
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Program Files\Archivos comunes
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 _SHDL C:\Archivos de programa
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 ____D C:\Windows\SysWOW64\VAIO Startup Setting Tool
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 ____D C:\Windows\System32\Tasks\Symantec
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 ____D C:\Windows\pss
2015-12-27 17:39 - 2015-12-27 17:39 - 00000000 ____D C:\Users\Public\Symantec
2015-12-27 17:39 - 2011-03-14 22:36 - 00000000 ____D C:\Users\Roberto\AppData\Roaming\Media Center Programs
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-12-27 20:16 - 2009-07-13 23:20 - 00000000 ____D C:\Windows
2015-12-27 20:10 - 2009-07-14 00:45 - 00020992 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-27 20:10 - 2009-07-14 00:45 - 00020992 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-27 20:07 - 2009-07-14 01:13 - 01669262 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-27 20:07 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\inf
2015-12-27 20:02 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-27 20:02 - 2009-07-14 00:45 - 00370312 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-27 19:35 - 2011-02-10 18:48 - 00000000 ____D C:\Windows\Panther
2015-12-27 19:35 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\sysprep
2015-12-27 19:26 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\Help
2015-12-27 19:09 - 2010-11-18 14:03 - 00000087 ____H C:\splash.idx
2015-12-27 18:53 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system
2015-12-27 18:43 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\Resources
2015-12-27 18:39 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\oobe
2015-12-27 18:39 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\oobe
2015-12-27 18:34 - 2011-02-10 18:52 - 00000012 _____ C:\Windows\csup.txt
2015-12-27 18:19 - 2009-07-13 23:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-12-27 18:18 - 2011-03-14 22:36 - 00000000 ____D C:\Windows\ShellNew
2015-12-27 18:15 - 2011-02-24 17:55 - 00246804 _____ C:\Windows\system32\Drivers\AtherosBt.bin
2015-12-27 18:08 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\Globalization
2015-12-27 18:07 - 2011-02-10 19:03 - 01635394 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-12-27 18:01 - 2009-07-14 01:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-12-27 17:57 - 2009-07-14 01:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2015-12-27 17:56 - 2011-03-14 22:36 - 00000000 ____D C:\Program Files\Windows Journal
2015-12-27 17:56 - 2009-07-14 01:37 - 00000000 ____D C:\Windows\DigitalLocker
2015-12-27 17:56 - 2009-07-14 01:32 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2015-12-27 17:56 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2015-12-27 17:56 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-12-27 17:56 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files\Windows Defender
2015-12-27 17:56 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-12-27 17:56 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2015-12-27 17:56 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2015-12-27 17:56 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-12-27 17:56 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\Setup
2015-12-27 17:56 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\MUI
2015-12-27 17:56 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2015-12-27 17:56 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2015-12-27 17:56 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\com
2015-12-27 17:56 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\Setup
2015-12-27 17:56 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\MUI
2015-12-27 17:56 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\migwiz
2015-12-27 17:56 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\Dism
2015-12-27 17:56 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\com
2015-12-27 17:56 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\servicing
2015-12-27 17:56 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-12-27 17:56 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\IME
2015-12-27 17:56 - 2009-07-13 23:20 - 00000000 ____D C:\Program Files\Common Files\System
2015-12-27 17:39 - 2009-07-13 23:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-12-27 17:39 - 2009-07-13 23:20 - 00000000 ____D C:\Program Files\Windows NT
2015-12-27 17:38 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
 
==================== Files in the root of some directories =======
 
2015-12-27 19:34 - 2015-12-27 19:34 - 0000035 _____ () C:\ProgramData\AtherosServiceConfig.ini
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2011-02-10 18:52
 
==================== End of FRST.txt ============================
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-12-2015
Ran by Roberto (2015-12-27 20:17:07)
Running from C:\Users\Roberto\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2015-12-27 21:39:10)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrador (S-1-5-21-3373465647-1595986680-2991297842-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-3373465647-1595986680-2991297842-1002 - Limited - Enabled)
Invitado (S-1-5-21-3373465647-1595986680-2991297842-501 - Limited - Disabled)
Roberto (S-1-5-21-3373465647-1595986680-2991297842-1001 - Administrator - Enabled) => C:\Users\Roberto
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton Internet Security (Disabled - Up to date) {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Norton Internet Security (Enabled) {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{E5D03B2E-B2D4-477F-A60D-8E1969D821FA}) (Version: 10.2.152.26 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM-x32\...\{E6725026-A650-449C-897B-D6B7A5EEA058}) (Version: 10.2.152.26 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.142 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.392 - ArcSoft)
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.90 - Atheros Communications)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.0.53 - Conexant)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Java™ 6 Update 22 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416022FF}) (Version: 6.0.220 - Oracle)
Java™ 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.220 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Manual de VAIO (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 2.0.0.02250 - Sony Corporation)
Media Gallery (Version: 1.5.0.16020 - Your Company Name) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 18.1.0.37 - Symantec Corporation)
NVIDIA Controlador de 3D Vision 267.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 267.43 - NVIDIA Corporation)
NVIDIA Controlador de audio HD 1.2.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.18.0 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 267.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.43 - NVIDIA Corporation)
NVIDIA nView 135.68 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 135.68 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
Oasis2Service 1.0 (HKLM-x32\...\{E50FC5DB-7CBD-407D-A46E-0C13E45BC386}) (Version: 1.0.0 - DDNi)
OOBE (HKLM-x32\...\{18894D16-5448-4BF9-A128-F7E937322F91}) (Version: 11.2.1.10 - Sony Corporation)
Panel de control de NVIDIA 267.43 (Version: 267.43 - NVIDIA Corporation) Hidden
Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN (HKLM\...\Microsoft .NET Framework 4 Client Profile ESN Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Paquete de idioma de Microsoft .NET Framework 4 Extended ESN (HKLM\...\Microsoft .NET Framework 4 Extended ESN Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.5.02.12220 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.5.00.02250 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.5.00.04010 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.5.00.02250 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.5.00.04060 - Sony Corporation) Hidden
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.74 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.1.1.03020 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (x32 Version: 1.1.0.15070 - Sony Corporation) Hidden
Sony Corporation (Version: 1.0.0 - Default Company Name) Hidden
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.9.0 - Synaptics Incorporated)
Transferencias VAIO (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.4.0.14230 - Sony Corporation)
VAIO - Media Gallery (HKLM-x32\...\{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}) (Version: 1.5.0.16020 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}) (Version: 1.5.00.02250 - Sony Corporation)
VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}) (Version: 1.5.00.04060 - Sony Corporation)
VAIO - Teclado a distancia (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.0.1.03020 - Sony Corporation)
VAIO - Uso a distancia con PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.1.0.15070 - Sony Corporation)
VAIO Care (HKLM-x32\...\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}) (Version: 6.4.0.15030 - Sony Corporation)
VAIO Care (x32 Version: 6.4.0.15030 - Sony Corporation) Hidden
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.5.0.03040 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.6.0.13140 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.6.0.13140 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.0.0.03050 - Sony Corporation)
VAIO Event Service (HKLM-x32\...\{73D8886A-D416-4687-B609-0D3836BA410C}) (Version: 5.5.0.03040 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.3.0.11090 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.4.0.03240 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.2.0.14280 - Sony Corporation) Hidden
VAIO Help and Support (HKLM-x32\...\{F5248E24-F52C-4FD1-B76F-102460BAFD6B}) (Version: 14.00.0125 - Sony Corporation)
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 1.0.0.14150 - Sony Corporation)
VAIO Messenger (HKLM-x32\...\VAIO Messenger) (Version: 2.0.118.0 - DDNi)
VAIO Messenger (x32 Version: 2.0.118.0 - DDNi) Hidden
VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.5.5 - Sony Corporation)
VAIO Quick Web Access (x32 Version: 1.4.5.5 - Sony Corporation) Hidden
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.0.09010 - Sony Corporation)
VAIO Satisfaction Survey. (HKLM-x32\...\VAIO Satisfaction Survey.3.0) (Version: 3.0 - Sony Electronics Inc.)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.5.0.02280 - Sony Corporation)
VAIO Update (HKLM-x32\...\{5BEE8F1F-BD32-4553-8107-500439E43BD7}) (Version: 5.4.0.15300 - Sony Corporation)
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VESx64 (Version: 1.0.0 - Sony Corporation) Hidden
VESx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {2730805D-8BB5-45EB-B7B3-ECD63ED3FD9A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-27] (Google Inc.)
Task: {41159064-A024-4203-A200-F2FF72A2F053} - System32\Tasks\Symantec\Norton Error Analyzer 18.1.0.37 => C:\Program Files (x86)\Norton Internet Security\Engine\18.1.0.37\SymErr.exe [2010-08-16] (Symantec Corporation)
Task: {53B18112-12EA-4478-8CF9-04ED43BCFCE8} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update 5 => C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe [2011-03-30] (Sony Corporation)
Task: {5B8592D1-F1A4-4638-81E9-B192A13241E2} - System32\Tasks\Sony\OOBEReminder => C:\Program Files\Sony\OOBE\OOBEReminder.exe [2011-03-24] (Sony Electronics Inc.)
Task: {631FD947-B294-4A0A-A630-4053C933A934} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient
Task: {68C2822C-3940-4533-A565-884F6D266596} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCOneClick.exe [2011-02-16] (Sony Corporation)
Task: {69D74C79-2866-4ED6-B732-D4DA17EE4B2D} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-02-15] (Sony Corporation)
Task: {6CB94603-61AD-4054-A345-C33606C468C6} - System32\Tasks\SONY\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2010-11-16] (Sony Corporation)
Task: {7B4BBB38-36CD-4039-8012-60E52C19C657} - System32\Tasks\Sony\VAIO Survey => C:\Program Files (x86)\Sony\VAIO Survey\VSScheduler.exe [2010-12-09] (Sony Electronics Inc.)
Task: {9A29BB3A-E3D9-497B-BFC0-F3AA9EDB0412} - System32\Tasks\SONY\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2010-11-16] (Sony Corporation)
Task: {B6CCDEFE-1D7B-46EA-91B8-75E7D5BD1101} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2011-02-16] (Sony Corporation)
Task: {BEBFE261-DBA5-4B37-81A5-E310AA7F4DA5} - System32\Tasks\Sony\OOBESendInfo => C:\Program Files\Sony\OOBE\OOBESendInfo.exe [2011-03-24] ()
Task: {C5F0072B-89A5-40BA-AE7E-FCC5D5E109E1} - System32\Tasks\Symantec\Norton Error Processor 18.1.0.37 => C:\Program Files (x86)\Norton Internet Security\Engine\18.1.0.37\SymErr.exe [2010-08-16] (Symantec Corporation)
Task: {E31F14DA-4977-4742-BE97-884C1C7C2FC1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-27] (Google Inc.)
Task: {EEA7D2B3-E23D-4452-A1BD-6BE427AD9983} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementRegister => -autostart
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2010-03-25 21:07 - 2010-03-25 21:07 - 00046080 _____ () C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
2015-12-27 19:24 - 2011-02-25 19:14 - 00297472 _____ () C:\Program Files\Sony\VAIO Care\CRM\ManagedVAIORecoveryMedia.dll
2015-12-27 19:24 - 2011-02-25 19:14 - 00192000 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIORecovery.dll
2015-12-27 19:24 - 2011-02-25 19:14 - 00070656 _____ () C:\Program Files\Sony\VAIO Care\CRM\Logging.dll
2015-12-27 19:24 - 2011-02-25 19:14 - 00063488 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOCommon.dll
2015-12-27 19:24 - 2011-02-25 19:14 - 00215040 _____ () C:\Program Files\Sony\VAIO Care\CRM\OsServices.dll
2015-12-27 19:24 - 2011-02-25 19:14 - 00043008 _____ () C:\Program Files\Sony\VAIO Care\CRM\PluginFactory.dll
2015-12-27 19:24 - 2011-02-25 19:14 - 00260608 _____ () C:\Program Files\Sony\VAIO Care\CRM\RecoveryPartitionManager.dll
2015-12-27 19:24 - 2011-02-25 19:14 - 00043520 _____ () C:\Program Files\Sony\VAIO Care\CRM\XMLTools.dll
2015-12-27 19:24 - 2011-02-25 19:14 - 00059904 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOInstallAppsDrivers.dll
2015-12-27 19:24 - 2011-02-25 19:14 - 00157696 _____ () C:\Program Files\Sony\VAIO Care\CRM\InstallDB.dll
2015-12-27 19:24 - 2011-02-25 19:14 - 00138752 _____ () C:\Program Files\Sony\VAIO Care\CRM\InstallationTools.dll
2015-12-27 19:24 - 2011-02-25 19:14 - 00025600 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOUtility.dll
2010-03-25 21:07 - 2010-03-25 21:07 - 00046592 _____ () C:\Program Files (x86)\DDNi\Oasis2Service 1.0\DdniCore.dll
2010-03-25 21:07 - 2010-03-25 21:07 - 00032256 _____ () C:\Program Files (x86)\DDNi\Oasis2Service 1.0\AspUpdate.dll
2015-12-27 18:42 - 2011-03-05 18:42 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2015-12-27 18:11 - 2015-12-27 18:11 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\0d288350c26a4fac94c8e1f2ee3e945c\IsdiInterop.ni.dll
2015-12-27 18:11 - 2010-11-06 01:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2015-12-27 17:58 - 2015-12-10 23:54 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
2015-12-27 17:58 - 2015-12-10 23:54 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3373465647-1595986680-2991297842-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Roberto\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{4743BC8D-B049-4B18-AE28-F8DB2F43A065}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{CE5CEC24-E503-4A45-A720-1D353D41428F}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{FC9E4435-B4F3-4397-9DA9-16B0DB1EABB7}] => (Allow) C:\Program Files\Sony\VAIO Care\SelfHealUpdate.exe
FirewallRules: [{8C1A36E0-E750-4666-9033-C3A4DE851BFC}] => (Allow) C:\Program Files\Sony\VAIO Care\SelfHealUpdate.exe
FirewallRules: [{09C3F60F-B43A-401F-9E87-C333E4B37D94}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOCareMain.exe
FirewallRules: [{5DD26454-4DE2-4B48-B5EA-D0B628392A4A}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOCareMain.exe
FirewallRules: [{7FA3CA38-F5F6-47C8-AB85-4567EB0563EC}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{E6242DC2-C919-4C1D-A8B9-746FD129DEEB}] => (Allow) LPort=2869
FirewallRules: [{575ECF8E-1C20-4726-B2D5-77F5DF7DC33A}] => (Allow) LPort=1900
FirewallRules: [{715EB299-D662-4C37-8A03-0E258EB14902}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{341D1DC6-E0C5-4627-B1C9-3220DB6E3D6E}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{7DE149AF-B47C-46A8-9062-DB1075F07A26}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
27-12-2015 17:40:31 Windows Update
27-12-2015 18:16:16 Installed Microsoft Office Home and Student 2010
27-12-2015 18:24:18 Configured Microsoft Office Home and Student 2010
27-12-2015 18:29:47 Instalado Microsoft Visual C++ 2005 Redistributable
27-12-2015 18:30:08 Instalado League of Legends
27-12-2015 18:31:56 Instalado Microsoft Visual C++ 2005 Redistributable (x64)
27-12-2015 18:32:14 Instalado League of Legends
27-12-2015 18:32:37 Se ha instalado DirectX
27-12-2015 19:11:15 Windows Update
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/27/2015 08:03:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/27/2015 06:30:24 PM) (Source: MsiInstaller) (EventID: 10005) (User: Roberto-VAIO)
Description: Producto: League of Legends -- Error 4153. El requisito obligatorio Visual C++ 2005 SP1 Redistributable (x64) no se instaló correctamente.
 
Error: (12/27/2015 05:52:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download....uthrootstl.cab>con el error: Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
.
 
Error: (12/27/2015 05:42:42 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download....uthrootstl.cab>con el error: Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
.
 
Error: (12/27/2015 05:40:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download....uthrootstl.cab>con el error: Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.
.
 
Error: (12/27/2015 07:38:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 83%
Total physical RAM: 4077.86 MB
Available physical RAM: 689.16 MB
Total Virtual: 8153.92 MB
Available Virtual: 4937.71 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:455.24 GB) (Free:419.12 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 015A2088)
Partition 1: (Not Active) - (Size=10.4 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=455.2 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

 


  • 0

#10
DonnaB

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 7,501 posts
Thank you for the logs.

First, DO NOT go surfing around in cyber space till we get your system back in order. The pre-installed version of Norton Internet Security is disabled, so you are not protected properly. I assume you want to re-install AVG. Let's do that first thing.

Please read the following instructions all the way through before acting on them.

The best way to uninstall one AV and reinstall another and stay safe doing so is as follows:

Step 1:
  • Please download the Norton Removal tool from HERE to your desktop.
  • Do not install just yet! <- Very important!
Step 2:
  • Please download AVG 2016 from HERE to your desktop.
  • Do not install just yet! <- Very important!
Disconnect from the internet and follow these instructions below to uninstall Norton then install AVG:

Step 3:
  • Go to your Add/Remove programs and uninstall the following programs.
    • Java 6 Update 22 > outdated
    • Norton Internet Security
  • Install and run the Norton removal tool.
  • Install AVG.
  • Reconnect to the internet to update AVG, then run a scan.
Next:

Once that is complete, please do as follows:

Updating Windows software

My main concern is getting Internet Explorer up to date. The most recent version is IE11. You can get that update from HERE.

Next, go to Control Panel > Programs and Features > Windows Updates and click on Check for updates found to your left. Allow all updates to install. You may have to do this a few times. Keep an eye out for any updates/upgrades for Windows 10 and DO NOT install those. I have a feeling they will be offered but I didn't see any hint of them in the log above, so pay close attention as you let the updates install.

Next:

Reinstalling Java:
Now a days, your typical home computer user doesn't need Java installed, which at one time was desperately needed for websites to be displayed properly. That is no longer the case. I had uninstalled Java a few years ago and have since found no need for it, so the choice is yours if you would like to reinstall or not. If the need ever arises, you will be notified that Java is needed, at which time you could install, or you could reinstall and just disable Java till the moment arises that it is needed.

If you would like to reinstall the most recent version of Java, please do so from here. Do pay close attention as you install the new version once downloaded to prevent from accepting any unwanted software that might be included with the install. If you have the option to choose Custom Install during the installation of this or any software, please do so.

You can read more about the need for Java and how to disable it here.

Next:

Install Secunia PSI. This program will audit your system and point out software that is out of date then provide safe links for you to update the software.

There are a couple of preinstalled programs that are out of date (such as Adobe Reader/Flash).

Next:

Additional security to help prevent file encrypting ransomeware in the future. The following program will needed to be manually updated from time to time. If you insist on using utorrent or don't feel your surfing habits are safe, you may want to consider purchasing one of the version that will update itself. Could save you the heartache of lose of files and having to reformat again in the future.
  • Download CryptoPrevent free for home use here following the instructions below.
  • Save the file to your desktop from the link above and then open the program by clicking Run when prompted from your browser or by going to the desktop where the file was saved and double-clicking.
  • Accept all the defaults during the install. The last screen of the install has a checkmark in "Launch CryptoPrevent". This is good and will launch the program once you click Finish.
  • You will get a prompt asking if you purchased a Product Key for Automatic Updates. You can answer No.
  • You will then be prompted to learn more about automatic updates or if you want to purchase a key. This is up to you but you don't have to.
  • You will then be prompted to apply all default protections. Answer Yes.
  • You may get a message stating that Windows Sidebar and Desktop Gadgets are a major security vulnerability and asking you if you want to disable them. If you don't use these features, answer Yes.
  • That's it. The protection is in place.
Note: The free version doesn't provide automatic updates. Periodically, you should open up the program (there is a shortcut on your desktop now) and select the Updates! menu....and select Check for Updates to see if there are any as this infection has serious consequences.

Updates.JPG

When you are complete with the above tasks, please follow the instructions I provided in post #8 and post the 2 logs in your next reply.

If you have any questions or concerns, please don't hesitate to ask.

Need to run a couple errands. Will be back to check on you soon as possible..

Thank you,
Donna :)
  • 1

Advertisements


#11
Khronolupus

Khronolupus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

Thank you  so much for your help :D

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-12-2015
Ran by Roberto (administrator) on ROBERTO-VAIO (28-12-2015 16:38:18)
Running from C:\Users\Roberto\Desktop
Loaded Profiles: Roberto (Available Profiles: Roberto)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
() C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-09] (Conexant Systems, Inc.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [788640 2011-02-24] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-02-24] (Atheros Commnucations)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [1875048 2011-02-11] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2284328 2011-02-15] (Synaptics Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1136552 2015-11-12] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3855272 2015-12-09] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2015-09-24] (Adobe Systems Incorporated)
HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.jse <====== ATTENTION
HKLM Group Policy restriction on software: lsassw86s.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programfiles(x86)%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.js <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Appdata\Roaming\Microsoft\Windows\IEUpdate\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.jse <====== ATTENTION
HKLM Group Policy restriction on software: scsvserv.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.pif <====== ATTENTION
HKLM Group Policy restriction on software: lsassvrtdbks.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.exe <====== ATTENTION
HKLM Group Policy restriction on software: ** <====== ATTENTION
HKLM Group Policy restriction on software: cipher.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.js <====== ATTENTION
HKLM Group Policy restriction on software: syskey.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.js <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %systemdrive%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.js <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programfiles%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: vssadmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.cmd <====== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2015-12-28]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D821223A-BAA2-407F-A707-FD526C9C168F}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKU\S-1-5-21-3373465647-1595986680-2991297842-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://sony.msn.com
HKU\S-1-5-21-3373465647-1595986680-2991297842-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony.msn.com
HKU\S-1-5-21-3373465647-1595986680-2991297842-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.sony-latin.com/vaiohome
HKU\S-1-5-21-3373465647-1595986680-2991297842-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.sony-latin.com/vaiohome
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3373465647-1595986680-2991297842-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3373465647-1595986680-2991297842-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => No File
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-02-24] (Atheros Commnucations)
BHO-x32: Aplicación auxiliar de inicio de sesión de Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-02] (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll => No File
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-02] (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-3373465647-1595986680-2991297842-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-28] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-28] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [2010-04-01] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2011-03-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2011-03-01] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-27] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.searchqu.com/415
CHR StartupUrls: Default -> "hxxp://www.searchqu.com/415"
CHR Profile: C:\Users\Roberto\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Presentaciones de Google) - C:\Users\Roberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-27]
CHR Extension: (Google Docs) - C:\Users\Roberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-27]
CHR Extension: (Google Drive) - C:\Users\Roberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-27]
CHR Extension: (YouTube) - C:\Users\Roberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-27]
CHR Extension: (Búsqueda de Google) - C:\Users\Roberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-27]
CHR Extension: (Hojas de cálculo de Google) - C:\Users\Roberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-27]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Roberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-27]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Roberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-27]
CHR Extension: (Gmail) - C:\Users\Roberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-27]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-02-24] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [73376 2011-02-24] (Atheros Commnucations) [File not signed]
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [615584 2015-12-09] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3857272 2015-12-09] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1046952 2015-11-12] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [579776 2015-12-09] (AVG Technologies CZ, s.r.o.)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1817088 2011-03-28] (Realsil Microelectronics Inc.) [File not signed]
R2 Oasis2Service; C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe [46080 2010-03-25] () [File not signed]
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [188072 2015-09-23] ()
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [129168 2015-11-13] (Razer Inc.)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1572056 2015-12-01] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [839384 2015-12-01] (Secunia)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
S3 VUAgent; C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [1021112 2011-03-30] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313776 2015-11-06] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [298416 2015-08-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [256432 2015-11-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [302000 2015-10-08] (AVG Technologies CZ, s.r.o.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2015-12-01] (Secunia)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-09-22] (Razer, Inc.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-12-28 16:29 - 2015-12-28 16:29 - 00000000 ___RD C:\Users\Roberto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-12-28 16:19 - 2015-12-28 16:26 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-28 16:19 - 2015-12-28 16:19 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-12-28 15:07 - 2015-12-28 15:07 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-12-28 15:07 - 2015-12-28 15:07 - 00000000 ____D C:\Windows\system32\appraiser
2015-12-28 14:47 - 2015-01-08 20:44 - 00419936 _____ C:\Windows\SysWOW64\locale.nls
2015-12-28 14:47 - 2015-01-08 20:43 - 00419936 _____ C:\Windows\system32\locale.nls
2015-12-28 05:07 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2015-12-28 05:01 - 2015-12-28 05:01 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-28 05:01 - 2015-12-28 05:01 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-28 05:01 - 2015-12-28 05:01 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-28 05:01 - 2015-12-28 05:01 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-28 05:01 - 2015-12-28 05:01 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-28 05:01 - 2015-12-28 05:01 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-28 05:01 - 2015-12-28 05:01 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2015-12-28 05:01 - 2015-12-28 05:01 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2015-12-28 05:01 - 2015-12-28 05:01 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-28 05:01 - 2015-12-28 05:01 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-28 05:01 - 2015-12-28 05:01 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-12-28 05:01 - 2015-12-28 05:01 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2015-12-28 05:01 - 2015-12-28 05:01 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-28 05:01 - 2015-12-28 05:01 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-12-28 05:01 - 2015-12-28 05:01 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2015-12-28 05:01 - 2015-12-28 05:01 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-28 05:01 - 2015-12-28 05:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-28 05:01 - 2015-12-28 05:01 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2015-12-28 05:01 - 2015-12-28 05:01 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-12-28 05:01 - 2015-12-28 05:01 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-12-28 05:01 - 2015-12-28 05:01 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2015-12-28 05:01 - 2015-12-28 05:01 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-12-28 05:01 - 2015-12-28 05:01 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-12-28 05:01 - 2015-12-28 05:01 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2015-12-28 05:01 - 2015-12-28 05:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-12-28 05:01 - 2015-12-28 05:01 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-12-28 05:01 - 2015-12-28 05:01 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-12-28 05:01 - 2015-12-28 05:01 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-12-28 05:01 - 2015-12-28 05:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-12-28 04:57 - 2015-12-28 04:57 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-12-28 04:55 - 2015-12-28 04:55 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2015-12-28 04:55 - 2015-12-28 04:55 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2015-12-28 04:49 - 2014-07-08 23:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-12-28 04:49 - 2014-07-08 23:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-12-28 04:49 - 2014-07-08 23:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-12-28 04:49 - 2014-07-08 23:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-12-28 04:49 - 2014-07-08 23:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-12-28 04:49 - 2014-07-08 22:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2015-12-28 04:49 - 2014-07-08 22:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2015-12-28 04:49 - 2014-07-08 22:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2015-12-28 04:49 - 2014-07-08 22:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2015-12-28 04:49 - 2014-07-08 22:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2015-12-28 04:41 - 2015-12-28 04:52 - 00000000 ____D C:\Windows\system32\MRT
2015-12-28 04:41 - 2015-11-23 20:10 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-28 04:32 - 2012-07-26 00:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2015-12-28 04:32 - 2012-07-26 00:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2015-12-28 04:32 - 2012-07-26 00:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2015-12-28 04:32 - 2012-07-26 00:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2015-12-28 04:32 - 2012-07-26 00:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2015-12-28 04:32 - 2012-07-25 23:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2015-12-28 04:32 - 2012-07-25 23:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2015-12-28 04:32 - 2012-06-02 11:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2015-12-28 02:56 - 2015-12-28 02:56 - 00001256 _____ C:\Users\Public\Desktop\Razer Cortex.lnk
2015-12-28 02:55 - 2015-12-28 02:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2015-12-28 02:54 - 2015-12-28 02:54 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-28 02:53 - 2015-12-28 02:55 - 00000000 ____D C:\ProgramData\Razer
2015-12-28 02:53 - 2015-12-28 02:55 - 00000000 ____D C:\Program Files (x86)\Razer
2015-12-28 02:53 - 2015-09-22 19:36 - 00037184 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpmgrk.sys
2015-12-28 02:52 - 2015-12-28 02:52 - 00985600 _____ C:\Users\Roberto\Desktop\MicrosoftFixit50123.msi
2015-12-28 01:50 - 2014-06-30 19:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-12-28 01:50 - 2014-06-30 19:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2015-12-28 01:50 - 2014-03-09 18:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-12-28 01:50 - 2014-03-09 18:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-12-28 01:50 - 2014-03-09 18:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2015-12-28 01:50 - 2014-03-09 18:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2015-12-28 01:49 - 2014-06-06 03:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-12-28 01:49 - 2014-06-06 03:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-12-28 01:43 - 2015-01-09 00:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-12-28 01:43 - 2015-01-09 00:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-12-28 01:43 - 2015-01-09 00:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-12-28 01:43 - 2015-01-08 23:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-12-28 01:42 - 2015-05-25 15:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-12-28 01:42 - 2015-05-25 15:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-12-28 01:42 - 2015-05-25 15:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-12-28 01:42 - 2015-05-25 15:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-12-28 01:42 - 2015-05-25 15:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-12-28 01:42 - 2015-05-25 15:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-12-28 01:42 - 2015-05-25 15:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-12-28 01:42 - 2015-05-25 15:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-12-28 01:42 - 2015-05-25 15:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-12-28 01:42 - 2015-05-25 15:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-12-28 01:42 - 2015-05-25 15:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-12-28 01:42 - 2015-05-25 15:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-12-28 01:41 - 2015-02-03 00:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-12-28 01:41 - 2015-02-03 00:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-12-28 01:41 - 2015-02-03 00:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-12-28 01:41 - 2015-02-03 00:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-12-28 01:41 - 2015-02-03 00:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-12-28 01:41 - 2015-02-03 00:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-12-28 01:41 - 2015-02-03 00:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-12-28 01:41 - 2015-02-03 00:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-12-28 01:41 - 2015-02-03 00:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-12-28 01:41 - 2015-02-03 00:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-12-28 01:41 - 2015-02-03 00:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-12-28 01:41 - 2015-02-03 00:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-12-28 01:41 - 2015-02-03 00:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-12-28 01:41 - 2015-02-03 00:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-12-28 01:41 - 2015-02-03 00:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-12-28 01:41 - 2015-02-03 00:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-12-28 01:41 - 2015-02-03 00:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-12-28 01:41 - 2015-02-03 00:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-12-28 01:41 - 2015-02-03 00:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-12-28 01:41 - 2015-02-03 00:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-12-28 01:41 - 2015-02-03 00:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-12-28 01:41 - 2015-02-03 00:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-12-28 01:41 - 2015-02-03 00:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-12-28 01:41 - 2015-02-03 00:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-12-28 01:41 - 2015-02-03 00:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-12-28 01:41 - 2015-02-03 00:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-12-28 01:41 - 2015-02-03 00:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-12-28 01:41 - 2015-02-03 00:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-12-28 01:41 - 2015-02-03 00:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-12-28 01:41 - 2015-02-03 00:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-12-28 01:41 - 2015-02-03 00:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-12-28 01:41 - 2015-02-03 00:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-12-28 01:41 - 2015-02-03 00:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-12-28 01:41 - 2015-02-03 00:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-12-28 01:41 - 2015-02-03 00:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-12-28 01:41 - 2015-02-03 00:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-12-28 01:41 - 2015-02-03 00:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-12-28 01:41 - 2015-02-03 00:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-12-28 01:41 - 2015-02-03 00:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-12-28 01:41 - 2015-02-03 00:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-12-28 01:41 - 2015-02-03 00:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-12-28 01:41 - 2015-02-03 00:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-12-28 01:41 - 2015-02-03 00:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-12-28 01:41 - 2015-02-03 00:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-12-28 01:41 - 2015-02-03 00:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-12-28 01:41 - 2015-02-03 00:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-12-28 01:41 - 2015-02-03 00:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-12-28 01:41 - 2015-02-03 00:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-12-28 01:41 - 2015-02-03 00:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-12-28 01:40 - 2015-07-15 15:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-12-28 01:40 - 2015-07-15 15:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-12-28 01:40 - 2015-07-15 15:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-12-28 01:39 - 2015-11-20 15:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-28 01:39 - 2015-11-20 15:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-28 01:39 - 2015-11-20 15:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-28 01:39 - 2015-11-20 15:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-28 01:39 - 2015-11-20 15:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-28 01:39 - 2015-11-20 15:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-28 01:39 - 2015-11-20 15:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-28 01:39 - 2015-11-20 15:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-28 01:39 - 2015-11-20 15:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-28 01:39 - 2015-11-20 15:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-28 01:39 - 2015-11-20 15:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-28 01:39 - 2015-11-20 15:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-28 01:39 - 2015-11-20 15:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-28 01:39 - 2015-11-20 15:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-28 01:39 - 2015-11-20 15:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-28 01:39 - 2015-11-20 15:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-28 01:39 - 2013-10-29 23:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2015-12-28 01:39 - 2013-10-29 23:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2015-12-28 01:38 - 2015-04-18 00:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-12-28 01:38 - 2015-04-17 23:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-12-28 01:37 - 2015-11-05 16:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-28 01:37 - 2015-11-05 16:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-12-28 01:37 - 2015-08-05 14:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-12-28 01:37 - 2012-01-04 07:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2015-12-28 01:37 - 2012-01-04 05:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2015-12-28 01:36 - 2015-08-06 15:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-12-28 01:36 - 2015-08-06 15:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-12-28 01:36 - 2015-08-06 14:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-12-28 01:36 - 2015-08-06 14:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-12-28 01:36 - 2015-07-10 14:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-12-28 01:36 - 2015-07-10 14:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-12-28 01:36 - 2015-07-10 14:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-12-28 01:36 - 2015-07-10 14:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-12-28 01:36 - 2015-07-10 14:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-12-28 01:36 - 2015-07-10 14:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-12-28 01:36 - 2012-10-09 15:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2015-12-28 01:36 - 2012-10-09 15:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2015-12-28 01:36 - 2012-10-09 14:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2015-12-28 01:36 - 2012-10-09 14:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2015-12-28 01:36 - 2011-11-17 03:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2015-12-28 01:36 - 2011-11-17 02:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2015-12-28 01:35 - 2015-11-03 16:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-28 01:35 - 2015-11-03 15:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-28 01:35 - 2015-06-01 21:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-12-28 01:35 - 2015-06-01 20:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-12-28 01:35 - 2015-04-29 15:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-12-28 01:35 - 2015-04-29 15:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-12-28 01:35 - 2015-04-29 15:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-12-28 01:35 - 2015-04-29 15:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-12-28 01:35 - 2015-04-29 15:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-12-28 01:35 - 2015-04-29 15:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-12-28 01:35 - 2015-04-29 15:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-12-28 01:35 - 2015-04-29 15:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-12-28 01:35 - 2015-04-29 15:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-12-28 01:35 - 2015-04-29 15:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-12-28 01:35 - 2015-04-13 00:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-12-28 01:35 - 2014-12-11 14:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-12-28 01:35 - 2014-08-01 08:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-12-28 01:35 - 2014-08-01 08:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2015-12-28 01:35 - 2014-01-27 23:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-12-28 01:35 - 2013-03-19 02:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2015-12-28 01:35 - 2011-06-16 02:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2015-12-28 01:35 - 2011-06-16 01:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2015-12-28 01:35 - 2011-06-15 07:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2015-12-28 01:35 - 2011-06-15 07:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2015-12-28 01:35 - 2011-06-15 07:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2015-12-28 01:35 - 2011-06-15 07:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2015-12-28 01:35 - 2011-06-15 05:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2015-12-28 01:35 - 2011-06-15 05:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2015-12-28 01:35 - 2011-06-15 05:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2015-12-28 01:35 - 2011-06-15 05:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2015-12-28 01:35 - 2011-06-15 05:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2015-12-28 01:35 - 2011-05-04 02:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-12-28 01:35 - 2011-05-04 02:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-12-28 01:35 - 2011-05-04 02:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-12-28 01:35 - 2011-05-04 02:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-12-28 01:35 - 2011-05-04 02:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-12-28 01:35 - 2011-05-04 02:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2015-12-28 01:35 - 2011-05-04 02:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-12-28 01:35 - 2011-05-04 02:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-12-28 01:35 - 2011-05-04 02:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2015-12-28 01:35 - 2011-05-04 01:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-12-28 01:35 - 2011-05-04 01:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-12-28 01:35 - 2011-05-04 01:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-12-28 01:35 - 2011-05-04 01:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-12-28 01:35 - 2011-05-04 01:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2015-12-28 01:35 - 2011-05-04 01:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2015-12-28 01:35 - 2011-05-04 01:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-12-28 01:35 - 2011-05-04 01:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-12-28 01:35 - 2011-05-04 01:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2015-12-28 01:34 - 2015-07-15 00:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-12-28 01:34 - 2014-12-19 00:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-12-28 01:34 - 2010-12-23 07:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2015-12-28 01:34 - 2010-12-23 07:42 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2015-12-28 01:34 - 2010-12-23 07:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2015-12-28 01:34 - 2010-12-23 02:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2015-12-28 01:34 - 2010-12-23 02:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2015-12-28 01:34 - 2010-12-23 02:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2015-12-28 01:33 - 2015-09-18 16:22 - 00025432 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-12-28 01:33 - 2015-09-18 16:19 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-12-28 01:33 - 2015-09-18 16:19 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-12-28 01:33 - 2015-09-18 16:19 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-12-28 01:33 - 2015-09-18 16:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-12-28 01:33 - 2015-09-18 16:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-12-28 01:33 - 2015-09-18 16:09 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-12-28 01:33 - 2015-06-03 17:16 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-12-28 01:33 - 2015-06-03 17:16 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-12-28 01:32 - 2015-10-19 22:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-12-28 01:32 - 2015-10-19 22:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-12-28 01:32 - 2015-10-19 22:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-12-28 01:32 - 2015-10-19 22:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-12-28 01:32 - 2015-10-19 22:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-12-28 01:32 - 2015-10-19 22:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-12-28 01:32 - 2015-10-19 22:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-12-28 01:32 - 2015-10-19 22:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-12-28 01:32 - 2015-10-19 22:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-12-28 01:32 - 2015-10-19 22:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-12-28 01:32 - 2015-10-19 22:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-12-28 01:32 - 2015-10-19 22:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-12-28 01:32 - 2015-10-19 22:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-12-28 01:32 - 2015-10-19 22:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-12-28 01:32 - 2015-10-19 22:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-12-28 01:32 - 2015-10-19 22:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-12-28 01:32 - 2015-10-19 22:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-12-28 01:32 - 2015-10-19 22:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-12-28 01:32 - 2015-10-19 22:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-12-28 01:32 - 2015-10-19 22:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-12-28 01:32 - 2015-10-19 22:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-12-28 01:32 - 2015-10-19 22:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-12-28 01:32 - 2015-10-19 22:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-12-28 01:32 - 2015-10-19 22:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-12-28 01:32 - 2015-10-19 22:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-12-28 01:32 - 2015-10-19 22:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-12-28 01:32 - 2015-10-19 22:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-12-28 01:32 - 2015-10-19 22:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-12-28 01:32 - 2015-10-19 22:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-12-28 01:32 - 2015-10-19 22:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-12-28 01:32 - 2015-10-19 22:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-12-28 01:32 - 2015-10-19 22:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-12-28 01:32 - 2015-10-19 22:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-12-28 01:32 - 2015-10-19 21:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-12-28 01:32 - 2015-10-19 21:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-12-28 01:32 - 2015-10-19 21:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-12-28 01:32 - 2015-10-19 21:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-12-28 01:32 - 2015-10-19 21:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-12-28 01:32 - 2015-10-19 21:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-12-28 01:32 - 2015-10-19 21:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-12-28 01:32 - 2015-10-19 21:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-12-28 01:32 - 2015-10-19 21:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-12-28 01:32 - 2015-10-19 21:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-12-28 01:32 - 2015-10-19 21:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-12-28 01:32 - 2015-10-19 21:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-12-28 01:32 - 2015-10-19 21:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-12-28 01:32 - 2015-10-19 21:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-12-28 01:32 - 2015-10-19 21:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-12-28 01:32 - 2015-10-19 21:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-12-28 01:32 - 2015-10-19 21:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-12-28 01:32 - 2015-10-19 21:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-12-28 01:32 - 2015-10-19 21:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-12-28 01:32 - 2015-10-19 21:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-12-28 01:32 - 2015-10-19 21:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-12-28 01:32 - 2015-10-19 21:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-12-28 01:32 - 2015-10-19 21:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-12-28 01:32 - 2015-10-19 21:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-12-28 01:32 - 2015-10-19 21:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-12-28 01:32 - 2015-10-19 21:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-12-28 01:32 - 2015-10-19 21:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-12-28 01:32 - 2015-10-19 21:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-12-28 01:32 - 2015-10-19 21:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 21:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 20:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-12-28 01:32 - 2015-10-19 20:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-12-28 01:32 - 2015-10-19 20:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-12-28 01:32 - 2015-10-19 20:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-12-28 01:32 - 2015-10-19 20:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-12-28 01:32 - 2015-10-19 20:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 20:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 20:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-12-28 01:32 - 2015-10-19 20:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-12-28 01:32 - 2015-09-23 10:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-12-28 01:32 - 2015-09-23 10:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-12-28 01:32 - 2015-09-23 10:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-12-28 01:31 - 2015-10-01 15:06 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-12-28 01:31 - 2015-10-01 15:04 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-12-28 01:31 - 2015-10-01 15:00 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-12-28 01:31 - 2015-10-01 15:00 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-12-28 01:31 - 2015-10-01 15:00 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-12-28 01:31 - 2015-10-01 15:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-12-28 01:31 - 2015-10-01 15:00 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-12-28 01:31 - 2015-10-01 14:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-12-28 01:31 - 2015-10-01 14:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-12-28 01:31 - 2015-06-03 17:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-12-28 01:31 - 2015-06-03 17:16 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-12-28 01:31 - 2015-06-03 17:16 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-12-28 01:30 - 2015-04-27 16:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-12-28 01:30 - 2015-04-27 16:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-12-28 01:30 - 2015-04-27 16:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-12-28 01:30 - 2015-04-27 16:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-12-28 01:30 - 2015-04-27 16:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-12-28 01:30 - 2015-04-27 16:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-12-28 01:30 - 2015-04-27 16:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-12-28 01:30 - 2015-04-27 16:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-12-28 01:30 - 2013-12-03 23:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2015-12-28 01:30 - 2013-12-03 23:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2015-12-28 01:30 - 2013-12-03 23:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2015-12-28 01:30 - 2013-12-03 23:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2015-12-28 01:30 - 2013-12-03 23:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-12-28 01:30 - 2013-12-03 23:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2015-12-28 01:30 - 2013-12-03 23:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2015-12-28 01:30 - 2013-12-03 23:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2015-12-28 01:30 - 2013-12-03 23:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2015-12-28 01:30 - 2013-12-03 23:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2015-12-28 01:30 - 2013-12-03 23:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2015-12-28 01:30 - 2013-12-03 23:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2015-12-28 01:30 - 2013-12-03 23:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2015-12-28 01:30 - 2013-12-03 23:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2015-12-28 01:30 - 2013-12-03 22:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2015-12-28 01:30 - 2013-12-03 22:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2015-12-28 01:30 - 2013-12-03 22:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2015-12-28 01:30 - 2013-12-03 22:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2015-12-28 01:30 - 2012-10-03 14:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2015-12-28 01:30 - 2012-10-03 14:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-12-28 01:30 - 2012-10-03 14:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-12-28 01:30 - 2012-10-03 14:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2015-12-28 01:30 - 2012-10-03 14:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2015-12-28 01:30 - 2012-10-03 13:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2015-12-28 01:30 - 2012-10-03 13:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2015-12-28 01:30 - 2012-10-03 13:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2015-12-28 01:29 - 2014-10-13 23:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-12-28 01:28 - 2015-11-10 15:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-28 01:28 - 2015-11-10 15:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-28 01:28 - 2015-11-10 14:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-28 01:28 - 2014-06-18 19:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-12-28 01:28 - 2014-06-18 19:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-12-28 01:28 - 2014-06-18 19:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2015-12-28 01:28 - 2014-06-18 19:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-12-28 01:28 - 2014-06-18 19:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2015-12-28 01:28 - 2014-06-18 19:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-12-28 01:28 - 2013-10-03 23:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2015-12-28 01:28 - 2013-10-03 23:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2015-12-28 01:28 - 2013-10-03 23:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2015-12-28 01:28 - 2013-10-03 22:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2015-12-28 01:28 - 2013-10-03 22:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2015-12-28 01:28 - 2013-10-03 22:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-12-28 01:28 - 2013-07-25 06:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2015-12-28 01:28 - 2013-07-25 05:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2015-12-28 01:28 - 2013-07-12 07:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2015-12-28 01:28 - 2013-07-12 07:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2015-12-28 01:28 - 2013-07-03 01:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-12-28 01:28 - 2013-07-03 01:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2015-12-28 01:27 - 2015-11-11 15:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-28 01:27 - 2015-11-11 15:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-28 01:27 - 2015-11-11 15:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-28 01:27 - 2015-11-11 15:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-28 01:27 - 2015-11-05 16:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-28 01:27 - 2015-11-05 16:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-28 01:27 - 2015-11-05 06:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-28 01:27 - 2015-07-09 14:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-12-28 01:27 - 2015-07-09 14:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-12-28 01:27 - 2015-07-09 14:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-12-28 01:27 - 2015-07-09 14:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-12-28 01:27 - 2015-07-04 15:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-12-28 01:27 - 2015-07-04 14:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-12-28 01:27 - 2015-02-03 00:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-12-28 01:27 - 2015-02-03 00:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-12-28 01:27 - 2015-01-29 00:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-12-28 01:27 - 2015-01-29 00:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-12-28 01:27 - 2014-12-18 22:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-12-28 01:27 - 2014-06-17 23:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-12-28 01:27 - 2014-06-17 22:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2015-12-28 01:27 - 2014-04-04 23:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-12-28 01:27 - 2014-04-04 23:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-12-28 01:27 - 2014-01-28 23:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-12-28 01:27 - 2014-01-28 23:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-12-28 01:27 - 2013-11-26 22:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-12-28 01:27 - 2013-11-26 22:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-12-28 01:27 - 2013-11-26 22:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2015-12-28 01:27 - 2013-11-26 22:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-12-28 01:27 - 2013-11-26 22:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2015-12-28 01:27 - 2013-11-26 22:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2015-12-28 01:27 - 2013-11-26 22:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-12-28 01:27 - 2013-11-26 08:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-12-28 01:27 - 2013-10-18 23:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-12-28 01:27 - 2013-10-18 22:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2015-12-28 01:27 - 2013-08-04 23:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2015-12-28 01:27 - 2012-07-04 17:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2015-12-28 01:27 - 2012-03-01 03:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2015-12-28 01:27 - 2012-03-01 03:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2015-12-28 01:27 - 2012-03-01 02:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2015-12-28 01:27 - 2011-03-11 03:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-12-28 01:27 - 2011-03-11 03:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-12-28 01:27 - 2011-03-11 02:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2015-12-28 01:27 - 2011-03-11 02:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2015-12-28 01:26 - 2015-10-13 13:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-12-28 01:26 - 2015-10-13 13:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-12-28 01:26 - 2015-07-18 10:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-12-28 01:26 - 2015-07-18 10:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-12-28 01:26 - 2015-07-01 17:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-12-28 01:26 - 2015-07-01 17:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-12-28 01:26 - 2015-07-01 17:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-12-28 01:26 - 2015-07-01 17:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-12-28 01:26 - 2015-06-17 14:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-12-28 01:26 - 2015-06-17 14:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-12-28 01:26 - 2015-04-24 15:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-12-28 01:26 - 2015-04-24 14:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-12-28 01:26 - 2014-12-06 01:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-12-28 01:26 - 2014-12-06 00:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-12-28 01:26 - 2014-12-06 00:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-12-28 01:26 - 2014-06-06 07:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-12-28 01:26 - 2014-06-06 06:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-12-28 01:26 - 2013-06-25 19:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-12-28 01:26 - 2013-02-12 01:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-12-28 01:26 - 2012-11-28 19:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2015-12-28 01:26 - 2012-11-28 19:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2015-12-28 01:26 - 2012-11-28 19:56 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2015-12-28 01:26 - 2012-04-26 02:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2015-12-28 01:26 - 2012-04-26 02:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2015-12-28 01:26 - 2011-12-30 03:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2015-12-28 01:26 - 2011-12-30 02:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2015-12-28 01:26 - 2011-03-03 03:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-12-28 01:26 - 2011-03-03 03:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-12-28 01:26 - 2011-03-03 03:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2015-12-28 01:26 - 2011-03-03 02:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-12-28 01:26 - 2011-03-03 02:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2015-12-28 01:24 - 2015-07-22 21:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-12-28 01:24 - 2015-07-22 21:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-12-28 01:24 - 2015-07-22 21:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-12-28 01:24 - 2015-07-22 14:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-12-28 01:24 - 2015-07-22 14:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-12-28 01:24 - 2015-07-22 13:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-12-28 01:23 - 2014-07-16 23:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-12-28 01:23 - 2014-07-16 23:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-12-28 01:23 - 2014-07-16 23:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-12-28 01:23 - 2014-07-16 23:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-12-28 01:23 - 2014-07-16 22:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2015-12-28 01:23 - 2014-07-16 22:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-12-28 01:23 - 2014-07-16 22:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-12-28 01:23 - 2014-03-04 06:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-12-28 01:23 - 2014-03-04 06:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2015-12-28 01:23 - 2014-03-04 06:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2015-12-28 01:23 - 2014-03-04 06:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2015-12-28 01:23 - 2014-03-04 06:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2015-12-28 01:23 - 2014-03-04 06:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2015-12-28 01:23 - 2014-03-04 06:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-12-28 01:23 - 2014-03-04 06:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2015-12-28 01:23 - 2014-03-04 06:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2015-12-28 01:23 - 2014-03-04 06:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2015-12-28 01:23 - 2014-03-04 06:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2015-12-28 01:23 - 2014-03-04 06:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2015-12-28 01:23 - 2014-03-04 06:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2015-12-28 01:23 - 2014-03-04 06:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2015-12-28 01:22 - 2015-10-29 14:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-12-28 01:22 - 2015-10-29 14:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-12-28 01:22 - 2015-10-29 14:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-12-28 01:22 - 2015-10-29 14:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-12-28 01:22 - 2015-10-29 14:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-12-28 01:22 - 2015-10-29 14:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-12-28 01:22 - 2015-10-29 14:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-12-28 01:22 - 2015-08-27 15:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-12-28 01:22 - 2015-08-27 15:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-12-28 01:22 - 2015-08-27 15:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-12-28 01:22 - 2015-08-27 15:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-12-28 01:22 - 2015-08-27 14:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-12-28 01:22 - 2015-08-27 14:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-12-28 01:22 - 2015-08-27 14:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-12-28 01:22 - 2015-08-27 14:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-12-28 01:22 - 2014-11-11 00:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-12-28 01:22 - 2014-11-10 23:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-12-28 01:22 - 2014-07-16 22:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-12-28 01:22 - 2012-12-07 10:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2015-12-28 01:22 - 2012-12-07 10:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2015-12-28 01:22 - 2012-12-07 09:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2015-12-28 01:22 - 2012-12-07 09:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2015-12-28 01:22 - 2012-12-07 08:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2015-12-28 01:22 - 2012-12-07 08:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2015-12-28 01:22 - 2012-12-07 08:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2015-12-28 01:22 - 2012-12-07 08:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2015-12-28 01:22 - 2012-12-07 08:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2015-12-28 01:22 - 2012-12-07 08:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2015-12-28 01:22 - 2012-12-07 08:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2015-12-28 01:22 - 2012-12-07 08:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2015-12-28 01:22 - 2012-12-07 08:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2015-12-28 01:22 - 2012-12-07 08:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2015-12-28 01:22 - 2012-12-07 08:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2015-12-28 01:22 - 2012-12-07 08:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2015-12-28 01:22 - 2012-12-07 08:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2015-12-28 01:22 - 2012-12-07 08:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2015-12-28 01:22 - 2012-12-07 07:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2015-12-28 01:22 - 2012-12-07 07:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2015-12-28 01:22 - 2012-12-07 07:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2015-12-28 01:22 - 2012-12-07 07:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2015-12-28 01:22 - 2012-12-07 07:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2015-12-28 01:22 - 2012-12-07 07:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2015-12-28 01:22 - 2012-12-07 07:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2015-12-28 01:22 - 2012-12-07 07:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2015-12-28 01:22 - 2012-12-07 07:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2015-12-28 01:22 - 2012-12-07 07:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2015-12-28 01:22 - 2012-12-07 07:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2015-12-28 01:22 - 2012-12-07 07:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2015-12-28 01:22 - 2012-12-07 07:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2015-12-28 01:22 - 2012-12-07 07:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2015-12-28 01:19 - 2015-04-11 00:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-12-28 01:19 - 2014-06-15 23:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-12-28 01:19 - 2013-04-10 03:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-12-28 01:19 - 2011-04-29 00:06 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-12-28 01:19 - 2011-04-29 00:05 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2015-12-28 01:19 - 2011-04-29 00:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-12-28 01:19 - 2011-02-03 08:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-12-28 01:18 - 2015-06-25 07:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-12-28 01:18 - 2015-06-25 07:01 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-12-28 01:18 - 2015-06-25 07:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-12-28 01:18 - 2015-06-25 06:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-12-28 01:18 - 2015-06-15 18:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-12-28 01:18 - 2015-06-15 18:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-12-28 01:18 - 2015-06-15 18:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-12-28 01:18 - 2015-06-15 18:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-12-28 01:18 - 2015-06-15 18:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-12-28 01:18 - 2015-06-15 18:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-12-28 01:18 - 2015-06-15 18:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-12-28 01:18 - 2015-06-15 18:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-12-28 01:18 - 2015-02-18 04:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-12-28 01:18 - 2015-02-18 04:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-12-28 01:18 - 2013-05-10 02:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2015-12-28 01:18 - 2013-05-10 00:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2015-12-28 01:18 - 2012-09-25 19:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2015-12-28 01:18 - 2012-09-25 19:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2015-12-28 01:17 - 2014-10-29 23:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-12-28 01:17 - 2014-10-29 22:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2015-12-28 01:17 - 2014-10-24 22:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-12-28 01:17 - 2014-10-24 22:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-12-28 01:17 - 2014-09-04 02:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-12-28 01:17 - 2014-09-04 02:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-12-28 01:17 - 2014-08-11 23:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-12-28 01:17 - 2014-08-11 22:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2015-12-28 01:17 - 2013-07-25 23:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2015-12-28 01:17 - 2013-07-25 22:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2015-12-28 01:17 - 2013-04-26 02:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-12-28 01:17 - 2013-04-26 01:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2015-12-28 01:17 - 2012-11-02 02:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2015-12-28 01:17 - 2012-11-02 02:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2015-12-28 01:17 - 2012-07-04 19:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2015-12-28 01:17 - 2012-07-04 19:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2015-12-28 01:17 - 2012-07-04 19:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2015-12-28 01:17 - 2012-07-04 18:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2015-12-28 01:17 - 2012-07-04 18:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2015-12-28 01:16 - 2015-10-13 01:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-12-28 01:16 - 2015-01-16 23:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-12-28 01:16 - 2014-10-02 23:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-12-28 01:16 - 2014-10-02 23:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-12-28 01:16 - 2014-10-02 23:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-12-28 01:16 - 2014-10-02 23:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-12-28 01:16 - 2014-10-02 23:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-12-28 01:16 - 2014-10-02 22:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-12-28 01:16 - 2014-10-02 22:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-12-28 01:16 - 2014-10-02 22:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-12-28 01:16 - 2014-10-02 22:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-12-28 01:16 - 2014-10-02 22:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-12-28 01:16 - 2014-02-03 23:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-12-28 01:16 - 2014-02-03 23:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-12-28 01:16 - 2014-02-03 23:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2015-12-28 01:16 - 2014-02-03 23:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2015-12-28 01:16 - 2014-02-03 23:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2015-12-28 01:16 - 2013-09-07 23:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2015-12-28 01:16 - 2013-09-07 23:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2015-12-28 01:16 - 2012-08-21 18:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2015-12-28 01:16 - 2012-03-17 04:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2015-12-28 01:15 - 2015-07-09 14:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-12-28 01:15 - 2015-07-09 14:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-12-28 01:15 - 2015-07-09 14:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-12-28 01:15 - 2015-02-25 00:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-12-28 01:15 - 2015-01-16 23:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-12-28 01:15 - 2014-11-26 00:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-12-28 01:15 - 2014-11-26 00:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-12-28 01:15 - 2012-11-23 00:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2015-12-28 01:15 - 2011-08-17 02:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2015-12-28 01:15 - 2011-08-17 02:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2015-12-28 01:15 - 2011-08-17 01:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2015-12-28 01:15 - 2011-08-17 01:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2015-12-28 01:15 - 2011-05-24 08:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2015-12-28 01:15 - 2011-05-24 07:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2015-12-28 01:15 - 2011-05-24 07:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2015-12-28 01:15 - 2011-05-24 07:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2015-12-28 01:15 - 2011-05-24 07:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2015-12-28 01:15 - 2011-02-05 14:10 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2015-12-28 01:15 - 2011-02-05 14:10 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2015-12-28 01:15 - 2011-02-05 14:10 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2015-12-28 01:05 - 2015-11-03 16:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-28 01:05 - 2015-11-03 15:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-12-28 01:05 - 2013-08-27 22:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2015-12-28 01:05 - 2012-06-06 03:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2015-12-28 01:05 - 2012-06-06 02:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2015-12-28 00:59 - 2015-12-28 00:59 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-12-28 00:59 - 2015-12-28 00:59 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2015-12-28 00:59 - 2015-10-01 15:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-12-28 00:59 - 2015-10-01 15:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-12-28 00:59 - 2015-10-01 14:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-12-28 00:58 - 2015-09-02 00:04 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-12-28 00:58 - 2015-09-02 00:04 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-12-28 00:58 - 2015-09-02 00:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-12-28 00:58 - 2015-09-02 00:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-12-28 00:58 - 2015-09-01 23:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-12-28 00:58 - 2015-09-01 23:48 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-12-28 00:58 - 2015-09-01 23:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-12-28 00:58 - 2015-09-01 23:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-12-28 00:58 - 2015-09-01 22:47 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-12-28 00:58 - 2015-09-01 22:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-12-28 00:51 - 2011-05-03 02:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-12-28 00:51 - 2011-05-03 01:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-12-28 00:49 - 2013-10-11 23:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2015-12-28 00:49 - 2013-10-11 23:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-12-28 00:49 - 2013-10-11 23:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2015-12-28 00:49 - 2013-10-11 23:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2015-12-28 00:49 - 2013-10-11 22:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2015-12-28 00:49 - 2013-10-11 22:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2015-12-28 00:49 - 2013-10-11 22:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2015-12-28 00:49 - 2013-10-11 22:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2015-12-28 00:49 - 2013-05-13 02:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2015-12-28 00:49 - 2013-05-13 00:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2015-12-28 00:49 - 2013-05-13 00:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2015-12-28 00:49 - 2013-05-13 00:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2015-12-28 00:48 - 2015-03-04 01:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-12-28 00:48 - 2015-03-04 01:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-12-28 00:48 - 2015-03-04 01:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-12-28 00:48 - 2011-08-27 02:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2015-12-28 00:48 - 2011-08-27 01:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2015-12-28 00:48 - 2011-02-23 01:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2015-12-28 00:46 - 2014-12-08 00:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-12-28 00:46 - 2014-12-07 23:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-12-28 00:46 - 2011-12-16 05:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2015-12-28 00:46 - 2011-12-16 04:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2015-12-28 00:34 - 2014-01-23 23:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-12-28 00:34 - 2013-10-11 23:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-12-28 00:34 - 2013-10-11 23:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-12-28 00:34 - 2013-10-11 23:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-12-28 00:34 - 2013-10-11 23:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-12-28 00:34 - 2013-10-11 23:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-12-28 00:34 - 2013-01-24 03:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2015-12-28 00:34 - 2011-02-18 07:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2015-12-28 00:34 - 2011-02-18 02:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2015-12-28 00:34 - 2011-02-12 08:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2015-12-28 00:33 - 2012-05-14 02:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-12-28 00:33 - 2011-10-15 03:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2015-12-28 00:33 - 2011-10-15 02:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2015-12-28 00:32 - 2015-12-28 00:32 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-12-28 00:32 - 2015-12-28 00:32 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-12-28 00:30 - 2015-12-28 16:04 - 00000838 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-28 00:30 - 2015-12-28 00:34 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-28 00:30 - 2015-12-28 00:34 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-28 00:30 - 2015-12-28 00:34 - 00003776 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-28 00:30 - 2015-12-28 00:30 - 00000000 ____D C:\Windows\system32\Macromed
2015-12-28 00:25 - 2015-12-28 00:25 - 00053248 _____ C:\Windows\SysWOW64\zlib.dll
2015-12-28 00:25 - 2015-12-28 00:25 - 00001216 _____ C:\Users\Public\Desktop\CryptoPrevent.lnk
2015-12-28 00:25 - 2015-12-28 00:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foolish IT
2015-12-28 00:25 - 2015-12-28 00:25 - 00000000 ____D C:\ProgramData\Foolish IT
2015-12-28 00:25 - 2015-12-28 00:25 - 00000000 ____D C:\Program Files (x86)\Foolish IT
2015-12-28 00:12 - 2015-12-28 00:12 - 00001073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2015-12-28 00:12 - 2015-12-28 00:12 - 00000000 ____D C:\Program Files (x86)\Secunia
2015-12-27 23:16 - 2015-12-27 23:16 - 00000000 ____D C:\Users\Roberto\AppData\Roaming\AVG
2015-12-27 23:15 - 2015-12-27 23:15 - 00000000 ____D C:\Users\Roberto\AppData\Roaming\TuneUp Software
2015-12-27 23:15 - 2015-12-27 23:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-12-27 23:15 - 2015-12-27 23:15 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-27 23:14 - 2015-12-27 23:14 - 00000000 ___HD C:\$AVG
2015-12-27 22:59 - 2015-12-28 16:28 - 00000000 ____D C:\ProgramData\MFAData
2015-12-27 22:59 - 2015-12-27 22:59 - 00000936 _____ C:\Users\Public\Desktop\AVG.lnk
2015-12-27 22:59 - 2015-12-27 22:59 - 00000000 ____D C:\Users\Roberto\AppData\Local\MFAData
2015-12-27 22:59 - 2015-12-27 22:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2015-12-27 22:54 - 2015-12-27 23:14 - 00000000 ____D C:\ProgramData\Avg
2015-12-27 22:54 - 2015-12-27 23:13 - 00000000 ____D C:\Program Files (x86)\AVG
2015-12-27 22:52 - 2015-12-27 23:16 - 00000000 ____D C:\Users\Roberto\AppData\Local\Avg
2015-12-27 22:52 - 2015-12-27 23:11 - 00000000 ____D C:\Users\Roberto\AppData\Local\AvgSetupLog
2015-12-27 21:26 - 2015-12-27 21:26 - 00000000 ____D C:\Users\Roberto\AppData\Roaming\Macromedia
2015-12-27 21:26 - 2015-12-27 21:26 - 00000000 ____D C:\Users\Roberto\AppData\Roaming\LolClient
2015-12-27 21:16 - 2015-12-28 16:38 - 00044459 _____ C:\Users\Roberto\Desktop\FRST.txt
2015-12-27 21:15 - 2015-12-28 16:38 - 00000000 ____D C:\FRST
2015-12-27 21:15 - 2015-12-27 21:15 - 02370560 _____ (Farbar) C:\Users\Roberto\Desktop\FRST64.exe
2015-12-27 20:35 - 2015-12-27 19:39 - 00000000 ____D C:\ProgramData\Atheros
2015-12-27 20:34 - 2015-12-27 20:34 - 00000035 _____ C:\ProgramData\AtherosServiceConfig.ini
2015-12-27 20:31 - 2015-12-27 20:31 - 00002197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Smart Network.lnk
2015-12-27 20:29 - 2015-12-27 20:29 - 00002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2015-12-27 20:29 - 2015-12-27 20:29 - 00001458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2015-12-27 20:29 - 2015-12-27 20:29 - 00001374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2015-12-27 20:29 - 2015-12-27 20:29 - 00001305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2015-12-27 20:29 - 2015-12-27 20:29 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-12-27 20:29 - 2015-12-27 20:29 - 00000000 ____D C:\Windows\PCHEALTH
2015-12-27 20:29 - 2015-12-27 20:29 - 00000000 ____D C:\Windows\es
2015-12-27 20:29 - 2015-12-27 20:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-27 20:29 - 2015-12-27 20:29 - 00000000 ____D C:\Program Files\Windows Live
2015-12-27 20:29 - 2015-12-27 20:29 - 00000000 ____D C:\Program Files (x86)\Windows Live
2015-12-27 20:29 - 2009-09-04 20:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2015-12-27 20:29 - 2009-09-04 20:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2015-12-27 20:29 - 2006-11-29 16:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-12-27 20:29 - 2006-11-29 16:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-12-27 20:28 - 2015-12-27 20:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-27 20:26 - 2015-12-27 20:26 - 00131072 _____ C:\Windows\ocsetup_install_OEMHelpCustomization.etl
2015-12-27 20:26 - 2015-12-27 20:26 - 00028728 _____ C:\Windows\ocsetup_cbs_install_OEMHelpCustomization.txt
2015-12-27 20:26 - 2015-12-27 20:26 - 00002027 _____ C:\Users\Public\Desktop\Microsoft Office 2010.lnk
2015-12-27 20:24 - 2015-12-27 20:24 - 00002017 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care.lnk
2015-12-27 20:24 - 2015-12-27 20:24 - 00000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
2015-12-27 20:22 - 2015-12-27 23:08 - 00000000 ____D C:\ProgramData\Norton
2015-12-27 20:21 - 2015-12-27 20:21 - 00000000 ____D C:\ProgramData\NortonInstaller
2015-12-27 20:16 - 2015-12-27 20:16 - 00001275 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Transfer.lnk
2015-12-27 20:16 - 2015-12-27 20:16 - 00000000 ____D C:\VAIO Sample Contents
2015-12-27 20:15 - 2015-12-27 20:15 - 00002072 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Gate.lnk
2015-12-27 20:14 - 2015-12-27 20:14 - 00001852 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Easy Connect.lnk
2015-12-27 20:13 - 2015-12-27 20:13 - 00002269 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Data Restore Tool.lnk
2015-12-27 20:11 - 2012-02-17 03:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2015-12-27 20:11 - 2012-02-17 02:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2015-12-27 20:11 - 2012-02-17 01:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2015-12-27 20:11 - 2009-09-04 20:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-12-27 20:11 - 2009-09-04 20:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2015-12-27 20:11 - 2009-09-04 20:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-12-27 20:11 - 2009-09-04 20:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2015-12-27 20:09 - 2015-12-27 20:11 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayStation Herramientas
2015-12-27 20:09 - 2015-12-27 20:09 - 00001189 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Keyboard.lnk
2015-12-27 20:09 - 2015-12-27 20:09 - 00000000 ___HD C:\SPLASH.000
2015-12-27 20:08 - 2015-12-27 20:08 - 00000000 ___HD C:\SPLASH.SYS
2015-12-27 20:08 - 2015-12-27 20:08 - 00000000 ____D C:\Program Files (x86)\Downloaded Installations
2015-12-27 19:58 - 2015-12-27 19:58 - 00001123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMB.lnk
2015-12-27 19:58 - 2015-12-27 19:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMB
2015-12-27 19:58 - 2015-12-27 19:58 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2015-12-27 19:58 - 2007-07-19 21:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-12-27 19:58 - 2006-03-31 15:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-12-27 19:58 - 2006-03-31 15:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-12-27 19:56 - 2015-12-27 19:56 - 00001303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Gallery.lnk
2015-12-27 19:56 - 2010-06-02 07:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-12-27 19:56 - 2010-06-02 07:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-12-27 19:56 - 2010-06-02 07:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-12-27 19:56 - 2010-06-02 07:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-12-27 19:56 - 2010-06-02 07:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-12-27 19:56 - 2010-06-02 07:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-12-27 19:56 - 2010-05-26 14:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-12-27 19:56 - 2010-05-26 14:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-12-27 19:56 - 2010-05-26 14:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-12-27 19:56 - 2010-05-26 14:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2015-12-27 19:56 - 2010-05-26 14:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-12-27 19:56 - 2010-05-26 14:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-12-27 19:56 - 2010-05-26 14:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-12-27 19:56 - 2010-05-26 14:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2015-12-27 19:56 - 2010-05-26 14:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-12-27 19:56 - 2010-05-26 14:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-12-27 19:53 - 2009-05-26 17:32 - 00019968 _____ (ArcSoft, Inc.) C:\Windows\system32\Drivers\ArcSoftKsUFilter.sys
2015-12-27 19:53 - 2008-09-04 20:06 - 00055808 _____ (ArcSoft, Inc.) C:\Windows\system\ArcSoftKsUFilter.dll
2015-12-27 19:53 - 2005-04-27 19:36 - 00245408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unicows.dll
2015-12-27 19:53 - 2003-03-19 01:14 - 00499712 ____R (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2015-12-27 19:53 - 2003-02-21 07:42 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2015-12-27 19:53 - 1995-07-31 16:44 - 00212480 _____ (Eastman Kodak) C:\Windows\SysWOW64\PCDLIB32.DLL
2015-12-27 19:51 - 2015-12-27 19:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Webcam Suite
2015-12-27 19:51 - 2015-12-27 19:53 - 00000000 ____D C:\Program Files (x86)\ArcSoft
2015-12-27 19:51 - 2015-12-27 19:51 - 00000000 ____D C:\ProgramData\ArcSoft
2015-12-27 19:47 - 2015-12-28 00:58 - 00000000 ____D C:\ProgramData\Adobe
2015-12-27 19:47 - 2015-12-28 00:58 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-12-27 19:46 - 2015-12-27 19:46 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2015-12-27 19:44 - 2015-12-27 19:44 - 00001155 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2015-12-27 19:44 - 2015-12-27 18:41 - 00000000 ____D C:\Windows\System32\Tasks\SONY
2015-12-27 19:43 - 2015-12-27 19:43 - 00001995 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Manual.lnk
2015-12-27 19:43 - 2015-12-27 19:43 - 00000000 ____D C:\Documentation
2015-12-27 19:43 - 2015-12-27 19:43 - 00000000 ____D C:\_FS_SWRINFO
2015-12-27 19:41 - 2015-12-27 19:41 - 00001531 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Control Center.lnk
2015-12-27 19:37 - 2015-12-27 19:37 - 00000000 ____D C:\Nobu_Icon
2015-12-27 19:37 - 2015-12-27 19:18 - 00000000 ____D C:\Program Files\Microsoft Office
2015-12-27 19:37 - 2010-06-23 18:58 - 00000193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Online Backup Trial.url
2015-12-27 19:36 - 2015-12-27 19:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-12-27 19:34 - 2015-12-27 20:26 - 00000000 ____D C:\Windows\Sonysys
2015-12-27 19:33 - 2015-12-27 19:33 - 00000000 ____D C:\ProgramData\Riot Games
2015-12-27 19:32 - 2015-12-27 19:32 - 00521448 _____ (Sun Microsystems, Inc.) C:\Windows\system32\deployJava1.dll
2015-12-27 19:32 - 2015-12-27 19:32 - 00472808 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\deployJava1.dll
2015-12-27 19:32 - 2015-12-27 19:32 - 00001613 _____ C:\Users\Public\Desktop\League of Legends.lnk
2015-12-27 19:32 - 2015-12-27 19:32 - 00000000 ____D C:\Riot Games
2015-12-27 19:32 - 2015-12-27 19:32 - 00000000 ____D C:\ProgramData\Sun
2015-12-27 19:32 - 2015-12-27 19:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2015-12-27 19:32 - 2008-07-31 11:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-12-27 19:32 - 2008-07-31 11:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-12-27 19:32 - 2008-07-12 09:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-12-27 19:32 - 2008-07-12 09:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-12-27 19:32 - 2008-07-12 09:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-12-27 19:30 - 2015-12-27 19:55 - 00000000 ____D C:\Program Files\Common Files\Sony Shared
2015-12-27 19:28 - 2015-12-27 20:16 - 00000000 ____D C:\Program Files (x86)\Sony
2015-12-27 19:28 - 2015-12-27 18:43 - 00000000 ____D C:\Windows\System32\Tasks\Sony Corporation
2015-12-27 19:27 - 2015-12-27 19:27 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2015-12-27 19:27 - 2015-12-27 19:27 - 00000000 ____D C:\Program Files\Synaptics
2015-12-27 19:25 - 2015-12-27 19:25 - 00000000 ____D C:\Windows\SysWOW64\sda
2015-12-27 19:25 - 2015-12-27 19:25 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-12-27 19:25 - 2011-03-28 04:48 - 09888360 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtsPStorIcon.dll
2015-12-27 19:25 - 2011-03-28 04:48 - 00333928 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsPStor.sys
2015-12-27 19:23 - 2011-02-14 03:15 - 00008192 _____ C:\Windows\system32\Drivers\IntelMEFWVer.dll
2015-12-27 19:21 - 2015-12-28 16:25 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-27 19:21 - 2015-12-27 19:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-12-27 19:21 - 2015-12-27 19:21 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-12-27 19:20 - 2015-12-27 19:21 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-12-27 19:20 - 2015-12-27 19:21 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-12-27 19:20 - 2011-03-11 06:25 - 01359976 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco642040.dll
2015-12-27 19:20 - 2011-03-11 06:25 - 00172648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-12-27 19:20 - 2011-03-11 06:25 - 00029288 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-12-27 19:20 - 2011-03-11 06:24 - 07715944 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-12-27 19:20 - 2011-03-11 06:24 - 05639784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-12-27 19:20 - 2011-03-11 06:23 - 20457064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-12-27 19:20 - 2011-03-11 06:21 - 15039080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-12-27 19:20 - 2011-03-11 06:20 - 13061224 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-12-27 19:20 - 2011-03-11 06:19 - 01359976 _____ (NVIDIA Corporation) C:\Windows\system32\nvgenco642040.dll
2015-12-27 19:20 - 2011-03-11 06:19 - 00007621 _____ C:\Windows\system32\nvinfo.pb
2015-12-27 19:20 - 2011-03-11 06:18 - 12839528 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-12-27 19:20 - 2011-03-11 06:18 - 01614440 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco642090.dll
2015-12-27 19:20 - 2011-03-11 06:17 - 10059368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-12-27 19:20 - 2011-03-11 06:16 - 02954856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-12-27 19:20 - 2011-03-11 06:15 - 03182184 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-12-27 19:20 - 2011-03-11 06:15 - 02871400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2015-12-27 19:20 - 2011-03-11 06:15 - 02579560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2015-12-27 19:20 - 2011-03-11 06:14 - 06597736 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-12-27 19:20 - 2011-03-11 06:14 - 04936808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-12-27 19:20 - 2011-03-11 06:13 - 13011560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-12-27 19:20 - 2011-03-11 06:12 - 18580072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-12-27 19:20 - 2011-03-11 06:10 - 02206824 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-12-27 19:20 - 2011-03-11 06:10 - 01969768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-12-27 19:20 - 2011-03-11 06:10 - 00067176 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-12-27 19:20 - 2011-03-11 06:10 - 00057960 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-12-27 19:20 - 2011-03-11 06:10 - 00011240 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvBridge.kmd
2015-12-27 19:19 - 2015-12-27 19:32 - 00000000 ____D C:\Users\Roberto\AppData\Roaming\Riot Games
2015-12-27 19:19 - 2015-12-27 19:19 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2015-12-27 19:18 - 2015-12-27 19:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2015-12-27 19:17 - 2015-12-27 19:17 - 00000000 ____D C:\Users\Roberto\AppData\Local\Microsoft Help
2015-12-27 19:16 - 2015-12-27 19:16 - 00000000 __RHD C:\MSOCache
2015-12-27 19:16 - 2015-12-27 19:16 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_btath_hcrp_01009.Wdf
2015-12-27 19:15 - 2015-12-27 19:15 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program
2015-12-27 19:15 - 2015-12-27 19:15 - 00000000 ____D C:\Program Files (x86)\Bluetooth Suite
2015-12-27 19:13 - 2015-12-27 19:13 - 00000000 ____D C:\Program Files\CONEXANT
2015-12-27 19:11 - 2015-12-27 20:31 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-12-27 19:11 - 2015-12-27 19:11 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-12-27 19:10 - 2015-12-27 19:23 - 00000000 ____D C:\Program Files (x86)\Intel
2015-12-27 19:10 - 2015-12-27 19:10 - 00000000 ____D C:\Intel
2015-12-27 19:10 - 2011-02-11 04:32 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2015-12-27 19:04 - 2015-12-27 20:29 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-12-27 19:04 - 2015-12-27 19:04 - 00000000 __HDC C:\ProgramData\{122DEDD6-6836-4B5F-BC64-5B214DA18102}
2015-12-27 19:04 - 2015-12-27 19:04 - 00000000 ____D C:\ProgramData\DDNi
2015-12-27 19:04 - 2015-12-27 19:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2015-12-27 19:04 - 2015-12-27 19:04 - 00000000 ____D C:\Program Files (x86)\DDNi
2015-12-27 19:03 - 2015-12-27 18:40 - 00000000 ____D C:\ProgramData\Sony Corporation
2015-12-27 19:01 - 2015-12-27 19:01 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-12-27 19:01 - 2015-12-27 19:01 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-12-27 18:58 - 2015-12-28 16:28 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-27 18:58 - 2015-12-28 16:03 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-27 18:58 - 2015-12-27 20:34 - 00000000 ____D C:\Program Files\Sony
2015-12-27 18:58 - 2015-12-27 20:29 - 00000000 ____D C:\Users\Roberto\AppData\Local\Google
2015-12-27 18:58 - 2015-12-27 18:58 - 00004098 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-27 18:58 - 2015-12-27 18:58 - 00003846 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-27 18:58 - 2015-12-27 18:58 - 00002257 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-27 18:58 - 2015-12-27 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-27 18:58 - 2015-12-27 18:58 - 00000000 ____D C:\Program Files (x86)\Google
2015-12-27 18:56 - 2015-12-28 16:32 - 00747744 _____ C:\Windows\system32\perfh00A.dat
2015-12-27 18:56 - 2015-12-28 16:32 - 00159184 _____ C:\Windows\system32\perfc00A.dat
2015-12-27 18:56 - 2015-12-27 18:57 - 00000000 ____D C:\Users\Roberto\AppData\Local\Deployment
2015-12-27 18:56 - 2015-12-27 18:56 - 00341432 _____ C:\Windows\system32\perfi00A.dat
2015-12-27 18:56 - 2015-12-27 18:56 - 00041390 _____ C:\Windows\system32\perfd00A.dat
2015-12-27 18:56 - 2015-12-27 18:56 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2015-12-27 18:56 - 2015-12-27 18:56 - 00000000 ____D C:\Windows\SysWOW64\winrm
2015-12-27 18:56 - 2015-12-27 18:56 - 00000000 ____D C:\Windows\SysWOW64\WCN
2015-12-27 18:56 - 2015-12-27 18:56 - 00000000 ____D C:\Windows\SysWOW64\sysprep
2015-12-27 18:56 - 2015-12-27 18:56 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2015-12-27 18:56 - 2015-12-27 18:56 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2015-12-27 18:56 - 2015-12-27 18:56 - 00000000 ____D C:\Windows\SysWOW64\es
2015-12-27 18:56 - 2015-12-27 18:56 - 00000000 ____D C:\Windows\SysWOW64\0C0A
2015-12-27 18:56 - 2015-12-27 18:56 - 00000000 ____D C:\Windows\system32\winrm
2015-12-27 18:56 - 2015-12-27 18:56 - 00000000 ____D C:\Windows\system32\WCN
2015-12-27 18:56 - 2015-12-27 18:56 - 00000000 ____D C:\Windows\system32\slmgr
2015-12-27 18:56 - 2015-12-27 18:56 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2015-12-27 18:56 - 2015-12-27 18:56 - 00000000 ____D C:\Windows\system32\es
2015-12-27 18:56 - 2015-12-27 18:56 - 00000000 ____D C:\Windows\system32\0C0A
2015-12-27 18:56 - 2015-12-27 18:56 - 00000000 ____D C:\Users\Roberto\AppData\Roaming\Adobe
2015-12-27 18:56 - 2015-12-27 18:56 - 00000000 ____D C:\Users\Roberto\AppData\Local\Apps\2.0
2015-12-27 18:43 - 2015-12-28 16:35 - 00004002 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{84E62790-FC46-4FAA-AB82-1E92A599B354}
2015-12-27 18:43 - 2015-12-27 18:43 - 00000000 ____D C:\Users\Roberto\Documents\Bluetooth Folder
2015-12-27 18:43 - 2015-12-27 18:43 - 00000000 ____D C:\Users\Roberto\AppData\Roaming\Intel Corporation
2015-12-27 18:43 - 2015-12-27 18:43 - 00000000 ____D C:\Users\Roberto\AppData\Local\BMExplorer
2015-12-27 18:42 - 2015-12-27 18:42 - 00000000 ____D C:\Users\Roberto\AppData\Roaming\Atheros
2015-12-27 18:41 - 2015-12-28 16:28 - 00001401 _____ C:\Users\Roberto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-12-27 18:41 - 2015-12-27 18:41 - 00000000 ___RH C:\Windows\SysWOW64\Drivers\104D_Sony_VPCEG15FL.mrk
2015-12-27 18:41 - 2015-12-27 18:41 - 00000000 ___RH C:\Windows\system32\Drivers\104D_Sony_VPCEG15FL.mrk
2015-12-27 18:41 - 2015-12-27 18:41 - 00000000 ____D C:\Users\Roberto\AppData\Local\VirtualStore
2015-12-27 18:39 - 2015-12-28 15:20 - 00094248 _____ C:\Users\Roberto\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-27 18:39 - 2015-12-27 18:43 - 00000000 ____D C:\Users\Roberto\AppData\Roaming\Sony Corporation
2015-12-27 18:39 - 2015-12-27 18:41 - 00000000 ____D C:\Users\Roberto
2015-12-27 18:39 - 2015-12-27 18:39 - 00000020 ___SH C:\Users\Roberto\ntuser.ini
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Users\Roberto\Reciente
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Users\Roberto\Plantillas
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Users\Roberto\Mis documentos
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Users\Roberto\Menú Inicio
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Users\Roberto\Impresoras
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Users\Roberto\Entorno de red
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Users\Roberto\Documents\Mis vídeos
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Users\Roberto\Documents\Mis imágenes
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Users\Roberto\Documents\Mi música
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Users\Roberto\Datos de programa
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Users\Roberto\Configuración local
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Users\Roberto\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Users\Roberto\AppData\Local\Historial
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Users\Roberto\AppData\Local\Datos de programa
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Users\Roberto\AppData\Local\Archivos temporales de Internet
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Users\Public\Documents\Mis vídeos
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Users\Public\Documents\Mis imágenes
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Users\Public\Documents\Mi música
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Users\Default\Reciente
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Users\Default\Plantillas
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Users\Default\Mis documentos
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Users\Default\Menú Inicio
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Users\Default\Impresoras
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Users\Default\Entorno de red
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Users\Default\Documents\Mis vídeos
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Users\Default\Documents\Mis imágenes
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Users\Default\Documents\Mi música
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Users\Default\Datos de programa
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Users\Default\Configuración local
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Users\Default\AppData\Local\Historial
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Users\Default\AppData\Local\Datos de programa
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Users\Default\AppData\Local\Archivos temporales de Internet
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Users\Default User\Documents\Mis vídeos
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Users\Default User\Documents\Mis imágenes
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Users\Default User\Documents\Mi música
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Historial
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Datos de programa
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Archivos temporales de Internet
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\ProgramData\Plantillas
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\ProgramData\Menú Inicio
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\ProgramData\Favoritos
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\ProgramData\Escritorio
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\ProgramData\Documentos
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\ProgramData\Datos de programa
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Program Files\Archivos comunes
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 _SHDL C:\Archivos de programa
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 ____D C:\Windows\SysWOW64\VAIO Startup Setting Tool
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 ____D C:\Windows\pss
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 ____D C:\Users\Public\Symantec
2015-12-27 18:39 - 2011-03-14 23:36 - 00000000 ____D C:\Users\Roberto\AppData\Roaming\Media Center Programs
2015-12-01 10:10 - 2015-12-01 10:10 - 00018456 _____ (Secunia) C:\Windows\system32\Drivers\psi_mf_amd64.sys
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-12-28 16:35 - 2009-07-14 01:45 - 00020992 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-28 16:35 - 2009-07-14 01:45 - 00020992 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-28 16:32 - 2009-07-14 02:13 - 01677306 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-28 16:32 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2015-12-28 16:24 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-28 16:24 - 2009-07-14 01:45 - 00370736 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-28 16:19 - 2011-03-14 23:36 - 00000000 ____D C:\Program Files\Windows Journal
2015-12-28 16:19 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-12-28 15:07 - 2009-07-14 02:32 - 00000000 ____D C:\Program Files\Windows Defender
2015-12-28 15:07 - 2009-07-14 02:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-12-28 15:07 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2015-12-28 15:07 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\Dism
2015-12-28 15:07 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-12-28 15:07 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\AppCompat
2015-12-28 15:07 - 2009-07-14 00:20 - 00000000 ____D C:\Windows
2015-12-28 15:07 - 2009-07-14 00:20 - 00000000 ____D C:\Program Files\Common Files\System
2015-12-28 14:03 - 2011-02-10 20:03 - 01651892 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-12-28 02:29 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\tracing
2015-12-27 22:35 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\rescache
2015-12-27 20:35 - 2011-02-10 19:48 - 00000000 ____D C:\Windows\Panther
2015-12-27 20:35 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\sysprep
2015-12-27 20:26 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\Help
2015-12-27 20:09 - 2010-11-18 15:03 - 00000087 ____H C:\splash.idx
2015-12-27 19:53 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system
2015-12-27 19:43 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\Resources
2015-12-27 19:39 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\SysWOW64\oobe
2015-12-27 19:39 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\oobe
2015-12-27 19:34 - 2011-02-10 19:52 - 00000012 _____ C:\Windows\csup.txt
2015-12-27 19:19 - 2009-07-14 00:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-12-27 19:18 - 2011-03-14 23:36 - 00000000 ____D C:\Windows\ShellNew
2015-12-27 19:15 - 2011-02-24 18:55 - 00246804 _____ C:\Windows\system32\Drivers\AtherosBt.bin
2015-12-27 19:08 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\Globalization
2015-12-27 19:01 - 2009-07-14 02:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-12-27 18:57 - 2009-07-14 02:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2015-12-27 18:56 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\DigitalLocker
2015-12-27 18:56 - 2009-07-14 02:32 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2015-12-27 18:56 - 2009-07-14 02:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2015-12-27 18:56 - 2009-07-14 02:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-12-27 18:56 - 2009-07-14 02:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-12-27 18:56 - 2009-07-14 02:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2015-12-27 18:56 - 2009-07-14 02:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2015-12-27 18:56 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\SysWOW64\Setup
2015-12-27 18:56 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\SysWOW64\MUI
2015-12-27 18:56 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2015-12-27 18:56 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\SysWOW64\com
2015-12-27 18:56 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\Setup
2015-12-27 18:56 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\MUI
2015-12-27 18:56 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\migwiz
2015-12-27 18:56 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\com
2015-12-27 18:56 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\servicing
2015-12-27 18:56 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\IME
2015-12-27 18:39 - 2009-07-14 00:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-12-27 18:39 - 2009-07-14 00:20 - 00000000 ____D C:\Program Files\Windows NT
 
==================== Files in the root of some directories =======
 
2015-12-27 20:34 - 2015-12-27 20:34 - 0000035 _____ () C:\ProgramData\AtherosServiceConfig.ini
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-12-27 22:28
 
==================== End of FRST.txt ============================
 
 
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-12-2015
Ran by Roberto (2015-12-28 16:40:14)
Running from C:\Users\Roberto\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2015-12-27 21:39:10)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrador (S-1-5-21-3373465647-1595986680-2991297842-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-3373465647-1595986680-2991297842-1002 - Limited - Enabled)
Invitado (S-1-5-21-3373465647-1595986680-2991297842-501 - Limited - Disabled)
Roberto (S-1-5-21-3373465647-1595986680-2991297842-1001 - Administrator - Enabled) => C:\Users\Roberto
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.204 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\{7B0961DB-15EB-41AF-85DA-C296924CA408}) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\{7898389E-2B8F-4CAC-A8CB-489B7B339C03}) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.142 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.392 - ArcSoft)
AVG (HKLM\...\AvgZen) (Version: 1.22.1.40089 - AVG Technologies)
AVG (Version: 16.12.7303 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4489 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.12.7303 - AVG Technologies)
AVG Zen (Version: 1.22.1 - AVG Technologies) Hidden
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.90 - Atheros Communications)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.0.53 - Conexant)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
CryptoPrevent (HKLM-x32\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version:  - Foolish IT LLC)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
FMW 1 (Version: 1.32.2 - AVG Technologies) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Manual de VAIO (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 2.0.0.02250 - Sony Corporation)
Media Gallery (Version: 1.5.0.16020 - Your Company Name) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NVIDIA Controlador de 3D Vision 267.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 267.43 - NVIDIA Corporation)
NVIDIA Controlador de audio HD 1.2.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.18.0 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 267.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.43 - NVIDIA Corporation)
NVIDIA nView 135.68 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 135.68 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
Oasis2Service 1.0 (HKLM-x32\...\{E50FC5DB-7CBD-407D-A46E-0C13E45BC386}) (Version: 1.0.0 - DDNi)
OOBE (HKLM-x32\...\{18894D16-5448-4BF9-A128-F7E937322F91}) (Version: 11.2.1.10 - Sony Corporation)
Panel de control de NVIDIA 267.43 (Version: 267.43 - NVIDIA Corporation) Hidden
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.5.02.12220 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.5.00.02250 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.5.00.04010 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.5.00.02250 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.5.00.04060 - Sony Corporation) Hidden
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 6.4.6.10930 - Razer Inc.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.74 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.1.1.03020 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (x32 Version: 1.1.0.15070 - Sony Corporation) Hidden
Secunia PSI (3.0.0.11003) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.11003 - Secunia)
Sony Corporation (Version: 1.0.0 - Default Company Name) Hidden
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.9.0 - Synaptics Incorporated)
Transferencias VAIO (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.4.0.14230 - Sony Corporation)
VAIO - Media Gallery (HKLM-x32\...\{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}) (Version: 1.5.0.16020 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}) (Version: 1.5.00.02250 - Sony Corporation)
VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}) (Version: 1.5.00.04060 - Sony Corporation)
VAIO - Teclado a distancia (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.0.1.03020 - Sony Corporation)
VAIO - Uso a distancia con PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.1.0.15070 - Sony Corporation)
VAIO Care (HKLM-x32\...\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}) (Version: 6.4.0.15030 - Sony Corporation)
VAIO Care (x32 Version: 6.4.0.15030 - Sony Corporation) Hidden
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.5.0.03040 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.6.0.13140 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.6.0.13140 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.0.0.03050 - Sony Corporation)
VAIO Event Service (HKLM-x32\...\{73D8886A-D416-4687-B609-0D3836BA410C}) (Version: 5.5.0.03040 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.3.0.11090 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.4.0.03240 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.2.0.14280 - Sony Corporation) Hidden
VAIO Help and Support (HKLM-x32\...\{F5248E24-F52C-4FD1-B76F-102460BAFD6B}) (Version: 14.00.0125 - Sony Corporation)
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 1.0.0.14150 - Sony Corporation)
VAIO Messenger (HKLM-x32\...\VAIO Messenger) (Version: 2.0.118.0 - DDNi)
VAIO Messenger (x32 Version: 2.0.118.0 - DDNi) Hidden
VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.5.5 - Sony Corporation)
VAIO Quick Web Access (x32 Version: 1.4.5.5 - Sony Corporation) Hidden
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.0.09010 - Sony Corporation)
VAIO Satisfaction Survey. (HKLM-x32\...\VAIO Satisfaction Survey.3.0) (Version: 3.0 - Sony Electronics Inc.)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.5.0.02280 - Sony Corporation)
VAIO Update (HKLM-x32\...\{5BEE8F1F-BD32-4553-8107-500439E43BD7}) (Version: 5.4.0.15300 - Sony Corporation)
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VESx64 (Version: 1.0.0 - Sony Corporation) Hidden
VESx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {16B227A2-F911-4617-8CDE-66B4F911C75D} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {2730805D-8BB5-45EB-B7B3-ECD63ED3FD9A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-27] (Google Inc.)
Task: {39E93C35-2FA0-4D29-B096-883CD178B225} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-28] (Adobe Systems Incorporated)
Task: {53B18112-12EA-4478-8CF9-04ED43BCFCE8} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update 5 => C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe [2011-03-30] (Sony Corporation)
Task: {5B8592D1-F1A4-4638-81E9-B192A13241E2} - System32\Tasks\Sony\OOBEReminder => C:\Program Files\Sony\OOBE\OOBEReminder.exe [2011-03-24] (Sony Electronics Inc.)
Task: {631FD947-B294-4A0A-A630-4053C933A934} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient
Task: {68C2822C-3940-4533-A565-884F6D266596} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCOneClick.exe [2011-02-16] (Sony Corporation)
Task: {69D74C79-2866-4ED6-B732-D4DA17EE4B2D} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-02-15] (Sony Corporation)
Task: {6CB94603-61AD-4054-A345-C33606C468C6} - System32\Tasks\SONY\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2010-11-16] (Sony Corporation)
Task: {7B4BBB38-36CD-4039-8012-60E52C19C657} - System32\Tasks\Sony\VAIO Survey => C:\Program Files (x86)\Sony\VAIO Survey\VSScheduler.exe [2010-12-09] (Sony Electronics Inc.)
Task: {9A29BB3A-E3D9-497B-BFC0-F3AA9EDB0412} - System32\Tasks\SONY\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2010-11-16] (Sony Corporation)
Task: {B6CCDEFE-1D7B-46EA-91B8-75E7D5BD1101} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2011-02-16] (Sony Corporation)
Task: {BEBFE261-DBA5-4B37-81A5-E310AA7F4DA5} - System32\Tasks\Sony\OOBESendInfo => C:\Program Files\Sony\OOBE\OOBESendInfo.exe [2011-03-24] ()
Task: {D80B8A17-F903-4AE3-B4A6-08AC6718CB81} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {E31F14DA-4977-4742-BE97-884C1C7C2FC1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-27] (Google Inc.)
Task: {EEA7D2B3-E23D-4452-A1BD-6BE427AD9983} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementRegister => -autostart
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2010-03-25 22:07 - 2010-03-25 22:07 - 00046080 _____ () C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
2015-09-23 17:41 - 2015-09-23 17:41 - 00188072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2015-12-27 20:24 - 2011-02-25 20:14 - 00297472 _____ () C:\Program Files\Sony\VAIO Care\CRM\ManagedVAIORecoveryMedia.dll
2015-12-27 20:24 - 2011-02-25 20:14 - 00192000 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIORecovery.dll
2015-12-27 20:24 - 2011-02-25 20:14 - 00070656 _____ () C:\Program Files\Sony\VAIO Care\CRM\Logging.dll
2015-12-27 20:24 - 2011-02-25 20:14 - 00063488 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOCommon.dll
2015-12-27 20:24 - 2011-02-25 20:14 - 00215040 _____ () C:\Program Files\Sony\VAIO Care\CRM\OsServices.dll
2015-12-27 20:24 - 2011-02-25 20:14 - 00043008 _____ () C:\Program Files\Sony\VAIO Care\CRM\PluginFactory.dll
2015-12-27 20:24 - 2011-02-25 20:14 - 00260608 _____ () C:\Program Files\Sony\VAIO Care\CRM\RecoveryPartitionManager.dll
2015-12-27 20:24 - 2011-02-25 20:14 - 00043520 _____ () C:\Program Files\Sony\VAIO Care\CRM\XMLTools.dll
2015-12-27 20:24 - 2011-02-25 20:14 - 00059904 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOInstallAppsDrivers.dll
2015-12-27 20:24 - 2011-02-25 20:14 - 00157696 _____ () C:\Program Files\Sony\VAIO Care\CRM\InstallDB.dll
2015-12-27 20:24 - 2011-02-25 20:14 - 00138752 _____ () C:\Program Files\Sony\VAIO Care\CRM\InstallationTools.dll
2015-12-27 20:24 - 2011-02-25 20:14 - 00025600 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOUtility.dll
2010-03-25 22:07 - 2010-03-25 22:07 - 00046592 _____ () C:\Program Files (x86)\DDNi\Oasis2Service 1.0\DdniCore.dll
2010-03-25 22:07 - 2010-03-25 22:07 - 00032256 _____ () C:\Program Files (x86)\DDNi\Oasis2Service 1.0\AspUpdate.dll
2015-12-27 19:42 - 2011-03-05 19:42 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2015-12-27 19:11 - 2010-11-06 02:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2015-12-27 22:54 - 2015-12-27 22:53 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2015-12-27 18:58 - 2015-12-11 00:54 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
2015-12-27 18:58 - 2015-12-11 00:54 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll
2015-12-27 19:06 - 2015-12-24 08:46 - 16792256 _____ () C:\Users\Roberto\AppData\Local\Google\Chrome\User Data\PepperFlash\20.0.0.267\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 23:34 - 2009-06-10 18:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3373465647-1595986680-2991297842-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Roberto\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{4743BC8D-B049-4B18-AE28-F8DB2F43A065}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{CE5CEC24-E503-4A45-A720-1D353D41428F}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{FC9E4435-B4F3-4397-9DA9-16B0DB1EABB7}] => (Allow) C:\Program Files\Sony\VAIO Care\SelfHealUpdate.exe
FirewallRules: [{8C1A36E0-E750-4666-9033-C3A4DE851BFC}] => (Allow) C:\Program Files\Sony\VAIO Care\SelfHealUpdate.exe
FirewallRules: [{09C3F60F-B43A-401F-9E87-C333E4B37D94}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOCareMain.exe
FirewallRules: [{5DD26454-4DE2-4B48-B5EA-D0B628392A4A}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOCareMain.exe
FirewallRules: [{7FA3CA38-F5F6-47C8-AB85-4567EB0563EC}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{E6242DC2-C919-4C1D-A8B9-746FD129DEEB}] => (Allow) LPort=2869
FirewallRules: [{575ECF8E-1C20-4726-B2D5-77F5DF7DC33A}] => (Allow) LPort=1900
FirewallRules: [{715EB299-D662-4C37-8A03-0E258EB14902}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{341D1DC6-E0C5-4627-B1C9-3220DB6E3D6E}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{7DE149AF-B47C-46A8-9062-DB1075F07A26}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B06D23CC-F7F9-4DC1-A6A7-51E6CFC1A0AB}] => (Allow) C:\Users\Roberto\AppData\Local\Temp\7zS9D59.tmp\SymNRT.exe
FirewallRules: [{A608E82C-0E51-4D51-93D9-6701EACADFEF}] => (Allow) C:\Users\Roberto\AppData\Local\Temp\7zS9D59.tmp\SymNRT.exe
FirewallRules: [{E5EABF59-91B9-447F-8448-D7B29E6A107D}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{7A3A6949-C303-4571-A8B0-1448C1C3C417}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{B42EF4C3-D813-46C4-9AB1-A636E6600EDD}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{B0B400EC-349D-4F66-835D-1CD02BB0CA19}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{3F939186-286A-43B9-8B39-53F154393B50}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{5947108C-BD88-4B06-BA37-A86308D87DC5}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{83F95C6B-1D2A-4E5A-8906-A1EB34A0548E}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{6A6AE3AA-4F5D-4C2E-B458-021CEAADEB53}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
 
==================== Restore Points =========================
 
27-12-2015 23:12:22 Installed AVG 2016
27-12-2015 23:13:23 Installed AVG
28-12-2015 01:47:20 Windows Update
28-12-2015 02:12:40 Windows Update
28-12-2015 02:53:57 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
28-12-2015 02:59:14 Installed Microsoft Fix it 50123
28-12-2015 04:00:55 Windows Update
28-12-2015 13:21:09 Windows Update
28-12-2015 15:42:45 Windows Update
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/28/2015 04:25:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/28/2015 03:18:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/28/2015 03:15:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/28/2015 03:12:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: VESMgr.exe, versión: 5.5.0.3040, marca de tiempo: 0x4d7079a4
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x747b730c
Id. del proceso con errores: 0x1f78
Hora de inicio de la aplicación con errores: 0xVESMgr.exe0
Ruta de acceso de la aplicación con errores: VESMgr.exe1
Ruta de acceso del módulo con errores: VESMgr.exe2
Id. del informe: VESMgr.exe3
 
Error: (12/28/2015 03:12:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: LMS.exe, versión: 7.0.2.1164, marca de tiempo: 0x4d100cad
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x747b730c
Id. del proceso con errores: 0x19cc
Hora de inicio de la aplicación con errores: 0xLMS.exe0
Ruta de acceso de la aplicación con errores: LMS.exe1
Ruta de acceso del módulo con errores: LMS.exe2
Id. del informe: LMS.exe3
 
Error: (12/28/2015 03:12:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: VCService.exe, versión: 6.4.0.13280, marca de tiempo: 0x4d43164c
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x747b730c
Id. del proceso con errores: 0x1c30
Hora de inicio de la aplicación con errores: 0xVCService.exe0
Ruta de acceso de la aplicación con errores: VCService.exe1
Ruta de acceso del módulo con errores: VCService.exe2
Id. del informe: VCService.exe3
 
Error: (12/28/2015 03:12:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: UNS.exe, versión: 7.0.2.1164, marca de tiempo: 0x4d100dac
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x747b730c
Id. del proceso con errores: 0x1084
Hora de inicio de la aplicación con errores: 0xUNS.exe0
Ruta de acceso de la aplicación con errores: UNS.exe1
Ruta de acceso del módulo con errores: UNS.exe2
Id. del informe: UNS.exe3
 
Error: (12/28/2015 03:11:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: sua.exe, versión: 3.0.0.11003, marca de tiempo: 0x565d8bad
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x747b730c
Id. del proceso con errores: 0x1058
Hora de inicio de la aplicación con errores: 0xsua.exe0
Ruta de acceso de la aplicación con errores: sua.exe1
Ruta de acceso del módulo con errores: sua.exe2
Id. del informe: sua.exe3
 
Error: (12/28/2015 03:11:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: uCamMonitor.exe, versión: 1.0.0.27, marca de tiempo: 0x4d64a35b
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x747b730c
Id. del proceso con errores: 0x638
Hora de inicio de la aplicación con errores: 0xuCamMonitor.exe0
Ruta de acceso de la aplicación con errores: uCamMonitor.exe1
Ruta de acceso del módulo con errores: uCamMonitor.exe2
Id. del informe: uCamMonitor.exe3
 
Error: (12/28/2015 03:11:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: PSIA.exe, versión: 3.0.0.11003, marca de tiempo: 0x565d8bcd
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x747b730c
Id. del proceso con errores: 0x7a8
Hora de inicio de la aplicación con errores: 0xPSIA.exe0
Ruta de acceso de la aplicación con errores: PSIA.exe1
Ruta de acceso del módulo con errores: PSIA.exe2
Id. del informe: PSIA.exe3
 
 
System errors:
=============
Error: (12/28/2015 04:30:58 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x80242016: Actualización para la lista de Vista de compatibilidad de Internet Explorer 8 para Windows 7 para sistemas basados en x64 (KB2598845).
 
Error: (12/28/2015 04:29:16 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: El servicio VAIO Care Performance Service no respondió después de iniciar.
 
Error: (12/28/2015 03:19:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio Instalador de módulos de Windows se cerró con el siguiente error: 
%%16405
 
Error: (12/28/2015 03:12:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Intel® Management and Security Application Local Management Service no pudo iniciarse debido al siguiente error: 
%%109
 
Error: (12/28/2015 03:12:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio VCService se terminó de manera inesperada. Esto ha sucedido 1 veces.
 
Error: (12/28/2015 03:12:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio CamMonitor se terminó de manera inesperada. Esto ha sucedido 1 veces.
 
Error: (12/28/2015 03:12:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Intel® Rapid Storage Technology se terminó de manera inesperada. Esto ha sucedido 1 veces.
 
Error: (12/28/2015 03:12:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio RzKLService se terminó de manera inesperada. Esto ha sucedido 1 veces.
 
Error: (12/28/2015 03:12:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Intel® Management and Security Application Local Management Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 10000 milisegundos: Reiniciar el servicio.
 
Error: (12/28/2015 03:12:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio VAIO Event Service no pudo iniciarse debido al siguiente error: 
%%1053
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 64%
Total physical RAM: 4077.86 MB
Available physical RAM: 1455.48 MB
Total Virtual: 8153.93 MB
Available Virtual: 5547.47 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:455.24 GB) (Free:404.7 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 015A2088)
Partition 1: (Not Active) - (Size=10.4 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=455.2 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

 


  • 0

#12
DonnaB

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 7,501 posts
You're welcome Khronolupus. :)

How is the computer behaving?

I kind of figured that the Windows 10 upgrade would show up during Windows Updates and it did. See below:

C:\Windows\system32\GWX
C:\Windows\SysWOW64\GWX

GWX = Get Windows 10

I can remove all that GWX stuff if you like, if not, it will probably nag you till the end of time. Let me know if you want me to provide instructions on how to get rid of the files and folders and prevent it from nagging you.

I will need to create a FRST script to fix a few things, but I will wait till you tell me what to do about the Windows 10 (GWX) upgrade files and add them to the script if you so choose.

Adobe Reader is still outdated. You can download the most recent version from >>here<<. No need to uninstall the older version, the new version will write over it.

Let me know what to do about GWX once you're done with updating Adobe Reader. :)
  • 1

#13
Khronolupus

Khronolupus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

Is behaving really good for now c:

 

I would like to get ride of those windows 10 files, please :D


  • 0

#14
DonnaB

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 7,501 posts
Great! :)

And will do with those Windows 10 files..

Please don't over look my instructions at the end of my last post concerning updating Adobe Reader. Outdated software is an invitation for malware.

Please do as follows:
  • Open notepad.
  • Copy/paste the contents of the code box below from start to end into notepad.
  • Save it to the desktop as fixlist.txt.
    start
    CreateRestorePoint:
    BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll => No File
    Toolbar: HKU\S-1-5-21-3373465647-1595986680-2991297842-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
    CHR HomePage: Default -> hxxp://www.searchqu.com/415
    CHR StartupUrls: Default -> "hxxp://www.searchqu.com/415"
    2015-12-27 23:15 - 2015-12-27 23:15 - 00000000 ____D C:\Users\Roberto\AppData\Roaming\TuneUp Software
    2015-12-27 20:22 - 2015-12-27 23:08 - 00000000 ____D C:\ProgramData\Norton
    2015-12-27 20:21 - 2015-12-27 20:21 - 00000000 ____D C:\ProgramData\NortonInstaller
    2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 ____D C:\Users\Public\Symantec
    C:\Windows\system32\GWX
    C:\Windows\SysWOW64\GWX
    Reg: reg add HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\GWX /v DisableGWX /t Reg_Dword /d 0x1 /f
    Reg: reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\OSUpgrade /v AllowOSUpgrade /t Reg_Dword /d 0x0 /f
    Reg: reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\OSUpgrade /v ReservationsAllowed /t Reg_Dword /d 0x0 /f
    Reg: reg add HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /v DisableOSUpgrade /t Reg_Dword /d 0x1 /f
    Hosts:
    EmptyTemp:
    end
    
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Run frst.exe (on 64bit, run frst64.exe) and press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) which you will find where you saved FRST. Please post it in your next reply.

  • 0

#15
Khronolupus

Khronolupus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

Sorry for not say it in my last post, i already update Adobe Reader c:

 

 Fix result of Farbar Recovery Scan Tool (x64) Version:27-12-2015

Ran by Roberto (2015-12-29 02:00:46) Run:1
Running from C:\Users\Roberto\Desktop
Loaded Profiles: Roberto (Available Profiles: Roberto)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
start
CreateRestorePoint:
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll => No File
Toolbar: HKU\S-1-5-21-3373465647-1595986680-2991297842-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
CHR HomePage: Default -> hxxp://www.searchqu.com/415
CHR StartupUrls: Default -> "hxxp://www.searchqu.com/415"
2015-12-27 23:15 - 2015-12-27 23:15 - 00000000 ____D C:\Users\Roberto\AppData\Roaming\TuneUp Software
2015-12-27 20:22 - 2015-12-27 23:08 - 00000000 ____D C:\ProgramData\Norton
2015-12-27 20:21 - 2015-12-27 20:21 - 00000000 ____D C:\ProgramData\NortonInstaller
2015-12-27 18:39 - 2015-12-27 18:39 - 00000000 ____D C:\Users\Public\Symantec
C:\Windows\system32\GWX
C:\Windows\SysWOW64\GWX
Reg: reg add HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\GWX /v DisableGWX /t Reg_Dword /d 0x1 /f
Reg: reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\OSUpgrade /v AllowOSUpgrade /t Reg_Dword /d 0x0 /f
Reg: reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\OSUpgrade /v ReservationsAllowed /t Reg_Dword /d 0x0 /f
Reg: reg add HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /v DisableOSUpgrade /t Reg_Dword /d 0x1 /f
Hosts:
EmptyTemp:
end
*****************
 
Restore point was successfully created.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => key removed successfully
HKU\S-1-5-21-3373465647-1595986680-2991297842-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value removed successfully
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => key not found. 
Chrome HomePage => removed successfully
Chrome StartupUrls => removed successfully
C:\Users\Roberto\AppData\Roaming\TuneUp Software => moved successfully
C:\ProgramData\Norton => moved successfully
C:\ProgramData\NortonInstaller => moved successfully
C:\Users\Public\Symantec => moved successfully
C:\Windows\system32\GWX => moved successfully
C:\Windows\SysWOW64\GWX => moved successfully
 
========= reg add HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\GWX /v DisableGWX /t Reg_Dword /d 0x1 /f =========
 
La operaci¢n se complet¢ correctamente.
 
 
 
========= End of Reg: =========
 
 
========= reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\OSUpgrade /v AllowOSUpgrade /t Reg_Dword /d 0x0 /f =========
 
La operaci¢n se complet¢ correctamente.
 
 
 
========= End of Reg: =========
 
 
========= reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\OSUpgrade /v ReservationsAllowed /t Reg_Dword /d 0x0 /f =========
 
La operaci¢n se complet¢ correctamente.
 
 
 
========= End of Reg: =========
 
 
========= reg add HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /v DisableOSUpgrade /t Reg_Dword /d 0x1 /f =========
 
La operaci¢n se complet¢ correctamente.
 
 
 
========= End of Reg: =========
 
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 937.7 MB temporary data Removed.
 
 
The system needed a reboot.
 
==== End of Fixlog 02:01:32 ====

Edited by Khronolupus, 28 December 2015 - 10:09 PM.

  • 0






Similar Topics


Also tagged with one or more of these keywords: malware

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP