Jump to content

WMP x264 Infected Need Help


Recommended Posts

Hi well i am a victim of this idiotic virus and my windows and desktop flash, close and is very annoying need help to get rid of it, tried restore but didn't work also my AVG is not finding any malware or virus in complete scans. Need Help!

Link to post
Share on other sites

Hi & :welcome:

My name is Jürgen and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully. :excl:

  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
P2P/Piracy Warning:

  • If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.
  • Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
  • If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now and read the policy on Piracy.
Step 1

Please run a FRST scan. This will help us diagnose your problem.

frst.pngfrstscan.png

Please download Farbar Recovery Scan Tool and save it to your Desktop.

(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)

  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.
Link to post
Share on other sites

Hi! Thanks so much for the quick response, i already disable the utorrent it´s not running not even in backround.

 

So i follow the instructions, my system is 64-bit and here there are the logs.

 

FRST

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-08-2014

Ran by Ricardo (administrator) on MONKIKIS on 23-08-2014 08:29:38
Running from C:\Users\Ricardo\Downloads
Platform: Windows 8.1 Single Language (X64) OS Language: Español (España, internacional)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
() C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Dropbox, Inc.) C:\Users\Ricardo\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506136 2014-05-16] (Realtek Semiconductor)
HKLM\...\Run: [simplePass] => C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe [2755640 2013-09-26] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [155704 2013-09-26] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [155704 2013-09-26] (Hewlett-Packard)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [iAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-04-02] (Intel Corporation)
HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-04-16] (Saitek)
HKLM\...\Run: [saiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2013-04-16] (Saitek)
HKLM-x32\...\Run: [YouCam Service] => c:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-09-01] (CyberLink Corp.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5179408 2014-06-17] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [switchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [blueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [832272 2014-05-21] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-08-05] (Hewlett-Packard)
HKLM\...\Winlogon: [userinit] C:\Windows\system32\userinit.exe,"C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe"
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2213921350-3789929110-89264035-1001\...\Run: [spotify Web Helper] => C:\Users\Ricardo\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-24] (Spotify Ltd)
HKU\S-1-5-21-2213921350-3789929110-89264035-1001\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
HKU\S-1-5-21-2213921350-3789929110-89264035-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2213921350-3789929110-89264035-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-2213921350-3789929110-89264035-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-2213921350-3789929110-89264035-1001\...\Run: [HP Deskjet 3050 J610 series (NET)] => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
Startup: C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Ricardo\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mysearch.avg.com?cid={A3783ACA-4B20-4677-8661-ACB90D120C5A}&mid=8864eec1d26d47d2a1ef91b969707f2d-aae5c1a075213d28b247e0d4bb710e552411f7d4〈=es-es&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-06-19 12:03:59&v=18.1.7.598&pid=safeguard&sg=&sap=hp
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPALL14/111
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPALL14/111
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPALL14/111
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPALL14/111
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPALL14/111
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={A3783ACA-4B20-4677-8661-ACB90D120C5A}&mid=8864eec1d26d47d2a1ef91b969707f2d-aae5c1a075213d28b247e0d4bb710e552411f7d4〈=es-es&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-06-19 12:03:59&v=18.1.0.443&pid=safeguard&sg=&sap=dsp&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
ShellExecuteHooks:  - {E54729E8-643D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook64.dll [773192 2013-11-12] ()
ShellExecuteHooks-x32:  - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook32.dll [484936 2013-11-12] ()
Hosts: 127.0.0.1 cap.cyberlink.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 0.0.0.0
 
FireFox:
========
FF ProfilePath: C:\Users\Ricardo\AppData\Roaming\Mozilla\Firefox\Profiles\g0yhvxsl.default
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolibre-mx.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-mx.xml
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-06-09]
 
Chrome: 
=======
CHR HomePage: hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP48BC9F0A-AE65-4A88-9B63-66A20789E045&SSPV=
CHR StartupUrls: "hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP48BC9F0A-AE65-4A88-9B63-66A20789E045&SSPV=", "hxxp://mysearch.avg.com?cid={8DFD910C-BC6E-41F1-B764-BF181EB507F0}&mid=54804e00410747d092eed1572ea9016e-278bd96ab7d55470580387085e070bc546ec0aec〈=es-es&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-20 20:42:37&v=18.0.5.292&pid=safeguard&sg=&sap=hp", "hxxp://search.conduit.com/?ctid={8DFD910C-BC6E-41F1-B764-BF181EB507F0}&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP48BC9F0A-AE65-4A88-9B63-66A20789E045&SSPV=|hxxp://mysearch.avg.com?cid={8DFD910C-BC6E-41F1-B764-BF181EB507F0}&mid=54804e00410747d092eed1572ea9016e-278bd96ab7d55470580387085e070bc546ec0aec〈=es-es&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-20 20:42:37&v=18.0.5.292&pid=safeguard&sg=&sap=hp", "hxxp://mysearch.avg.com?cid={8DFD910C-BC6E-41F1-B764-BF181EB507F0}&mid=54804e00410747d092eed1572ea9016e-278bd96ab7d55470580387085e070bc546ec0aec〈=es-es&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-20 20:42:37&v=18.1.0.443&pid=safeguard&sg=&sap=hp", "hxxp://mysearch.avg.com?cid={A3783ACA-4B20-4677-8661-ACB90D120C5A}&mid=8864eec1d26d47d2a1ef91b969707f2d-aae5c1a075213d28b247e0d4bb710e552411f7d4〈=es-es&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-06-19 12:03:59&v=18.1.0.443&pid=safeguard&sg=&sap=hp", "hxxp://mysearch.avg.com?cid={A3783ACA-4B20-4677-8661-ACB90D120C5A}&mid=8864eec1d26d47d2a1ef91b969707f2d-aae5c1a075213d28b247e0d4bb710e552411f7d4〈=es-es&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-06-19 12:03:59&v=18.1.7.598&pid=safeguard&sg=&sap=hp"
CHR Extension: (Angry Birds) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-05-15]
CHR Extension: (Google Docs) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-15]
CHR Extension: (Google Drive) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-15]
CHR Extension: (YouTube) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-15]
CHR Extension: (Búsqueda de Google) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-15]
CHR Extension: (Google Wallet) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-15]
CHR Extension: (Gmail) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-15]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 0309031400174048mcinstcleanup; C:\windows\TEMP\030903~1.EXE [834664 2013-07-12] (McAfee, Inc.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3241488 2014-06-27] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-06-17] (AVG Technologies CZ, s.r.o.)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2014-06-06] (Broadcom Corporation.)
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-05-21] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-05-21] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [774928 2014-05-21] (BlueStack Systems, Inc.)
R2 Cachedrv server; C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe [109568 2013-09-26] () [File not signed]
R2 CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-08-12] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-08-12] (CyberLink)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 HPSLPSVC; C:\Users\Ricardo\AppData\Local\Temp\7zS0485\hpslpsvc64.dll [1039360 2013-07-19] (Hewlett-Packard Co.) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2014-04-02] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-08-08] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [87552 2013-09-26] (Softex Inc.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-05-16] (Realtek Semiconductor)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-08-24] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)
S2 mcbootdelaystartsvc; "C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [274712 2014-05-14] (AVG Technologies CZ, s.r.o.)
U3 axscsidrv; C:\Windows\System32\Drivers\axscsidrv.sys [293888 2014-05-15] (Alcohol Soft Development Team)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2014-06-06] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7480496 2013-11-12] (Broadcom Corporation)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [123152 2014-05-21] (BlueStack Systems)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [131584 2013-08-22] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [291544 2014-05-16] (Realtek Semiconductor Corp.)
S3 SaiH0C2D; C:\Windows\system32\DRIVERS\SaiH0C2D.sys [176128 2007-07-02] (Saitek)
R3 SaiMini; C:\Windows\System32\drivers\SaiMini.sys [25120 2013-04-30] (Saitek)
R3 SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-05-15] (Duplex Secure Ltd.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
U3 McMPFSvc; No ImagePath
U3 McNaiAnn; No ImagePath
U3 mcpltsvc; No ImagePath
U3 McProxy; No ImagePath
U3 mfecore; No ImagePath
U3 MSK80Service; No ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-23 08:29 - 2014-08-23 08:30 - 00027967 _____ () C:\Users\Ricardo\Downloads\FRST.txt
2014-08-23 08:29 - 2014-08-23 08:29 - 00000000 ____D () C:\FRST
2014-08-23 08:24 - 2014-08-23 08:24 - 02103296 _____ (Farbar) C:\Users\Ricardo\Downloads\FRST64.exe
2014-08-22 12:44 - 2014-08-23 00:53 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\IVsoft
2014-08-22 12:44 - 2014-08-23 00:53 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\ITsoft
2014-08-21 15:51 - 2014-08-23 00:54 - 00000000 ____D () C:\Program Files (x86)\RAR Password Unlocker
2014-08-20 19:52 - 2014-08-23 00:54 - 00000000 ____D () C:\ProgramData\Licenses
2014-08-20 19:45 - 2014-08-23 00:53 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Virtuali
2014-08-20 19:39 - 2014-08-23 00:54 - 00000000 ____D () C:\ProgramData\Esellerate
2014-08-19 15:56 - 2014-08-19 15:56 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AICM-UPD1.1
2014-08-18 18:56 - 2014-08-18 18:56 - 00000000 ___HD () C:\windows\msdownld.tmp
2014-08-18 16:51 - 2014-08-23 00:54 - 00000000 ____D () C:\REX Texture Direct
2014-08-18 16:51 - 2014-08-18 16:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REX 4
2014-08-17 15:57 - 2014-08-23 00:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-17 15:57 - 2014-08-23 00:29 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-17 15:57 - 2014-08-17 15:57 - 00272808 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-08-17 15:57 - 2014-08-17 15:57 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-08-17 15:57 - 2014-08-17 15:57 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-08-17 15:57 - 2014-08-17 15:57 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-17 15:43 - 2014-08-23 00:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IVAO
2014-08-16 21:57 - 2014-08-23 00:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimMarket
2014-08-15 10:22 - 2014-08-15 10:22 - 00001233 _____ () C:\Users\Ricardo\Desktop\FSX Fiber.lnk
2014-08-14 20:44 - 2014-08-14 20:44 - 00000000 ____D () C:\Users\Ricardo\Downloads\Alf (1986)
2014-08-13 11:22 - 2014-08-13 11:22 - 00000000 ____D () C:\Users\alexn_000\AppData\Roaming\Macromedia
2014-08-13 11:22 - 2014-08-13 11:22 - 00000000 ____D () C:\Users\alexn_000\AppData\Local\Macromedia
2014-08-13 11:16 - 2014-08-13 11:16 - 00000000 ____D () C:\Users\alexn_000\AppData\Roaming\Mozilla
2014-08-13 11:16 - 2014-08-13 11:16 - 00000000 ____D () C:\Users\alexn_000\AppData\Local\Mozilla
2014-08-12 17:53 - 2014-07-25 08:52 - 23645696 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-08-12 17:53 - 2014-07-25 07:51 - 17524224 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-08-12 17:53 - 2014-07-25 07:28 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-08-12 17:53 - 2014-07-25 07:25 - 02774528 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-08-12 17:53 - 2014-07-25 07:25 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-08-12 17:53 - 2014-07-25 06:59 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-08-12 17:53 - 2014-07-25 06:40 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-08-12 17:53 - 2014-07-25 06:34 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-08-12 17:53 - 2014-07-25 06:30 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-08-12 17:53 - 2014-07-25 06:28 - 05824512 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-08-12 17:53 - 2014-07-25 06:28 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-08-12 17:53 - 2014-07-25 06:21 - 02184704 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-08-12 17:53 - 2014-07-25 06:17 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-08-12 17:53 - 2014-07-25 06:10 - 00292864 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-08-12 17:53 - 2014-07-25 06:08 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-08-12 17:53 - 2014-07-25 06:06 - 04204032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-08-12 17:53 - 2014-07-25 05:52 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-08-12 17:53 - 2014-07-25 05:47 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-08-12 17:53 - 2014-07-25 05:43 - 00333312 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-08-12 17:53 - 2014-07-25 05:43 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-12 17:53 - 2014-07-25 05:42 - 00692736 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-08-12 17:53 - 2014-07-25 05:39 - 02087936 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-08-12 17:53 - 2014-07-25 05:34 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-08-12 17:53 - 2014-07-25 05:29 - 00239616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-08-12 17:53 - 2014-07-25 05:23 - 13547008 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-08-12 17:53 - 2014-07-25 05:13 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-08-12 17:53 - 2014-07-25 05:09 - 00291840 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-08-12 17:53 - 2014-07-25 05:07 - 02001920 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-08-12 17:53 - 2014-07-25 05:03 - 11772928 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-08-12 17:53 - 2014-07-25 04:52 - 02266624 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-08-12 17:53 - 2014-07-25 04:26 - 01431040 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-08-12 17:53 - 2014-07-25 04:17 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-08-12 17:53 - 2014-07-25 04:09 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-08-12 17:53 - 2014-07-25 04:05 - 01792512 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-08-12 17:53 - 2014-07-25 04:00 - 01169920 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-08-12 17:50 - 2014-06-19 19:48 - 01273184 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2014-08-12 17:50 - 2014-06-19 17:52 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2014-08-12 17:50 - 2014-06-12 19:15 - 00517528 _____ (Microsoft Corporation) C:\windows\system32\dxgi.dll
2014-08-12 17:50 - 2014-06-12 19:14 - 01557848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2014-08-12 17:50 - 2014-06-12 18:10 - 00406400 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxgi.dll
2014-08-12 17:50 - 2014-06-06 05:34 - 02133504 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2014-08-12 17:49 - 2014-07-15 12:16 - 03048880 _____ (Microsoft Corporation) C:\windows\system32\WpcMon.exe
2014-08-12 17:49 - 2014-07-15 02:29 - 03118080 _____ (Microsoft Corporation) C:\windows\system32\Wpc.dll
2014-08-12 17:49 - 2014-07-15 02:22 - 02861056 _____ (Microsoft Corporation) C:\windows\system32\WpcWebSync.dll
2014-08-12 17:49 - 2014-07-15 02:03 - 02344448 _____ (Microsoft Corporation) C:\windows\SysWOW64\Wpc.dll
2014-08-12 17:49 - 2014-06-09 16:13 - 00035480 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe
2014-08-12 17:49 - 2014-06-09 16:13 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
2014-08-12 17:48 - 2014-07-09 22:16 - 00716800 _____ (Microsoft Corporation) C:\windows\system32\SkyDriveTelemetry.dll
2014-08-12 17:48 - 2014-07-09 22:03 - 04756992 _____ (Microsoft Corporation) C:\windows\system32\SyncEngine.dll
2014-08-12 17:48 - 2014-07-09 21:33 - 01120256 _____ (Microsoft Corporation) C:\windows\system32\SkyDrive.exe
2014-08-12 17:48 - 2014-05-31 00:27 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2014-08-12 17:48 - 2014-05-13 01:01 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\BulkOperationHost.exe
2014-08-12 17:48 - 2014-05-12 23:07 - 02844160 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll
2014-08-12 17:48 - 2014-05-12 22:41 - 00118272 _____ (Microsoft Corporation) C:\windows\system32\winbici.dll
2014-08-12 17:48 - 2014-05-12 22:26 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\SkyDriveShell.dll
2014-08-12 17:48 - 2014-05-12 21:59 - 01035264 _____ (Microsoft Corporation) C:\windows\SysWOW64\actxprxy.dll
2014-08-12 17:48 - 2014-05-12 21:31 - 00265216 _____ (Microsoft Corporation) C:\windows\SysWOW64\SkyDriveShell.dll
2014-08-12 17:48 - 2014-05-03 05:29 - 01726224 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2014-08-12 17:48 - 2014-05-03 03:20 - 01473080 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2014-08-12 17:48 - 2014-05-02 23:36 - 00997888 _____ (Microsoft Corporation) C:\windows\system32\reseteng.dll
2014-08-12 17:48 - 2014-05-02 23:19 - 00071168 _____ (Microsoft Corporation) C:\windows\system32\ncobjapi.dll
2014-08-12 17:48 - 2014-05-02 23:08 - 00301056 _____ (Microsoft Corporation) C:\windows\system32\framedynos.dll
2014-08-12 17:48 - 2014-05-02 23:07 - 00262656 _____ (Microsoft Corporation) C:\windows\system32\framedyn.dll
2014-08-12 17:48 - 2014-05-02 22:46 - 00052736 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncobjapi.dll
2014-08-12 17:48 - 2014-05-02 22:37 - 00235008 _____ (Microsoft Corporation) C:\windows\SysWOW64\framedynos.dll
2014-08-12 17:48 - 2014-05-02 22:37 - 00207360 _____ (Microsoft Corporation) C:\windows\SysWOW64\framedyn.dll
2014-08-12 17:48 - 2014-05-02 17:26 - 00050745 _____ () C:\windows\system32\srms.dat
2014-08-12 17:48 - 2014-04-30 23:44 - 01025536 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2014-08-12 17:48 - 2014-04-30 00:43 - 00071680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vwififlt.sys
2014-08-12 17:48 - 2014-04-30 00:41 - 00402432 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2014-08-12 17:48 - 2014-04-30 00:41 - 00096768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\agilevpn.sys
2014-08-12 17:48 - 2014-04-30 00:41 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vwifimp.sys
2014-08-12 17:48 - 2014-04-29 23:45 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\Robocopy.exe
2014-08-12 17:48 - 2014-04-29 22:48 - 00106496 _____ (Microsoft Corporation) C:\windows\SysWOW64\Robocopy.exe
2014-08-12 17:48 - 2014-04-29 22:24 - 00065024 _____ (Microsoft Corporation) C:\windows\system32\dhcpcsvc6.dll
2014-08-12 17:48 - 2014-04-29 22:23 - 00353280 _____ (Microsoft Corporation) C:\windows\system32\dhcpcore.dll
2014-08-12 17:48 - 2014-04-29 22:23 - 00271872 _____ (Microsoft Corporation) C:\windows\system32\dhcpcore6.dll
2014-08-12 17:48 - 2014-04-29 22:23 - 00087552 _____ (Microsoft Corporation) C:\windows\system32\dhcpcsvc.dll
2014-08-12 17:48 - 2014-04-29 22:14 - 00827392 _____ (Microsoft Corporation) C:\windows\system32\BFE.DLL
2014-08-12 17:48 - 2014-04-29 21:59 - 01063424 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2014-08-12 17:48 - 2014-04-29 21:46 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcore.dll
2014-08-12 17:48 - 2014-04-29 21:46 - 00229888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcore6.dll
2014-08-12 17:48 - 2014-04-29 21:46 - 00056320 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcsvc6.dll
2014-08-12 17:48 - 2014-04-29 21:45 - 00062976 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcsvc.dll
2014-08-12 17:48 - 2014-04-29 21:42 - 00403968 _____ (Microsoft Corporation) C:\windows\system32\vpnike.dll
2014-08-12 17:48 - 2014-04-28 16:40 - 00721408 _____ (Microsoft Corporation) C:\windows\system32\fveapi.dll
2014-08-12 17:48 - 2014-04-26 16:03 - 02140888 _____ (Microsoft Corporation) C:\windows\system32\mfcore.dll
2014-08-12 17:48 - 2014-04-26 14:14 - 02144984 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfcore.dll
2014-08-12 17:48 - 2014-04-26 10:39 - 00339456 _____ (Microsoft Corporation) C:\windows\system32\bdesvc.dll
2014-08-12 17:48 - 2014-04-14 03:37 - 02125344 _____ (Microsoft Corporation) C:\windows\system32\d3d9.dll
2014-08-12 17:48 - 2014-04-14 02:08 - 01797896 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d9.dll
2014-08-12 17:48 - 2014-04-13 23:18 - 00011776 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d8thk.dll
2014-08-12 17:48 - 2014-04-09 00:11 - 00226816 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2014-08-12 17:48 - 2014-04-08 23:20 - 00198656 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2014-08-12 17:47 - 2014-08-06 20:12 - 01336624 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-08-12 17:47 - 2014-08-06 16:39 - 04148224 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-08-12 17:47 - 2014-08-06 16:38 - 00697856 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-08-12 17:47 - 2014-08-01 23:44 - 00527360 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-08-12 17:47 - 2014-08-01 21:56 - 01064448 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-08-12 17:47 - 2014-08-01 21:11 - 00918528 _____ (Microsoft Corporation) C:\windows\system32\MrmCoreR.dll
2014-08-12 17:47 - 2014-07-11 22:17 - 00623616 _____ (Microsoft Corporation) C:\windows\system32\MDMAgent.exe
2014-08-12 17:47 - 2014-06-05 08:13 - 00216368 _____ (Microsoft Corporation) C:\windows\system32\rsaenh.dll
2014-08-12 17:47 - 2014-06-05 07:14 - 00189016 _____ (Microsoft Corporation) C:\windows\SysWOW64\rsaenh.dll
2014-08-12 17:47 - 2014-06-04 03:27 - 00114520 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2014-08-12 17:47 - 2014-06-03 23:31 - 00356352 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2014-08-12 17:47 - 2014-06-03 23:22 - 02790912 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-08-12 17:47 - 2014-06-03 22:43 - 00281088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2014-08-12 17:47 - 2014-06-03 22:38 - 03304448 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-08-12 17:47 - 2014-06-03 20:15 - 02642944 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2014-08-12 17:47 - 2014-06-03 20:14 - 02318336 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2014-08-12 17:47 - 2014-06-01 20:10 - 00423768 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
2014-08-12 17:47 - 2014-05-31 04:07 - 00467800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBHUB3.SYS
2014-08-12 17:47 - 2014-05-31 04:07 - 00440664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2014-08-12 17:47 - 2014-05-31 04:07 - 00419672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2014-08-12 17:47 - 2014-05-31 04:07 - 00089944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2014-08-12 17:47 - 2014-05-31 04:07 - 00027480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2014-08-12 17:47 - 2014-05-31 00:30 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2014-08-12 17:47 - 2014-05-31 00:27 - 00110592 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFPf.sys
2014-08-12 17:47 - 2014-05-31 00:26 - 00227840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFRd.sys
2014-08-12 17:47 - 2014-05-30 22:01 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\WUDFHost.exe
2014-08-12 17:47 - 2014-05-30 22:01 - 00209408 _____ (Microsoft Corporation) C:\windows\system32\WUDFPlatform.dll
2014-08-12 17:47 - 2014-05-30 22:01 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\WUDFSvc.dll
2014-08-12 17:47 - 2014-05-27 09:53 - 02518360 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-08-12 17:47 - 2014-05-27 03:56 - 00323584 _____ (Microsoft Corporation) C:\windows\system32\DaOtpCredentialProvider.dll
2014-08-12 17:47 - 2014-05-27 03:53 - 00270848 _____ (Microsoft Corporation) C:\windows\SysWOW64\DaOtpCredentialProvider.dll
2014-08-12 17:47 - 2014-05-16 22:59 - 16871936 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.dll
2014-08-12 17:47 - 2014-05-16 22:13 - 12711424 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.dll
2014-08-11 22:10 - 2014-08-11 22:10 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\Macromedia
2014-08-11 17:25 - 2014-08-22 09:53 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\Adobe
2014-08-11 12:44 - 2014-08-23 00:30 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Mozilla
2014-08-11 12:44 - 2014-08-23 00:29 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\Mozilla
2014-08-11 12:44 - 2014-08-11 12:44 - 00001189 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-11 12:44 - 2014-08-11 12:44 - 00000000 ____D () C:\ProgramData\Mozilla
2014-08-11 12:44 - 2014-08-11 12:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-10 15:17 - 2011-07-17 17:03 - 00272896 _____ () C:\windows\mvalkdj.dll
2014-08-10 15:12 - 2011-07-17 17:03 - 00272896 _____ () C:\windows\system32\mvalkdj.dll
2014-08-10 15:09 - 2014-08-10 15:09 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MilViz - Northrop T-38 Talon
2014-08-10 09:34 - 2014-08-23 00:30 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FSPS
2014-08-10 09:34 - 2014-08-18 13:52 - 00000000 ____D () C:\FSX Fiber Accelerator
2014-08-08 21:31 - 2014-08-08 21:37 - 00000000 ____D () C:\Users\Ricardo\Downloads\Temporada 4
2014-08-08 21:30 - 2014-08-08 21:35 - 00000000 ____D () C:\Users\Ricardo\Downloads\Temporada 3
2014-08-05 17:08 - 2014-08-23 00:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games
2014-08-05 15:10 - 2014-08-23 00:30 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rikoooo Add-ons
2014-08-05 15:09 - 2014-08-23 00:29 - 00000000 ____D () C:\ProgramData\InstallMate
2014-08-02 10:05 - 2014-08-02 10:05 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Fly By Wi-Fi
2014-08-02 10:05 - 2014-08-02 10:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fly By Wi-Fi
2014-08-02 10:05 - 2014-08-02 10:05 - 00000000 ____D () C:\Fly By Wi-Fi
2014-08-01 15:52 - 2014-08-01 15:52 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\MediaShow
2014-07-31 10:49 - 2014-07-31 10:49 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\InstallShield
2014-07-31 10:06 - 2014-08-23 00:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlyTampa
2014-07-28 19:32 - 2014-07-28 19:32 - 00000887 _____ () C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-07-28 17:27 - 2014-07-28 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xtreme Prototypes 20 Series Business Jets SP2
2014-07-27 11:09 - 2014-08-23 00:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-27 11:09 - 2014-08-23 00:55 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-27 11:09 - 2014-08-23 00:55 - 00000000 ____D () C:\Program Files\iTunes
2014-07-27 11:09 - 2014-08-23 00:29 - 00000000 ____D () C:\Program Files\iPod
2014-07-27 11:01 - 2014-08-23 00:29 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-07-27 11:01 - 2014-07-27 11:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-23 08:30 - 2014-08-23 08:29 - 00027967 _____ () C:\Users\Ricardo\Downloads\FRST.txt
2014-08-23 08:30 - 2014-05-15 11:19 - 00001056 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-23 08:29 - 2014-08-23 08:29 - 00000000 ____D () C:\FRST
2014-08-23 08:28 - 2014-05-15 11:28 - 00000000 ____D () C:\ProgramData\MFAData
2014-08-23 08:27 - 2014-05-15 11:09 - 02051428 _____ () C:\windows\WindowsUpdate.log
2014-08-23 08:27 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\AppReadiness
2014-08-23 08:24 - 2014-08-23 08:24 - 02103296 _____ (Farbar) C:\Users\Ricardo\Downloads\FRST64.exe
2014-08-23 08:24 - 2014-05-15 11:17 - 00003594 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2213921350-3789929110-89264035-1001
2014-08-23 08:20 - 2014-06-09 22:13 - 00000000 ___RD () C:\Users\Ricardo\Dropbox
2014-08-23 08:20 - 2014-06-09 22:06 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Dropbox
2014-08-23 08:19 - 2014-06-13 08:16 - 00004966 _____ () C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for MONKIKIS-Ricardo Monkikis
2014-08-23 08:19 - 2014-05-15 11:14 - 00000000 ___DO () C:\Users\Ricardo\SkyDrive
2014-08-23 08:19 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\sru
2014-08-23 08:17 - 2014-05-15 11:19 - 00001052 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-23 06:21 - 2014-06-24 19:37 - 00000000 ____D () C:\Users\Ricardo\Documents\Youcam
2014-08-23 04:31 - 2014-05-16 17:05 - 00000358 _____ () C:\windows\Tasks\HPCeeScheduleForRicardo.job
2014-08-23 01:09 - 2013-11-12 15:18 - 00822870 _____ () C:\windows\system32\perfh00A.dat
2014-08-23 01:09 - 2013-11-12 15:18 - 00193376 _____ () C:\windows\system32\perfc00A.dat
2014-08-23 01:09 - 2013-08-24 15:38 - 01900896 _____ () C:\windows\system32\PerfStringBackup.INI
2014-08-23 01:06 - 2014-05-15 11:11 - 00000000 ____D () C:\Users\Ricardo
2014-08-23 01:02 - 2013-08-22 08:45 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-08-23 01:02 - 2013-08-22 08:44 - 05121008 _____ () C:\windows\system32\FNTCACHE.DAT
2014-08-23 00:58 - 2014-06-06 11:33 - 00000000 ____D () C:\Users\Administrator
2014-08-23 00:58 - 2014-05-15 21:49 - 00000000 ____D () C:\Users\alexn_000
2014-08-23 00:58 - 2013-08-22 09:36 - 00000000 __RSD () C:\windows\Media
2014-08-23 00:58 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\WinStore
2014-08-23 00:58 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\Camera
2014-08-23 00:57 - 2014-07-10 09:50 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-08-23 00:57 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\inetsrv
2014-08-23 00:57 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\MediaViewer
2014-08-23 00:57 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\FileManager
2014-08-23 00:56 - 2014-07-15 22:21 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\vlc
2014-08-23 00:56 - 2014-06-06 11:46 - 00000000 ____D () C:\Users\Ricardo\Downloads\Utilidades
2014-08-23 00:56 - 2014-06-02 14:14 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\teamspeak2
2014-08-23 00:56 - 2014-05-15 12:15 - 00000000 ____D () C:\Users\Ricardo\Downloads\Flight Simulator
2014-08-23 00:56 - 2014-05-15 11:38 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\uTorrent
2014-08-23 00:56 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\WindowsInternal.Inbox.Shared
2014-08-23 00:56 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\WindowsInternal.Inbox.Media.Shared
2014-08-23 00:56 - 2013-08-22 07:36 - 00000000 ____D () C:\windows\system32\Sysprep
2014-08-23 00:55 - 2014-08-17 15:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-23 00:55 - 2014-08-17 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IVAO
2014-08-23 00:55 - 2014-07-27 11:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-23 00:55 - 2014-07-27 11:09 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-23 00:55 - 2014-07-27 11:09 - 00000000 ____D () C:\Program Files\iTunes
2014-08-23 00:55 - 2014-06-22 18:42 - 00000000 ____D () C:\Microsoft Flight Simulator X
2014-08-23 00:55 - 2014-06-18 17:35 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-08-23 00:55 - 2014-06-07 18:32 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-08-23 00:55 - 2014-06-02 20:20 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-23 00:55 - 2014-05-15 13:17 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\Hewlett-Packard
2014-08-23 00:55 - 2013-11-12 15:02 - 00000000 ____D () C:\Program Files\Bonjour
2014-08-23 00:55 - 2013-11-12 15:02 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-08-23 00:54 - 2014-08-21 15:51 - 00000000 ____D () C:\Program Files (x86)\RAR Password Unlocker
2014-08-23 00:54 - 2014-08-20 19:52 - 00000000 ____D () C:\ProgramData\Licenses
2014-08-23 00:54 - 2014-08-20 19:39 - 00000000 ____D () C:\ProgramData\Esellerate
2014-08-23 00:54 - 2014-08-18 16:51 - 00000000 ____D () C:\REX Texture Direct
2014-08-23 00:53 - 2014-08-22 12:44 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\IVsoft
2014-08-23 00:53 - 2014-08-22 12:44 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\ITsoft
2014-08-23 00:53 - 2014-08-20 19:45 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Virtuali
2014-08-23 00:38 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\registration
2014-08-23 00:35 - 2013-11-12 15:18 - 00000000 ____D () C:\windows\SysWOW64\XPSViewer
2014-08-23 00:35 - 2013-08-22 13:10 - 00000000 ____D () C:\windows\SysWOW64\winrm
2014-08-23 00:35 - 2013-08-22 13:10 - 00000000 ____D () C:\windows\SysWOW64\slmgr
2014-08-23 00:35 - 2013-08-22 13:10 - 00000000 ____D () C:\windows\SysWOW64\Printing_Admin_Scripts
2014-08-23 00:35 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\Web
2014-08-23 00:35 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\Vss
2014-08-23 00:35 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\vpnplugins
2014-08-23 00:35 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\SysWOW64\WindowsPowerShell
2014-08-23 00:35 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\SysWOW64\spp
2014-08-23 00:35 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\SysWOW64\Speech
2014-08-23 00:35 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\SysWOW64\networklist
2014-08-23 00:35 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\SysWOW64\MUI
2014-08-23 00:35 - 2013-08-22 07:36 - 00000000 ____D () C:\windows\SysWOW64\oobe
2014-08-23 00:34 - 2013-11-12 14:32 - 00000000 ____D () C:\windows\System32\Tasks\Hewlett-Packard
2014-08-23 00:34 - 2013-11-12 14:21 - 00000000 ____D () C:\windows\system32\SRSLabs
2014-08-23 00:34 - 2013-08-22 13:10 - 00000000 ____D () C:\windows\system32\winrm
2014-08-23 00:34 - 2013-08-22 13:10 - 00000000 ____D () C:\windows\system32\slmgr
2014-08-23 00:34 - 2013-08-22 13:10 - 00000000 ____D () C:\windows\system32\Printing_Admin_Scripts
2014-08-23 00:34 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\SysWOW64\MsDtc
2014-08-23 00:34 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\SysWOW64\Macromed
2014-08-23 00:34 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\SysWOW64\Licenses
2014-08-23 00:34 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\SysWOW64\InstallShield
2014-08-23 00:34 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\SysWOW64\InputMethod
2014-08-23 00:34 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\SysWOW64\inetsrv
2014-08-23 00:34 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\SysWOW64\IME
2014-08-23 00:34 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\SysWOW64\Com
2014-08-23 00:34 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\SystemResources
2014-08-23 00:34 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\WindowsPowerShell
2014-08-23 00:34 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\WinBioPlugIns
2014-08-23 00:34 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\SystemResetPlatform
2014-08-23 00:34 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\spp
2014-08-23 00:34 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\spool
2014-08-23 00:34 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\Speech
2014-08-23 00:34 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\System
2014-08-23 00:34 - 2013-08-22 07:36 - 00000000 ____D () C:\windows\SysWOW64\Dism
2014-08-23 00:34 - 2013-08-22 07:36 - 00000000 ____D () C:\windows\system32\SMI
2014-08-23 00:34 - 2013-08-22 07:36 - 00000000 ____D () C:\windows\system32\oobe
2014-08-23 00:33 - 2013-08-22 13:12 - 00000000 ____D () C:\windows\SKB
2014-08-23 00:33 - 2013-08-22 09:36 - 00000000 ___SD () C:\windows\system32\dsc
2014-08-23 00:33 - 2013-08-22 09:36 - 00000000 ___SD () C:\windows\system32\Configuration
2014-08-23 00:33 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\networklist
2014-08-23 00:33 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\MUI
2014-08-23 00:33 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\MsDtc
2014-08-23 00:33 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\migwiz
2014-08-23 00:33 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\Macromed
2014-08-23 00:33 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\Licenses
2014-08-23 00:33 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\InputMethod
2014-08-23 00:33 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\IME
2014-08-23 00:33 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\Com
2014-08-23 00:33 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\Speech
2014-08-23 00:33 - 2013-08-22 08:45 - 00000000 ____D () C:\windows\Setup
2014-08-23 00:33 - 2013-08-22 07:36 - 00000000 ____D () C:\windows\system32\Dism
2014-08-23 00:33 - 2013-08-22 07:36 - 00000000 ____D () C:\windows\servicing
2014-08-23 00:32 - 2013-08-22 09:36 - 00000000 ___RD () C:\windows\ImmersiveControlPanel
2014-08-23 00:32 - 2013-08-22 09:36 - 00000000 ___RD () C:\windows\DesktopTileResources
2014-08-23 00:32 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\security
2014-08-23 00:32 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\schemas
2014-08-23 00:32 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\Resources
2014-08-23 00:32 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\rescache
2014-08-23 00:32 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-08-23 00:32 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\PLA
2014-08-23 00:32 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\Performance
2014-08-23 00:32 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\InputMethod
2014-08-23 00:32 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\IME
2014-08-23 00:32 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\Help
2014-08-23 00:32 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\Globalization
2014-08-23 00:32 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\Branding
2014-08-23 00:31 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\AppCompat
2014-08-23 00:31 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\ADFS
2014-08-23 00:30 - 2014-08-11 12:44 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Mozilla
2014-08-23 00:30 - 2014-08-10 09:34 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FSPS
2014-08-23 00:30 - 2014-08-05 15:10 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rikoooo Add-ons
2014-08-23 00:30 - 2014-06-16 09:53 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\IVAO
2014-08-23 00:30 - 2014-06-05 16:46 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\SmartTechnology
2014-08-23 00:30 - 2014-06-02 15:56 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\AnvSoft
2014-08-23 00:30 - 2014-05-18 17:28 - 00000000 ____D () C:\Users\Ricardo\Documents\SBS Plotter
2014-08-23 00:30 - 2014-05-16 15:59 - 00000000 ____D () C:\Users\Ricardo\Documents\Aerosoft
2014-08-23 00:30 - 2014-05-15 13:18 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Macromedia
2014-08-23 00:30 - 2014-05-15 12:15 - 00000000 ____D () C:\Users\Ricardo\Downloads\Aplicaciones
2014-08-23 00:30 - 2014-05-15 11:42 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\AVG2014
2014-08-23 00:30 - 2014-05-15 11:18 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\CyberLink
2014-08-23 00:30 - 2014-05-15 11:12 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Adobe
2014-08-23 00:30 - 2014-05-15 11:12 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\VirtualStore
2014-08-23 00:30 - 2014-05-15 11:12 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\Packages
2014-08-23 00:29 - 2014-08-17 15:57 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-23 00:29 - 2014-08-16 21:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimMarket
2014-08-23 00:29 - 2014-08-11 12:44 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\Mozilla
2014-08-23 00:29 - 2014-08-05 17:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games
2014-08-23 00:29 - 2014-08-05 15:09 - 00000000 ____D () C:\ProgramData\InstallMate
2014-08-23 00:29 - 2014-07-31 10:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlyTampa
2014-08-23 00:29 - 2014-07-27 11:09 - 00000000 ____D () C:\Program Files\iPod
2014-08-23 00:29 - 2014-07-27 11:01 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-08-23 00:29 - 2014-07-15 22:20 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-23 00:29 - 2014-06-25 19:56 - 00000000 ____D () C:\ProgramData\Visan
2014-08-23 00:29 - 2014-06-25 19:56 - 00000000 ____D () C:\ProgramData\HP Photo Creations
2014-08-23 00:29 - 2014-06-25 19:56 - 00000000 ____D () C:\Program Files\HP
2014-08-23 00:29 - 2014-06-25 19:56 - 00000000 ____D () C:\Program Files (x86)\HP
2014-08-23 00:29 - 2014-06-25 19:55 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\HP
2014-08-23 00:29 - 2014-06-25 19:46 - 00000000 ____D () C:\ProgramData\HP
2014-08-23 00:29 - 2014-06-24 20:35 - 00000000 ____D () C:\Program Files (x86)\CsernakGergely
2014-08-23 00:29 - 2014-06-18 17:35 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-08-23 00:29 - 2014-06-14 17:03 - 00000000 ____D () C:\Program Files\Common Files\Logitech
2014-08-23 00:29 - 2014-06-06 11:36 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\AVG2014
2014-08-23 00:29 - 2014-06-06 11:36 - 00000000 ____D () C:\Users\Administrator\AppData\Local\CyberLink
2014-08-23 00:29 - 2014-06-06 11:34 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe
2014-08-23 00:29 - 2014-06-06 11:34 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Packages
2014-08-23 00:29 - 2014-06-05 16:45 - 00000000 ____D () C:\Program Files\SmartTechnology
2014-08-23 00:29 - 2014-06-05 16:01 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\CH Products
2014-08-23 00:29 - 2014-06-05 16:01 - 00000000 ____D () C:\Program Files (x86)\CH Products
2014-08-23 00:29 - 2014-06-05 16:00 - 00000000 ____D () C:\Program Files (x86)\Saitek
2014-08-23 00:29 - 2014-06-02 20:20 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-08-23 00:29 - 2014-06-02 20:19 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-08-23 00:29 - 2014-06-02 14:14 - 00000000 ____D () C:\Program Files (x86)\IVAO
2014-08-23 00:29 - 2014-05-18 17:10 - 00000000 ____D () C:\Program Files (x86)\VirtualRadar
2014-08-23 00:29 - 2014-05-16 15:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aerosoft
2014-08-23 00:29 - 2014-05-16 08:08 - 00000000 ____D () C:\Program Files\Adobe
2014-08-23 00:29 - 2014-05-16 08:06 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-08-23 00:29 - 2014-05-15 13:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-08-23 00:29 - 2014-05-15 13:24 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-08-23 00:29 - 2014-05-15 13:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-23 00:29 - 2014-05-15 13:23 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-08-23 00:29 - 2014-05-15 13:23 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-08-23 00:29 - 2014-05-15 13:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-08-23 00:29 - 2014-05-15 13:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-08-23 00:29 - 2014-05-15 12:07 - 00000000 ____D () C:\ProgramData\Adobe
2014-08-23 00:29 - 2014-05-15 12:00 - 00000000 ____D () C:\Program Files\WinRAR
2014-08-23 00:29 - 2014-05-15 11:52 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\Intel_Corporation
2014-08-23 00:29 - 2014-05-15 11:41 - 00000000 ____D () C:\ProgramData\AVG2014
2014-08-23 00:29 - 2014-05-15 11:19 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\Google
2014-08-23 00:29 - 2014-05-15 11:19 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\Apps\2.0
2014-08-23 00:29 - 2014-05-15 11:19 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-23 00:29 - 2014-05-15 11:13 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\CyberLink
2014-08-23 00:29 - 2013-11-12 15:08 - 00000000 ____D () C:\Program Files\mcafee
2014-08-23 00:29 - 2013-11-12 15:08 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-08-23 00:29 - 2013-11-12 15:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-08-23 00:29 - 2013-11-12 15:08 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-08-23 00:29 - 2013-11-12 15:07 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-08-23 00:29 - 2013-11-12 15:02 - 00000000 ____D () C:\ProgramData\Apple
2014-08-23 00:29 - 2013-11-12 14:42 - 00000000 ____D () C:\Users\Public\Documents\CyberLink
2014-08-23 00:29 - 2013-11-12 14:42 - 00000000 ____D () C:\ProgramData\WildTangent
2014-08-23 00:29 - 2013-11-12 14:42 - 00000000 ____D () C:\ProgramData\CyberLink
2014-08-23 00:29 - 2013-11-12 14:42 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-08-23 00:29 - 2013-11-12 14:41 - 00000000 ____D () C:\Users\Public\CyberLink
2014-08-23 00:29 - 2013-11-12 14:38 - 00000000 ____D () C:\ProgramData\install_clap
2014-08-23 00:29 - 2013-11-12 14:38 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2014-08-23 00:29 - 2013-11-12 14:37 - 00000000 ___RD () C:\Program Files (x86)\Online Services
2014-08-23 00:29 - 2013-11-12 14:37 - 00000000 ____D () C:\ProgramData\Temp
2014-08-23 00:29 - 2013-11-12 14:37 - 00000000 ____D () C:\Program Files (x86)\EasyBits For Kids
2014-08-23 00:29 - 2013-11-12 14:36 - 00000000 ____D () C:\Program Files\DIFX
2014-08-23 00:29 - 2013-11-12 14:35 - 00000000 ____D () C:\ProgramData\Intel
2014-08-23 00:29 - 2013-11-12 14:35 - 00000000 ____D () C:\Program Files\Broadcom
2014-08-23 00:29 - 2013-11-12 14:34 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-08-23 00:29 - 2013-11-12 14:32 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-23 00:29 - 2013-11-12 14:32 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2014-08-23 00:29 - 2013-11-12 14:31 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-08-23 00:29 - 2013-11-12 14:31 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-08-23 00:29 - 2013-11-12 14:21 - 00000000 ____D () C:\Program Files\Realtek
2014-08-23 00:29 - 2013-11-12 14:21 - 00000000 ____D () C:\Program Files\Intel
2014-08-23 00:29 - 2013-11-12 14:21 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-08-23 00:29 - 2013-09-02 22:57 - 00000000 _RSHD () C:\SYSTEM.SAV
2014-08-23 00:29 - 2013-08-24 15:59 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-23 00:29 - 2013-08-24 15:58 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-08-23 00:29 - 2013-08-24 15:58 - 00000000 ____D () C:\Program Files\MSBuild
2014-08-23 00:29 - 2013-08-24 15:58 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-08-23 00:29 - 2013-08-24 15:58 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-08-23 00:29 - 2013-08-22 13:12 - 00000000 ____D () C:\Program Files\Windows Journal
2014-08-23 00:29 - 2013-08-22 09:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-23 00:29 - 2013-08-22 09:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-08-23 00:29 - 2013-08-22 09:36 - 00000000 ____D () C:\Program Files\Windows NT
2014-08-23 00:29 - 2013-08-22 09:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-08-23 00:29 - 2013-08-22 09:36 - 00000000 ____D () C:\Program Files\Common Files\System
2014-08-23 00:29 - 2013-08-22 09:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-08-23 00:29 - 2013-08-22 09:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-08-23 00:29 - 2013-08-22 09:36 - 00000000 ____D () C:\Program Files (x86)\Windows NT
2014-08-23 00:29 - 2013-08-22 09:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-08-23 00:29 - 2013-08-22 07:36 - 00000000 __RHD () C:\Users\Default
2014-08-23 00:28 - 2014-06-10 10:42 - 00000000 ____D () C:\Graphics
2014-08-23 00:28 - 2014-06-02 20:20 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-08-23 00:28 - 2014-06-02 15:56 - 00000000 ____D () C:\Program Files (x86)\AnvSoft
2014-08-23 00:28 - 2014-05-18 18:03 - 00000000 ____D () C:\MSFS
2014-08-23 00:28 - 2014-05-15 13:16 - 00000000 ____D () C:\Program Files (x86)\Alcohol Soft
2014-08-23 00:28 - 2014-05-15 12:07 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-08-23 00:28 - 2014-05-15 11:41 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-08-23 00:28 - 2013-10-21 05:37 - 00000000 _RSHD () C:\hp
2014-08-22 20:22 - 2014-05-15 11:28 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\Avg2014
2014-08-22 10:45 - 2014-06-21 21:12 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\42D19466-F5F5-45CC-82C9-A0A277C8BF20.aplzod
2014-08-22 10:41 - 2014-06-02 20:21 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\Apple Computer
2014-08-22 09:53 - 2014-08-11 17:25 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\Adobe
2014-08-22 09:34 - 2013-08-22 08:46 - 00025774 _____ () C:\windows\setupact.log
2014-08-22 09:33 - 2014-06-02 20:21 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Apple Computer
2014-08-22 09:00 - 2014-05-16 07:41 - 00000052 _____ () C:\windows\SysWOW64\DOErrors.log
2014-08-22 08:57 - 2014-05-18 17:16 - 00000298 _____ () C:\Users\Ricardo\Desktop\Radar CSL.url
2014-08-21 21:59 - 2014-06-07 19:27 - 00000000 ____D () C:\Users\Ricardo\Documents\AerosoftFlightRecorder
2014-08-20 23:30 - 2013-08-24 15:32 - 00018162 _____ () C:\windows\PFRO.log
2014-08-20 23:29 - 2013-08-22 09:20 - 00000000 ____D () C:\windows\CbsTemp
2014-08-19 15:56 - 2014-08-19 15:56 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AICM-UPD1.1
2014-08-18 18:56 - 2014-08-18 18:56 - 00000000 ___HD () C:\windows\msdownld.tmp
2014-08-18 16:59 - 2014-05-16 15:07 - 00000000 __SHD () C:\windows\SysWOW64\AI_RecycleBin
2014-08-18 16:51 - 2014-08-18 16:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REX 4
2014-08-18 16:38 - 2014-05-15 11:12 - 00003986 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{D8E9DACF-5C3C-4F60-81C5-C8C3704A673B}
2014-08-18 16:32 - 2014-05-16 17:05 - 00003176 _____ () C:\windows\System32\Tasks\HPCeeScheduleForRicardo
2014-08-18 13:52 - 2014-08-10 09:34 - 00000000 ____D () C:\FSX Fiber Accelerator
2014-08-17 15:59 - 2014-06-23 09:20 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-17 15:57 - 2014-08-17 15:57 - 00272808 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-08-17 15:57 - 2014-08-17 15:57 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-08-17 15:57 - 2014-08-17 15:57 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-08-17 15:57 - 2014-08-17 15:57 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-17 15:51 - 2014-06-22 19:05 - 00000000 ____D () C:\Users\Ricardo\Documents\Flight Simulator X Files
2014-08-16 13:38 - 2013-08-22 07:25 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-08-15 11:08 - 2014-07-16 10:14 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\MilvizData
2014-08-15 10:22 - 2014-08-15 10:22 - 00001233 _____ () C:\Users\Ricardo\Desktop\FSX Fiber.lnk
2014-08-15 09:59 - 2014-05-16 07:40 - 00000000 _____ () C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-08-14 20:44 - 2014-08-14 20:44 - 00000000 ____D () C:\Users\Ricardo\Downloads\Alf (1986)
2014-08-13 23:31 - 2013-08-22 07:25 - 00786432 ___SH () C:\windows\system32\config\BBI
2014-08-13 23:30 - 2013-08-22 09:36 - 00000000 ___RD () C:\windows\ToastData
2014-08-13 16:54 - 2014-05-17 16:55 - 00000000 ____D () C:\windows\system32\MRT
2014-08-13 11:23 - 2014-06-09 20:38 - 00000000 ____D () C:\Users\alexn_000\AppData\Roaming\uTorrent
2014-08-13 11:22 - 2014-08-13 11:22 - 00000000 ____D () C:\Users\alexn_000\AppData\Roaming\Macromedia
2014-08-13 11:22 - 2014-08-13 11:22 - 00000000 ____D () C:\Users\alexn_000\AppData\Local\Macromedia
2014-08-13 11:20 - 2014-05-17 16:55 - 99218768 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-08-13 11:19 - 2014-05-15 21:57 - 00003594 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2213921350-3789929110-89264035-1002
2014-08-13 11:16 - 2014-08-13 11:16 - 00000000 ____D () C:\Users\alexn_000\AppData\Roaming\Mozilla
2014-08-13 11:16 - 2014-08-13 11:16 - 00000000 ____D () C:\Users\alexn_000\AppData\Local\Mozilla
2014-08-13 11:16 - 2014-05-15 21:54 - 00000000 __RDO () C:\Users\alexn_000\SkyDrive
2014-08-13 11:15 - 2014-05-15 21:53 - 00000000 ____D () C:\Users\alexn_000\Documents\Youcam
2014-08-12 17:46 - 2014-05-17 17:44 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-08-12 17:46 - 2014-05-17 17:44 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-08-12 17:46 - 2014-05-17 11:11 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-08-12 17:46 - 2013-08-22 05:45 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-08-12 17:46 - 2013-08-22 05:44 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-08-12 17:46 - 2013-08-22 05:22 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-08-12 17:46 - 2013-08-22 05:21 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-08-12 17:46 - 2013-08-22 05:10 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-08-12 17:46 - 2013-08-22 05:03 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-08-12 17:46 - 2013-08-22 04:32 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-08-12 17:46 - 2013-08-21 22:17 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-08-12 17:46 - 2013-08-21 21:55 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-08-12 17:46 - 2013-08-21 21:46 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-08-12 17:46 - 2013-08-21 21:45 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-08-12 17:46 - 2013-08-21 21:40 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-08-12 17:46 - 2013-08-21 21:16 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-08-12 17:43 - 2014-05-17 11:06 - 00233912 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2014-08-12 17:42 - 2014-06-02 13:49 - 00428888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2014-08-11 22:10 - 2014-08-11 22:10 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\Macromedia
2014-08-11 12:44 - 2014-08-11 12:44 - 00001189 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-11 12:44 - 2014-08-11 12:44 - 00000000 ____D () C:\ProgramData\Mozilla
2014-08-11 12:44 - 2014-08-11 12:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-11 12:11 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\NDF
2014-08-10 15:09 - 2014-08-10 15:09 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MilViz - Northrop T-38 Talon
2014-08-08 21:37 - 2014-08-08 21:31 - 00000000 ____D () C:\Users\Ricardo\Downloads\Temporada 4
2014-08-08 21:35 - 2014-08-08 21:30 - 00000000 ____D () C:\Users\Ricardo\Downloads\Temporada 3
2014-08-06 20:12 - 2014-08-12 17:47 - 01336624 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-08-06 16:39 - 2014-08-12 17:47 - 04148224 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-08-06 16:38 - 2014-08-12 17:47 - 00697856 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-08-05 13:14 - 2014-06-29 17:50 - 00000000 ____D () C:\Users\Ricardo\Documents\CyberLink
2014-08-03 14:48 - 2014-06-02 14:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Teamspeak2 RC2
2014-08-02 10:05 - 2014-08-02 10:05 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Fly By Wi-Fi
2014-08-02 10:05 - 2014-08-02 10:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fly By Wi-Fi
2014-08-02 10:05 - 2014-08-02 10:05 - 00000000 ____D () C:\Fly By Wi-Fi
2014-08-01 23:44 - 2014-08-12 17:47 - 00527360 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-08-01 21:56 - 2014-08-12 17:47 - 01064448 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-08-01 21:11 - 2014-08-12 17:47 - 00918528 _____ (Microsoft Corporation) C:\windows\system32\MrmCoreR.dll
2014-08-01 18:17 - 2014-05-17 17:20 - 00704480 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-08-01 18:17 - 2014-05-17 17:20 - 00105440 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-01 15:52 - 2014-08-01 15:52 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\MediaShow
2014-07-31 10:49 - 2014-07-31 10:49 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\InstallShield
2014-07-30 13:31 - 2014-05-15 21:50 - 00003994 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{596D7596-A026-49D3-ACB2-8028D340EA27}
2014-07-30 12:49 - 2014-07-15 22:25 - 00000000 ____D () C:\Users\alexn_000\AppData\Roaming\vlc
2014-07-28 19:32 - 2014-07-28 19:32 - 00000887 _____ () C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-07-28 17:27 - 2014-07-28 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xtreme Prototypes 20 Series Business Jets SP2
2014-07-27 13:13 - 2014-05-15 12:52 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Spotify
2014-07-27 11:01 - 2014-07-27 11:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-07-25 08:52 - 2014-08-12 17:53 - 23645696 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-07-25 07:51 - 2014-08-12 17:53 - 17524224 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-07-25 07:28 - 2014-08-12 17:53 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-07-25 07:25 - 2014-08-12 17:53 - 02774528 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-07-25 07:25 - 2014-08-12 17:53 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-07-25 06:59 - 2014-08-12 17:53 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-07-25 06:40 - 2014-08-12 17:53 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-07-25 06:34 - 2014-08-12 17:53 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-07-25 06:30 - 2014-08-12 17:53 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-07-25 06:28 - 2014-08-12 17:53 - 05824512 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-07-25 06:28 - 2014-08-12 17:53 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-07-25 06:21 - 2014-08-12 17:53 - 02184704 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-07-25 06:17 - 2014-08-12 17:53 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-07-25 06:10 - 2014-08-12 17:53 - 00292864 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-07-25 06:08 - 2014-08-12 17:53 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-07-25 06:06 - 2014-08-12 17:53 - 04204032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-07-25 05:52 - 2014-08-12 17:53 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-07-25 05:47 - 2014-08-12 17:53 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-07-25 05:43 - 2014-08-12 17:53 - 00333312 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-07-25 05:43 - 2014-08-12 17:53 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 05:42 - 2014-08-12 17:53 - 00692736 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-07-25 05:39 - 2014-08-12 17:53 - 02087936 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-07-25 05:34 - 2014-08-12 17:53 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-07-25 05:29 - 2014-08-12 17:53 - 00239616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-07-25 05:23 - 2014-08-12 17:53 - 13547008 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-07-25 05:13 - 2014-08-12 17:53 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-07-25 05:09 - 2014-08-12 17:53 - 00291840 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-07-25 05:07 - 2014-08-12 17:53 - 02001920 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-07-25 05:03 - 2014-08-12 17:53 - 11772928 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-07-25 04:52 - 2014-08-12 17:53 - 02266624 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-07-25 04:26 - 2014-08-12 17:53 - 01431040 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-07-25 04:17 - 2014-08-12 17:53 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-07-25 04:09 - 2014-08-12 17:53 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-07-25 04:05 - 2014-08-12 17:53 - 01792512 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-07-25 04:00 - 2014-08-12 17:53 - 01169920 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-07-24 22:18 - 2014-05-15 13:06 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\Spotify
2014-07-24 21:50 - 2014-06-24 18:21 - 00000000 ____D () C:\EuroScope
 
Some content of TEMP:
====================
C:\Users\alexn_000\AppData\Local\Temp\COMAP.EXE
C:\Users\alexn_000\AppData\Local\Temp\Extract.exe
C:\Users\alexn_000\AppData\Local\Temp\SP66065.exe
C:\Users\alexn_000\AppData\Local\Temp\SP66208.exe
C:\Users\alexn_000\AppData\Local\Temp\SP66342.exe
C:\Users\Ricardo\AppData\Local\Temp\AxSFADownloader.exe
C:\Users\Ricardo\AppData\Local\Temp\bassmod.dll
C:\Users\Ricardo\AppData\Local\Temp\COMAP.EXE
C:\Users\Ricardo\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmwipcf.dll
C:\Users\Ricardo\AppData\Local\Temp\Extract.exe
C:\Users\Ricardo\AppData\Local\Temp\FlyTampa_Libraries_FSX_P3D.exe
C:\Users\Ricardo\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Ricardo\AppData\Local\Temp\HPInstaller.exe
C:\Users\Ricardo\AppData\Local\Temp\install_reader11_es_mssd_aaa_aih.exe
C:\Users\Ricardo\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Ricardo\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Ricardo\AppData\Local\Temp\ose00000.exe
C:\Users\Ricardo\AppData\Local\Temp\sp64126.exe
C:\Users\Ricardo\AppData\Local\Temp\SP66397.exe
C:\Users\Ricardo\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\Ricardo\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Ricardo\AppData\Local\Temp\_is92A6.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-17 09:28
 
==================== End Of Log ============================
Link to post
Share on other sites

ADDITION

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-08-2014
Ran by Ricardo at 2014-08-23 08:30:22
Running from C:\Users\Ricardo\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32239 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.08 - Adobe Systems)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Aeropuertos de México Ed Sur (HKLM-x32\...\Aeropuertos de México Ed Sur) (Version:  - )
Aerosoft's - Airbus X Extended - FSX (HKLM-x32\...\Airbus X Extended - FSX) (Version: 1.15 - )
Aerosoft's - DHC-6 Twin Otter X (HKLM-x32\...\{3A8DED06-80E7-4555-AA1F-FF4A2A4D353C}) (Version: 1.21 - Aerosoft)
aerosoft's - Lukla X - Mount Everest (HKLM-x32\...\{EF32F291-8B08-43EF-8BAA-58B9F8C9540F}) (Version: 1.00 - aerosoft)
Airport Design Editor 1.6 (HKLM-x32\...\{62A9AFD2-3592-4899-A42B-FE4EEE3758C1}) (Version: 1.61.5238 - ScruffyDuck Software)
Airports of MeXico Center Edition by FlyMex (HKLM-x32\...\Airports of MeXico Center Edition by FlyMex) (Version:  - )
Any Video Converter Professional 5.0.8 (HKLM-x32\...\Any Video Converter Professional_is1) (Version:  - Any-Video-Converter.com)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4716 - AVG Technologies)
AVG 2014 (Version: 14.0.4007 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4716 - AVG Technologies) Hidden
Bajasim SJD FSX S03 1.01a versión 1.01a (HKLM-x32\...\{E1DE46B0-AB90-4834-80DE-324E7A3B6346}_is1) (Version: 1.01a - Bajasim)
Bell 222 B FSX SP2 (HKLM-x32\...\Bell 222 B FSX SP21.5) (Version: 1.5 - Cera Sim)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.10.3096 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{0BED0B96-70B8-4893-884B-DC485DC8C1B7}) (Version: 0.8.10.3096 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.170 - Broadcom Corporation)
Carenado CT206H HD SERIES FSX/P3D (HKLM-x32\...\Carenado CT206H HD SERIES FSX/P3D) (Version: 1.00.00.00 - Carenado)
CE208EX HD SERIES FSX/P3D (HKLM-x32\...\CE208EX HD SERIES FSX/P3D) (Version: 1.00.00.00 - Carenado)
CH Control Manager Software (HKLM-x32\...\CHControlManager_is1) (Version:  - )
Compatibilidad con Aplicaciones de Apple (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5.6805 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.5.6805 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.5.3103 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.5.3103 - CyberLink Corp.) Hidden
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.3.4323 - CyberLink Corp.)
Cyberlink PhotoDirector (x32 Version: 3.0.3.4323 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.5.3215 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.5.3215 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.5.3215 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.5.3215 - CyberLink Corp.) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.2.3212 - CyberLink Corp.)
CyberLink PowerDVD 12 (x32 Version: 12.0.2.3212 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.2.3302 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 5.0.2.3302 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.10.27 - Dropbox, Inc.)
EMB500 Phenom 100 FSX/P3D (HKLM-x32\...\EMB500 Phenom 100 FSX/P3D) (Version: ${PRODUCT_VERSION} - Carenado)
Embraer EMB120 Brasilia V1.1 FSX & P3D (HKLM\...\{D3CD5CF6-7439-4DD7-B2F6-2A0D1E097FE1}) (Version: 1 - Erick Cantu - Eagle Rotorcraft Simulations)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
EuroScope v3.2 (HKLM-x32\...\{643D8CF6-F80A-4686-90A2-ECC4B0D63089}) (Version: 3.2 - Gergely Csernak)
Fly By Wi-Fi 1.1 (HKLM\...\{0C520825-F3AD-4E4A-8780-18E57B464934}_is1) (Version: 1.1 - ebadaq.com)
FSX Fiber Accelerator (HKLM-x32\...\{1FDAA914-3979-BA80-4941-AF24EAF31EBF}) (Version: 1.2.0.0 - FSPS)
Galería de fotos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
GoldWave v5.67 (HKLM-x32\...\GoldWave v5.67) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Deskjet 3050 J610 series Ayuda (HKLM-x32\...\{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}) (Version: 140.0.63.63 - Hewlett Packard)
HP Deskjet 3050 J610 series Estudio para la mejora del producto (HKLM\...\{1806B0A9-08B2-4044-9898-7B6E5E3F233D}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050 J610 series Software básico del dispositivo (HKLM\...\{954F6D3C-A24F-4231-8885-24C1E55AF064}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Documentation (HKLM-x32\...\{8126E380-F9C6-4317-9CEE-9BBDDAB676E5}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Postscript Converter (Version: 4.5.12202 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7045.4591 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.00.54 - Hewlett-Packard)
HP SimplePass (Version: 8.00.54 - Hewlett-Packard) Hidden
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 13.00.0000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Inst5675 (Version: 8.00.54 - Softex Inc.) Hidden
Inst5676 (Version: 8.00.54 - Softex Inc.) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.3.1000 - Intel Corporation)
Intel® Rapid Storage Technology (Version: 12.9.3.1000 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
IvAc v1.2.4 (b225) (HKLM-x32\...\IvAc_is1) (Version:  - IVAO)
IvAp v1.9.8 (build 2138) (HKLM-x32\...\IvAp-v2_is1) (Version:  - IVAO)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
José Martí International Airport for FSX (HKLM-x32\...\MUHAFSX_is1) (Version:  - SimMarket)
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 8.0 - EasyBits Software AS)
MeXican Airports North for FSX (HKCU\...\MeXican Airports North for FSX) (Version:  - )
Microsoft Access MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Flight Simulator X (x32 Version: 10.0.61355.0 - Microsoft Game Studios) Hidden
Microsoft Flight Simulator X SDK (HKLM-x32\...\InstallShield_{33571E15-3EB4-4190-BA74-C6CA97288461}) (Version: 1.00.0000 - Microsoft Game Studios)
Microsoft Flight Simulator X SDK (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Microsoft Flight Simulator X Service Pack 1 (x32 Version: 10.0.61355.0 - Microsoft Game Studios) Hidden
Microsoft Flight Simulator X Service Pack 2 (HKLM-x32\...\{4847BBB9-EADD-4C92-90BF-4223B0892FF6}) (Version: 10.0.61472.0 - Microsoft Game Studios)
Microsoft Groove MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{E75776B2-EAE5-42F9-A800-0A10763DEDF0}) (Version: 11.0.2318.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Word MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MilViz - Northrop T-38 Talon (HKLM-x32\...\MilViz - Northrop T-38 Talon1.1 Full) (Version: 1.1 Full - The SW)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 es-MX) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 es-MX)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Neat Image v6.0 Pro+ (HKLM-x32\...\Neat Image_is1) (Version:  - Neat Image team, ABSoft)
NVIDIA Photoshop Plug-ins 64 bit (HKLM-x32\...\{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}) (Version: 8.50 - )
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Paquete de controladores de Windows - Broadcom Corporation (bcbtums) Bluetooth  (11/19/2013 12.0.0.9050) (HKLM\...\842F79923C68674AEB21691125DD165B4B2B4ADD) (Version: 11/19/2013 12.0.0.9050 - Broadcom Corporation)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photomatix Pro version 5.0 (HKLM\...\PhotomatixPro5x64_is1) (Version: 5.0 - HDRsoft Ltd)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7116 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.7001 - CyberLink Corp.) Hidden
Saitek Pro Flight Panels 6.6.6.3 (HKLM-x32\...\{1ED28734-E9EF-4DF5-A0EB-7EAFC97B6B02}) (Version: 6.6.6.3 - Saitek)
Smart Technology Programming Software 7.0.27.13 (HKLM\...\{1EFEE982-96CA-411D-A1FD-D2AE21895897}) (Version: 7.0.27.13 - Mad Catz)
Spotify (HKCU\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
TAAATSMod 2.1 (HKCU\...\TAAATSMod 2.1) (Version:  - )
TeamSpeak 2 RC2 (HKLM-x32\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TORREON for FSX (HKLM-x32\...\TORREON for FSX) (Version:  - )
Upgrade Airports of MeXico South (FSX-SP2/Acceleration) (HKCU\...\Upgrade Airports of MeXico South (FSX-SP2/Acceleration)) (Version:  - )
Virtual Radar 2.0.2 (HKLM-x32\...\Virtual Radar_is1) (Version:  - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Driver Package - Broadcom Corporation (bcbtums) Bluetooth  (08/09/2013 12.0.0.7620) (HKLM\...\7C5445C0C158E0500C2E0AD361C4CBF4BAB2476C) (Version: 08/09/2013 12.0.0.7620 - Broadcom Corporation)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Xtreme Prototypes 20 Series Business Jets SP2 (HKLM-x32\...\Xtreme Prototypes 20 Series Business Jets SP2) (Version:  - )
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-2213921350-3789929110-89264035-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Ricardo\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2213921350-3789929110-89264035-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ricardo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2213921350-3789929110-89264035-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ricardo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2213921350-3789929110-89264035-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ricardo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2213921350-3789929110-89264035-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ricardo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2213921350-3789929110-89264035-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ricardo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2213921350-3789929110-89264035-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ricardo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2213921350-3789929110-89264035-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ricardo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2213921350-3789929110-89264035-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ricardo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
 
==================== Restore Points  =========================
 
05-08-2014 23:06:21 Installed Microsoft Flight Simulator X SDK
10-08-2014 16:31:30 Removed REX 4 - Texture Direct
13-08-2014 17:14:19 Windows Update
17-08-2014 21:57:04 Installed Java 7 Update 67
18-08-2014 22:49:52 Installed REX 4 - Texture Direct
23-08-2014 05:35:23 Operación de restauración
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 07:25 - 2014-06-02 19:17 - 00000853 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 cap.cyberlink.com
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0A87551F-6F05-4A8E-8096-B638A98BFA84} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0F147BFF-AD74-44DD-B4B2-3618EDC03048} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {18E21BBD-ADE1-4E10-9073-E7DAD515E5EA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {19A85925-8E98-4F23-81B9-215E058715FA} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-21] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4BDD7196-DEC5-4BC5-9861-56B71BE9A86D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {57D3E343-7110-4116-9EB5-A54C58BB58C7} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6AFC5E6C-FD1D-4EFB-915F-16D63BBA9970} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {6D47E3B6-99F4-42E4-B976-8A9199FF9E16} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7FFE2258-9B1B-45EE-B463-AA8164076169} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {801EE2AD-8511-4E40-95AA-0AB569946B4C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9B9E1442-EAD1-4658-9F24-8D3B07E6E4BE} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A8C12AF2-8349-4BAF-93B7-8A3F53376B93} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2014-08-13] (Microsoft Corporation)
Task: {AA8393A9-8680-435D-AE86-9C9CED2C89A2} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {BD5920A5-B182-4DAB-856D-79786B7AE6EC} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {BD846EE9-D50B-4A92-A320-ED09BCA46B1B} - System32\Tasks\Microsoft Office 15 Sync Maintenance for MONKIKIS-Ricardo Monkikis => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
Task: {CA561734-B955-41AA-9560-7D34D29D6070} - System32\Tasks\CLVDLauncher => c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.)
Task: {CCA6F8D3-83E7-48E1-BAC0-CBDA4C4588E0} - System32\Tasks\HPCeeScheduleForRicardo => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {CF43ED62-2B66-4B3F-A883-C821410F306E} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {CF7BEB41-7D9F-4398-A7C0-A702725D25C4} - System32\Tasks\HPCustParticipation HP Deskjet 3050 J610 series => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E2A0A927-E170-4CD0-920F-12213C1615FF} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F0CC3743-677C-49FA-8DCC-D179B4C66708} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-15] (Google Inc.)
Task: {F17C2255-A3F6-4FB1-8B45-37DE197BAAF8} - System32\Tasks\CLMLSvc_P2G8 => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05] (CyberLink)
Task: {FC1ADA07-FB44-4C64-B1BF-A86146AC68D7} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {FFAE8409-67F7-444F-B2BD-BBB933D12072} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-15] (Google Inc.)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForRicardo.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-09-26 13:26 - 2013-09-26 13:26 - 00109568 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
2013-09-26 13:32 - 2013-09-26 13:32 - 00627200 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachedrv.dll
2013-09-26 13:28 - 2013-09-26 13:28 - 02540544 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2013-09-26 13:25 - 2013-09-26 13:25 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2013-09-26 13:25 - 2013-09-26 13:25 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2013-09-26 13:25 - 2013-09-26 13:25 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2013-09-26 13:39 - 2013-09-26 13:39 - 00306064 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2013-09-26 13:39 - 2013-09-26 13:39 - 01298832 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2013-09-26 13:34 - 2013-09-26 13:34 - 00064000 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2012-10-01 19:36 - 2012-10-01 19:36 - 06522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-08-05 11:35 - 2014-08-05 11:35 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\ErrorReporting.dll
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-11-12 14:35 - 2013-08-08 15:25 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2013-11-12 14:38 - 2013-08-05 01:49 - 00627672 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-08-05 17:48 - 2013-08-05 17:48 - 00016856 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-08-23 08:19 - 2014-08-23 08:19 - 00043008 _____ () c:\users\ricardo\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmwipcf.dll
2013-08-23 13:01 - 2013-08-23 13:01 - 25100288 _____ () C:\Users\Ricardo\AppData\Roaming\Dropbox\bin\libcef.dll
2014-08-13 22:31 - 2014-08-06 21:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-13 22:31 - 2014-08-06 21:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-13 22:31 - 2014-08-06 21:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-13 22:31 - 2014-08-06 21:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-13 22:31 - 2014-08-06 21:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\alexn_000\SkyDrive:ms-properties
AlternateDataStreams: C:\ProgramData\Temp:74603393
AlternateDataStreams: C:\Users\Ricardo\SkyDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run: => "ProfilerU"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/23/2014 08:26:55 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MONKIKIS)
Description: No se pudo activar la aplicación SvenskaResentverketAB.FR24Premium_jbwmf71vpyqgt!App debido al error: -2147009284. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.
 
Error: (08/23/2014 08:26:55 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MONKIKIS)
Description: No se pudo activar la aplicación SvenskaResentverketAB.FR24Premium_jbwmf71vpyqgt!App debido al error: -2147009284. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.
 
Error: (08/23/2014 08:21:35 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa Explorer.EXE, versión 6.3.9600.17039, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.
 
Identificador de proceso: 17b8
 
Hora de inicio: 01cfbedcf155ca5c
 
Hora de finalización: 0
 
Ruta de acceso de la aplicación: C:\windows\Explorer.EXE
 
Identificador de informe: 6df5ac6a-2ad0-11e4-826c-40f02f9496de
 
Nombre completo de paquete con errores: 
 
Identificador de aplicación relativa del paquete con errores:
 
Error: (08/23/2014 08:19:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: explorer.exe, versión: 6.3.9600.17039, marca de tiempo: 0x53156588
Nombre del módulo con errores: twinui.appcore.dll, versión: 6.3.9600.17195, marca de tiempo: 0x5389407c
Código de excepción: 0x80270233
Desplazamiento de errores: 0x0000000000087c77
Identificador del proceso con errores: 0xa38
Hora de inicio de la aplicación con errores: 0xexplorer.exe0
Ruta de acceso de la aplicación con errores: explorer.exe1
Ruta de acceso del módulo con errores: explorer.exe2
Identificador del informe: explorer.exe3
Nombre completo del paquete con errores: explorer.exe4
Identificador de aplicación relativa del paquete con errores: explorer.exe5
 
Error: (08/23/2014 02:00:00 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1784) SRUJet: Error -1811 (0xfffff8ed) al abrir un archivo de registro C:\windows\system32\SRU\SRU005E8.log.
 
Error: (08/23/2014 01:19:01 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\windows\system32\mscoree.dll8
 
Error: (08/23/2014 01:03:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: 030903~1.EXE, versión: 7.8.113.0, marca de tiempo: 0x51e05b9a
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00000000
Identificador del proceso con errores: 0x78c
Hora de inicio de la aplicación con errores: 0x030903~1.EXE0
Ruta de acceso de la aplicación con errores: 030903~1.EXE1
Ruta de acceso del módulo con errores: 030903~1.EXE2
Identificador del informe: 030903~1.EXE3
Nombre completo del paquete con errores: 030903~1.EXE4
Identificador de aplicación relativa del paquete con errores: 030903~1.EXE5
 
Error: (08/23/2014 00:22:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: Explorer.EXE, versión: 6.3.9600.17039, marca de tiempo: 0x53156588
Nombre del módulo con errores: CryptoProvider.dll_unloaded, versión: 1.0.0.1, marca de tiempo: 0x53f47bcd
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00000000000139e8
Identificador del proceso con errores: 0x1018
Hora de inicio de la aplicación con errores: 0xExplorer.EXE0
Ruta de acceso de la aplicación con errores: Explorer.EXE1
Ruta de acceso del módulo con errores: Explorer.EXE2
Identificador del informe: Explorer.EXE3
Nombre completo del paquete con errores: Explorer.EXE4
Identificador de aplicación relativa del paquete con errores: Explorer.EXE5
 
Error: (08/23/2014 00:20:28 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: Error no especificado durante Restaurar sistema: (Installed REX 4 - Texture Direct). Información adicional: 0x80070005.
 
Error: (08/23/2014 00:19:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: 030903~1.EXE, versión: 7.8.113.0, marca de tiempo: 0x51e05b9a
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00000000
Identificador del proceso con errores: 0x7b0
Hora de inicio de la aplicación con errores: 0x030903~1.EXE0
Ruta de acceso de la aplicación con errores: 030903~1.EXE1
Ruta de acceso del módulo con errores: 030903~1.EXE2
Identificador del informe: 030903~1.EXE3
Nombre completo del paquete con errores: 030903~1.EXE4
Identificador de aplicación relativa del paquete con errores: 030903~1.EXE5
 
 
System errors:
=============
Error: (08/23/2014 06:22:42 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio CyberLink PowerDVD 12 Media Server Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
 
Error: (08/23/2014 06:22:30 AM) (Source: DCOM) (EventID: 10010) (User: MONKIKIS)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
 
Error: (08/23/2014 06:22:30 AM) (Source: DCOM) (EventID: 10010) (User: MONKIKIS)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
 
Error: (08/23/2014 06:22:25 AM) (Source: DCOM) (EventID: 10010) (User: MONKIKIS)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
 
Error: (08/23/2014 06:22:25 AM) (Source: DCOM) (EventID: 10010) (User: MONKIKIS)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
 
Error: (08/23/2014 06:22:25 AM) (Source: DCOM) (EventID: 10010) (User: MONKIKIS)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
 
Error: (08/23/2014 06:22:25 AM) (Source: DCOM) (EventID: 10010) (User: MONKIKIS)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
 
Error: (08/23/2014 06:22:25 AM) (Source: DCOM) (EventID: 10010) (User: MONKIKIS)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
 
Error: (08/23/2014 06:22:24 AM) (Source: DCOM) (EventID: 10010) (User: MONKIKIS)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
 
Error: (08/23/2014 06:22:24 AM) (Source: DCOM) (EventID: 10010) (User: MONKIKIS)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
 
 
Microsoft Office Sessions:
=========================
Error: (08/23/2014 08:26:55 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MONKIKIS)
Description: SvenskaResentverketAB.FR24Premium_jbwmf71vpyqgt!App-2147009284
 
Error: (08/23/2014 08:26:55 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MONKIKIS)
Description: SvenskaResentverketAB.FR24Premium_jbwmf71vpyqgt!App-2147009284
 
Error: (08/23/2014 08:21:35 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.3.9600.1703917b801cfbedcf155ca5c0C:\windows\Explorer.EXE6df5ac6a-2ad0-11e4-826c-40f02f9496de
 
Error: (08/23/2014 08:19:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.3.9600.1703953156588twinui.appcore.dll6.3.9600.171955389407c802702330000000000087c77a3801cfbedd30df547bC:\Windows\explorer.exeC:\windows\System32\twinui.appcore.dll7b04fed5-2ad0-11e4-826c-40f02f9496de
 
Error: (08/23/2014 02:00:00 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost1784SRUJet: C:\windows\system32\SRU\SRU005E8.log-1811 (0xfffff8ed)
 
Error: (08/23/2014 01:19:01 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\windows\system32\mscoree.dll8
 
Error: (08/23/2014 01:03:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: 030903~1.EXE7.8.113.051e05b9aunknown0.0.0.000000000c00000050000000078c01cfbea03e5d6d10C:\windows\TEMP\030903~1.EXEunknown84ee35ab-2a93-11e4-826c-40f02f9496de
 
Error: (08/23/2014 00:22:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.3.9600.1703953156588CryptoProvider.dll_unloaded1.0.0.153f47bcdc000000500000000000139e8101801cfbe9a43eb52b9C:\windows\Explorer.EXECryptoProvider.dlle75fcf4b-2a8d-11e4-8272-40f02f9496de
 
Error: (08/23/2014 00:20:28 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: Installed REX 4 - Texture Direct0x80070005
 
Error: (08/23/2014 00:19:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: 030903~1.EXE7.8.113.051e05b9aunknown0.0.0.000000000c0000005000000007b001cfbe9a3c1181edC:\windows\TEMP\030903~1.EXEunknown7da4ed7a-2a8d-11e4-8272-40f02f9496de
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core i5-4570T CPU @ 2.90GHz
Percentage of memory in use: 37%
Total physical RAM: 8082.69 MB
Available physical RAM: 5018.62 MB
Total Pagefile: 9362.69 MB
Available Pagefile: 6112.93 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:1845.61 GB) (Free:1526.2 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:15.92 GB) (Free:1.93 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive f: (MONKIKI HDD) (Fixed) (Total:465.65 GB) (Free:365.98 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 86921B63)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 059EC117)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=0B)
 
==================== End Of Log ============================
 
Thanks so much!
Link to post
Share on other sites

Hi,

Step 1

Please download mbam.pngMalwarebytes Anti-Malware and save it to your desktop.

  • Please open Malwarebytes Anti-Malware.
  • Please update the database by clicking on the "Update Now" button.
  • Following the update and click "Settings" and go to "Detection and Protection"
  • Make sure "Scan for Rootkits" is checked.
  • Click on Dashboard, then click on Scan Now to start the scan.

    (If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt so that you can decide what you want to do. I suggest "Quarantine". Click the button: Apply All Actions.)

  • A window with an option to view the detailed log will appear. Click on "View Detailed Log".
  • After viewing the results, please click on the "Copy to Clipboard" button and then OK.
  • Return to our forum. Paste your log into your next reply.
Step 2

Please download adwcleaner.png AdwCleaner (by Xplode) and save it to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.

    Vista/Windows 7/8 users right-click and select "Run As Administrator"

  • Click on the Scan button.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • After rebooting, a log file (that is saved in C:\AdwCleaner[s#].txt) will open automatically.

    Copy and paste the contents of that logfile in your next reply.

Step 3

frst.pngfrstscan.png

Start FRST with administator privileges.

  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.

    Please copy and paste the log in your next reply.

Link to post
Share on other sites

Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 23/08/2014

Scan Time: 10:22:18 a. m.

Logfile: 

Administrator: Yes

 

Version: 2.00.2.1012

Malware Database: v2014.08.23.04

Rootkit Database: v2014.08.21.01

License: Trial

Malware Protection: Enabled

Malicious Website Protection: Enabled

Self-protection: Disabled

 

OS: Windows 8.1

CPU: x64

File System: NTFS

User: Ricardo

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 400052

Time Elapsed: 11 min, 54 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Enabled

Deep Rootkit Scan: Enabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 0

(No malicious items detected)

 

Registry Values: 0

(No malicious items detected)

 

Registry Data: 0

(No malicious items detected)

 

Folders: 0

(No malicious items detected)

 

Files: 4

Trojan.Agent, C:\Users\Ricardo\AppData\Local\Temp\FlyTampa_Libraries_FSX_P3D.exe, Quarantined, [02977752d2a9a3932587c293fc046e92], 

PUP.Optional.OpenCandy, C:\Users\Ricardo\AppData\Local\Temp\nsp3546.tmp\OCSetupHlp.dll, Quarantined, [b9e010b9146788aecde63cc620e5b848], 

PUP.Optional.Conduit.A, C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (   "homepage": ""http://mysearch.avg.com?cid={8DFD910C-BC6E-41F1-B764-BF181EB507F0}&mid=54804e00410747d092eed1572ea9016e-278bd96ab7d55470580387085e070bc546ec0aec〈=es-es&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-20 20:42:37&v=18.0.5.292&pid=safeguard&sg=&sap=hp", "http://search.conduit.com/?ctid={8DFD910C-BC6E-41F1-B764-BF181EB507F0}&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP48BC9F0A-AE65-4A88-9B63-66A20789E045&SSPV=|http://mysearch.avg.com?cid={8DFD910C-BC6E-41F1-B764-BF181EB507F0}&mid=54804e00410747d092eed1572ea9016e-278bd96ab7d55470580387085e070bc546ec0aec〈=es-es&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-20 20:42:37&v=18.0.5.292&pid=safeguard&sg=&sap=hp", "http://mysearch.avg.com?cid={8DFD910C-BC6E-41F1-B764-BF181EB507F0}&mid=54804e00410747d092eed1572ea9016e-278bd96ab7d55470580387085e070bc546ec0aec〈=es-es&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-20 20:42:37&v=18.1.0.443&pid=safeguard&sg=&sap=hp", "http://mysearch.avg.com?cid={A3783ACA-4B20-4677-8661-ACB90D120C5A}&mid=8864eec1d26d47d2a1ef91b969707f2d-aae5c1a075213d28b247e0d4bb710e552411f7d4〈=es-es&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-06-19 12:03:59&v=18.1.0.443&pid=safeguard&sg=&sap=hp", "http://mysearch.avg.com?cid={A3783ACA-4B20-4677-8661-ACB90D120C5A}&mid=8864eec1d26d47d2a1ef91b969707f2d-aae5c1a075213d28b247e0d4bb710e552411f7d4〈=es-es&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-06-19 12:03:59&v=18.1.7.598&pid=safeguard&sg=&sap=hp" ],), Replaced,[edac27a25922b6809229e32c06ffa25e]

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)

Link to post
Share on other sites

# AdwCleaner v3.308 - Reporte Creado 23/08/2014 en 10:44:14

# Actualizado 20/08/2014 por Xplode

# Sistema Operativo : Windows 8.1 Single Language  (64 bits)

# Nombre de usuario : Ricardo - MONKIKIS

# Ejecutado desde : C:\Users\Ricardo\Downloads\AdwCleaner.exe

# Opción : Limpiar

 

***** [ Servicios ] *****

 

 

***** [ Archivos / Carpetas ] *****

 

Carpeta Borrar : C:\ProgramData\AVG Security Toolbar

Carpeta Borrar : C:\Program Files (x86)\AVG SafeGuard toolbar

Carpeta Borrar : C:\Users\alexn_000\AppData\LocalLow\AVG SafeGuard toolbar

Archivo Borrar : C:\Users\Ricardo\AppData\Local\Temp\Uninstall.exe

 

***** [ Tareas ] *****

 

 

***** [ Accesos directos ] *****

 

 

***** [ Registro ] *****

 

Clave Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}

Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}

Clave Borrar : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

Clave Borrar : [x64] HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

Clave Borrar : [x64] HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Clave Borrar : HKCU\Software\YahooPartnerToolbar

Clave Borrar : HKLM\SOFTWARE\Freeze.com

Clave Borrar : [x64] HKLM\SOFTWARE\AVG Secure Search

Clave Borrar : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

 

***** [ Navegadores ] *****

 

-\\ Internet Explorer v11.0.9600.17239

 

 

-\\ Mozilla Firefox v31.0 (x86 es-MX)

 

[ Archivo : C:\Users\alexn_000\AppData\Roaming\Mozilla\Firefox\Profiles\q4muutsc.default\prefs.js ]

 

 

[ Archivo : C:\Users\Ricardo\AppData\Roaming\Mozilla\Firefox\Profiles\g0yhvxsl.default\prefs.js ]

 

 

-\\ Google Chrome v36.0.1985.143

 

[ Archivo : C:\Users\alexn_000\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

[ Archivo : C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

Borrar [startup_urls] : hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP48BC9F0A-AE65-4A88-9B63-66A20789E045&SSPV=

Borrar [startup_urls] : hxxp://search.conduit.com/?ctid={8DFD910C-BC6E-41F1-B764-BF181EB507F0}&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP48BC9F0A-AE65-4A88-9B63-66A20789E045&SSPV=|hxxp://mysearch.avg.com?cid={8DFD910C-BC6E-41F1-B764-BF181EB507F0}&mid=54804e00410747d092eed1572ea9016e-278bd96ab7d55470580387085e070bc546ec0aec〈=es-es&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-20 20:42:37&v=18.0.5.292&pid=safeguard&sg=&sap=hp

Borrar [Homepage] : hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP48BC9F0A-AE65-4A88-9B63-66A20789E045&SSPV=

 

*************************

 

AdwCleaner[R0].txt - [3428 octets] - [23/08/2014 10:41:03]

AdwCleaner[s0].txt - [3079 octets] - [23/08/2014 10:44:14]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [3139 octets] ##########
Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-08-2014

Ran by Ricardo (administrator) on MONKIKIS on 23-08-2014 10:50:47

Running from C:\Users\Ricardo\Downloads\Virus Removal

Platform: Windows 8.1 Single Language (X64) OS Language: Español (España, internacional)

Internet Explorer Version 11

Boot Mode: Normal

 

The only official download link for FRST:



Download link from any site other than Bleeping Computer is unpermitted or outdated.


 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe

() C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe

(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe

(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe

(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe

(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe

(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe

(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe

(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\livecomm.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe

(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe

() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe

(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe

(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe

(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe

(Spotify Ltd) C:\Users\Ricardo\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\ScanToPCActivationApp.exe

(Dropbox, Inc.) C:\Users\Ricardo\AppData\Roaming\Dropbox\bin\Dropbox.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe

(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17200_none_fa7026dd9b04586e\TiWorker.exe

(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe

(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506136 2014-05-16] (Realtek Semiconductor)

HKLM\...\Run: [simplePass] => C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe [2755640 2013-09-26] (Hewlett-Packard)

HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [155704 2013-09-26] (Hewlett-Packard)

HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [155704 2013-09-26] (Hewlett-Packard)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)

HKLM\...\Run: [iAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-04-02] (Intel Corporation)

HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-04-16] (Saitek)

HKLM\...\Run: [saiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2013-04-16] (Saitek)

HKLM-x32\...\Run: [YouCam Service] => c:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-09-01] (CyberLink Corp.)

HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5187088 2014-08-11] (AVG Technologies CZ, s.r.o.)

HKLM-x32\...\Run: [switchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems Inc.)

HKLM-x32\...\Run: [blueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [832272 2014-05-21] (BlueStack Systems, Inc.)

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)

HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)

HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)

HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-08-05] (Hewlett-Packard)

HKLM\...\Winlogon: [userinit] C:\Windows\system32\userinit.exe,"C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe",

Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)

HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1

HKU\S-1-5-21-2213921350-3789929110-89264035-1001\...\Run: [spotify Web Helper] => C:\Users\Ricardo\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-24] (Spotify Ltd)

HKU\S-1-5-21-2213921350-3789929110-89264035-1001\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)

HKU\S-1-5-21-2213921350-3789929110-89264035-1001\...\Run: [AdobeBridge] => [X]

HKU\S-1-5-21-2213921350-3789929110-89264035-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)

HKU\S-1-5-21-2213921350-3789929110-89264035-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)

HKU\S-1-5-21-2213921350-3789929110-89264035-1001\...\Run: [HP Deskjet 3050 J610 series (NET)] => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)

Startup: C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\Ricardo\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mysearch.avg.com?cid={A3783ACA-4B20-4677-8661-ACB90D120C5A}&mid=8864eec1d26d47d2a1ef91b969707f2d-aae5c1a075213d28b247e0d4bb710e552411f7d4〈=es-es&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-06-19 12:03:59&v=18.1.7.598&pid=safeguard&sg=&sap=hp

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPALL14/111

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPALL14/111

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPALL14/111

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPALL14/111

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPALL14/111

BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)

BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)

BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)

BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)

BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)

BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)

Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)

ShellExecuteHooks:  - {E54729E8-643D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook64.dll [773192 2013-11-12] ()

ShellExecuteHooks-x32:  - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook32.dll [484936 2013-11-12] ()

Hosts: 127.0.0.1 cap.cyberlink.com

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 0.0.0.0

 

FireFox:

========

FF ProfilePath: C:\Users\Ricardo\AppData\Roaming\Mozilla\Firefox\Profiles\g0yhvxsl.default

FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolibre-mx.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-mx.xml

FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn

FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-06-09]

 

Chrome: 

=======

CHR HomePage: hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP48BC9F0A-AE65-4A88-9B63-66A20789E045&SSPV=

CHR StartupUrls: "hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP48BC9F0A-AE65-4A88-9B63-66A20789E045&SSPV=", "hxxp://mysearch.avg.com?cid={8DFD910C-BC6E-41F1-B764-BF181EB507F0}&mid=54804e00410747d092eed1572ea9016e-278bd96ab7d55470580387085e070bc546ec0aec〈=es-es&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-20 20:42:37&v=18.0.5.292&pid=safeguard&sg=&sap=hp", "hxxp://search.conduit.com/?ctid={8DFD910C-BC6E-41F1-B764-BF181EB507F0}&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP48BC9F0A-AE65-4A88-9B63-66A20789E045&SSPV=|hxxp://mysearch.avg.com?cid={8DFD910C-BC6E-41F1-B764-BF181EB507F0}&mid=54804e00410747d092eed1572ea9016e-278bd96ab7d55470580387085e070bc546ec0aec〈=es-es&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-20 20:42:37&v=18.0.5.292&pid=safeguard&sg=&sap=hp", "hxxp://mysearch.avg.com?cid={8DFD910C-BC6E-41F1-B764-BF181EB507F0}&mid=54804e00410747d092eed1572ea9016e-278bd96ab7d55470580387085e070bc546ec0aec〈=es-es&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-20 20:42:37&v=18.1.0.443&pid=safeguard&sg=&sap=hp", "hxxp://mysearch.avg.com?cid={A3783ACA-4B20-4677-8661-ACB90D120C5A}&mid=8864eec1d26d47d2a1ef91b969707f2d-aae5c1a075213d28b247e0d4bb710e552411f7d4〈=es-es&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-06-19 12:03:59&v=18.1.0.443&pid=safeguard&sg=&sap=hp", "hxxp://mysearch.avg.com?cid={A3783ACA-4B20-4677-8661-ACB90D120C5A}&mid=8864eec1d26d47d2a1ef91b969707f2d-aae5c1a075213d28b247e0d4bb710e552411f7d4〈=es-es&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-06-19 12:03:59&v=18.1.7.598&pid=safeguard&sg=&sap=hp"

CHR Extension: (Angry Birds) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-05-15]

CHR Extension: (Google Docs) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-15]

CHR Extension: (Google Drive) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-15]

CHR Extension: (YouTube) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-15]

CHR Extension: (Búsqueda de Google) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-15]

CHR Extension: (Google Wallet) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-15]

CHR Extension: (Gmail) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-15]

CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]

 

==================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

S2 0309031400174048mcinstcleanup; C:\windows\TEMP\030903~1.EXE [834664 2013-07-12] (McAfee, Inc.)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3244048 2014-08-11] (AVG Technologies CZ, s.r.o.)

R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-11] (AVG Technologies CZ, s.r.o.)

S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)

S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2014-06-06] (Broadcom Corporation.)

R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-05-21] (BlueStack Systems, Inc.)

R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-05-21] (BlueStack Systems, Inc.)

R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [774928 2014-05-21] (BlueStack Systems, Inc.)

R2 Cachedrv server; C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe [109568 2013-09-26] () [File not signed]

R2 CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-08-12] (CyberLink)

R2 CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-08-12] (CyberLink)

R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]

R2 HPSLPSVC; C:\Users\Ricardo\AppData\Local\Temp\7zS0485\hpslpsvc64.dll [1039360 2013-07-19] (Hewlett-Packard Co.) [File not signed]

R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2014-04-02] (Intel Corporation)

S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]

R2 Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]

S3 Intel® Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)

R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-08-08] (Intel Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)

R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [87552 2013-09-26] (Softex Inc.) [File not signed]

R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-05-16] (Realtek Semiconductor)

R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]

S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-08-24] (Microsoft Corporation)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)

S2 mcbootdelaystartsvc; "C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)

R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)

R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)

R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)

R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)

R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)

R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [270104 2014-06-30] (AVG Technologies CZ, s.r.o.)

U3 axscsidrv; C:\Windows\System32\Drivers\axscsidrv.sys [293888 2014-05-15] (Alcohol Soft Development Team)

R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2014-06-06] (Broadcom Corporation.)

R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7480496 2013-11-12] (Broadcom Corporation)

R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [123152 2014-05-21] (BlueStack Systems)

R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [131584 2013-08-22] (Microsoft Corporation)

R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)

R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)

R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-23] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)

R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)

R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [291544 2014-05-16] (Realtek Semiconductor Corp.)

S3 SaiH0C2D; C:\Windows\system32\DRIVERS\SaiH0C2D.sys [176128 2007-07-02] (Saitek)

R3 SaiMini; C:\Windows\System32\drivers\SaiMini.sys [25120 2013-04-30] (Saitek)

R3 SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)

R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-05-15] (Duplex Secure Ltd.)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)

S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)

U3 McMPFSvc; No ImagePath

U3 McNaiAnn; No ImagePath

U3 mcpltsvc; No ImagePath

U3 McProxy; No ImagePath

U3 mfecore; No ImagePath

U3 MSK80Service; No ImagePath

 

==================== NetSvcs (Whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

 

==================== One Month Created Files and Folders ========

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-08-23 10:41 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll

2014-08-23 10:40 - 2014-08-23 10:44 - 00000000 ____D () C:\AdwCleaner

2014-08-23 10:19 - 2014-08-23 10:47 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys

2014-08-23 10:19 - 2014-08-23 10:19 - 00001132 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-08-23 10:19 - 2014-08-23 10:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-08-23 10:19 - 2014-08-23 10:19 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-08-23 10:19 - 2014-08-23 10:19 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-08-23 10:19 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys

2014-08-23 10:19 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys

2014-08-23 10:19 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys

2014-08-23 10:00 - 2014-08-23 10:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2014-08-23 09:58 - 2014-08-23 09:59 - 01364531 _____ () C:\Users\Ricardo\Downloads\AdwCleaner.exe

2014-08-23 09:27 - 2014-08-23 09:27 - 00000000 ____D () C:\ProgramData\SSvN8J0kd0yByPTr

2014-08-23 09:27 - 2014-08-23 09:27 - 00000000 ____D () C:\FSPS

2014-08-23 09:12 - 2014-08-23 09:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AICM-UPD1.1

2014-08-23 08:44 - 2014-08-23 10:50 - 00000000 ____D () C:\Users\Ricardo\Downloads\Virus Removal

2014-08-23 08:29 - 2014-08-23 10:50 - 00000000 ____D () C:\FRST

2014-08-22 12:44 - 2014-08-23 00:53 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\IVsoft

2014-08-22 12:44 - 2014-08-23 00:53 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\ITsoft

2014-08-21 15:51 - 2014-08-23 00:54 - 00000000 ____D () C:\Program Files (x86)\RAR Password Unlocker

2014-08-20 19:52 - 2014-08-23 00:54 - 00000000 ____D () C:\ProgramData\Licenses

2014-08-20 19:45 - 2014-08-23 00:53 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Virtuali

2014-08-20 19:39 - 2014-08-23 00:54 - 00000000 ____D () C:\ProgramData\Esellerate

2014-08-19 15:56 - 2014-08-19 15:56 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AICM-UPD1.1

2014-08-18 18:56 - 2014-08-18 18:56 - 00000000 ___HD () C:\windows\msdownld.tmp

2014-08-18 16:51 - 2014-08-23 00:54 - 00000000 ____D () C:\REX Texture Direct

2014-08-18 16:51 - 2014-08-18 16:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REX 4

2014-08-17 15:57 - 2014-08-23 00:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-08-17 15:57 - 2014-08-23 00:29 - 00000000 ____D () C:\Program Files (x86)\Java

2014-08-17 15:57 - 2014-08-17 15:57 - 00272808 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe

2014-08-17 15:57 - 2014-08-17 15:57 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe

2014-08-17 15:57 - 2014-08-17 15:57 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe

2014-08-17 15:57 - 2014-08-17 15:57 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll

2014-08-17 15:43 - 2014-08-23 00:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IVAO

2014-08-16 21:57 - 2014-08-23 00:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimMarket

2014-08-14 20:44 - 2014-08-14 20:44 - 00000000 ____D () C:\Users\Ricardo\Downloads\Alf (1986)

2014-08-13 11:22 - 2014-08-13 11:22 - 00000000 ____D () C:\Users\alexn_000\AppData\Roaming\Macromedia

2014-08-13 11:22 - 2014-08-13 11:22 - 00000000 ____D () C:\Users\alexn_000\AppData\Local\Macromedia

2014-08-13 11:16 - 2014-08-13 11:16 - 00000000 ____D () C:\Users\alexn_000\AppData\Roaming\Mozilla

2014-08-13 11:16 - 2014-08-13 11:16 - 00000000 ____D () C:\Users\alexn_000\AppData\Local\Mozilla

2014-08-12 17:53 - 2014-07-25 08:52 - 23645696 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll

2014-08-12 17:53 - 2014-07-25 07:51 - 17524224 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll

2014-08-12 17:53 - 2014-07-25 07:28 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll

2014-08-12 17:53 - 2014-07-25 07:25 - 02774528 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll

2014-08-12 17:53 - 2014-07-25 07:25 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll

2014-08-12 17:53 - 2014-07-25 06:59 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll

2014-08-12 17:53 - 2014-07-25 06:40 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll

2014-08-12 17:53 - 2014-07-25 06:34 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll

2014-08-12 17:53 - 2014-07-25 06:30 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll

2014-08-12 17:53 - 2014-07-25 06:28 - 05824512 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll

2014-08-12 17:53 - 2014-07-25 06:28 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll

2014-08-12 17:53 - 2014-07-25 06:21 - 02184704 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll

2014-08-12 17:53 - 2014-07-25 06:17 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll

2014-08-12 17:53 - 2014-07-25 06:10 - 00292864 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll

2014-08-12 17:53 - 2014-07-25 06:08 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll

2014-08-12 17:53 - 2014-07-25 06:06 - 04204032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll

2014-08-12 17:53 - 2014-07-25 05:52 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll

2014-08-12 17:53 - 2014-07-25 05:47 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll

2014-08-12 17:53 - 2014-07-25 05:43 - 00333312 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll

2014-08-12 17:53 - 2014-07-25 05:43 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-08-12 17:53 - 2014-07-25 05:42 - 00692736 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe

2014-08-12 17:53 - 2014-07-25 05:39 - 02087936 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl

2014-08-12 17:53 - 2014-07-25 05:34 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll

2014-08-12 17:53 - 2014-07-25 05:29 - 00239616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll

2014-08-12 17:53 - 2014-07-25 05:23 - 13547008 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll

2014-08-12 17:53 - 2014-07-25 05:13 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll

2014-08-12 17:53 - 2014-07-25 05:09 - 00291840 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll

2014-08-12 17:53 - 2014-07-25 05:07 - 02001920 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl

2014-08-12 17:53 - 2014-07-25 05:03 - 11772928 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll

2014-08-12 17:53 - 2014-07-25 04:52 - 02266624 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll

2014-08-12 17:53 - 2014-07-25 04:26 - 01431040 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll

2014-08-12 17:53 - 2014-07-25 04:17 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll

2014-08-12 17:53 - 2014-07-25 04:09 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll

2014-08-12 17:53 - 2014-07-25 04:05 - 01792512 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll

2014-08-12 17:53 - 2014-07-25 04:00 - 01169920 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll

2014-08-12 17:50 - 2014-06-19 19:48 - 01273184 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll

2014-08-12 17:50 - 2014-06-19 17:52 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll

2014-08-12 17:50 - 2014-06-12 19:15 - 00517528 _____ (Microsoft Corporation) C:\windows\system32\dxgi.dll

2014-08-12 17:50 - 2014-06-12 19:14 - 01557848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys

2014-08-12 17:50 - 2014-06-12 18:10 - 00406400 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxgi.dll

2014-08-12 17:50 - 2014-06-06 05:34 - 02133504 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll

2014-08-12 17:49 - 2014-07-15 12:16 - 03048880 _____ (Microsoft Corporation) C:\windows\system32\WpcMon.exe

2014-08-12 17:49 - 2014-07-15 02:29 - 03118080 _____ (Microsoft Corporation) C:\windows\system32\Wpc.dll

2014-08-12 17:49 - 2014-07-15 02:22 - 02861056 _____ (Microsoft Corporation) C:\windows\system32\WpcWebSync.dll

2014-08-12 17:49 - 2014-07-15 02:03 - 02344448 _____ (Microsoft Corporation) C:\windows\SysWOW64\Wpc.dll

2014-08-12 17:49 - 2014-06-09 16:13 - 00035480 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe

2014-08-12 17:49 - 2014-06-09 16:13 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe

2014-08-12 17:48 - 2014-07-09 22:16 - 00716800 _____ (Microsoft Corporation) C:\windows\system32\SkyDriveTelemetry.dll

2014-08-12 17:48 - 2014-07-09 22:03 - 04756992 _____ (Microsoft Corporation) C:\windows\system32\SyncEngine.dll

2014-08-12 17:48 - 2014-07-09 21:33 - 01120256 _____ (Microsoft Corporation) C:\windows\system32\SkyDrive.exe

2014-08-12 17:48 - 2014-05-31 00:27 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys

2014-08-12 17:48 - 2014-05-13 01:01 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\BulkOperationHost.exe

2014-08-12 17:48 - 2014-05-12 23:07 - 02844160 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll

2014-08-12 17:48 - 2014-05-12 22:41 - 00118272 _____ (Microsoft Corporation) C:\windows\system32\winbici.dll

2014-08-12 17:48 - 2014-05-12 22:26 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\SkyDriveShell.dll

2014-08-12 17:48 - 2014-05-12 21:59 - 01035264 _____ (Microsoft Corporation) C:\windows\SysWOW64\actxprxy.dll

2014-08-12 17:48 - 2014-05-12 21:31 - 00265216 _____ (Microsoft Corporation) C:\windows\SysWOW64\SkyDriveShell.dll

2014-08-12 17:48 - 2014-05-03 05:29 - 01726224 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll

2014-08-12 17:48 - 2014-05-03 03:20 - 01473080 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll

2014-08-12 17:48 - 2014-05-02 23:36 - 00997888 _____ (Microsoft Corporation) C:\windows\system32\reseteng.dll

2014-08-12 17:48 - 2014-05-02 23:19 - 00071168 _____ (Microsoft Corporation) C:\windows\system32\ncobjapi.dll

2014-08-12 17:48 - 2014-05-02 23:08 - 00301056 _____ (Microsoft Corporation) C:\windows\system32\framedynos.dll

2014-08-12 17:48 - 2014-05-02 23:07 - 00262656 _____ (Microsoft Corporation) C:\windows\system32\framedyn.dll

2014-08-12 17:48 - 2014-05-02 22:46 - 00052736 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncobjapi.dll

2014-08-12 17:48 - 2014-05-02 22:37 - 00235008 _____ (Microsoft Corporation) C:\windows\SysWOW64\framedynos.dll

2014-08-12 17:48 - 2014-05-02 22:37 - 00207360 _____ (Microsoft Corporation) C:\windows\SysWOW64\framedyn.dll

2014-08-12 17:48 - 2014-05-02 17:26 - 00050745 _____ () C:\windows\system32\srms.dat

2014-08-12 17:48 - 2014-04-30 23:44 - 01025536 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll

2014-08-12 17:48 - 2014-04-30 00:43 - 00071680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vwififlt.sys

2014-08-12 17:48 - 2014-04-30 00:41 - 00402432 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys

2014-08-12 17:48 - 2014-04-30 00:41 - 00096768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\agilevpn.sys

2014-08-12 17:48 - 2014-04-30 00:41 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vwifimp.sys

2014-08-12 17:48 - 2014-04-29 23:45 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\Robocopy.exe

2014-08-12 17:48 - 2014-04-29 22:48 - 00106496 _____ (Microsoft Corporation) C:\windows\SysWOW64\Robocopy.exe

2014-08-12 17:48 - 2014-04-29 22:24 - 00065024 _____ (Microsoft Corporation) C:\windows\system32\dhcpcsvc6.dll

2014-08-12 17:48 - 2014-04-29 22:23 - 00353280 _____ (Microsoft Corporation) C:\windows\system32\dhcpcore.dll

2014-08-12 17:48 - 2014-04-29 22:23 - 00271872 _____ (Microsoft Corporation) C:\windows\system32\dhcpcore6.dll

2014-08-12 17:48 - 2014-04-29 22:23 - 00087552 _____ (Microsoft Corporation) C:\windows\system32\dhcpcsvc.dll

2014-08-12 17:48 - 2014-04-29 22:14 - 00827392 _____ (Microsoft Corporation) C:\windows\system32\BFE.DLL

2014-08-12 17:48 - 2014-04-29 21:59 - 01063424 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL

2014-08-12 17:48 - 2014-04-29 21:46 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcore.dll

2014-08-12 17:48 - 2014-04-29 21:46 - 00229888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcore6.dll

2014-08-12 17:48 - 2014-04-29 21:46 - 00056320 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcsvc6.dll

2014-08-12 17:48 - 2014-04-29 21:45 - 00062976 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcsvc.dll

2014-08-12 17:48 - 2014-04-29 21:42 - 00403968 _____ (Microsoft Corporation) C:\windows\system32\vpnike.dll

2014-08-12 17:48 - 2014-04-28 16:40 - 00721408 _____ (Microsoft Corporation) C:\windows\system32\fveapi.dll

2014-08-12 17:48 - 2014-04-26 16:03 - 02140888 _____ (Microsoft Corporation) C:\windows\system32\mfcore.dll

2014-08-12 17:48 - 2014-04-26 14:14 - 02144984 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfcore.dll

2014-08-12 17:48 - 2014-04-26 10:39 - 00339456 _____ (Microsoft Corporation) C:\windows\system32\bdesvc.dll

2014-08-12 17:48 - 2014-04-14 03:37 - 02125344 _____ (Microsoft Corporation) C:\windows\system32\d3d9.dll

2014-08-12 17:48 - 2014-04-14 02:08 - 01797896 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d9.dll

2014-08-12 17:48 - 2014-04-13 23:18 - 00011776 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d8thk.dll

2014-08-12 17:48 - 2014-04-09 00:11 - 00226816 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll

2014-08-12 17:48 - 2014-04-08 23:20 - 00198656 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll

2014-08-12 17:47 - 2014-08-06 20:12 - 01336624 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll

2014-08-12 17:47 - 2014-08-06 16:39 - 04148224 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys

2014-08-12 17:47 - 2014-08-06 16:38 - 00697856 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll

2014-08-12 17:47 - 2014-08-01 23:44 - 00527360 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll

2014-08-12 17:47 - 2014-08-01 21:56 - 01064448 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll

2014-08-12 17:47 - 2014-08-01 21:11 - 00918528 _____ (Microsoft Corporation) C:\windows\system32\MrmCoreR.dll

2014-08-12 17:47 - 2014-07-11 22:17 - 00623616 _____ (Microsoft Corporation) C:\windows\system32\MDMAgent.exe

2014-08-12 17:47 - 2014-06-05 08:13 - 00216368 _____ (Microsoft Corporation) C:\windows\system32\rsaenh.dll

2014-08-12 17:47 - 2014-06-05 07:14 - 00189016 _____ (Microsoft Corporation) C:\windows\SysWOW64\rsaenh.dll

2014-08-12 17:47 - 2014-06-04 03:27 - 00114520 _____ (Microsoft Corporation) C:\windows\system32\consent.exe

2014-08-12 17:47 - 2014-06-03 23:31 - 00356352 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll

2014-08-12 17:47 - 2014-06-03 23:22 - 02790912 _____ (Microsoft Corporation) C:\windows\system32\msi.dll

2014-08-12 17:47 - 2014-06-03 22:43 - 00281088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll

2014-08-12 17:47 - 2014-06-03 22:38 - 03304448 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll

2014-08-12 17:47 - 2014-06-03 20:15 - 02642944 _____ (Microsoft Corporation) C:\windows\system32\authui.dll

2014-08-12 17:47 - 2014-06-03 20:14 - 02318336 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll

2014-08-12 17:47 - 2014-06-01 20:10 - 00423768 _____ (Microsoft Corporation) C:\windows\system32\hal.dll

2014-08-12 17:47 - 2014-05-31 04:07 - 00467800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBHUB3.SYS

2014-08-12 17:47 - 2014-05-31 04:07 - 00440664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys

2014-08-12 17:47 - 2014-05-31 04:07 - 00419672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys

2014-08-12 17:47 - 2014-05-31 04:07 - 00089944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys

2014-08-12 17:47 - 2014-05-31 04:07 - 00027480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys

2014-08-12 17:47 - 2014-05-31 00:30 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys

2014-08-12 17:47 - 2014-05-31 00:27 - 00110592 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFPf.sys

2014-08-12 17:47 - 2014-05-31 00:26 - 00227840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFRd.sys

2014-08-12 17:47 - 2014-05-30 22:01 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\WUDFHost.exe

2014-08-12 17:47 - 2014-05-30 22:01 - 00209408 _____ (Microsoft Corporation) C:\windows\system32\WUDFPlatform.dll

2014-08-12 17:47 - 2014-05-30 22:01 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\WUDFSvc.dll

2014-08-12 17:47 - 2014-05-27 09:53 - 02518360 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys

2014-08-12 17:47 - 2014-05-27 03:56 - 00323584 _____ (Microsoft Corporation) C:\windows\system32\DaOtpCredentialProvider.dll

2014-08-12 17:47 - 2014-05-27 03:53 - 00270848 _____ (Microsoft Corporation) C:\windows\SysWOW64\DaOtpCredentialProvider.dll

2014-08-12 17:47 - 2014-05-16 22:59 - 16871936 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.dll

2014-08-12 17:47 - 2014-05-16 22:13 - 12711424 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.dll

2014-08-11 22:10 - 2014-08-11 22:10 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\Macromedia

2014-08-11 17:25 - 2014-08-22 09:53 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\Adobe

2014-08-11 12:44 - 2014-08-23 00:30 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Mozilla

2014-08-11 12:44 - 2014-08-23 00:29 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\Mozilla

2014-08-11 12:44 - 2014-08-11 12:44 - 00001189 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2014-08-11 12:44 - 2014-08-11 12:44 - 00000000 ____D () C:\ProgramData\Mozilla

2014-08-11 12:44 - 2014-08-11 12:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-08-10 15:17 - 2011-07-17 17:03 - 00272896 _____ () C:\windows\mvalkdj.dll

2014-08-10 15:12 - 2011-07-17 17:03 - 00272896 _____ () C:\windows\system32\mvalkdj.dll

2014-08-10 15:09 - 2014-08-10 15:09 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MilViz - Northrop T-38 Talon

2014-08-10 09:34 - 2014-08-23 09:27 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FSPS

2014-08-10 09:34 - 2014-08-18 13:52 - 00000000 ____D () C:\FSX Fiber Accelerator

2014-08-08 21:31 - 2014-08-08 21:37 - 00000000 ____D () C:\Users\Ricardo\Downloads\Temporada 4

2014-08-08 21:30 - 2014-08-08 21:35 - 00000000 ____D () C:\Users\Ricardo\Downloads\Temporada 3

2014-08-05 17:08 - 2014-08-23 00:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games

2014-08-05 15:10 - 2014-08-23 00:30 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rikoooo Add-ons

2014-08-05 15:09 - 2014-08-23 00:29 - 00000000 ____D () C:\ProgramData\InstallMate

2014-08-02 10:05 - 2014-08-02 10:05 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Fly By Wi-Fi

2014-08-02 10:05 - 2014-08-02 10:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fly By Wi-Fi

2014-08-02 10:05 - 2014-08-02 10:05 - 00000000 ____D () C:\Fly By Wi-Fi

2014-08-01 15:52 - 2014-08-01 15:52 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\MediaShow

2014-07-31 10:49 - 2014-07-31 10:49 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\InstallShield

2014-07-31 10:06 - 2014-08-23 00:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlyTampa

2014-07-28 19:32 - 2014-07-28 19:32 - 00000887 _____ () C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk

2014-07-28 17:27 - 2014-07-28 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xtreme Prototypes 20 Series Business Jets SP2

2014-07-27 11:09 - 2014-08-23 00:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2014-07-27 11:09 - 2014-08-23 00:55 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-07-27 11:09 - 2014-08-23 00:55 - 00000000 ____D () C:\Program Files\iTunes

2014-07-27 11:09 - 2014-08-23 00:29 - 00000000 ____D () C:\Program Files\iPod

2014-07-27 11:01 - 2014-08-23 00:29 - 00000000 ____D () C:\Program Files (x86)\QuickTime

2014-07-27 11:01 - 2014-07-27 11:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

 

==================== One Month Modified Files and Folders =======

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-08-23 10:50 - 2014-08-23 08:44 - 00000000 ____D () C:\Users\Ricardo\Downloads\Virus Removal

2014-08-23 10:50 - 2014-08-23 08:29 - 00000000 ____D () C:\FRST

2014-08-23 10:49 - 2014-06-13 08:16 - 00004966 _____ () C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for MONKIKIS-Ricardo Monkikis

2014-08-23 10:48 - 2014-06-24 19:37 - 00000000 ____D () C:\Users\Ricardo\Documents\Youcam

2014-08-23 10:48 - 2014-06-09 22:13 - 00000000 ___RD () C:\Users\Ricardo\Dropbox

2014-08-23 10:48 - 2014-06-09 22:06 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Dropbox

2014-08-23 10:48 - 2014-05-15 11:09 - 01065279 _____ () C:\windows\WindowsUpdate.log

2014-08-23 10:47 - 2014-08-23 10:19 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys

2014-08-23 10:47 - 2014-05-15 11:19 - 00001052 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-08-23 10:47 - 2014-05-15 11:14 - 00000000 __RDO () C:\Users\Ricardo\SkyDrive

2014-08-23 10:46 - 2013-08-24 15:32 - 00021072 _____ () C:\windows\PFRO.log

2014-08-23 10:46 - 2013-08-22 08:45 - 00000006 ____H () C:\windows\Tasks\SA.DAT

2014-08-23 10:45 - 2013-08-22 07:25 - 00786432 ___SH () C:\windows\system32\config\BBI

2014-08-23 10:44 - 2014-08-23 10:40 - 00000000 ____D () C:\AdwCleaner

2014-08-23 10:44 - 2013-11-12 15:18 - 00822870 _____ () C:\windows\system32\perfh00A.dat

2014-08-23 10:44 - 2013-11-12 15:18 - 00193376 _____ () C:\windows\system32\perfc00A.dat

2014-08-23 10:44 - 2013-08-24 15:38 - 01900896 _____ () C:\windows\system32\PerfStringBackup.INI

2014-08-23 10:40 - 2014-05-15 12:15 - 00000000 ____D () C:\Users\Ricardo\Downloads\Flight Simulator

2014-08-23 10:38 - 2013-08-22 08:44 - 05121008 _____ () C:\windows\system32\FNTCACHE.DAT

2014-08-23 10:37 - 2014-05-15 11:28 - 00000000 ____D () C:\ProgramData\MFAData

2014-08-23 10:34 - 2014-05-15 11:17 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2213921350-3789929110-89264035-1001

2014-08-23 10:32 - 2014-05-16 17:05 - 00003176 _____ () C:\windows\System32\Tasks\HPCeeScheduleForRicardo

2014-08-23 10:32 - 2014-05-16 17:05 - 00000358 _____ () C:\windows\Tasks\HPCeeScheduleForRicardo.job

2014-08-23 10:30 - 2014-05-15 11:19 - 00001056 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-08-23 10:19 - 2014-08-23 10:19 - 00001132 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-08-23 10:19 - 2014-08-23 10:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-08-23 10:19 - 2014-08-23 10:19 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-08-23 10:19 - 2014-08-23 10:19 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-08-23 10:00 - 2014-08-23 10:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2014-08-23 10:00 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\sru

2014-08-23 09:59 - 2014-08-23 09:58 - 01364531 _____ () C:\Users\Ricardo\Downloads\AdwCleaner.exe

2014-08-23 09:27 - 2014-08-23 09:27 - 00000000 ____D () C:\ProgramData\SSvN8J0kd0yByPTr

2014-08-23 09:27 - 2014-08-23 09:27 - 00000000 ____D () C:\FSPS

2014-08-23 09:27 - 2014-08-10 09:34 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FSPS

2014-08-23 09:12 - 2014-08-23 09:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AICM-UPD1.1

2014-08-23 09:06 - 2014-06-22 19:05 - 00000000 ____D () C:\Users\Ricardo\Documents\Flight Simulator X Files

2014-08-23 08:27 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\AppReadiness

2014-08-23 01:06 - 2014-05-15 11:11 - 00000000 ____D () C:\Users\Ricardo

2014-08-23 00:58 - 2014-06-06 11:33 - 00000000 ____D () C:\Users\Administrator

2014-08-23 00:58 - 2014-05-15 21:49 - 00000000 ____D () C:\Users\alexn_000

2014-08-23 00:58 - 2013-08-22 09:36 - 00000000 __RSD () C:\windows\Media

2014-08-23 00:58 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\WinStore

2014-08-23 00:58 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\Camera

2014-08-23 00:57 - 2014-07-10 09:50 - 00000000 ___SD () C:\windows\system32\CompatTel

2014-08-23 00:57 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\inetsrv

2014-08-23 00:57 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\MediaViewer

2014-08-23 00:57 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\FileManager

2014-08-23 00:56 - 2014-07-15 22:21 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\vlc

2014-08-23 00:56 - 2014-06-06 11:46 - 00000000 ____D () C:\Users\Ricardo\Downloads\Utilidades

2014-08-23 00:56 - 2014-06-02 14:14 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\teamspeak2

2014-08-23 00:56 - 2014-05-15 11:38 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\uTorrent

2014-08-23 00:56 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\WindowsInternal.Inbox.Shared

2014-08-23 00:56 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\WindowsInternal.Inbox.Media.Shared

2014-08-23 00:56 - 2013-08-22 07:36 - 00000000 ____D () C:\windows\system32\Sysprep

2014-08-23 00:55 - 2014-08-17 15:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-08-23 00:55 - 2014-08-17 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IVAO

2014-08-23 00:55 - 2014-07-27 11:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2014-08-23 00:55 - 2014-07-27 11:09 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-08-23 00:55 - 2014-07-27 11:09 - 00000000 ____D () C:\Program Files\iTunes

2014-08-23 00:55 - 2014-06-22 18:42 - 00000000 ____D () C:\Microsoft Flight Simulator X

2014-08-23 00:55 - 2014-06-18 17:35 - 00000000 ____D () C:\Program Files (x86)\BlueStacks

2014-08-23 00:55 - 2014-06-07 18:32 - 00000000 ____D () C:\ProgramData\FLEXnet

2014-08-23 00:55 - 2014-06-02 20:20 - 00000000 ____D () C:\Program Files (x86)\iTunes

2014-08-23 00:55 - 2014-05-15 13:17 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\Hewlett-Packard

2014-08-23 00:55 - 2013-11-12 15:02 - 00000000 ____D () C:\Program Files\Bonjour

2014-08-23 00:55 - 2013-11-12 15:02 - 00000000 ____D () C:\Program Files (x86)\Bonjour

2014-08-23 00:54 - 2014-08-21 15:51 - 00000000 ____D () C:\Program Files (x86)\RAR Password Unlocker

2014-08-23 00:54 - 2014-08-20 19:52 - 00000000 ____D () C:\ProgramData\Licenses

2014-08-23 00:54 - 2014-08-20 19:39 - 00000000 ____D () C:\ProgramData\Esellerate

2014-08-23 00:54 - 2014-08-18 16:51 - 00000000 ____D () C:\REX Texture Direct

2014-08-23 00:53 - 2014-08-22 12:44 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\IVsoft

2014-08-23 00:53 - 2014-08-22 12:44 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\ITsoft

2014-08-23 00:53 - 2014-08-20 19:45 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Virtuali

2014-08-23 00:38 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\registration

2014-08-23 00:35 - 2013-11-12 15:18 - 00000000 ____D () C:\windows\SysWOW64\XPSViewer

2014-08-23 00:35 - 2013-08-22 13:10 - 00000000 ____D () C:\windows\SysWOW64\winrm

2014-08-23 00:35 - 2013-08-22 13:10 - 00000000 ____D () C:\windows\SysWOW64\slmgr

2014-08-23 00:35 - 2013-08-22 13:10 - 00000000 ____D () C:\windows\SysWOW64\Printing_Admin_Scripts

2014-08-23 00:35 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\Web

2014-08-23 00:35 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\Vss

2014-08-23 00:35 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\vpnplugins

2014-08-23 00:35 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\SysWOW64\WindowsPowerShell

2014-08-23 00:35 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\SysWOW64\spp

2014-08-23 00:35 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\SysWOW64\Speech

2014-08-23 00:35 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\SysWOW64\networklist

2014-08-23 00:35 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\SysWOW64\MUI

2014-08-23 00:35 - 2013-08-22 07:36 - 00000000 ____D () C:\windows\SysWOW64\oobe

2014-08-23 00:34 - 2013-11-12 14:32 - 00000000 ____D () C:\windows\System32\Tasks\Hewlett-Packard

2014-08-23 00:34 - 2013-11-12 14:21 - 00000000 ____D () C:\windows\system32\SRSLabs

2014-08-23 00:34 - 2013-08-22 13:10 - 00000000 ____D () C:\windows\system32\winrm

2014-08-23 00:34 - 2013-08-22 13:10 - 00000000 ____D () C:\windows\system32\slmgr

2014-08-23 00:34 - 2013-08-22 13:10 - 00000000 ____D () C:\windows\system32\Printing_Admin_Scripts

2014-08-23 00:34 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\SysWOW64\MsDtc

2014-08-23 00:34 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\SysWOW64\Macromed

2014-08-23 00:34 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\SysWOW64\Licenses

2014-08-23 00:34 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\SysWOW64\InstallShield

2014-08-23 00:34 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\SysWOW64\InputMethod

2014-08-23 00:34 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\SysWOW64\inetsrv

2014-08-23 00:34 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\SysWOW64\IME

2014-08-23 00:34 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\SysWOW64\Com

2014-08-23 00:34 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\SystemResources

2014-08-23 00:34 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\WindowsPowerShell

2014-08-23 00:34 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\WinBioPlugIns

2014-08-23 00:34 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\SystemResetPlatform

2014-08-23 00:34 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\spp

2014-08-23 00:34 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\spool

2014-08-23 00:34 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\Speech

2014-08-23 00:34 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\System

2014-08-23 00:34 - 2013-08-22 07:36 - 00000000 ____D () C:\windows\SysWOW64\Dism

2014-08-23 00:34 - 2013-08-22 07:36 - 00000000 ____D () C:\windows\system32\SMI

2014-08-23 00:34 - 2013-08-22 07:36 - 00000000 ____D () C:\windows\system32\oobe

2014-08-23 00:33 - 2013-08-22 13:12 - 00000000 ____D () C:\windows\SKB

2014-08-23 00:33 - 2013-08-22 09:36 - 00000000 ___SD () C:\windows\system32\dsc

2014-08-23 00:33 - 2013-08-22 09:36 - 00000000 ___SD () C:\windows\system32\Configuration

2014-08-23 00:33 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\networklist

2014-08-23 00:33 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\MUI

2014-08-23 00:33 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\MsDtc

2014-08-23 00:33 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\migwiz

2014-08-23 00:33 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\Macromed

2014-08-23 00:33 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\Licenses

2014-08-23 00:33 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\InputMethod

2014-08-23 00:33 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\IME

2014-08-23 00:33 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\Com

2014-08-23 00:33 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\Speech

2014-08-23 00:33 - 2013-08-22 08:45 - 00000000 ____D () C:\windows\Setup

2014-08-23 00:33 - 2013-08-22 07:36 - 00000000 ____D () C:\windows\system32\Dism

2014-08-23 00:33 - 2013-08-22 07:36 - 00000000 ____D () C:\windows\servicing

2014-08-23 00:32 - 2013-08-22 09:36 - 00000000 ___RD () C:\windows\ImmersiveControlPanel

2014-08-23 00:32 - 2013-08-22 09:36 - 00000000 ___RD () C:\windows\DesktopTileResources

2014-08-23 00:32 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\security

2014-08-23 00:32 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\schemas

2014-08-23 00:32 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\Resources

2014-08-23 00:32 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\rescache

2014-08-23 00:32 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\PolicyDefinitions

2014-08-23 00:32 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\PLA

2014-08-23 00:32 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\Performance

2014-08-23 00:32 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\InputMethod

2014-08-23 00:32 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\IME

2014-08-23 00:32 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\Help

2014-08-23 00:32 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\Globalization

2014-08-23 00:32 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\Branding

2014-08-23 00:31 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\AppCompat

2014-08-23 00:31 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\ADFS

2014-08-23 00:30 - 2014-08-11 12:44 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Mozilla

2014-08-23 00:30 - 2014-08-05 15:10 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rikoooo Add-ons

2014-08-23 00:30 - 2014-06-16 09:53 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\IVAO

2014-08-23 00:30 - 2014-06-05 16:46 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\SmartTechnology

2014-08-23 00:30 - 2014-06-02 15:56 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\AnvSoft

2014-08-23 00:30 - 2014-05-18 17:28 - 00000000 ____D () C:\Users\Ricardo\Documents\SBS Plotter

2014-08-23 00:30 - 2014-05-16 15:59 - 00000000 ____D () C:\Users\Ricardo\Documents\Aerosoft

2014-08-23 00:30 - 2014-05-15 13:18 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Macromedia

2014-08-23 00:30 - 2014-05-15 12:15 - 00000000 ____D () C:\Users\Ricardo\Downloads\Aplicaciones

2014-08-23 00:30 - 2014-05-15 11:42 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\AVG2014

2014-08-23 00:30 - 2014-05-15 11:18 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\CyberLink

2014-08-23 00:30 - 2014-05-15 11:12 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Adobe

2014-08-23 00:30 - 2014-05-15 11:12 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\VirtualStore

2014-08-23 00:30 - 2014-05-15 11:12 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\Packages

2014-08-23 00:29 - 2014-08-17 15:57 - 00000000 ____D () C:\Program Files (x86)\Java

2014-08-23 00:29 - 2014-08-16 21:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimMarket

2014-08-23 00:29 - 2014-08-11 12:44 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\Mozilla

2014-08-23 00:29 - 2014-08-05 17:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games

2014-08-23 00:29 - 2014-08-05 15:09 - 00000000 ____D () C:\ProgramData\InstallMate

2014-08-23 00:29 - 2014-07-31 10:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlyTampa

2014-08-23 00:29 - 2014-07-27 11:09 - 00000000 ____D () C:\Program Files\iPod

2014-08-23 00:29 - 2014-07-27 11:01 - 00000000 ____D () C:\Program Files (x86)\QuickTime

2014-08-23 00:29 - 2014-07-15 22:20 - 00000000 ____D () C:\Program Files (x86)\VideoLAN

2014-08-23 00:29 - 2014-06-25 19:56 - 00000000 ____D () C:\ProgramData\Visan

2014-08-23 00:29 - 2014-06-25 19:56 - 00000000 ____D () C:\ProgramData\HP Photo Creations

2014-08-23 00:29 - 2014-06-25 19:56 - 00000000 ____D () C:\Program Files\HP

2014-08-23 00:29 - 2014-06-25 19:56 - 00000000 ____D () C:\Program Files (x86)\HP

2014-08-23 00:29 - 2014-06-25 19:55 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\HP

2014-08-23 00:29 - 2014-06-25 19:46 - 00000000 ____D () C:\ProgramData\HP

2014-08-23 00:29 - 2014-06-24 20:35 - 00000000 ____D () C:\Program Files (x86)\CsernakGergely

2014-08-23 00:29 - 2014-06-18 17:35 - 00000000 ____D () C:\ProgramData\BlueStacks

2014-08-23 00:29 - 2014-06-14 17:03 - 00000000 ____D () C:\Program Files\Common Files\Logitech

2014-08-23 00:29 - 2014-06-06 11:36 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\AVG2014

2014-08-23 00:29 - 2014-06-06 11:36 - 00000000 ____D () C:\Users\Administrator\AppData\Local\CyberLink

2014-08-23 00:29 - 2014-06-06 11:34 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe

2014-08-23 00:29 - 2014-06-06 11:34 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Packages

2014-08-23 00:29 - 2014-06-05 16:45 - 00000000 ____D () C:\Program Files\SmartTechnology

2014-08-23 00:29 - 2014-06-05 16:01 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\CH Products

2014-08-23 00:29 - 2014-06-05 16:01 - 00000000 ____D () C:\Program Files (x86)\CH Products

2014-08-23 00:29 - 2014-06-05 16:00 - 00000000 ____D () C:\Program Files (x86)\Saitek

2014-08-23 00:29 - 2014-06-02 20:20 - 00000000 ____D () C:\ProgramData\Apple Computer

2014-08-23 00:29 - 2014-06-02 20:19 - 00000000 ____D () C:\Program Files\Common Files\Apple

2014-08-23 00:29 - 2014-06-02 14:14 - 00000000 ____D () C:\Program Files (x86)\IVAO

2014-08-23 00:29 - 2014-05-18 17:10 - 00000000 ____D () C:\Program Files (x86)\VirtualRadar

2014-08-23 00:29 - 2014-05-16 15:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aerosoft

2014-08-23 00:29 - 2014-05-16 08:08 - 00000000 ____D () C:\Program Files\Adobe

2014-08-23 00:29 - 2014-05-16 08:06 - 00000000 ____D () C:\Program Files\Common Files\Adobe

2014-08-23 00:29 - 2014-05-15 13:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server

2014-08-23 00:29 - 2014-05-15 13:24 - 00000000 ____D () C:\Program Files\Microsoft SQL Server

2014-08-23 00:29 - 2014-05-15 13:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-08-23 00:29 - 2014-05-15 13:23 - 00000000 ____D () C:\Program Files\Microsoft Office

2014-08-23 00:29 - 2014-05-15 13:23 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services

2014-08-23 00:29 - 2014-05-15 13:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office

2014-08-23 00:29 - 2014-05-15 13:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services

2014-08-23 00:29 - 2014-05-15 12:07 - 00000000 ____D () C:\ProgramData\Adobe

2014-08-23 00:29 - 2014-05-15 12:00 - 00000000 ____D () C:\Program Files\WinRAR

2014-08-23 00:29 - 2014-05-15 11:52 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\Intel_Corporation

2014-08-23 00:29 - 2014-05-15 11:41 - 00000000 ____D () C:\ProgramData\AVG2014

2014-08-23 00:29 - 2014-05-15 11:19 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\Google

2014-08-23 00:29 - 2014-05-15 11:19 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\Apps\2.0

2014-08-23 00:29 - 2014-05-15 11:19 - 00000000 ____D () C:\Program Files (x86)\Google

2014-08-23 00:29 - 2014-05-15 11:13 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\CyberLink

2014-08-23 00:29 - 2013-11-12 15:08 - 00000000 ____D () C:\Program Files\mcafee

2014-08-23 00:29 - 2013-11-12 15:08 - 00000000 ____D () C:\Program Files\Common Files\mcafee

2014-08-23 00:29 - 2013-11-12 15:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition

2014-08-23 00:29 - 2013-11-12 15:08 - 00000000 ____D () C:\Program Files (x86)\McAfee

2014-08-23 00:29 - 2013-11-12 15:07 - 00000000 ____D () C:\Program Files (x86)\Windows Live

2014-08-23 00:29 - 2013-11-12 15:02 - 00000000 ____D () C:\ProgramData\Apple

2014-08-23 00:29 - 2013-11-12 14:42 - 00000000 ____D () C:\Users\Public\Documents\CyberLink

2014-08-23 00:29 - 2013-11-12 14:42 - 00000000 ____D () C:\ProgramData\WildTangent

2014-08-23 00:29 - 2013-11-12 14:42 - 00000000 ____D () C:\ProgramData\CyberLink

2014-08-23 00:29 - 2013-11-12 14:42 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games

2014-08-23 00:29 - 2013-11-12 14:41 - 00000000 ____D () C:\Users\Public\CyberLink

2014-08-23 00:29 - 2013-11-12 14:38 - 00000000 ____D () C:\ProgramData\install_clap

2014-08-23 00:29 - 2013-11-12 14:38 - 00000000 ____D () C:\Program Files (x86)\CyberLink

2014-08-23 00:29 - 2013-11-12 14:37 - 00000000 ___RD () C:\Program Files (x86)\Online Services

2014-08-23 00:29 - 2013-11-12 14:37 - 00000000 ____D () C:\ProgramData\Temp

2014-08-23 00:29 - 2013-11-12 14:37 - 00000000 ____D () C:\Program Files (x86)\EasyBits For Kids

2014-08-23 00:29 - 2013-11-12 14:36 - 00000000 ____D () C:\Program Files\DIFX

2014-08-23 00:29 - 2013-11-12 14:35 - 00000000 ____D () C:\ProgramData\Intel

2014-08-23 00:29 - 2013-11-12 14:35 - 00000000 ____D () C:\Program Files\Broadcom

2014-08-23 00:29 - 2013-11-12 14:34 - 00000000 ____D () C:\Program Files (x86)\Realtek

2014-08-23 00:29 - 2013-11-12 14:32 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

2014-08-23 00:29 - 2013-11-12 14:32 - 00000000 ____D () C:\Program Files\Hewlett-Packard

2014-08-23 00:29 - 2013-11-12 14:31 - 00000000 ____D () C:\ProgramData\Hewlett-Packard

2014-08-23 00:29 - 2013-11-12 14:31 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard

2014-08-23 00:29 - 2013-11-12 14:21 - 00000000 ____D () C:\Program Files\Realtek

2014-08-23 00:29 - 2013-11-12 14:21 - 00000000 ____D () C:\Program Files\Intel

2014-08-23 00:29 - 2013-11-12 14:21 - 00000000 ____D () C:\Program Files (x86)\Intel

2014-08-23 00:29 - 2013-09-02 22:57 - 00000000 _RSHD () C:\SYSTEM.SAV

2014-08-23 00:29 - 2013-08-24 15:59 - 00000000 ____D () C:\ProgramData\Package Cache

2014-08-23 00:29 - 2013-08-24 15:58 - 00000000 ____D () C:\Program Files\Reference Assemblies

2014-08-23 00:29 - 2013-08-24 15:58 - 00000000 ____D () C:\Program Files\MSBuild

2014-08-23 00:29 - 2013-08-24 15:58 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies

2014-08-23 00:29 - 2013-08-24 15:58 - 00000000 ____D () C:\Program Files (x86)\MSBuild

2014-08-23 00:29 - 2013-08-22 13:12 - 00000000 ____D () C:\Program Files\Windows Journal

2014-08-23 00:29 - 2013-08-22 09:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories

2014-08-23 00:29 - 2013-08-22 09:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer

2014-08-23 00:29 - 2013-08-22 09:36 - 00000000 ____D () C:\Program Files\Windows NT

2014-08-23 00:29 - 2013-08-22 09:36 - 00000000 ____D () C:\Program Files\Windows Defender

2014-08-23 00:29 - 2013-08-22 09:36 - 00000000 ____D () C:\Program Files\Common Files\System

2014-08-23 00:29 - 2013-08-22 09:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared

2014-08-23 00:29 - 2013-08-22 09:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer

2014-08-23 00:29 - 2013-08-22 09:36 - 00000000 ____D () C:\Program Files (x86)\Windows NT

2014-08-23 00:29 - 2013-08-22 09:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender

2014-08-23 00:29 - 2013-08-22 07:36 - 00000000 __RHD () C:\Users\Default

2014-08-23 00:28 - 2014-06-10 10:42 - 00000000 ____D () C:\Graphics

2014-08-23 00:28 - 2014-06-02 20:20 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update

2014-08-23 00:28 - 2014-06-02 15:56 - 00000000 ____D () C:\Program Files (x86)\AnvSoft

2014-08-23 00:28 - 2014-05-18 18:03 - 00000000 ____D () C:\MSFS

2014-08-23 00:28 - 2014-05-15 13:16 - 00000000 ____D () C:\Program Files (x86)\Alcohol Soft

2014-08-23 00:28 - 2014-05-15 12:07 - 00000000 ____D () C:\Program Files (x86)\Adobe

2014-08-23 00:28 - 2014-05-15 11:41 - 00000000 ____D () C:\Program Files (x86)\AVG

2014-08-23 00:28 - 2013-10-21 05:37 - 00000000 _RSHD () C:\hp

2014-08-22 20:22 - 2014-05-15 11:28 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\Avg2014

2014-08-22 10:45 - 2014-06-21 21:12 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\42D19466-F5F5-45CC-82C9-A0A277C8BF20.aplzod

2014-08-22 10:41 - 2014-06-02 20:21 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\Apple Computer

2014-08-22 09:53 - 2014-08-11 17:25 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\Adobe

2014-08-22 09:34 - 2013-08-22 08:46 - 00025774 _____ () C:\windows\setupact.log

2014-08-22 09:33 - 2014-06-02 20:21 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Apple Computer

2014-08-22 09:00 - 2014-05-16 07:41 - 00000052 _____ () C:\windows\SysWOW64\DOErrors.log

2014-08-22 08:57 - 2014-05-18 17:16 - 00000298 _____ () C:\Users\Ricardo\Desktop\Radar CSL.url

2014-08-21 21:59 - 2014-06-07 19:27 - 00000000 ____D () C:\Users\Ricardo\Documents\AerosoftFlightRecorder

2014-08-20 23:29 - 2013-08-22 09:20 - 00000000 ____D () C:\windows\CbsTemp

2014-08-19 15:56 - 2014-08-19 15:56 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AICM-UPD1.1

2014-08-18 18:56 - 2014-08-18 18:56 - 00000000 ___HD () C:\windows\msdownld.tmp

2014-08-18 16:59 - 2014-05-16 15:07 - 00000000 __SHD () C:\windows\SysWOW64\AI_RecycleBin

2014-08-18 16:51 - 2014-08-18 16:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REX 4

2014-08-18 16:38 - 2014-05-15 11:12 - 00003986 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{D8E9DACF-5C3C-4F60-81C5-C8C3704A673B}

2014-08-18 13:52 - 2014-08-10 09:34 - 00000000 ____D () C:\FSX Fiber Accelerator

2014-08-17 15:59 - 2014-06-23 09:20 - 00000000 ____D () C:\ProgramData\Oracle

2014-08-17 15:57 - 2014-08-17 15:57 - 00272808 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe

2014-08-17 15:57 - 2014-08-17 15:57 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe

2014-08-17 15:57 - 2014-08-17 15:57 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe

2014-08-17 15:57 - 2014-08-17 15:57 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll

2014-08-16 13:38 - 2013-08-22 07:25 - 00262144 ___SH () C:\windows\system32\config\ELAM

2014-08-15 11:08 - 2014-07-16 10:14 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\MilvizData

2014-08-15 09:59 - 2014-05-16 07:40 - 00000000 _____ () C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt

2014-08-14 20:44 - 2014-08-14 20:44 - 00000000 ____D () C:\Users\Ricardo\Downloads\Alf (1986)

2014-08-13 23:30 - 2013-08-22 09:36 - 00000000 ___RD () C:\windows\ToastData

2014-08-13 16:54 - 2014-05-17 16:55 - 00000000 ____D () C:\windows\system32\MRT

2014-08-13 11:23 - 2014-06-09 20:38 - 00000000 ____D () C:\Users\alexn_000\AppData\Roaming\uTorrent

2014-08-13 11:22 - 2014-08-13 11:22 - 00000000 ____D () C:\Users\alexn_000\AppData\Roaming\Macromedia

2014-08-13 11:22 - 2014-08-13 11:22 - 00000000 ____D () C:\Users\alexn_000\AppData\Local\Macromedia

2014-08-13 11:20 - 2014-05-17 16:55 - 99218768 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe

2014-08-13 11:19 - 2014-05-15 21:57 - 00003594 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2213921350-3789929110-89264035-1002

2014-08-13 11:16 - 2014-08-13 11:16 - 00000000 ____D () C:\Users\alexn_000\AppData\Roaming\Mozilla

2014-08-13 11:16 - 2014-08-13 11:16 - 00000000 ____D () C:\Users\alexn_000\AppData\Local\Mozilla

2014-08-13 11:16 - 2014-05-15 21:54 - 00000000 __RDO () C:\Users\alexn_000\SkyDrive

2014-08-13 11:15 - 2014-05-15 21:53 - 00000000 ____D () C:\Users\alexn_000\Documents\Youcam

2014-08-12 17:46 - 2014-05-17 17:44 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll

2014-08-12 17:46 - 2014-05-17 17:44 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll

2014-08-12 17:46 - 2014-05-17 11:11 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe

2014-08-12 17:46 - 2013-08-22 05:45 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb

2014-08-12 17:46 - 2013-08-22 05:44 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll

2014-08-12 17:46 - 2013-08-22 05:22 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll

2014-08-12 17:46 - 2013-08-22 05:21 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll

2014-08-12 17:46 - 2013-08-22 05:10 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll

2014-08-12 17:46 - 2013-08-22 05:03 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe

2014-08-12 17:46 - 2013-08-22 04:32 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll

2014-08-12 17:46 - 2013-08-21 22:17 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb

2014-08-12 17:46 - 2013-08-21 21:55 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll

2014-08-12 17:46 - 2013-08-21 21:46 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll

2014-08-12 17:46 - 2013-08-21 21:45 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll

2014-08-12 17:46 - 2013-08-21 21:40 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe

2014-08-12 17:46 - 2013-08-21 21:16 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll

2014-08-12 17:43 - 2014-05-17 11:06 - 00233912 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll

2014-08-12 17:42 - 2014-06-02 13:49 - 00428888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS

2014-08-11 22:10 - 2014-08-11 22:10 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\Macromedia

2014-08-11 12:44 - 2014-08-11 12:44 - 00001189 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2014-08-11 12:44 - 2014-08-11 12:44 - 00000000 ____D () C:\ProgramData\Mozilla

2014-08-11 12:44 - 2014-08-11 12:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-08-11 12:11 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\NDF

2014-08-10 15:09 - 2014-08-10 15:09 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MilViz - Northrop T-38 Talon

2014-08-08 21:37 - 2014-08-08 21:31 - 00000000 ____D () C:\Users\Ricardo\Downloads\Temporada 4

2014-08-08 21:35 - 2014-08-08 21:30 - 00000000 ____D () C:\Users\Ricardo\Downloads\Temporada 3

2014-08-06 20:12 - 2014-08-12 17:47 - 01336624 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll

2014-08-06 16:39 - 2014-08-12 17:47 - 04148224 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys

2014-08-06 16:38 - 2014-08-12 17:47 - 00697856 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll

2014-08-05 13:14 - 2014-06-29 17:50 - 00000000 ____D () C:\Users\Ricardo\Documents\CyberLink

2014-08-03 14:48 - 2014-06-02 14:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Teamspeak2 RC2

2014-08-02 10:05 - 2014-08-02 10:05 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Fly By Wi-Fi

2014-08-02 10:05 - 2014-08-02 10:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fly By Wi-Fi

2014-08-02 10:05 - 2014-08-02 10:05 - 00000000 ____D () C:\Fly By Wi-Fi

2014-08-01 23:44 - 2014-08-12 17:47 - 00527360 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll

2014-08-01 21:56 - 2014-08-12 17:47 - 01064448 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll

2014-08-01 21:11 - 2014-08-12 17:47 - 00918528 _____ (Microsoft Corporation) C:\windows\system32\MrmCoreR.dll

2014-08-01 18:17 - 2014-05-17 17:20 - 00704480 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe

2014-08-01 18:17 - 2014-05-17 17:20 - 00105440 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-08-01 15:52 - 2014-08-01 15:52 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\MediaShow

2014-07-31 10:49 - 2014-07-31 10:49 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\InstallShield

2014-07-30 13:31 - 2014-05-15 21:50 - 00003994 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{596D7596-A026-49D3-ACB2-8028D340EA27}

2014-07-30 12:49 - 2014-07-15 22:25 - 00000000 ____D () C:\Users\alexn_000\AppData\Roaming\vlc

2014-07-28 19:32 - 2014-07-28 19:32 - 00000887 _____ () C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk

2014-07-28 17:27 - 2014-07-28 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xtreme Prototypes 20 Series Business Jets SP2

2014-07-27 13:13 - 2014-05-15 12:52 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Spotify

2014-07-27 11:01 - 2014-07-27 11:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

2014-07-25 08:52 - 2014-08-12 17:53 - 23645696 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll

2014-07-25 07:51 - 2014-08-12 17:53 - 17524224 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll

2014-07-25 07:28 - 2014-08-12 17:53 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll

2014-07-25 07:25 - 2014-08-12 17:53 - 02774528 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll

2014-07-25 07:25 - 2014-08-12 17:53 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll

2014-07-25 06:59 - 2014-08-12 17:53 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll

2014-07-25 06:40 - 2014-08-12 17:53 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll

2014-07-25 06:34 - 2014-08-12 17:53 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll

2014-07-25 06:30 - 2014-08-12 17:53 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll

2014-07-25 06:28 - 2014-08-12 17:53 - 05824512 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll

2014-07-25 06:28 - 2014-08-12 17:53 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll

2014-07-25 06:21 - 2014-08-12 17:53 - 02184704 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll

2014-07-25 06:17 - 2014-08-12 17:53 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll

2014-07-25 06:10 - 2014-08-12 17:53 - 00292864 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll

2014-07-25 06:08 - 2014-08-12 17:53 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll

2014-07-25 06:06 - 2014-08-12 17:53 - 04204032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll

2014-07-25 05:52 - 2014-08-12 17:53 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll

2014-07-25 05:47 - 2014-08-12 17:53 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll

2014-07-25 05:43 - 2014-08-12 17:53 - 00333312 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll

2014-07-25 05:43 - 2014-08-12 17:53 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-07-25 05:42 - 2014-08-12 17:53 - 00692736 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe

2014-07-25 05:39 - 2014-08-12 17:53 - 02087936 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl

2014-07-25 05:34 - 2014-08-12 17:53 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll

2014-07-25 05:29 - 2014-08-12 17:53 - 00239616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll

2014-07-25 05:23 - 2014-08-12 17:53 - 13547008 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll

2014-07-25 05:13 - 2014-08-12 17:53 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll

2014-07-25 05:09 - 2014-08-12 17:53 - 00291840 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll

2014-07-25 05:07 - 2014-08-12 17:53 - 02001920 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl

2014-07-25 05:03 - 2014-08-12 17:53 - 11772928 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll

2014-07-25 04:52 - 2014-08-12 17:53 - 02266624 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll

2014-07-25 04:26 - 2014-08-12 17:53 - 01431040 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll

2014-07-25 04:17 - 2014-08-12 17:53 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll

2014-07-25 04:09 - 2014-08-12 17:53 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll

2014-07-25 04:05 - 2014-08-12 17:53 - 01792512 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll

2014-07-25 04:00 - 2014-08-12 17:53 - 01169920 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll

2014-07-24 22:18 - 2014-05-15 13:06 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\Spotify

2014-07-24 21:50 - 2014-06-24 18:21 - 00000000 ____D () C:\EuroScope

 

Some content of TEMP:

====================

C:\Users\alexn_000\AppData\Local\Temp\COMAP.EXE

C:\Users\alexn_000\AppData\Local\Temp\Extract.exe

C:\Users\alexn_000\AppData\Local\Temp\SP66065.exe

C:\Users\alexn_000\AppData\Local\Temp\SP66208.exe

C:\Users\alexn_000\AppData\Local\Temp\SP66342.exe

C:\Users\Ricardo\AppData\Local\Temp\AxSFADownloader.exe

C:\Users\Ricardo\AppData\Local\Temp\bassmod.dll

C:\Users\Ricardo\AppData\Local\Temp\COMAP.EXE

C:\Users\Ricardo\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp7jgokq.dll

C:\Users\Ricardo\AppData\Local\Temp\Extract.exe

C:\Users\Ricardo\AppData\Local\Temp\fp_pl_pfs_installer.exe

C:\Users\Ricardo\AppData\Local\Temp\HPInstaller.exe

C:\Users\Ricardo\AppData\Local\Temp\install_reader11_es_mssd_aaa_aih.exe

C:\Users\Ricardo\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe

C:\Users\Ricardo\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe

C:\Users\Ricardo\AppData\Local\Temp\ose00000.exe

C:\Users\Ricardo\AppData\Local\Temp\Quarantine.exe

C:\Users\Ricardo\AppData\Local\Temp\sp64126.exe

C:\Users\Ricardo\AppData\Local\Temp\SP66397.exe

C:\Users\Ricardo\AppData\Local\Temp\UninstallHPSA.exe

C:\Users\Ricardo\AppData\Local\Temp\_is92A6.exe

 

 

==================== Bamital & volsnap Check =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2014-08-17 09:28

 

==================== End Of Log ============================

Link to post
Share on other sites

Hi,

Step 1

  • Please click the 45ug4zkv.pngChrome menu 2p7uouek.png on the browser toolbar.
  • Select Settings.
  • Click Show advanced settings and find the "Reset browser settings” section.
  • Click Reset browser settings.
  • In the dialog that appears, click Reset.
lesestoff.png

Can you please tell me which problems still persist now?

Link to post
Share on other sites

He he... :)

There is still work for you to do!

Let's do a final check up:

Step 1

Please download the eset.pngESET Online Scanner and save it to your Desktop.

  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start esetsmartinstaller_enu.exe with administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.

    Note: This scan might take a long time! Please be patient.

  • When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
  • Now click on Finish
  • A log file is created at C:\Program Files\ESET\EsetOnlineScanner\log.txt.

    Copy and paste the content of this log file in your next reply.

Note: Do not forget to re-enable your antivirus application after running the above scan!
Link to post
Share on other sites

ESETSmartInstaller@High as downloader log:

all ok

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.7623

# api_version=3.0.2

# EOSSerial=1b6787935bb71449a36eb6acc904818c

# engine=19805

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2014-08-23 09:49:51

# local_time=2014-08-23 03:49:51 (-0700, Hora verano, Montañas (México))

# country="Mexico"

# lang=1033

# osver=6.2.9200 NT 

# compatibility_mode_1='AVG AntiVirus Free Edition 2014'

# compatibility_mode=1051 16777213 100 100 0 95017775 0 0

# compatibility_mode_1=''

# compatibility_mode=5893 16776574 100 94 0 32790284 0 0

# scanned=504732

# found=5

# cleaned=0

# scan_time=7781

sh=19E71E339494B2FCBC0618A88C02B8D8143A67CD ft=1 fh=e1f3b8b448de5675 vn="Win32/SmartFileAdvisor.B potentially unwanted application" ac=I fn="C:\Users\Ricardo\AppData\Local\Temp\AxSFADownloader.exe"

sh=81746F3E7487D80E7A97964EA1934A469716F9CA ft=1 fh=c71c00119e355a2b vn="a variant of Win64/Sathurbot.D trojan" ac=I fn="C:\Users\Ricardo\AppData\Local\Temp\tmp99E4.tmp"

sh=8F34BB9503DC54A9452821391D923FA19CE6E6FA ft=1 fh=ba0bf2bb89260abf vn="a variant of Win32/HackTool.Patcher.T potentially unsafe application" ac=I fn="C:\Users\Ricardo\Downloads\Aplicaciones\Adobe Acrobat XI Pro 11.0.7 Multilanguage [ChingLiu]\patch MPT\adobe.acrobat.xi.pro.patch-MPT.exe"

sh=C11E1193283E0FCFD5A9CDD5D9389612FF533F4A ft=1 fh=4faa4ceed9395402 vn="a variant of Win32/HackTool.Patcher.T potentially unsafe application" ac=I fn="C:\Users\Ricardo\Downloads\Flight Simulator\Aeronaves\PMDG 737NGX\Crack PMDG NGX.exe"

sh=81E68615EF27CF363D6FE96582433C8A7CE8043B ft=1 fh=7550e582fe201b60 vn="a variant of Win32/Keygen.AD potentially unsafe application" ac=I fn="C:\Users\Ricardo\Downloads\Utilidades\GoldWave.v5.67.Incl.Keygen-BLiZZARD\keygen.exe"
Link to post
Share on other sites

Hi,
 

Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.08 - Adobe Systems)
sh=8F34BB9503DC54A9452821391D923FA19CE6E6FA ft=1 fh=ba0bf2bb89260abf vn="a variant of Win32/HackTool.Patcher.T potentially unsafe application" ac=I fn="C:\Users\Ricardo\Downloads\Aplicaciones\Adobe Acrobat XI Pro 11.0.7 Multilanguage [ChingLiu]\patch MPT\adobe.acrobat.xi.pro.patch-MPT.exe"

P2P/Piracy Warning:

  • If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.
  • Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
  • If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

 

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.