Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

browsers badly infected by russians

russian aliexpress

  • Please log in to reply

#1
Juan Cooke

Juan Cooke

    New Member

  • Member
  • Pip
  • 4 posts

hi, chrome and firefox opens first thing aliexpress pages in russian.  Also detect previosly a page named apytrc.com and sometimes one called traffic-media....

thank you for your help

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-10-2016
Ran by JUACOOK (administrator) on JUACOOK-PC (31-10-2016 23:06:17)
Running from C:\Users\JUACOOK\Desktop
Loaded Profiles: JUACOOK (Available Profiles: JUACOOK)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTray.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Apple Inc.) C:\Program Files (x86)\AirPort\APAgent.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
(Spotify Ltd) C:\Users\JUACOOK\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\POWERPNT.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTray.exe [9571552 2016-07-18] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25424008 2016-10-24] (Dropbox, Inc.)
HKLM-x32\...\Run: [AirPort Base Station Agent] => C:\Program Files (x86)\AirPort\APAgent.exe [771360 2009-11-11] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1156824 2016-09-16] (Adobe Systems Incorporated)
HKU\S-1-5-21-2934633564-1917555359-3310633167-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2934633564-1917555359-3310633167-1000\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [5142664 2014-12-21] (Plex, Inc.)
HKU\S-1-5-21-2934633564-1917555359-3310633167-1000\...\Run: [Spotify Web Helper] => C:\Users\JUACOOK\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1431664 2016-10-27] (Spotify Ltd)
HKU\S-1-5-21-2934633564-1917555359-3310633167-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53130368 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-2934633564-1917555359-3310633167-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2860832 2016-10-12] (Valve Corporation)
HKU\S-1-5-21-2934633564-1917555359-3310633167-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8894680 2016-08-05] (Piriform Ltd)
HKU\S-1-5-21-2934633564-1917555359-3310633167-1000\...\MountPoints2: {0040b9a1-0256-11e5-bfed-0015830cbfeb} - F:\AutoRun.exe
HKU\S-1-5-21-2934633564-1917555359-3310633167-1000\...\MountPoints2: {9dda0a2c-2029-11e5-9ef0-0015830cbfeb} - H:\iLinker.exe
HKU\S-1-5-21-2934633564-1917555359-3310633167-1000\...\MountPoints2: {c498caa6-56ff-11e5-8b55-0015830cbfeb} - H:\iLinker.exe
HKU\S-1-5-21-2934633564-1917555359-3310633167-1000\...\MountPoints2: {f5d1bd2d-154c-11e0-98aa-806e6f6e6963} - D:\Bin\ASSETUP.exe
HKU\S-1-5-21-2934633564-1917555359-3310633167-1000\...\Winlogon: [Shell] C:\Windows\Explorer.exe [3231232 2016-01-22] (Microsoft Corporation) <==== ATTENTION
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\JUACOOK\AppData\Local\MEGAsync\ShellExtX64.dll No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\JUACOOK\AppData\Local\MEGAsync\ShellExtX64.dll No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\JUACOOK\AppData\Local\MEGAsync\ShellExtX64.dll No File
ShellIconOverlayIdentifiers: [ExplorerEx] -> {E056AFDD-03E9-4D73-8D33-8FCCBCA73438} =>  No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\JUACOOK\AppData\Local\MEGAsync\ShellExtX32.dll No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\JUACOOK\AppData\Local\MEGAsync\ShellExtX32.dll No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\JUACOOK\AppData\Local\MEGAsync\ShellExtX32.dll No File
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 200.42.4.203 200.49.130.44 192.168.1.1
Tcpip\..\Interfaces\{1833EA1F-1625-489E-AA57-6B94C81A8305}: [DhcpNameServer] 200.42.4.203 200.49.130.44 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2934633564-1917555359-3310633167-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-2934633564-1917555359-3310633167-1000 -> DefaultScope {2039DD3E-4E72-4C20-90E7-9FD959AA7D06} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2934633564-1917555359-3310633167-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=WDCXWD10EZEX-22BN5A0_WD-WCC3FPEZ8DRYZ8DRY&ts=1422759814&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2934633564-1917555359-3310633167-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=WDCXWD10EZEX-22BN5A0_WD-WCC3FPEZ8DRYZ8DRY&ts=1422759814&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2934633564-1917555359-3310633167-1000 -> {2039DD3E-4E72-4C20-90E7-9FD959AA7D06} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2934633564-1917555359-3310633167-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=WDCXWD10EZEX-22BN5A0_WD-WCC3FPEZ8DRYZ8DRY&ts=1422759814&type=default&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-01-12] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Youtube AdBlock -> {95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B} -> C:\Program Files (x86)\Youtube AdBlock\IEEF\ncxNVrvI4H.dll [2016-09-10] ()
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-01-12] (Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-01-12] (Microsoft Corporation)
BHO-x32: Aplicación auxiliar de inicio de sesión en la cuenta Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Youtube AdBlock -> {95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B} -> C:\Program Files (x86)\Youtube AdBlock\IEEF\o6vBn3h3dY.dll [2016-09-10] ()
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-01-12] (Microsoft Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-10-14] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: oagcnhwm.default-1422812934952
FF ProfilePath: C:\Users\JUACOOK\AppData\Roaming\Mozilla\Firefox\Profiles\oagcnhwm.default-1422812934952 [2016-10-31]
FF user.js: detected! => C:\Users\JUACOOK\AppData\Roaming\Mozilla\Firefox\Profiles\oagcnhwm.default-1422812934952\user.js [2015-02-01]
FF Extension: (Firefox Hotfix) - C:\Users\JUACOOK\AppData\Roaming\Mozilla\Firefox\Profiles\oagcnhwm.default-1422812934952\Extensions\[email protected] [2016-10-15]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2015-02-03] [not signed]
FF HKU\S-1-5-21-2934633564-1917555359-3310633167-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll [2015-01-09] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll [2015-01-09] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-08-25] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2934633564-1917555359-3310633167-1000: SkypePlugin -> C:\Users\JUACOOK\AppData\Local\SkypePlugin\7.6.0.295\npGatewayNpapi.dll [2015-09-14] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-2934633564-1917555359-3310633167-1000: SkypePlugin64 -> C:\Users\JUACOOK\AppData\Local\SkypePlugin\7.6.0.295\npGatewayNpapi-x64.dll [2015-09-14] (Skype Technologies S.A.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-05-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-05-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-05-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-05-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-05-14] (Apple Inc.)

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR StartupUrls: Profile 1 -> "hxxps://www.youtube.com/","hxxps://www.google.com.ar/"
CHR Profile: C:\Users\JUACOOK\AppData\Local\Google\Chrome\User Data\Default [2016-09-25]
CHR Extension: (Google Drive) - C:\Users\JUACOOK\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-15]
CHR Extension: (No Name) - C:\Users\JUACOOK\AppData\Local\Google\Chrome\User Data\Default\Extensions\cebkcnlhbjapdpofhcokcdhfgpehhajk [2016-09-10]
CHR Extension: (Google Docs Offline) - C:\Users\JUACOOK\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-15]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\JUACOOK\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-12-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\JUACOOK\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-28]
CHR Profile: C:\Users\JUACOOK\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-10-31]
CHR Extension: (Google Drive) - C:\Users\JUACOOK\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-31]
CHR Extension: (Bloqueador de anuncios para Youtube™) - C:\Users\JUACOOK\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cebkcnlhbjapdpofhcokcdhfgpehhajk [2016-09-10]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\JUACOOK\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (AdBlock) - C:\Users\JUACOOK\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-10-20]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\JUACOOK\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-12-16]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\JUACOOK\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Chrome Media Router) - C:\Users\JUACOOK\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-13]
CHR Profile: C:\Users\JUACOOK\AppData\Local\Google\Chrome\User Data\System Profile [2016-09-25]
CHR Extension: (Google Slides) - C:\Users\JUACOOK\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-02]
CHR Extension: (Google Docs) - C:\Users\JUACOOK\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-02]
CHR Extension: (Google Drive) - C:\Users\JUACOOK\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-02]
CHR Extension: (YouTube) - C:\Users\JUACOOK\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-02]
CHR Extension: (No Name) - C:\Users\JUACOOK\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\cebkcnlhbjapdpofhcokcdhfgpehhajk [2016-09-10]
CHR Extension: (Google Search) - C:\Users\JUACOOK\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-02]
CHR Extension: (Google Sheets) - C:\Users\JUACOOK\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-02]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\JUACOOK\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-02]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\JUACOOK\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-07-02]
CHR Extension: (Google Wallet) - C:\Users\JUACOOK\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-02]
CHR Extension: (Gmail) - C:\Users\JUACOOK\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-02]
CHR HKU\S-1-5-21-2934633564-1917555359-3310633167-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-04] (Advanced Micro Devices, Inc.) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1404936 2016-08-01] ()
S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-30] (Dropbox, Inc.)
S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-30] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [41576 2016-10-24] (Dropbox, Inc.)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [240416 2016-03-04] (EasyAntiCheat Ltd)
S2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareService.exe [732056 2016-07-18] ()
S2 libusbd; C:\Windows\SysWOW64\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net) [File not signed]
S4 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-06-16] (Hewlett-Packard Company) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2015-10-19] (Popcorn Time) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 serverca; C:\Users\JUACOOK\AppData\Local\ConvertAd\CASrv.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] () [File not signed]
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-10] (Malwarebytes)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [485512 2016-04-28] (BitDefender S.R.L.)
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-31 23:06 - 2016-10-31 23:06 - 00027450 _____ C:\Users\JUACOOK\Desktop\FRST.txt
2016-10-31 23:05 - 2016-10-31 23:06 - 00000000 ____D C:\FRST
2016-10-31 23:03 - 2016-10-31 23:03 - 02408960 _____ (Farbar) C:\Users\JUACOOK\Desktop\FRST64.exe
2016-10-31 19:35 - 2016-10-31 19:35 - 00016215 _____ C:\Users\JUACOOK\Downloads\482768.rar
2016-10-27 17:16 - 2016-10-27 17:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-10-26 20:08 - 2016-10-26 20:08 - 00237056 _____ C:\Users\JUACOOK\Downloads\ADMINISTRACION.ppt
2016-10-26 20:07 - 2016-10-26 20:07 - 00535709 _____ C:\Users\JUACOOK\Downloads\Concepto de organización y procesos organizativos.pptx.pptx
2016-10-26 20:07 - 2016-10-26 20:07 - 00113648 _____ C:\Users\JUACOOK\Downloads\Presentación1 Sistema sanitario Argentino materia gestion ARCIS.pptx
2016-10-26 19:45 - 2016-10-26 19:45 - 02386432 _____ C:\Users\JUACOOK\Downloads\Oxigenoterapia.ppt
2016-10-26 19:44 - 2016-10-26 19:45 - 01811968 _____ C:\Users\JUACOOK\Downloads\Patologías respiratorias.ppt
2016-10-26 19:44 - 2016-10-26 19:44 - 01806848 _____ C:\Users\JUACOOK\Downloads\Cardiopatías[1].ppt
2016-10-26 19:38 - 2016-10-26 19:38 - 04563968 _____ C:\Users\JUACOOK\Downloads\CATETER IMPLANTABLE-PORTAL.ppt
2016-10-26 19:38 - 2016-10-26 19:38 - 00680448 _____ C:\Users\JUACOOK\Downloads\CLASE 16 Paciente oncológico.ppt
2016-10-26 12:52 - 2016-10-26 12:52 - 00081372 _____ C:\Users\JUACOOK\Downloads\MaternoTPoncologia.pdf
2016-10-26 12:16 - 2016-10-26 12:16 - 00114395 _____ C:\Users\JUACOOK\Downloads\31072008.1.pdf
2016-10-26 11:23 - 2016-10-26 11:23 - 00242688 _____ C:\Users\JUACOOK\Downloads\onco3_protocolosqt.pps
2016-10-25 17:23 - 2016-10-25 17:23 - 00037110 _____ C:\Users\JUACOOK\Downloads\482180.rar
2016-10-24 20:28 - 2016-10-24 20:28 - 00020799 _____ C:\Users\JUACOOK\Downloads\482121.rar
2016-10-24 16:47 - 2016-10-24 16:47 - 00017281 _____ C:\Users\JUACOOK\Downloads\High.Maintenance.(2016).S01E01-Meth(od)-aRGENTeaM-62918.zip
2016-10-24 16:47 - 2016-10-24 16:47 - 00014044 _____ C:\Users\JUACOOK\Downloads\Divorce.(2016).S01E01-Pilot-aRGENTeaM-62920.zip
2016-10-24 10:06 - 2016-10-24 10:06 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2016-10-24 10:06 - 2016-10-24 10:06 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2016-10-24 10:06 - 2016-10-24 10:06 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2016-10-24 10:06 - 2016-10-24 10:06 - 00041576 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2016-10-21 19:47 - 2016-10-21 19:47 - 00022237 _____ C:\Users\JUACOOK\Downloads\479939.zip
2016-10-21 19:44 - 2016-10-21 19:44 - 00016352 _____ C:\Users\JUACOOK\Downloads\465413.rar
2016-10-21 19:43 - 2016-10-21 19:43 - 00019834 _____ C:\Users\JUACOOK\Downloads\464222.rar
2016-10-21 19:40 - 2016-10-21 19:40 - 00049676 _____ C:\Users\JUACOOK\Downloads\Bad.Moms.(2016)-aRGENTeaM-62871.zip
2016-10-21 19:39 - 2016-10-21 19:39 - 00035517 _____ C:\Users\JUACOOK\Downloads\Star.Trek.Beyond.(2016)-aRGENTeaM-62864.zip
2016-10-20 19:45 - 2016-10-21 22:10 - 00000000 ____D C:\Users\JUACOOK\Documents\Descargas
2016-10-20 19:42 - 2016-10-20 19:45 - 00000000 ____D C:\Users\JUACOOK\AppData\Roaming\mulehome
2016-10-20 19:42 - 2016-10-20 19:43 - 00000000 ____D C:\Users\JUACOOK\AppData\Local\eMuleTorrent
2016-10-20 19:42 - 2016-10-20 19:42 - 00001100 _____ C:\Users\Public\Desktop\eMuleTorrent.lnk
2016-10-20 19:42 - 2016-10-20 19:42 - 00000155 _____ C:\Windows\$PREFFILE
2016-10-20 19:42 - 2016-10-20 19:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eMuleTorrent
2016-10-20 19:42 - 2016-10-20 19:42 - 00000000 ____D C:\Program Files (x86)\eMuleTorrent
2016-10-20 19:39 - 2016-10-20 19:39 - 25527200 _____ C:\Users\JUACOOK\Downloads\emule.exe
2016-10-20 09:05 - 2016-10-20 09:05 - 00455585 _____ C:\Users\JUACOOK\Downloads\MARÍA COOKE CV.pdf
2016-10-18 20:10 - 2016-10-18 20:20 - 00179028 _____ C:\Windows\ntbtlog.txt
2016-10-17 18:56 - 2016-10-17 18:56 - 00019441 _____ C:\Users\JUACOOK\Downloads\463094.rar
2016-10-17 18:55 - 2016-10-17 18:55 - 00020175 _____ C:\Users\JUACOOK\Downloads\481390.zip
2016-10-17 18:51 - 2016-10-17 18:51 - 00044408 _____ C:\Users\JUACOOK\Downloads\La.pazza.gioia.(2016)-aRGENTeaM-62827.zip
2016-10-15 16:46 - 2016-10-15 18:43 - 942648460 _____ C:\Users\JUACOOK\Downloads\Acrossusc-1.mkv
2016-10-15 14:08 - 2016-10-15 14:08 - 00029002 _____ C:\Users\JUACOOK\Downloads\Across.the.Universe(2007)-aRGENTeaM-11390.zip
2016-10-14 19:24 - 2016-10-14 19:24 - 00021302 _____ C:\Users\JUACOOK\Downloads\478502.zip
2016-10-14 19:24 - 2016-10-14 19:24 - 00019813 _____ C:\Users\JUACOOK\Downloads\479177.zip
2016-10-14 14:34 - 2016-10-14 14:34 - 06079488 _____ C:\Users\JUACOOK\Downloads\Gestion_del_Departamento_de_Enfermeria_UCA final 2 bis.ppt
2016-10-13 19:34 - 2016-10-13 19:34 - 00018104 _____ C:\Users\JUACOOK\Downloads\The.Fall.(2013).S02E03-Its.Always.Darkest-aRGENTeaM-54240.zip
2016-10-12 18:36 - 2016-10-12 18:36 - 00324096 _____ C:\Users\JUACOOK\Downloads\download-1471869255570.ppt
2016-10-12 18:35 - 2016-10-12 18:35 - 00195822 _____ C:\Users\JUACOOK\Downloads\El hospital como organizacion.pptx
2016-10-12 18:34 - 2016-10-12 18:34 - 00180736 _____ C:\Users\JUACOOK\Downloads\Liderazgo%20y%20su%20importancia%20en%20la%20gestión[1].ppt
2016-10-12 18:34 - 2016-10-12 18:34 - 00086201 _____ C:\Users\JUACOOK\Downloads\Delegacion.pptx
2016-10-12 18:33 - 2016-10-12 18:33 - 00666553 _____ C:\Users\JUACOOK\Downloads\Seguridad del paciente alumnos cemic.pptx
2016-10-12 18:33 - 2016-10-12 18:33 - 00666553 _____ C:\Users\JUACOOK\Downloads\Seguridad del paciente alumnos cemic (1).pptx
2016-10-12 18:33 - 2016-10-12 18:33 - 00321347 _____ C:\Users\JUACOOK\Downloads\Presentación1 circulo de deming.pptx
2016-10-11 20:14 - 2016-10-11 20:14 - 00028757 _____ C:\Users\JUACOOK\Downloads\Our.Kind.of.Traitor.(2016)-aRGENTeaM-62743.zip
2016-10-11 20:11 - 2016-10-11 20:11 - 00018139 _____ C:\Users\JUACOOK\Downloads\Quarry.(2016).S01E01-You.Dont.Miss.Your.Water-aRGENTeaM-62751.zip
2016-10-11 20:08 - 2016-10-11 20:08 - 00016947 _____ C:\Users\JUACOOK\Downloads\Westworld.(2016).S01E02-Chestnut-aRGENTeaM-62766.zip
2016-10-05 23:16 - 2016-10-05 23:16 - 00019746 _____ C:\Users\JUACOOK\Downloads\Westworld.(2016).S01E01-The.Original-aRGENTeaM-62675.zip
2016-10-05 23:14 - 2016-10-11 20:07 - 00000000 ____D C:\Users\JUACOOK\AppData\LocalLow\BitTorrent
2016-10-02 00:05 - 2016-10-02 00:05 - 00135031 _____ C:\Users\JUACOOK\Downloads\Cafe_Society_2016_1080p_BluRay_X264_AMIABLE.torrent
2016-10-01 23:56 - 2016-10-01 23:56 - 00023210 _____ C:\Users\JUACOOK\Downloads\Broken.Vows.(2016)-aRGENTeaM-62606.zip

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-31 23:04 - 2015-01-09 19:03 - 00001036 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-31 22:29 - 2015-06-30 18:18 - 00000952 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-10-31 20:56 - 2015-02-01 22:14 - 00000000 ____D C:\Users\JUACOOK\AppData\Local\Spotify
2016-10-31 20:56 - 2015-02-01 22:13 - 00000000 ____D C:\Users\JUACOOK\AppData\Roaming\Spotify
2016-10-31 20:04 - 2015-01-09 19:03 - 00001032 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-31 18:52 - 2015-01-09 18:57 - 00000000 ____D C:\TORRENTS
2016-10-31 14:05 - 2016-09-10 14:05 - 00000336 _____ C:\Windows\Tasks\Update Service for Youtube AdBlock2.job
2016-10-31 08:07 - 2009-07-14 01:45 - 00017360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-31 08:07 - 2009-07-14 01:45 - 00017360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-31 02:29 - 2015-06-30 18:18 - 00000948 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-10-27 17:17 - 2015-06-30 18:25 - 00000000 ___RD C:\Users\JUACOOK\Dropbox
2016-10-27 17:16 - 2015-06-30 18:18 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-10-27 07:37 - 2009-07-14 06:31 - 00751176 _____ C:\Windows\system32\perfh00A.dat
2016-10-27 07:37 - 2009-07-14 06:31 - 00160200 _____ C:\Windows\system32\perfc00A.dat
2016-10-27 07:37 - 2009-07-14 02:13 - 01686082 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-27 07:37 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-10-26 17:29 - 2015-01-08 17:35 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-10-25 23:02 - 2015-02-01 22:19 - 00000000 ____D C:\Users\JUACOOK\AppData\Roaming\vlc
2016-10-24 22:37 - 2015-01-10 01:27 - 00000000 ____D C:\Program Files (x86)\Steam
2016-10-24 22:37 - 2015-01-09 18:57 - 00000000 ____D C:\Users\JUACOOK\AppData\Roaming\Skype
2016-10-24 20:30 - 2015-08-29 20:38 - 00000009 _____ C:\Users\JUACOOK\AppData\Roaming\update.dat
2016-10-22 23:13 - 2016-04-09 20:10 - 00000000 ____D C:\Users\JUACOOK\AppData\LocalLow\Smartly Dressed Games
2016-10-20 22:06 - 2015-06-09 16:43 - 00002083 _____ C:\Users\Public\Desktop\Google Slides.lnk
2016-10-20 22:06 - 2015-06-09 16:43 - 00002081 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2016-10-20 22:06 - 2015-06-09 16:43 - 00002071 _____ C:\Users\Public\Desktop\Google Docs.lnk
2016-10-20 22:06 - 2015-06-09 16:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-10-19 23:17 - 2015-05-22 22:33 - 00000000 ____D C:\Program Files\Common Files\logishrd
2016-10-19 23:17 - 2015-05-22 22:33 - 00000000 _____ C:\Windows\system32\Drivers\lvuvc.hs
2016-10-19 17:56 - 2015-08-29 20:38 - 261744128 _____ C:\Users\JUACOOK\AppData\Roaming\Update.fg3
2016-10-18 20:23 - 2016-09-10 19:47 - 00002369 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2016-10-18 20:22 - 2016-09-07 19:18 - 00000336 _____ C:\Windows\Tasks\Update Service for Youtube AdBlock.job
2016-10-18 20:22 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-18 20:09 - 2015-01-09 18:54 - 00000000 ____D C:\Users\JUACOOK\AppData\Roaming\BitTorrent
2016-10-18 20:00 - 2016-04-03 21:09 - 00000000 ____D C:\Program Files (x86)\R.G. Freedom
2016-10-18 19:59 - 2016-06-15 16:10 - 00000000 ____D C:\Program Files (x86)\Star wars Battlefront II
2016-10-18 19:59 - 2015-07-13 21:16 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-10-18 19:56 - 2015-03-28 15:38 - 00000000 ____D C:\Users\JUACOOK\AppData\Roaming\Imploded Software
2016-10-18 19:56 - 2015-01-30 20:40 - 00000000 ____D C:\Users\JUACOOK\AppData\Local\Research In Motion
2016-10-18 19:54 - 2015-03-03 20:18 - 00000000 ____D C:\Program Files (x86)\ARAX Disk Doctor Data Recovery
2016-10-18 12:03 - 2015-02-28 00:19 - 00000000 ____D C:\Users\JUACOOK\Desktop\Clara
2016-10-14 02:30 - 2015-01-10 15:05 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-10-05 21:54 - 2016-03-04 23:28 - 00001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-10-05 21:54 - 2016-03-04 23:28 - 00001000 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-10-05 21:54 - 2016-03-04 23:28 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-10-04 15:00 - 2015-01-07 21:31 - 00000000 ____D C:\ProgramData\Package Cache

==================== Files in the root of some directories =======

2015-01-29 17:16 - 2015-01-29 17:17 - 0217088 _____ () C:\Program Files (x86)\drag
2015-01-30 20:40 - 2015-05-22 21:23 - 0000462 _____ () C:\Users\JUACOOK\AppData\Roaming\Rim.Desktop.Exception.log
2015-01-30 20:39 - 2016-10-18 19:55 - 0004229 _____ () C:\Users\JUACOOK\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2015-01-30 20:40 - 2015-05-22 21:23 - 0000539 _____ () C:\Users\JUACOOK\AppData\Roaming\Rim.DesktopHelper.Exception.log
2015-08-29 20:38 - 2016-10-24 20:30 - 0000009 _____ () C:\Users\JUACOOK\AppData\Roaming\update.dat
2015-08-29 20:38 - 2016-10-19 17:56 - 261744128 _____ () C:\Users\JUACOOK\AppData\Roaming\Update.fg3
2015-08-29 20:39 - 2015-09-17 17:44 - 0000004 _____ () C:\Users\JUACOOK\AppData\Roaming\Microsoft\notaut.txt
2015-07-05 13:40 - 2015-12-25 10:26 - 0007168 _____ () C:\Users\JUACOOK\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-02 14:04 - 2015-05-02 14:04 - 0000000 ___SH () C:\Users\JUACOOK\AppData\Local\LumaEmu
2015-02-01 13:11 - 2015-02-01 13:11 - 0613057 _____ (CMI Limited) C:\Users\JUACOOK\AppData\Local\nszC8.tmp
2015-07-18 21:43 - 2015-07-18 21:45 - 15082995 _____ () C:\Users\JUACOOK\AppData\Local\package.nw.new
2015-01-07 21:39 - 2015-01-07 21:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-01-11 23:09 - 2016-10-18 19:57 - 0007823 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\JUACOOK\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-10-25 00:16

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-10-2016
Ran by JUACOOK (31-10-2016 23:07:25)
Running from C:\Users\JUACOOK\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2015-01-08 00:26:18)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-2934633564-1917555359-3310633167-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-2934633564-1917555359-3310633167-1006 - Limited - Enabled)
Invitado (S-1-5-21-2934633564-1917555359-3310633167-501 - Limited - Disabled)
JUACOOK (S-1-5-21-2934633564-1917555359-3310633167-1000 - Administrator - Enabled) => C:\Users\JUACOOK

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
Ad-Aware Antivirus (HKLM\...\{36036827-FA38-4A74-8333-26BC4EEC9308}_AdAwareUpdater) (Version: 11.12.945.9202 - Lavasoft)
AdAwareInstaller (Version: 11.12.945.9202 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.12.945.9202 - Lavasoft) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.18) - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.18 - Adobe Systems Incorporated)
AirPort (HKLM-x32\...\{AA68AAAE-41F0-40B5-8896-5947F5FD6889}) (Version: 5.6.1.2 - Apple Inc.)
AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AntimalwareEngine (Version: 3.0.129.0 - Lavasoft) Hidden
Apple Application Support (32 bits) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version:  - Studio Wildcard)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BitTorrent (HKU\S-1-5-21-2934633564-1917555359-3310633167-1000\...\BitTorrent) (Version: 7.9.9.42607 - BitTorrent Inc.)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.66.1075 - AB Team, d.o.o.)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.21 - Piriform)
CopyPod (remove only) (HKLM-x32\...\CopyPod) (Version:  - )
D110 (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dropbox (HKLM-x32\...\Dropbox) (Version: 13.4.21 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden
Eines de correcció del Microsoft Office 2013: català (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
eMuleTorrent (HKLM-x32\...\eMuleTorrent) (Version: 1.0.0.21 - eMule.com)
Ferramentas de verificación de Microsoft Office 2013 - Galego (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GameRanger (HKU\S-1-5-21-2934633564-1917555359-3310633167-1000\...\GameRanger) (Version:  - GameRanger Technologies)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.)
Google Drive (HKLM-x32\...\{3D7AB4D4-2E45-4986-BAC5-5B3CEED21FAA}) (Version: 1.32.3592.6117 - Google, Inc.)
Google Earth (HKLM-x32\...\{2C44ABB9-8621-4EF5-AF34-0886DCDA7C21}) (Version: 7.1.7.2600 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
H1Z1: Just Survive (HKLM\...\Steam App 295110) (Version:  - Daybreak Game Company)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{14BC6853-A74E-4874-B50D-679889D1544D}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
LibUSB-Win32-0.1.10.1 (HKLM-x32\...\LibUSB-Win32_is1) (Version: 0.1.10.1 - LibUSB-Win32)
LightScribe System Software (HKLM-x32\...\{07E49BC1-24FF-4D7A-AC74-727BE95801AF}) (Version: 1.18.16.1 - LightScribe)
Linksys Connect (HKLM-x32\...\Linksys Connect) (Version: 1.5.15287.0 - Linksys LLC)
Malwarebytes Anti-Malware versión 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 43.0.1 (x86 es-ES) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 es-ES)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
PAYDAY 2 (HKLM\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Plex Media Server (HKLM-x32\...\{7425d872-d65d-42c9-8c6d-7a8a529a4b50}) (Version: 0.9.1107 - Plex, Inc.)
Plex Media Server (x32 Version: 0.9.1107 - Plex, Inc.) Hidden
PokerStars (HKLM-x32\...\PokerStars) (Version:  - PokerStars)
Popcorn-Time (HKU\S-1-5-21-2934633564-1917555359-3310633167-1000\...\Popcorn-Time) (Version: 0.3.9 - Popcorn Time)
Project Zomboid (HKLM\...\Steam App 108600) (Version:  - The Indie Stone)
PS_AIO_07_D110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.75.827.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Scan (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Skype Web Plugin (HKLM-x32\...\{8A9079EA-59DE-491F-937A-D421399B7762}) (Version: 7.6.0.295 - Skype Technologies S.A.)
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SNOW (HKLM\...\Steam App 244930) (Version:  - Poppermost Productions)
SolutionCenter (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Spotify (HKU\S-1-5-21-2934633564-1917555359-3310633167-1000\...\Spotify) (Version: 1.0.41.375.g040056ca - Spotify AB)
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer)
The Forest (HKLM\...\Steam App 242760) (Version:  - Endnight Games Ltd)
Toolbox (x32 Version: 140.0.424.000 - Hewlett-Packard) Hidden
Town of Salem (HKLM\...\Steam App 334230) (Version:  - BlankMediaGames)
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Unturned (HKLM\...\Steam App 304930) (Version:  - Smartly Dressed Games)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{28C1EB1A-45AC-4B12-887F-98EE0AA0D6DD}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3114732) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AD89B6F9-C98A-4506-ABDE-782B0959CC84}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3114732) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AD89B6F9-C98A-4506-ABDE-782B0959CC84}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3114732) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{AD89B6F9-C98A-4506-ABDE-782B0959CC84}) (Version:  - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Youtube AdBlock (HKLM-x32\...\Youtube AdBlock) (Version: 2.0.0.32 - Company Inc.) <==== ATTENTION

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2934633564-1917555359-3310633167-1000_Classes\CLSID\{04419CEE-76E5-4487-B32E-68C0FD0C07E4}\InprocServer32 -> C:\Users\JUACOOK\AppData\Local\SkypePlugin\7.6.0.295\GatewayActiveX-x64.dll (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-2934633564-1917555359-3310633167-1000_Classes\CLSID\{82C13295-2E78-45DD-9973-21F20A7D6F5C}\localserver32 -> C:\Users\JUACOOK\AppData\Local\SkypePlugin\7.6.0.295\GatewayVersion-x64.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-2934633564-1917555359-3310633167-1000_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\JUACOOK\AppData\Local\SkypePlugin\7.6.0.295\EdgeCalling.exe (Skype Technologies S.A.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {064CD753-0644-4BBC-B275-E0CFEF35C4A3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {07813216-9B16-47D3-87A2-2287EF170146} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {10898841-2586-4D0B-9BDC-42289A4CCC3D} - System32\Tasks\{AAD5AB7B-FB0E-40D3-B8B1-61945010F7BF} => C:\TORRENTS\JUEGOS y  SOFT\Left 4 Dead 2 PC full game multiplayer + SP 2.1.1.2 ^^nosTEAM^^\Left4dead 2\play-l4d2.exe
Task: {160DC2C1-C71B-4535-BE4C-D62291982857} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {317B5E6F-32A5-4496-AEC2-5F9992C30EF0} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {5551C471-F103-42D5-9BED-AD45D5FF19D1} - System32\Tasks\{B20CF378-AC7F-413D-9BB5-EDCD886CE134} => C:\TORRENTS\JUEGOS y  SOFT\Left 4 Dead 2 PC full game multiplayer + SP 2.1.1.2 ^^nosTEAM^^\Left4dead 2\play-l4d2.exe
Task: {688B6D29-5D21-4AC5-82CF-43C39A2E3526} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated)
Task: {6D3DC8C2-1BB3-4E51-8856-1AA4FD5D782E} - System32\Tasks\Update Service for Youtube AdBlock => C:\Program Files (x86)\Youtube AdBlock\4wFTMRd.exe [2016-09-10] () <==== ATTENTION
Task: {7527813E-18AD-40A9-A64C-644234D32747} - System32\Tasks\Steam_x64-S-2-106-91 => "C:\Users\JUACOOK\AppData\Roaming\library_dir\CODEXi\Steam" [Argument = mishacoin.] <==== ATTENTION
Task: {79E0DF0D-BBAC-4A05-825E-F14A44B5BA38} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {8A78466D-6C87-4DDC-8701-593170F33F74} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {93A80A7E-EC7A-4263-A926-53CBBFE83DE5} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {9802F58A-D39C-493D-8FB5-14B29E4F5228} - System32\Tasks\{7E86D64C-7230-4BC9-9271-DA88439C417C} => C:\TORRENTS\JUEGOS y  SOFT\Left 4 Dead 2 PC full game multiplayer + SP 2.1.1.2 ^^nosTEAM^^\Left4dead 2\play-l4d2.exe
Task: {B9B77BCF-BA96-44B1-9547-16E980AD8790} - System32\Tasks\Update Service for Youtube AdBlock2 => C:\Program Files (x86)\Youtube AdBlock\4wFTMRd.exe [2016-09-10] () <==== ATTENTION
Task: {C3160DCE-8771-47E8-8A44-DEF100643D1C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {C8AE3CA7-2305-454E-BD91-B5EBC9079BD6} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-30] (Dropbox, Inc.)
Task: {D15BB2D4-CCC6-43BE-BE25-94AE86B25DCD} - System32\Tasks\{9F1159E3-22E1-48F4-892F-7BEE2CE8F227} => C:\TORRENTS\JUEGOS y  SOFT\Left 4 Dead 2 PC full game multiplayer + SP 2.1.1.2 ^^nosTEAM^^\Left4dead 2\play-l4d2.exe
Task: {E6D97DFB-F4DA-4C76-B1D5-5FB8C5CC7B67} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-05] (Piriform Ltd)
Task: {E7956D1F-99E2-4D76-B446-5B8DDF322C5B} - System32\Tasks\{39795091-09D7-4872-9312-AEAFFA910A7A} => pcalua.exe -a "C:\TORRENTS\Dragon Age Inquisition (2.5) [R.G. Games]\Setup.exe" -d "C:\TORRENTS\Dragon Age Inquisition (2.5) [R.G. Games]"
Task: {EDFB5F1F-3806-45F5-A252-5598649EE46F} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-30] (Dropbox, Inc.)
Task: {FAF762AC-60DC-4F0B-A0FB-EFB58B69AA90} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Update Service for Youtube AdBlock.job => C:\Program Files (x86)\Youtube AdBlock\4wFTMRd.exe <==== ATTENTION
Task: C:\Windows\Tasks\Update Service for Youtube AdBlock2.job => C:\Program Files (x86)\Youtube AdBlock\4wFTMRd.exe <==== ATTENTION

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\JUACOOK\Desktop\Gооglе Сhrоmе.lnk -> C:\Users\JUACOOK\AppData\Roaming\HPRewriter2\RewRun3.exe (Aulxif) -> 1 0 <===== Cyrillic
ShortcutWithArgument: C:\Users\JUACOOK\AppData\Local\Google\Chrome\User Data\Menú de aplicaciones de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\JUACOOK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr.lnk -> C:\Users\JUACOOK\AppData\Roaming\HPRewriter2\RewRun3.exe (Aulxif) -> 3 0 <===== Cyrillic
ShortcutWithArgument: C:\Users\JUACOOK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Меnú dе арliсасiоnеs dе Сhrоmе.lnk -> C:\Users\JUACOOK\AppData\Roaming\HPRewriter2\RewRun3.exe (Aulxif) -> 1 0 <===== Cyrillic
ShortcutWithArgument: C:\Users\JUACOOK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Аdblосk Рlus.lnk -> C:\Users\JUACOOK\AppData\Roaming\HPRewriter2\RewRun3.exe (Aulxif) -> 1 0 <===== Cyrillic
ShortcutWithArgument: C:\Users\JUACOOK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Intеrnеt Ехрlоrеr (Nо Аdd-оns).lnk -> C:\Users\JUACOOK\AppData\Roaming\HPRewriter2\RewRun3.exe (Aulxif) -> 3 0 <===== Cyrillic
ShortcutWithArgument: C:\Users\JUACOOK\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gооglе Сhrоmе.lnk -> C:\Users\JUACOOK\AppData\Roaming\HPRewriter2\RewRun3.exe (Aulxif) -> 1 0 <===== Cyrillic
ShortcutWithArgument: C:\Users\JUACOOK\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Моzillа Firеfох.lnk -> C:\Users\JUACOOK\AppData\Roaming\HPRewriter2\RewRun3.exe (Aulxif) -> 2 0 <===== Cyrillic
ShortcutWithArgument: C:\Users\JUACOOK\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Gооglе Сhrоmе.lnk -> C:\Users\JUACOOK\AppData\Roaming\HPRewriter2\RewRun3.exe (Aulxif) -> 1 0 <===== Cyrillic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk -> C:\Users\JUACOOK\AppData\Roaming\HPRewriter2\RewRun3.exe (Aulxif) -> 2 0 <===== Cyrillic

==================== Loaded Modules (Whitelisted) ==============

2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-07-18 20:26 - 2016-07-18 20:26 - 04123896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareShellExtension.dll
2016-07-18 20:26 - 2016-07-18 20:26 - 09571552 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTray.exe
2016-07-18 20:26 - 2016-07-18 20:26 - 03420880 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\RCF.dll
2016-07-18 20:26 - 2016-07-18 20:26 - 00146184 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\boost_filesystem-vc140-mt-1_61.dll
2016-07-18 20:27 - 2016-07-18 20:27 - 00030464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\boost_system-vc140-mt-1_61.dll
2016-07-18 20:26 - 2016-07-18 20:26 - 00068872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\boost_date_time-vc140-mt-1_61.dll
2016-07-18 20:27 - 2016-07-18 20:27 - 00124672 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\boost_thread-vc140-mt-1_61.dll
2016-07-18 20:26 - 2016-07-18 20:26 - 00040192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\boost_chrono-vc140-mt-1_61.dll
2016-07-18 20:26 - 2016-07-18 20:26 - 00539392 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\boost_locale-vc140-mt-1_61.dll
2016-07-18 20:26 - 2016-07-18 20:26 - 02485992 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\HtmlFramework.dll
2016-07-18 20:26 - 2016-07-18 20:26 - 00871672 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTrayDefaultSkin.dll
2015-11-10 15:45 - 2015-11-10 15:45 - 01286304 _____ () C:\Program Files\Microsoft Office\Office15\PPRESOURCES.DLL
2014-12-21 22:31 - 2014-12-21 22:31 - 00072840 _____ () C:\Program Files (x86)\Plex\Plex Media Server\zlib.dll
2014-12-21 22:31 - 2014-12-21 22:31 - 00196232 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libidn.dll
2014-12-21 22:31 - 2014-12-21 22:31 - 00838792 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxml2.dll
2014-12-21 22:31 - 2014-12-21 22:31 - 00049800 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_sqlite3-vc80-3_0.dll
2014-12-21 22:31 - 2014-12-21 22:31 - 00086664 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_core-vc80-3_0.dll
2014-12-21 22:31 - 2014-12-21 22:31 - 02092680 _____ () C:\Program Files (x86)\Plex\Plex Media Server\opencv_core249.dll
2014-12-21 22:31 - 2014-12-21 22:31 - 01883272 _____ () C:\Program Files (x86)\Plex\Plex Media Server\opencv_imgproc249.dll
2014-12-21 22:31 - 2014-12-21 22:31 - 00502920 _____ () C:\Program Files (x86)\Plex\Plex Media Server\tag.dll
2014-12-21 22:31 - 2014-12-21 22:31 - 00044680 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_socket.pyd
2014-12-21 22:31 - 2014-12-21 22:31 - 00027784 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ssl.pyd
2014-12-21 22:31 - 2014-12-21 22:31 - 00018568 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_hashlib.pyd
2014-12-21 22:31 - 2014-12-21 22:31 - 00034952 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\simplejson\_speedups.pyd
2014-12-21 22:31 - 2014-12-21 22:31 - 00836232 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\etree.pyd
2014-12-21 22:31 - 2014-12-21 22:31 - 00062600 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libexslt.dll
2014-12-21 22:31 - 2014-12-21 22:31 - 00166024 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxslt.dll
2014-12-21 22:31 - 2014-12-21 22:31 - 00192136 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\objectify.pyd
2014-12-21 22:31 - 2014-12-21 22:31 - 00016520 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\select.pyd
2014-12-21 22:31 - 2014-12-21 22:31 - 00054920 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\crypto.pyd
2014-12-21 22:31 - 2014-12-21 22:31 - 00017032 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\rand.pyd
2014-12-21 22:31 - 2014-12-21 22:31 - 00043656 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\SSL.pyd
2014-12-21 22:31 - 2014-12-21 22:31 - 00081544 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ctypes.pyd
2014-12-21 22:31 - 2014-12-21 22:31 - 00111240 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\pyexpat.pyd
2014-12-21 22:31 - 2014-12-21 22:31 - 00689800 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\unicodedata.pyd
2015-12-12 12:35 - 2016-10-10 15:19 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-10-27 17:16 - 2016-10-10 15:19 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-10-27 17:16 - 2016-10-10 15:19 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-10-27 17:16 - 2016-10-10 15:19 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2015-12-12 12:35 - 2016-10-10 15:19 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2015-12-12 12:35 - 2016-10-10 15:19 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2015-12-12 12:35 - 2016-10-24 10:16 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2015-12-12 12:35 - 2016-10-10 15:19 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-10-27 17:16 - 2016-10-24 10:15 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2015-12-12 12:35 - 2016-10-10 15:20 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-10-27 17:16 - 2016-10-24 10:15 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-10-27 17:16 - 2016-10-24 10:15 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2015-12-12 12:35 - 2016-10-10 15:21 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-08-05 16:11 - 2016-10-24 10:16 - 00021312 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2016-10-27 17:16 - 2016-10-24 10:15 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-10-27 17:16 - 2016-10-24 10:15 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-10-27 17:16 - 2016-10-10 15:19 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-10-27 17:16 - 2016-10-10 15:21 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2015-12-12 12:35 - 2016-10-10 15:21 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2015-12-12 12:35 - 2016-10-10 15:21 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2015-12-12 12:35 - 2016-10-24 10:16 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2015-12-12 12:35 - 2016-10-10 15:21 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-08-05 16:11 - 2016-10-24 10:16 - 00025424 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2015-12-12 12:35 - 2016-10-10 15:21 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2015-12-12 12:35 - 2016-10-10 15:21 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2015-12-12 12:35 - 2016-10-10 15:21 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2015-12-12 12:35 - 2016-10-10 15:21 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2015-12-12 12:35 - 2016-10-10 15:21 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2015-12-12 12:35 - 2016-10-10 15:21 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2015-12-12 12:35 - 2016-10-10 15:21 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-10-27 17:16 - 2016-10-24 10:15 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-10-27 17:16 - 2016-10-24 10:15 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-08-05 16:11 - 2016-10-10 15:20 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2016-10-27 17:16 - 2016-10-24 10:15 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2015-12-12 12:35 - 2016-10-10 15:21 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2015-12-12 12:35 - 2016-10-24 10:16 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-02-19 14:38 - 2016-10-24 10:16 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-19 14:38 - 2016-10-24 10:16 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-02-19 14:38 - 2016-10-24 10:16 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2015-12-12 12:35 - 2016-10-10 15:21 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-02-19 14:38 - 2016-10-24 10:16 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-10-27 17:16 - 2016-10-24 10:15 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-10-27 17:16 - 2016-10-10 15:17 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-10-27 17:16 - 2016-10-24 10:15 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-10-27 17:16 - 2016-10-24 10:15 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2015-12-12 12:35 - 2016-10-10 15:19 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-10-27 17:16 - 2016-10-24 10:16 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-10-27 17:16 - 2016-10-24 10:16 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-10-27 17:16 - 2016-10-24 10:15 - 01972528 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-10-27 17:16 - 2016-10-24 10:16 - 00133424 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-10-27 17:16 - 2016-10-24 10:16 - 00224056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-10-27 17:16 - 2016-10-24 10:16 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-08-05 16:11 - 2016-10-24 10:16 - 00020288 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32._winffi_user32.pyd
2016-10-27 17:16 - 2016-10-10 15:24 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2016-10-27 17:16 - 2016-10-10 15:24 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2015-12-12 12:35 - 2016-10-10 15:21 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-08-05 16:11 - 2016-10-24 10:16 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-10-27 17:16 - 2016-10-24 10:16 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-10-27 17:16 - 2016-10-24 10:16 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-10-27 17:16 - 2016-10-24 10:16 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-10-27 17:16 - 2016-10-24 10:16 - 00168760 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2015-06-30 18:22 - 2016-10-10 15:25 - 00697304 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Program Files\Common Files\Microsoft Shared:0WCBPHw7BZAfV8s2rUjofnZrP8w [2010]
AlternateDataStreams: C:\Program Files\Common Files\System:80Ohpui8C9cTygFSImsuHc [1780]
AlternateDataStreams: C:\ProgramData\Microsoft:IJcaIcT1HinCBtQ4u [2062]
AlternateDataStreams: C:\ProgramData\Microsoft:TYdHzEFhA9ttZWRa56y1Qw7rp8 [1926]
AlternateDataStreams: C:\Users\JUACOOK\Configuración local:h18pyTniwxv4QwnZikR2vX4RYpWI [2244]
AlternateDataStreams: C:\Users\JUACOOK\Cookies:5VRLsxbUkjxrHB1uSlqw [1834]
AlternateDataStreams: C:\Users\JUACOOK\AppData\Local:h18pyTniwxv4QwnZikR2vX4RYpWI [2244]
AlternateDataStreams: C:\Users\JUACOOK\AppData\Local\Datos de programa:h18pyTniwxv4QwnZikR2vX4RYpWI [2244]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LavasoftAdAwareService11 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LavasoftAdAwareService11 => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-2934633564-1917555359-3310633167-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2934633564-1917555359-3310633167-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2934633564-1917555359-3310633167-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2934633564-1917555359-3310633167-1000\...\sony.com -> sony.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 23:34 - 2009-06-10 18:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2934633564-1917555359-3310633167-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\JUACOOK\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 200.42.4.203 - 200.49.130.44
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: Blackberry Device Manager => 3
MSCONFIG\Services: dbupdate => 2
MSCONFIG\Services: dbupdatem => 3
MSCONFIG\Services: LightScribeService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: QsocialUpdater => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AirPort Base Station Agent => "C:\Program Files (x86)\AirPort\APAgent.exe"
MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
MSCONFIG\startupreg: GoogleChromeAutoLaunch_0E055C795C014CF655A954646B8875FC => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Qsocial => "C:\Program Files (x86)\QSocial\QSocial.exe" /auto
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\JUACOOK\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\JUACOOK\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "E:\Steam\steam.exe" -silent
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{23E7F0CA-C503-4AFD-B08D-B72D137D5AA9}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{E5A1547F-B6FD-4F85-AFAF-7A2D298564D8}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{2EFCC2E4-1BB2-4AEE-800C-BE9C84C0B451}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{9076962A-0505-4EE5-9F93-A0602848DC67}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{BB346A08-9DA5-49F2-A101-97D7B1DA6E69}] => (Allow) LPort=1688
FirewallRules: [{4216D47B-3A54-4A31-8B0B-8B0F59120F99}] => (Allow) C:\Users\JUACOOK\AppData\Local\Temp\KMSnano\qemu-system-i386.exe
FirewallRules: [{CBAAC708-D88E-44ED-A2FC-B31456DFA353}] => (Allow) C:\Users\JUACOOK\AppData\Local\Temp\KMSnano\qemu-system-i386.exe
FirewallRules: [{FD9A1B2C-916C-4F3D-836E-773081146285}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{9D028FAA-DCFA-4236-A68C-D7E0F4134C74}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{7A62124B-7DB7-4104-B58F-525827C53841}] => (Allow) LPort=7935
FirewallRules: [{7E6E2522-B511-4B64-A653-1856F3FB9BF7}] => (Block) %ProgramFiles%\Adobe\Adobe After Effects CS6\Support Files\AfterFX.exe
FirewallRules: [{41F5A5FF-6AAF-44C5-A5B8-41BA634713A9}] => (Block) %ProgramFiles%\Adobe\Adobe After Effects CS6\Support Files\AfterFX.exe
FirewallRules: [{FBF2F031-E6C1-4A96-A0A0-4D1044DA2D11}] => (Block) %ProgramFiles%\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe
FirewallRules: [{8BA605F7-3592-4982-A0AC-E28B67D67882}] => (Block) %ProgramFiles%\Adobe\Adobe Encore CS6\Adobe Encore.exe
FirewallRules: [{150E9A99-F0A5-42DD-A282-8A02390E0D19}] => (Block) %ProgramFiles%\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\Illustrator.exe
FirewallRules: [{4E5A7EAB-CFF2-45CA-B5F4-105EDFD46D5D}] => (Block) %ProgramFiles%\Adobe\Adobe Media Encoder CS6\Adobe Media Encoder.exe
FirewallRules: [{119446E6-C621-40CA-9876-B4A112989FFA}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe
FirewallRules: [{42C71531-520F-48C3-9CAD-DFA79216DDE9}] => (Block) %ProgramFiles%\Adobe\Adobe Premiere Pro CS6\Adobe Premiere Pro.exe
FirewallRules: [{A310A3D2-4ACA-46E9-9BE1-DE4E39F9C28B}] => (Allow) C:\Users\JUACOOK\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{46E73D62-BAD4-4876-B3BA-DB77C6E2515C}] => (Allow) C:\Users\JUACOOK\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{AADB2347-F100-42CD-96C1-196C09C190DA}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
FirewallRules: [{CD606538-CFDB-4B54-BED9-4788F358520C}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
FirewallRules: [{3A94176D-2548-44A9-9C20-E3ABE37D121A}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
FirewallRules: [{72077909-6EB8-44BB-B4E5-6F0D4F161D03}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2680AC31-672D-4888-81EC-F66EBE1FB0F8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D5637174-8606-4A59-B110-0A7C87689B11}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{EE95F319-AAD1-4D7F-8EC9-6F11D8648E42}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{ACA07E93-C2D7-40A2-B3B5-AF1EDEF3DCF2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{A9C527ED-31E0-4AF2-9648-F805526316D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{4ECABBBC-11EA-4729-8ABE-3DC37C5A763C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WOG\disasm.exe
FirewallRules: [{AC035E82-0CBA-45D6-B36D-D320EC06DBE6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WOG\disasm.exe
FirewallRules: [{4A6F23B2-FD2F-480D-8DE0-3EAA136C5922}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{BA63F947-4557-4C79-A5E6-E252991E9301}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{A91910CA-C0CF-4CC6-AADD-4190C302B94B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{3D0C78A8-3D69-439E-ABF4-4A1CBE636BF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [TCP Query User{60D3EF22-FFC1-4224-8E9D-101285A62F50}C:\age of empires ii\empires2.exe] => (Allow) C:\age of empires ii\empires2.exe
FirewallRules: [UDP Query User{01F608BE-98DF-40B4-8E9A-E3ADA52E62AA}C:\age of empires ii\empires2.exe] => (Allow) C:\age of empires ii\empires2.exe
FirewallRules: [TCP Query User{C5B37153-69BE-42F3-8F61-93D1566D125B}C:\age of empires ii\age2_x1.exe] => (Allow) C:\age of empires ii\age2_x1.exe
FirewallRules: [UDP Query User{0904ABAF-4EF7-4CD8-BF55-6D581F15B20D}C:\age of empires ii\age2_x1.exe] => (Allow) C:\age of empires ii\age2_x1.exe
FirewallRules: [TCP Query User{7BE29BDF-FE98-416A-BCF3-62BF4405F3BA}C:\users\juacook\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\juacook\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [UDP Query User{220287CC-74AA-415B-94DE-4DDCC129A918}C:\users\juacook\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\juacook\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [TCP Query User{02344722-14A3-4EE9-B3F2-2685C8AAE1BB}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{A9D6F9B9-3567-4844-BD8C-583B8DFADD5D}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{0CE321A3-A001-4553-8AF6-4C94F2DE2EB5}] => (Allow) LPort=4481
FirewallRules: [{77BFE2B4-A363-41A2-B340-48BFEBF80204}] => (Allow) LPort=4481
FirewallRules: [{D4AB0985-ED7E-4D75-A94F-B8865C4DD327}] => (Allow) LPort=4482
FirewallRules: [{D230806D-6490-47EF-8CAC-13CFAB3248EB}] => (Allow) LPort=4482
FirewallRules: [{7C60481A-E818-4017-8F86-4BD2F5C4BA65}] => (Allow) C:\Users\JUACOOK\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{4DD2A9D5-10C9-4C22-9B44-8CEF2F8EB36D}] => (Allow) C:\Users\JUACOOK\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{47462DAF-2116-4F21-969D-4FD996F5172E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{C8275392-FB94-443D-B8FD-D4FECE96EDFA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{E8E206AB-73A6-441D-AC1A-2F2862A00A6E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{5AC803A6-3DE8-4CB5-A544-70F7712E95AF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{999067DD-670C-44F6-A1F3-D11C8F0342A1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{577BB2CF-22F0-4D02-A356-1227F4B150C5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{FDD14590-E492-4AF4-A361-C2846C73FE06}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{14B4DAD2-F56A-4991-96E9-A397631A9642}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{857D5454-F13C-486C-9668-D1F1254BBECD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{09B93CC9-79C3-4CE4-B414-B8376F942B89}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{88C257B9-A452-407F-A93F-C738D7895769}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{FE7763C7-8950-4DAE-8953-B9B1B819C3AB}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{2480E314-1131-4630-99E0-972B49557011}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [TCP Query User{01DD79C0-7AB8-4B5D-9D66-E136E76A434D}C:\program files (x86)\dying light\dyinglightgame.exe] => (Block) C:\program files (x86)\dying light\dyinglightgame.exe
FirewallRules: [UDP Query User{0C8DB9CE-0AB4-4138-963F-A2B68875E5D8}C:\program files (x86)\dying light\dyinglightgame.exe] => (Block) C:\program files (x86)\dying light\dyinglightgame.exe
FirewallRules: [TCP Query User{CD607B34-0C3A-4107-BAF9-F06654200A5E}C:\users\juacook\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\juacook\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [UDP Query User{135FB6CC-7A70-4744-AD72-EC8DFCBCCAC4}C:\users\juacook\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\juacook\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [TCP Query User{B2356B88-CB82-4571-9ECE-B695F3907698}C:\cosas matias\juegos\dying light\dyinglightgame.exe] => (Allow) C:\cosas matias\juegos\dying light\dyinglightgame.exe
FirewallRules: [UDP Query User{124A8336-430E-454C-8A76-68C4263678BC}C:\cosas matias\juegos\dying light\dyinglightgame.exe] => (Allow) C:\cosas matias\juegos\dying light\dyinglightgame.exe
FirewallRules: [{D998CDA6-A009-4FC4-AB00-F98434F17A35}] => (Allow) E:\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{7BD40708-9C57-4B56-9B90-76DAAE8DF890}] => (Allow) E:\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{ADD7DDF2-97E5-45C6-A44C-5CA6F02D9562}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{51E63AC3-9D0A-4335-8E92-7DE07D359C52}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{71732D8E-01C1-4BAD-9724-55D6A810B499}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3DBDA68E-47A8-42E7-AF70-08FA0A91257B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{C21EB939-7B09-47D8-964D-037EC9DB1ADC}C:\program files (x86)\dishonored\binaries\win32\dishonored.exe] => (Allow) C:\program files (x86)\dishonored\binaries\win32\dishonored.exe
FirewallRules: [UDP Query User{C36DBFEF-C002-4EDA-A38C-95CA3B532177}C:\program files (x86)\dishonored\binaries\win32\dishonored.exe] => (Allow) C:\program files (x86)\dishonored\binaries\win32\dishonored.exe
FirewallRules: [{6E4742D6-6EBF-4045-9D0D-DAA0B1546C0D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C487AB90-0105-4D45-BD37-24420A82ADA5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C310579E-B426-4A45-A550-912508332559}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{3227C545-A565-4DCE-A0EC-8ACE7CCF1C06}C:\torrents\left 4 dead 2 pc full game multiplayer + sp 2.1.1.2 ^^nosteam^^\left4dead 2\left4dead2.exe] => (Allow) C:\torrents\left 4 dead 2 pc full game multiplayer + sp 2.1.1.2 ^^nosteam^^\left4dead 2\left4dead2.exe
FirewallRules: [UDP Query User{D37B3545-EE03-4178-9BB3-57EC24A417B3}C:\torrents\left 4 dead 2 pc full game multiplayer + sp 2.1.1.2 ^^nosteam^^\left4dead 2\left4dead2.exe] => (Allow) C:\torrents\left 4 dead 2 pc full game multiplayer + sp 2.1.1.2 ^^nosteam^^\left4dead 2\left4dead2.exe
FirewallRules: [TCP Query User{BF01F977-5CC1-4901-9CA9-0172145A3B0C}C:\games\dayz standalone\dta\client.bin] => (Block) C:\games\dayz standalone\dta\client.bin
FirewallRules: [UDP Query User{EF3E883F-EC87-4A9C-93EF-F89CC8181BB1}C:\games\dayz standalone\dta\client.bin] => (Block) C:\games\dayz standalone\dta\client.bin
FirewallRules: [TCP Query User{15BD3EDA-20E1-4937-BB7A-019EE28FA28D}C:\torrents\juegos y  soft\left 4 dead 2 pc full game multiplayer + sp 2.1.1.2 ^^nosteam^^\left4dead 2\left4dead2.exe] => (Allow) C:\torrents\juegos y  soft\left 4 dead 2 pc full game multiplayer + sp 2.1.1.2 ^^nosteam^^\left4dead 2\left4dead2.exe
FirewallRules: [UDP Query User{CB65FED6-B59A-4B6D-B4D2-41D9ABB947C6}C:\torrents\juegos y  soft\left 4 dead 2 pc full game multiplayer + sp 2.1.1.2 ^^nosteam^^\left4dead 2\left4dead2.exe] => (Allow) C:\torrents\juegos y  soft\left 4 dead 2 pc full game multiplayer + sp 2.1.1.2 ^^nosteam^^\left4dead 2\left4dead2.exe
FirewallRules: [TCP Query User{851AC2BF-A02E-4D7D-BC81-E7A9BAD306F2}C:\games\payday 2\payday2_win32_release.exe] => (Block) C:\games\payday 2\payday2_win32_release.exe
FirewallRules: [UDP Query User{D64C7C36-FD74-4487-B419-F134F37BA29E}C:\games\payday 2\payday2_win32_release.exe] => (Block) C:\games\payday 2\payday2_win32_release.exe
FirewallRules: [{B0782C52-B947-4E9C-BDEB-C9DE1999E178}] => (Allow) E:\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{841BB10A-1EE0-4586-B218-517D786C3DA0}] => (Allow) E:\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [TCP Query User{68ADFA54-F343-40DB-A116-5B123F7BBB5C}E:\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) E:\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{6BA34619-F119-4035-8F1D-850C85606889}E:\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) E:\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{BCEF63D0-B7AB-4E4C-B36C-E1A3115A8191}] => (Allow) E:\Steam\steamapps\COMMON\Unturned\Unturned.exe
FirewallRules: [{1B438134-A290-44BA-93B2-82EE8B74F3CD}] => (Allow) E:\Steam\steamapps\COMMON\Unturned\Unturned.exe
FirewallRules: [{E5F04CF5-E14F-4F94-B905-E1016CA43153}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{0BB9886B-1A5B-4338-A198-630119DC15BE}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{A7814BEA-80F9-4FAB-B389-92DCC00F73EF}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{AD4BDACB-299C-44C9-8A45-2D4179636B7A}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{891C26C2-3AB2-4406-AE1D-9064D141C4F3}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{FFF12354-EDF8-44A2-890B-A8A8FF741F27}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{E60B2113-F2E6-4C73-A72E-30A5235C5729}] => (Allow) E:\StarCraft II\StarCraft II.exe
FirewallRules: [{304B1213-7BD9-4E89-8ABF-4064344913A9}] => (Allow) E:\StarCraft II\StarCraft II.exe
FirewallRules: [{E7B0599F-0011-45CA-9894-6E8E1E2BA7D0}] => (Allow) LPort=5353
FirewallRules: [TCP Query User{A5E7C107-1248-4AE2-8A0A-BC8DC6C9E66D}C:\program files (x86)\airport\aputil.exe] => (Allow) C:\program files (x86)\airport\aputil.exe
FirewallRules: [UDP Query User{A0E40F7E-7AF6-4FC7-BA14-1D012EB76BF2}C:\program files (x86)\airport\aputil.exe] => (Allow) C:\program files (x86)\airport\aputil.exe
FirewallRules: [{988D7050-F690-4CF7-AFE8-384C133EF681}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{918CD56D-33AB-4D46-8D67-6C058F477923}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{168D9FB8-5559-4AE3-A989-238C1F04E2C2}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{74C7E8C7-F3F7-47E2-8AFB-1DFBC00A58DD}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{BCEEEF1C-7FE5-4DB1-8F2D-F9A7A512A373}] => (Allow) E:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{51018616-FFA5-4C9E-89F0-CBD632074C87}] => (Allow) E:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{FD7BC3BD-3507-4854-A2E2-90416DD8A318}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A325F9AE-ABEA-48A3-BDE7-0C19CE420EFF}] => (Allow) C:\Program Files (x86)\AirPort\APAgent.exe
FirewallRules: [TCP Query User{CE0CD215-8F92-4EED-A02C-68A07A40799D}C:\program files (x86)\antichamber\binaries\win32\udk.exe] => (Allow) C:\program files (x86)\antichamber\binaries\win32\udk.exe
FirewallRules: [UDP Query User{9B308BF1-8BEE-4FBE-A830-77554CDD9D51}C:\program files (x86)\antichamber\binaries\win32\udk.exe] => (Allow) C:\program files (x86)\antichamber\binaries\win32\udk.exe
FirewallRules: [{11D3FB27-980F-4A5F-B71F-BE8C9FB43015}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{F2446C5C-D1AB-4870-B657-3E1EEEE144A2}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{55932664-C698-4C67-A975-7961F2A07217}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{61195BDC-01EB-4156-8236-BEA78B6FB298}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{8BAB15D6-E9C9-4A7A-BC81-3925EFE035DA}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{1B6541AD-E68E-48B2-AD3E-86EE637EBEAE}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [TCP Query User{06325142-6120-4164-B327-7E5E48D27616}C:\program files (x86)\worms clan wars\wormsclanwars.exe] => (Block) C:\program files (x86)\worms clan wars\wormsclanwars.exe
FirewallRules: [UDP Query User{C28A2872-72AB-425A-9452-E1375C50695D}C:\program files (x86)\worms clan wars\wormsclanwars.exe] => (Block) C:\program files (x86)\worms clan wars\wormsclanwars.exe
FirewallRules: [{C7A65BE2-8E27-4271-918D-D2927A749B6E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{0933FBCE-CBDB-4D24-B3DB-BE8D1F2625AC}] => (Allow) LPort=2869
FirewallRules: [{C20BE6D0-B2EB-480C-8B77-8046973B952C}] => (Allow) LPort=1900
FirewallRules: [{D78CBE93-94B1-40D7-84A1-E8450B968F4B}] => (Allow) E:\Steam\BIN\steamwebhelper.exe
FirewallRules: [{2F67A005-C0A0-4F5E-9CCF-C5D0971E254C}] => (Allow) E:\Steam\BIN\steamwebhelper.exe
FirewallRules: [{1A0EE512-840D-4A14-8C37-E1958D4AA93E}] => (Allow) E:\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{5DB0221D-00E9-4795-9082-EA6E9C31B33B}] => (Allow) E:\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [TCP Query User{96094CC1-740C-4A4F-96B6-7291CF5DE4F5}E:\steam\steamapps\common\h1z1\h1z1.exe] => (Block) E:\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{19E2C3B6-3ECF-419C-A649-897A3D9905A3}E:\steam\steamapps\common\h1z1\h1z1.exe] => (Block) E:\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [TCP Query User{DECED075-9FA6-4659-BA53-9DB49105E88A}C:\users\juacook\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\juacook\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{35BE2624-6827-473D-9466-4D709E2C7DDB}C:\users\juacook\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\juacook\appdata\roaming\spotify\spotify.exe
FirewallRules: [{4455910B-8DFA-4A2B-8EF0-770537643247}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{4127AE91-6C62-43FE-ACB7-7C194BD287E2}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{0D21CB6E-2417-4FEA-A45F-02AA9F65A4B5}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A6A9D8B9-274B-44FB-B02E-DA8CCA566592}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{807980A6-3D24-4E37-94C2-A4CA78109E6B}C:\users\juacook\appdata\local\popcorn-time\nw.exe] => (Block) C:\users\juacook\appdata\local\popcorn-time\nw.exe
FirewallRules: [UDP Query User{D62CFAD5-3E44-4772-8E71-3A7709818E13}C:\users\juacook\appdata\local\popcorn-time\nw.exe] => (Block) C:\users\juacook\appdata\local\popcorn-time\nw.exe
FirewallRules: [{D4D150B1-6957-41D1-BF1A-AFAD503C803E}] => (Allow) E:\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{BB3113CA-139B-49E9-9639-98DFD0878EFD}] => (Allow) E:\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{F53DAB91-15F8-4986-9240-6C5B15032953}] => (Allow) E:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{BEF49B26-0B53-4C68-A567-111C8B975ABB}] => (Allow) E:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [TCP Query User{79BF03D1-7666-4D37-90E1-56353767C617}C:\games\darkwood alpha 7.1\darkwood.exe] => (Block) C:\games\darkwood alpha 7.1\darkwood.exe
FirewallRules: [UDP Query User{2F135C2A-1805-4030-AF03-4A4E4E011EAB}C:\games\darkwood alpha 7.1\darkwood.exe] => (Block) C:\games\darkwood alpha 7.1\darkwood.exe
FirewallRules: [{7784A3B4-E0CA-4BDA-9D3E-A4315C3B27B1}] => (Allow) E:\Steam\steamapps\common\ProjectZomboid\ProjectZomboid32.exe
FirewallRules: [{BCF2691D-68ED-47F1-946B-1BA365A199E2}] => (Allow) E:\Steam\steamapps\common\ProjectZomboid\ProjectZomboid32.exe
FirewallRules: [{C73A7EE1-ECBA-40AF-BEE3-97D0F45EE7BD}] => (Allow) E:\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe
FirewallRules: [{A9C82420-B089-4C88-A4AE-25C02D7F5614}] => (Allow) E:\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe
FirewallRules: [{CA3373C5-B7E4-4BB0-9AFD-8880E7456ED4}] => (Allow) E:\Steam\steamapps\common\Project Zomboid Dedicated Server\ProjectZomboid64.exe
FirewallRules: [{5F4AE6FA-6CBE-48DA-BF62-6ED93787C032}] => (Allow) E:\Steam\steamapps\common\Project Zomboid Dedicated Server\ProjectZomboid64.exe
FirewallRules: [TCP Query User{0D3D075A-A502-49E8-A759-71F1B71269E9}C:\program files (x86)\clever endeavour games\ultimate chicken horse\win64\ultimatechickenhorse.exe] => (Allow) C:\program files (x86)\clever endeavour games\ultimate chicken horse\win64\ultimatechickenhorse.exe
FirewallRules: [UDP Query User{46A83EBB-A9DD-4FF3-A43F-18D5C7E1DB30}C:\program files (x86)\clever endeavour games\ultimate chicken horse\win64\ultimatechickenhorse.exe] => (Allow) C:\program files (x86)\clever endeavour games\ultimate chicken horse\win64\ultimatechickenhorse.exe
FirewallRules: [{885B6011-1EFA-47EB-A109-8B8B92E88C00}] => (Allow) LPort=5353
FirewallRules: [TCP Query User{FA3F6E3F-1499-44A1-935D-30F6BD776AA7}D:\easysetupassistant\easysetupassistant.exe] => (Allow) D:\easysetupassistant\easysetupassistant.exe
FirewallRules: [UDP Query User{427D100A-2156-4E57-B16B-08C628B6E546}D:\easysetupassistant\easysetupassistant.exe] => (Allow) D:\easysetupassistant\easysetupassistant.exe
FirewallRules: [{98A37F35-E2F6-4E7A-92A7-C575B4FB9F0F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{D3DAC681-2655-4AC2-9D2D-2494F7693DC6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{CB0621A1-92F9-4423-B521-496D09A9D2AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid32.exe
FirewallRules: [{474D9F23-1BAB-4852-B3B4-B0CA8C1A03D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid32.exe
FirewallRules: [{3723CAC2-0670-4066-8C1C-96886C5D08C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe
FirewallRules: [{74074F8D-BE34-4307-AAB9-D480702A031A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe
FirewallRules: [{78CDCF5D-71CF-4E64-BE89-D9D33EBB959E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{1AFD7583-19D4-4706-B6C4-BCBDEB53E431}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{B266A27B-D675-4CE0-B4AC-C464BFA13AD6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A411B951-EFCC-4700-918C-E709B789E298}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6A653481-0F6C-4835-BCA6-89BAA5401CA3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{47359AB2-A751-44CE-B914-CDFD894548D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{55F769F3-9E55-4380-AEF9-3DE8D7DA3A18}] => (Allow) C:\Program Files (x86)\FrostWire 6\FrostWire.exe
FirewallRules: [{66142122-57EA-4692-BB9D-31E7F3F424C9}] => (Allow) C:\Program Files (x86)\FrostWire 6\FrostWire.exe
FirewallRules: [{DCE5BEE2-9D7B-4BF0-8D40-F4DB3D440103}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{D102CABF-62A9-4357-8F1C-D40FC3AB07E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{8380A029-BDCE-4251-A954-A77C237D176E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{B1BC6079-7251-4CDC-82EA-2FADF1EC3C00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [TCP Query User{7B6ADC4F-BED4-4BFB-B164-3CF8CB92FEA5}E:\diablo iii\diablo iii.exe] => (Allow) E:\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{4A649747-88B8-4217-82F5-53D8F3BF5BD9}E:\diablo iii\diablo iii.exe] => (Allow) E:\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{4DC793DC-5275-4E3A-8A41-38B5C07D8836}C:\gmodserver\srcds.exe] => (Allow) C:\gmodserver\srcds.exe
FirewallRules: [UDP Query User{04A05490-7B9F-4079-9612-ACB4FE995D4E}C:\gmodserver\srcds.exe] => (Allow) C:\gmodserver\srcds.exe
FirewallRules: [TCP Query User{F3410E14-A3B2-4A89-A72D-5E18BE1EDC4E}C:\gmod\srcds.exe] => (Allow) C:\gmod\srcds.exe
FirewallRules: [UDP Query User{0BBEBE4E-9A43-48A8-9987-F1642F049D6C}C:\gmod\srcds.exe] => (Allow) C:\gmod\srcds.exe
FirewallRules: [{94FD49F9-2146-4671-9300-99F005999E13}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{C4823814-E9DF-4F12-B50B-8C745D98A785}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{6A3FF989-7250-4175-A88A-95D89D7D2A05}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SNOW\Bin64\playSNOW.exe
FirewallRules: [{EB046F87-380F-44DD-80BA-CB910BC8FCBE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SNOW\Bin64\playSNOW.exe
FirewallRules: [TCP Query User{8CDCBF8B-FDED-43E9-A07E-D29C857FD804}C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe
FirewallRules: [UDP Query User{327C60AE-18ED-4408-AA06-44D2998FDC86}C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe
FirewallRules: [{63661D46-A5E5-408F-9B16-2EC24C10A45E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Town of Salem\TownOfSalem.exe
FirewallRules: [{14C207B7-23F5-4F24-B58C-4D84DE4F03BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Town of Salem\TownOfSalem.exe
FirewallRules: [TCP Query User{330FF9F3-5886-48C6-9E6C-229905F70E1C}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{DA336B5C-8F79-4097-B180-DDBF1BE76D6E}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{237DC976-3B6F-44E9-9C8A-16359DA7F2A7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A937726C-07C5-46AB-9C2A-E8454D4CAA92}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{DF53DEED-7CC2-47DD-A20A-379AA1291747}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{64ED13A9-B7FB-4396-B9D2-59398D9F3DC3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{1445A843-44B4-4CBE-AFD8-8902C32BB1C8}C:\program files (x86)\emuletorrent\emuletorrent.exe] => (Allow) C:\program files (x86)\emuletorrent\emuletorrent.exe
FirewallRules: [UDP Query User{BA1E34D5-E04E-48D1-BE84-F0D500245D25}C:\program files (x86)\emuletorrent\emuletorrent.exe] => (Allow) C:\program files (x86)\emuletorrent\emuletorrent.exe
FirewallRules: [{489F8BD5-F90C-41BA-AB2F-0420D10FF2CD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{96AC1E18-7C54-4064-AFBF-D327D0CF9166}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Restore Points =========================

24-10-2016 00:00:00 Punto de control programado
25-10-2016 02:53:39 Windows Update

==================== Faulty Device Manager Devices =============

Name: AODDriver4.2.0
Description: AODDriver4.2.0
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AODDriver4.2.0
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/31/2016 05:52:40 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (10/30/2016 01:43:59 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (10/29/2016 01:44:03 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (10/28/2016 12:49:14 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (10/27/2016 05:16:45 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) El sistema no puede encontrar el archivo especificado.

Error: (10/27/2016 05:16:45 PM) (Source: DbxSvc) (EventID: 270) (User: )
Description: Filter Unload failed with: (-2145452013) El sistema no puede encontrar el filtro especificado.

Error: (10/27/2016 06:41:10 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (10/26/2016 02:27:49 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (10/25/2016 02:58:05 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (10/24/2016 09:23:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AdAwareService.exe, versión: 11.12.945.9202, marca de tiempo: 0x578d0fc6
Nombre del módulo con errores: BDUpdateServiceCom.dll, versión: 3.0.0.99, marca de tiempo: 0x56d6a1a8
Código de excepción: 0xc0000417
Desplazamiento de errores: 0x00000000000ef3f4
Id. del proceso con errores: 0x844
Hora de inicio de la aplicación con errores: 0x01d2299675cc458b
Ruta de acceso de la aplicación con errores: C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareService.exe
Ruta de acceso del módulo con errores: C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.129.0\BDUpdateServiceCom.dll
Id. del informe: a92e4ae8-99e4-11e6-abac-40167e7b517d


System errors:
=============
Error: (10/27/2016 07:34:34 AM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk3\DR5.

Error: (10/27/2016 07:34:33 AM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk3\DR5.

Error: (10/27/2016 07:34:32 AM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk3\DR5.

Error: (10/26/2016 07:35:58 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Se bloqueó la carga de \SystemRoot\SysWow64\drivers\libusb0.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador.

Error: (10/24/2016 09:23:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Ad-Aware Service 11 se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (10/23/2016 12:33:54 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Se anularon las instantáneas del volumen C: porque el almacenamiento de instantáneas no pudo crecer debido a un límite impuesto por el usuario.

Error: (10/20/2016 02:27:47 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Se bloqueó la carga de \SystemRoot\SysWow64\drivers\libusb0.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador.

Error: (10/20/2016 11:37:58 AM) (Source: bowser) (EventID: 8003) (User: )
Description: El explorador maestro recibió una notificación del equipo POTASIO
que cree que es el explorador maestro para el dominio en el transporte NetBT_Tcpip_{1833EA1F-1625-489E-AA57-6B94C81A8305}.
El explorador maestro está detenido o se está forzando una elección.

Error: (10/19/2016 11:16:34 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Se bloqueó la carga de \SystemRoot\SysWow64\drivers\libusb0.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador.

Error: (10/19/2016 11:16:34 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Se bloqueó la carga de \SystemRoot\SysWow64\drivers\libusb0.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador.


==================== Memory info ===========================

Processor: AMD A4-4000 APU with Radeon™ HD Graphics
Percentage of memory in use: 35%
Total physical RAM: 8135.41 MB
Available physical RAM: 5262.06 MB
Total Virtual: 16269.03 MB
Available Virtual: 13448.27 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:260.15 GB) NTFS
Drive e: () (Fixed) (Total:149.01 GB) (Free:100.86 GB) FAT32
Drive f: (KINGSTON) (Removable) (Total:28.88 GB) (Free:21.68 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 61BE35AE)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 3D847719)
Partition 1: (Not Active) - (Size=149 GB) - (Type=0C)

========================================================
Disk: 2 (Size: 28.9 GB) (Disk ID: 4F5D3A68)
Partition 1: (Not Active) - (Size=28.9 GB) - (Type=0B)

==================== End of Addition.txt ============================

 

 

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP