Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Suspicious tasks on start up that I cant delete

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Suspicious tasks on start up that I cant delete

Unread postby BrianWesker » November 14th, 2014, 1:55 pm

Hi, im here cause i need help with some rogue software that executes on start up. Yes, i tried with msconfig and, deleting the file itself but im not allowed to see it even if i change the folders configuration. some times they are a lot of tasks with random names like "06MY8" or something like that. Oh and they open a lot of calculator tasks, i dont know why. But i think that the main file "mspsuoyh.exe"

If any other information is required i'll provide it. sorry for possible misspellings, I speak spanish and i try to do my best with this. thanks!

Image
Image


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 04/11/2014 05:54:46 p.m.
System Uptime: 14/11/2014 02:28:55 p.m. (0 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | M4N68T-M-LE-V2
Processor: AMD Athlon(tm) II X2 255 Processor | AM3 | 3100/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 368 GiB total, 272,745 GiB free.
D: is FIXED (NTFS) - 98 GiB total, 97,573 GiB free.
E: is CDROM ()
H: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description:
Device ID: ACPI\ATK0110\1010110
Manufacturer:
Name:
PNP Device ID: ACPI\ATK0110\1010110
Service:
.
==== System Restore Points ===================
.
RP23: 11/11/2014 01:40:43 a.m. - Instalado Rockstar Games Social Club
RP24: 11/11/2014 01:46:06 a.m. - Instalado Grand Theft Auto IV
RP25: 12/11/2014 11:18:40 a.m. - Se ha instalado DirectX
RP26: 12/11/2014 11:19:13 a.m. - Se ha instalado DirectX
RP27: 13/11/2014 01:59:44 a.m. - Windows Update
RP28: 13/11/2014 02:10:57 a.m. - Se ha instalado DirectX
RP29: 13/11/2014 02:11:40 a.m. - Se ha instalado DirectX
RP30: 13/11/2014 02:12:40 a.m. - Se ha instalado DirectX
RP31: 13/11/2014 02:15:28 a.m. - Se ha instalado DirectX
RP32: 13/11/2014 02:32:37 a.m. - Instalación del paquete de controladores de dispositivo: Scarlet.Crush Productions Dispositivos del sistema
.
==== Image File Execution Options =============
.
IFEO: mbam.exe - mwvaz.exe
IFEO: mbamgui.exe - safpd.exe
IFEO: rstrui.exe - riaiccape.exe
x64-IFEO: mbam.exe - mwvaz.exe
x64-IFEO: mbamgui.exe - safpd.exe
x64-IFEO: rstrui.exe - riaiccape.exe
.
==== Installed Programs ======================
.
ActiClean USB
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Drag and Drop Transcoding
AMD Fuel
AMD Media Foundation Decoders
AMD VISION Engine Control Center
Apple Mobile Device Support
Apple Software Update
Bonjour
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Compatibilidad con Aplicaciones de Apple
Counter-Strike: Global Offensive
DAEMON Tools Lite
DS4Windows
Eines de correcció del Microsoft Office 2013: català
Ferramentas de verificación de Microsoft Office 2013 - Galego
Google Chrome
Google Update Helper
Grand Theft Auto IV
iTunes
Left 4 Dead 2
Microsoft .NET Framework 4.5.1
Microsoft .NET Framework 4.5.1 (ESN)
Microsoft .NET Framework 4.5.1 (español)
Microsoft Access MUI (Spanish) 2013
Microsoft DCF MUI (Spanish) 2013
Microsoft Excel MUI (Spanish) 2013
Microsoft Groove MUI (Spanish) 2013
Microsoft InfoPath MUI (Spanish) 2013
Microsoft Lync MUI (Spanish) 2013
Microsoft Office 64-bit Components 2013
Microsoft Office OSM MUI (Spanish) 2013
Microsoft Office OSM UX MUI (Spanish) 2013
Microsoft Office Professional Plus 2013
Microsoft Office Proofing (Spanish) 2013
Microsoft Office Proofing Tools 2013 - English
Microsoft Office Proofing Tools 2013 - Español
Microsoft Office Shared 64-bit MUI (Spanish) 2013
Microsoft Office Shared MUI (Spanish) 2013
Microsoft Office zuzenketa-tresnak 2013 - Euskara
Microsoft OneNote MUI (Spanish) 2013
Microsoft Outlook MUI (Spanish) 2013
Microsoft PowerPoint MUI (Spanish) 2013
Microsoft Publisher MUI (Spanish) 2013
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft Word MUI (Spanish) 2013
Microsoft Xbox 360 Accessories 1.2
Mozilla Firefox 33.0.2 (x86 es-AR)
Mozilla Maintenance Service
NVIDIA Drivers
NVIDIA Install Application
Outils de vérification linguistique 2013 de Microsoft Office - Français
Panel de control de NVIDIA 340.52
Ralink RT2870 Wireless LAN Card
Realtek High Definition Audio Driver
Revisores de Texto do Microsoft Office 2013 – Português do Brasil
Rockstar Games Social Club
SpeedFan (remove only)
Spotify
Steam
Team Fortress 2
Winamp
WinRAR 5.11 (64-bit)
.
==== Event Viewer Messages From Past Week ========
.
14/11/2014 12:16:01 p.m., Error: NetBT [4321] - No se pudo registrar el nombre "WORKGROUP :1d" en la interfaz con dirección IP 192.168.0.102. El equipo la con dirección IP 192.168.0.100 no admite el nombre reclamado por este equipo.
14/11/2014 12:16:00 p.m., Error: Service Control Manager [7024] - El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.
14/11/2014 02:29:47 p.m., Error: Service Control Manager [7024] - El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.
14/11/2014 01:18:48 p.m., Error: Service Control Manager [7024] - El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.
13/11/2014 10:14:22 a.m., Error: Service Control Manager [7024] - El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.
13/11/2014 09:39:20 p.m., Error: Service Control Manager [7024] - El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.
13/11/2014 09:38:40 p.m., Error: volmgr [46] - Error en la inicialización del archivo de volcado
13/11/2014 09:01:31 a.m., Error: Service Control Manager [7024] - El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.
13/11/2014 05:40:37 p.m., Error: Disk [11] - El controlador detectó un error de controladora en \Device\Harddisk1\DR1.
13/11/2014 05:40:37 p.m., Error: Disk [11] - El controlador detectó un error de controladora en \Device\Harddisk1\DR1.
13/11/2014 05:40:36 p.m., Error: Disk [11] - El controlador detectó un error de controladora en \Device\Harddisk1\DR1.
13/11/2014 05:40:36 p.m., Error: Disk [11] - El controlador detectó un error de controladora en \Device\Harddisk1\DR1.
13/11/2014 05:40:35 p.m., Error: Disk [11] - El controlador detectó un error de controladora en \Device\Harddisk1\DR1.
13/11/2014 05:40:27 p.m., Error: Disk [11] - El controlador detectó un error de controladora en \Device\Harddisk1\DR1.
13/11/2014 05:40:27 p.m., Error: Disk [11] - El controlador detectó un error de controladora en \Device\Harddisk1\DR1.
13/11/2014 05:40:26 p.m., Error: Disk [11] - El controlador detectó un error de controladora en \Device\Harddisk1\DR1.
13/11/2014 05:40:26 p.m., Error: Disk [11] - El controlador detectó un error de controladora en \Device\Harddisk1\DR1.
13/11/2014 05:40:25 p.m., Error: Disk [11] - El controlador detectó un error de controladora en \Device\Harddisk1\DR1.
13/11/2014 02:46:03 a.m., Error: Service Control Manager [7031] - El servicio Windows Installer terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio.
12/11/2014 11:24:24 a.m., Error: Service Control Manager [7034] - El servicio NVIDIA Display Driver Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
12/11/2014 11:13:04 a.m., Error: Service Control Manager [7024] - El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.
12/11/2014 09:27:10 p.m., Error: Service Control Manager [7024] - El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.
12/11/2014 07:14:03 p.m., Error: Service Control Manager [7031] - El servicio Protocolo de resolución de nombres de mismo nivel terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 300000 milisegundos: Reiniciar el servicio.
12/11/2014 07:14:03 p.m., Error: Service Control Manager [7031] - El servicio Agrupación de red del mismo nivel terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 300000 milisegundos: Reiniciar el servicio.
12/11/2014 07:14:03 p.m., Error: Service Control Manager [7031] - El servicio Administrador de identidad de redes de mismo nivel terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 300000 milisegundos: Reiniciar el servicio.
12/11/2014 07:13:59 p.m., Error: Service Control Manager [7024] - El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.
12/11/2014 06:38:52 p.m., Error: Disk [11] - El controlador detectó un error de controladora en \Device\Harddisk2\DR11.
12/11/2014 06:38:52 p.m., Error: Disk [11] - El controlador detectó un error de controladora en \Device\Harddisk2\DR11.
12/11/2014 06:38:51 p.m., Error: Disk [11] - El controlador detectó un error de controladora en \Device\Harddisk2\DR11.
12/11/2014 06:38:51 p.m., Error: Disk [11] - El controlador detectó un error de controladora en \Device\Harddisk2\DR11.
12/11/2014 06:02:01 p.m., Error: Service Control Manager [7032] - El Administrador de control de servicios intentó realizar una acción correctora (Reiniciar el servicio) después de la terminación inesperada del servicio Protocolo de resolución de nombres de mismo nivel, pero ocurrió el siguiente error: Ya se está ejecutando una instancia de este servicio.
12/11/2014 06:02:01 p.m., Error: Service Control Manager [7032] - El Administrador de control de servicios intentó realizar una acción correctora (Reiniciar el servicio) después de la terminación inesperada del servicio Agrupación de red del mismo nivel, pero ocurrió el siguiente error: Ya se está ejecutando una instancia de este servicio.
12/11/2014 06:02:01 p.m., Error: Service Control Manager [7032] - El Administrador de control de servicios intentó realizar una acción correctora (Reiniciar el servicio) después de la terminación inesperada del servicio Administrador de identidad de redes de mismo nivel, pero ocurrió el siguiente error: Ya se está ejecutando una instancia de este servicio.
12/11/2014 05:59:16 p.m., Error: Service Control Manager [7032] - El Administrador de control de servicios intentó realizar una acción correctora (Reiniciar el servicio) después de la terminación inesperada del servicio Servicio Interfaz de almacenamiento en red, pero ocurrió el siguiente error: Ya se está ejecutando una instancia de este servicio.
12/11/2014 05:59:16 p.m., Error: Service Control Manager [7032] - El Administrador de control de servicios intentó realizar una acción correctora (Reiniciar el servicio) después de la terminación inesperada del servicio Servicio enumerador de dispositivos portátiles, pero ocurrió el siguiente error: Ya se está ejecutando una instancia de este servicio.
12/11/2014 05:58:53 p.m., Error: Service Control Manager [7032] - El Administrador de control de servicios intentó realizar una acción correctora (Reiniciar el servicio) después de la terminación inesperada del servicio Cliente DHCP, pero ocurrió el siguiente error: Ya se está ejecutando una instancia de este servicio.
12/11/2014 05:58:47 p.m., Error: Service Control Manager [7032] - El Administrador de control de servicios intentó realizar una acción correctora (Reiniciar el servicio) después de la terminación inesperada del servicio Programador de aplicaciones multimedia, pero ocurrió el siguiente error: Ya se está ejecutando una instancia de este servicio.
12/11/2014 05:58:47 p.m., Error: Service Control Manager [7032] - El Administrador de control de servicios intentó realizar una acción correctora (Reiniciar el servicio) después de la terminación inesperada del servicio Instrumental de administración de Windows, pero ocurrió el siguiente error: Ya se está ejecutando una instancia de este servicio.
12/11/2014 05:58:16 p.m., Error: Service Control Manager [7032] - El Administrador de control de servicios intentó realizar una acción correctora (Reiniciar el servicio) después de la terminación inesperada del servicio Compilador de extremo de audio de Windows, pero ocurrió el siguiente error: Ya se está ejecutando una instancia de este servicio.
12/11/2014 05:57:54 p.m., Error: Service Control Manager [7024] - El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.
12/11/2014 05:57:53 p.m., Error: Service Control Manager [7032] - El Administrador de control de servicios intentó realizar una acción correctora (Reiniciar el servicio) después de la terminación inesperada del servicio Registro de eventos de Windows, pero ocurrió el siguiente error: Ya se está ejecutando una instancia de este servicio.
12/11/2014 05:57:17 p.m., Error: Service Control Manager [7032] - El Administrador de control de servicios intentó realizar una acción correctora (Reiniciar el servicio) después de la terminación inesperada del servicio Conexiones de red, pero ocurrió el siguiente error: Ya se está ejecutando una instancia de este servicio.
12/11/2014 05:57:16 p.m., Error: Service Control Manager [7034] - El servicio Host del servicio de diagnóstico se terminó de manera inesperada. Esto ha sucedido 1 veces.
12/11/2014 05:57:16 p.m., Error: Service Control Manager [7034] - El servicio Host de proveedor de detección de función se terminó de manera inesperada. Esto ha sucedido 1 veces.
12/11/2014 05:57:16 p.m., Error: Service Control Manager [7031] - El servicio Windows Driver Foundation - User-mode Driver Framework terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio.
12/11/2014 05:57:16 p.m., Error: Service Control Manager [7031] - El servicio Sistema de eventos COM+ terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 1000 milisegundos: Reiniciar el servicio.
12/11/2014 05:57:16 p.m., Error: Service Control Manager [7031] - El servicio Servicio Interfaz de almacenamiento en red terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio.
12/11/2014 05:57:16 p.m., Error: Service Control Manager [7031] - El servicio Servicio enumerador de dispositivos portátiles terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio.
12/11/2014 05:57:16 p.m., Error: Service Control Manager [7031] - El servicio Servicio de lista de redes terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 100 milisegundos: Reiniciar el servicio.
12/11/2014 05:57:16 p.m., Error: Service Control Manager [7031] - El servicio Servicio de detección automática de proxy web WinHTTP terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.
12/11/2014 05:57:16 p.m., Error: Service Control Manager [7031] - El servicio Servicio de compatibilidad de programas terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 60000 milisegundos: Reiniciar el servicio.
12/11/2014 05:57:16 p.m., Error: Service Control Manager [7031] - El servicio Configuración automática de WLAN terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio.
12/11/2014 05:57:16 p.m., Error: Service Control Manager [7031] - El servicio Conexiones de red terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 100 milisegundos: Reiniciar el servicio.
12/11/2014 05:57:16 p.m., Error: Service Control Manager [7031] - El servicio Compilador de extremo de audio de Windows terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 60000 milisegundos: Reiniciar el servicio.
12/11/2014 05:57:16 p.m., Error: Service Control Manager [7031] - El servicio Cliente de seguimiento de vínculos distribuidos terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio.
12/11/2014 05:57:16 p.m., Error: Service Control Manager [7031] - El servicio Archivos sin conexión terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio.
12/11/2014 05:57:16 p.m., Error: Service Control Manager [7031] - El servicio Administrador de sesión del Administrador de ventanas de escritorio terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio.
12/11/2014 05:57:16 p.m., Error: Service Control Manager [7031] - El servicio Acceso a dispositivo de interfaz humana terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio.
12/11/2014 05:57:13 p.m., Error: Service Control Manager [7034] - El servicio Reconocimiento de ubicación de red se terminó de manera inesperada. Esto ha sucedido 3 veces.
12/11/2014 05:57:08 p.m., Error: Service Control Manager [7031] - El servicio Reconocimiento de ubicación de red terminó inesperadamente. Esto se ha repetido 2 veces. Se realizará la siguiente acción correctora en 100 milisegundos: Reiniciar el servicio.
12/11/2014 05:57:01 p.m., Error: Service Control Manager [7031] - El servicio Protocolo de resolución de nombres de mismo nivel terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 300000 milisegundos: Reiniciar el servicio.
12/11/2014 05:57:01 p.m., Error: Service Control Manager [7031] - El servicio Agrupación de red del mismo nivel terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 300000 milisegundos: Reiniciar el servicio.
12/11/2014 05:57:01 p.m., Error: Service Control Manager [7031] - El servicio Administrador de identidad de redes de mismo nivel terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 300000 milisegundos: Reiniciar el servicio.
12/11/2014 05:56:53 p.m., Error: Service Control Manager [7031] - El servicio Registro de eventos de Windows terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 60000 milisegundos: Reiniciar el servicio.
12/11/2014 05:56:53 p.m., Error: Service Control Manager [7031] - El servicio Proveedor de Grupo Hogar terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 60000 milisegundos: Reiniciar el servicio.
12/11/2014 05:56:53 p.m., Error: Service Control Manager [7031] - El servicio Cliente DHCP terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio.
12/11/2014 05:56:53 p.m., Error: Service Control Manager [7031] - El servicio Audio de Windows terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 60000 milisegundos: Reiniciar el servicio.
12/11/2014 05:56:53 p.m., Error: Service Control Manager [7031] - El servicio Aplicación auxiliar de NetBIOS sobre TCP/IP terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 100 milisegundos: Reiniciar el servicio.
11/11/2014 12:26:47 a.m., Error: Disk [11] - El controlador detectó un error de controladora en \Device\Harddisk1\DR1.
11/11/2014 12:26:47 a.m., Error: Disk [11] - El controlador detectó un error de controladora en \Device\Harddisk1\DR1.
11/11/2014 12:26:46 a.m., Error: Disk [11] - El controlador detectó un error de controladora en \Device\Harddisk1\DR1.
11/11/2014 12:26:46 a.m., Error: Disk [11] - El controlador detectó un error de controladora en \Device\Harddisk1\DR1.
11/11/2014 12:12:02 p.m., Error: Service Control Manager [7024] - El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.
11/11/2014 11:26:37 a.m., Error: Service Control Manager [7034] - El servicio Steam Client Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
11/11/2014 11:25:47 a.m., Error: Service Control Manager [7024] - El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.
11/11/2014 11:23:23 a.m., Error: Service Control Manager [7024] - El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.
11/11/2014 09:50:39 a.m., Error: Service Control Manager [7024] - El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.
11/11/2014 08:03:51 p.m., Error: Service Control Manager [7024] - El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.
11/11/2014 07:18:41 p.m., Error: Service Control Manager [7024] - El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.
10/11/2014 07:38:58 p.m., Error: Service Control Manager [7024] - El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.
09/11/2014 08:32:04 p.m., Error: Microsoft-Windows-DistributedCOM [10001] - No se puede iniciar un servidor DCOM: {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} como /. Error "5" al iniciar este comando: C:\Windows\System32\slui.exe -Embedding
09/11/2014 07:51:39 p.m., Error: Service Control Manager [7024] - El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.
09/11/2014 07:48:02 p.m., Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.
09/11/2014 07:48:02 p.m., Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.
09/11/2014 07:48:02 p.m., Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.
09/11/2014 07:48:02 p.m., Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.
09/11/2014 07:48:02 p.m., Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.
09/11/2014 07:48:02 p.m., Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.
09/11/2014 07:48:01 p.m., Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.
09/11/2014 07:48:01 p.m., Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.
09/11/2014 07:48:01 p.m., Error: Microsoft-Windows-DistributedCOM [10005] - Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "" para ejecutar el servidor: {9E175B6D-F52A-11D8-B9A5-505054503030}
09/11/2014 07:48:01 p.m., Error: Microsoft-Windows-DistributedCOM [10005] - Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "" para ejecutar el servidor: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
09/11/2014 07:48:01 p.m., Error: Microsoft-Windows-DistributedCOM [10005] - Error de DCOM "1068" al intentar iniciar el servicio netprofm con argumentos "" para ejecutar el servidor: {A47979D2-C419-11D9-A5B4-001185AD2B89}
09/11/2014 07:48:01 p.m., Error: Microsoft-Windows-DistributedCOM [10005] - Error de DCOM "1068" al intentar iniciar el servicio netman con argumentos "" para ejecutar el servidor: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
09/11/2014 07:47:59 p.m., Error: Microsoft-Windows-DistributedCOM [10005] - Error de DCOM "1084" al intentar iniciar el servicio EventSystem con argumentos "" para ejecutar el servidor: {1BE1F766-5536-11D1-B726-00C04FB926AF}
09/11/2014 07:47:53 p.m., Error: Microsoft-Windows-DistributedCOM [10005] - Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "" para ejecutar el servidor: {DD522ACC-F821-461A-A407-50B198B896DC}
09/11/2014 07:47:47 p.m., Error: Service Control Manager [7026] - El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: AFD CSC DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf
09/11/2014 07:47:47 p.m., Error: Service Control Manager [7001] - El servicio Servicio Interfaz de almacenamiento en red depende del servicio NSI proxy service driver., el cual no pudo iniciarse debido al siguiente error: Uno de los dispositivos conectados al sistema no funciona.
09/11/2014 07:47:47 p.m., Error: Service Control Manager [7001] - El servicio Reconocimiento de ubicación de red depende del servicio Servicio Interfaz de almacenamiento en red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.
09/11/2014 07:47:47 p.m., Error: Service Control Manager [7001] - El servicio Minirredirector SMB 2.0 depende del servicio Contenedor y motor de minirredirector SMB, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.
09/11/2014 07:47:47 p.m., Error: Service Control Manager [7001] - El servicio Minirredirector SMB 1.x depende del servicio Contenedor y motor de minirredirector SMB, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.
09/11/2014 07:47:47 p.m., Error: Service Control Manager [7001] - El servicio Estación de trabajo depende del servicio Servicio Interfaz de almacenamiento en red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.
09/11/2014 07:47:47 p.m., Error: Service Control Manager [7001] - El servicio Contenedor y motor de minirredirector SMB depende del servicio Subsistema de almacenamiento en búfer redirigido, el cual no pudo iniciarse debido al siguiente error: Uno de los dispositivos conectados al sistema no funciona.
09/11/2014 07:47:47 p.m., Error: Service Control Manager [7001] - El servicio Cliente DNS depende del servicio Controlador de soporte TDI heredado NetIO, el cual no pudo iniciarse debido al siguiente error: Uno de los dispositivos conectados al sistema no funciona.
09/11/2014 07:47:47 p.m., Error: Service Control Manager [7001] - El servicio Cliente DHCP depende del servicio Ancillary Function Driver for Winsock, el cual no pudo iniciarse debido al siguiente error: Uno de los dispositivos conectados al sistema no funciona.
09/11/2014 07:47:47 p.m., Error: Service Control Manager [7001] - El servicio Aplicación auxiliar IP depende del servicio Servicio Interfaz de almacenamiento en red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia.
09/11/2014 07:47:47 p.m., Error: Service Control Manager [7001] - El servicio Aplicación auxiliar de NetBIOS sobre TCP/IP depende del servicio Ancillary Function Driver for Winsock, el cual no pudo iniciarse debido al siguiente error: Uno de los dispositivos conectados al sistema no funciona.
09/11/2014 07:40:29 p.m., Error: Service Control Manager [7024] - El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.
09/11/2014 07:38:10 p.m., Error: Service Control Manager [7031] - El servicio Apple Mobile Device terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 60000 milisegundos: Reiniciar el servicio.
09/11/2014 05:35:32 p.m., Error: Service Control Manager [7009] - Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Steam Client Service.
09/11/2014 05:35:32 p.m., Error: Service Control Manager [7000] - El servicio Steam Client Service no pudo iniciarse debido al siguiente error: El servicio no respondió a tiempo a la solicitud de inicio o de control.
09/11/2014 05:34:49 p.m., Error: Service Control Manager [7024] - El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.
08/11/2014 10:18:17 p.m., Error: Service Control Manager [7031] - El servicio Apple Mobile Device terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 60000 milisegundos: Reiniciar el servicio.
08/11/2014 10:17:16 p.m., Error: Service Control Manager [7024] - El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.
08/11/2014 10:01:48 p.m., Error: Service Control Manager [7024] - El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.
08/11/2014 08:40:14 p.m., Error: Service Control Manager [7024] - El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.
08/11/2014 02:46:13 p.m., Error: Service Control Manager [7024] - El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.
08/11/2014 01:57:19 p.m., Error: Service Control Manager [7024] - El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.
08/11/2014 01:07:40 p.m., Error: Service Control Manager [7031] - El servicio Windows Search terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.
07/11/2014 12:56:34 p.m., Error: Service Control Manager [7024] - El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.
07/11/2014 11:30:36 p.m., Error: Service Control Manager [7024] - El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.
07/11/2014 10:52:21 p.m., Error: Service Control Manager [7031] - El servicio Windows Presentation Foundation Font Cache 3.0.0.0 terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.
07/11/2014 10:16:41 a.m., Error: Service Control Manager [7024] - El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.
07/11/2014 09:59:10 p.m., Error: Service Control Manager [7024] - El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.
07/11/2014 02:19:12 p.m., Error: Service Control Manager [7024] - El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.
07/11/2014 02:17:14 p.m., Error: Service Control Manager [7024] - El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.
07/11/2014 02:16:09 p.m., Error: Service Control Manager [7034] - El servicio NVIDIA Display Driver Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
.
==== End Of File ===========================
BrianWesker
Active Member
 
Posts: 9
Joined: November 13th, 2014, 9:09 am
Advertisement
Register to Remove

Re: Suspicious tasks on start up that I cant delete

Unread postby Cypher » November 15th, 2014, 2:36 pm

Hi and welcome to Malware Removal Forum.
My name is Cypher, and I will be helping you with your malware problems.
This may or may not, solve other issues you have with your machine.
If you no longer require help i would be grateful if you would let me know.

Before we start please note the following important guidelines.
  • If you don't know or understand something, please don't hesitate to ask.
  • Only post your problem at One help site. Applying fixes from multiple help sites can cause problems.
  • Only reply to this thread do not start another, Please continue responding until I give you the "All Clean"
    Remember, absence of symptoms does not mean the infection is all gone.
  • Please DO NOT run any other tools or scans whilst I am helping you.
  • Please DO NOT install any other software (or hardware) during the cleaning process.
  • Print each set of instructions... if possible...your Internet connection will not be available during some fix processes.
  • Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  • Note: No Reply Within 3 Days Will Result In Your Topic Being Closed!

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.
Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start



Please click on THIS link, and follow the instructions for installing TCRB and creating a backup of your Registry.

Next.

I need you to run further scans for me.
Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections.
Important: Save all tools i ask you to download to your Desktop, if you don't know how to do this just ask.



Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Right click on adwcleaner.exe and select " Run as administrator " to run it.
  • Click on Scan.
  • When the scan has finished, uncheck any entries you don't want to remove, then click on Clean.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

Next.

Please download FRST ... by Farbar, from the link below and save it to your Desktop.

For 32 bit Systems

For 64 bit Systems

  • Right-click FRST.exe and select " Run as administrator " to run it.
  • When the tool opens click Yes to the disclaimer.
  • Press Scan button. ... When finished a log will be created, FRST.txt.
  • Please post the content of the FRST.txt in your next reply.
  • The first time the tool is run, it will create another log... Addition.txt.
  • Please post the content of the Addition.txt in your next reply.

Logs/Information to Post in your Next Reply

  • AdwCleaner log.
  • FRST.txt and Addition.txt contents.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Suspicious tasks on start up that I cant delete

Unread postby BrianWesker » November 16th, 2014, 12:19 am

# AdwCleaner v4.101 - Reporte Creado 16/11/2014 en 00:59:01
# Actualizado 09/11/2014 por Xplode
# Database : 2014-11-13.1 [Live]
# Sistema Operativo : Windows 7 Ultimate Service Pack 1 (64 bits)
# Nombre de usuario : Sandrita - SANDRITA-PC
# Ejecutado desde : C:\Users\Sandrita\Downloads\AdwCleaner.exe
# Opción : Limpiar

***** [ Servicios ] *****


***** [ Archivos / Carpetas ] *****

Archivo Borrar : C:\Users\Sandrita\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
Archivo Borrar : C:\Users\Sandrita\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal

***** [ Tareas ] *****


***** [ Accesos directos ] *****


***** [ Registro ] *****


***** [ Navegadores ] *****

-\\ Internet Explorer v8.0.7601.17514


-\\ Mozilla Firefox v33.0.2 (x86 es-AR)


-\\ Google Chrome v38.0.2125.111


*************************

AdwCleaner[R0].txt - [1107 octets] - [16/11/2014 00:54:14]
AdwCleaner[R1].txt - [1168 octets] - [16/11/2014 00:56:03]
AdwCleaner[R2].txt - [1228 octets] - [16/11/2014 00:57:38]
AdwCleaner[S0].txt - [1139 octets] - [16/11/2014 00:59:01]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1199 octets] ##########
BrianWesker
Active Member
 
Posts: 9
Joined: November 13th, 2014, 9:09 am

Re: Suspicious tasks on start up that I cant delete

Unread postby BrianWesker » November 16th, 2014, 12:20 am

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-11-2014
Ran by Sandrita (administrator) on SANDRITA-PC on 16-11-2014 01:11:31
Running from C:\Users\Sandrita\Desktop
Loaded Profile: Sandrita (Available profiles: Sandrita)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Español (España, internacional)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\mspaint.exe
() C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe
() C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe
() C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe
(Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
() C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe
() C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe
() C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe
() C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe
() C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe
() C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe
() C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe
() C:\Users\Sandrita\AppData\Local\Temp\aqxtk.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Sandrita\AppData\Local\Temp\aqxtk.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Policies\Explorer\Run: [1756353434] => C:\ProgramData\mspsuoyh.exe [120832 2010-11-21] ( ())
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-3701867710-947133529-1713004044-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1940160 2014-11-11] (Valve Corporation)
HKU\S-1-5-21-3701867710-947133529-1713004044-1000\...\Run: [Adobe System Incorporated] => C:\Users\Sandrita\AppData\Local\Temp\Adobe\Reader_sl.exe [196608 2014-11-16] () <===== ATTENTION
HKU\S-1-5-21-3701867710-947133529-1713004044-1000\...\Run: [CreativeAudio] => C:\ProgramData\CreativeAudio\riaiccape.exe [281088 2014-11-16] ()
HKU\S-1-5-21-3701867710-947133529-1713004044-1000\...\Run: [Tvbkbd] => C:\Users\Sandrita\AppData\Roaming\Identities\Tvbkbd.exe
HKU\S-1-5-21-3701867710-947133529-1713004044-1000\...\Run: [Windows Update Manager] => C:\Users\Sandrita\AppData\Roaming\Update\MSupdate.exe [123904 2014-11-16] ()
HKU\S-1-5-21-3701867710-947133529-1713004044-1000\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-3701867710-947133529-1713004044-1000\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-3701867710-947133529-1713004044-1000\...\Winlogon: [Shell] C:\Users\Sandrita\AppData\Roaming\Update\MSupdate.exe,explorer.exe <==== ATTENTION
HKU\S-1-5-18\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-18\...\Policies\Explorer: [HideSCAHealth] 0
IFEO\mbam.exe: [Debugger] mwvaz.exe
IFEO\mbamgui.exe: [Debugger] safpd.exe
IFEO\rstrui.exe: [Debugger] vxddm.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3701867710-947133529-1713004044-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Sandrita\AppData\Roaming\Mozilla\Firefox\Profiles\fktts2e0.default
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3701867710-947133529-1713004044-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Sandrita\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\creativecommons.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\drae.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolibre-ar.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-ar.xml
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]

Chrome:
=======
CHR HomePage: Default -> hxxp://search.privitize.com/?aff=7
CHR StartupUrls: Default -> "hxxp://www.google.com.ar/", "hxxp://www.search.ask.com/?o=APN10645A&gct=hp&d=406-559&v=n10249-171&t=4", "hxxp://www.bing.com/?pc=U161&form=U161HP", "hxxp://www.default-search.net?sid=492&aid=121&itype=n&ver=12480&tm=331&src=hmp", "hxxp://www.sweet-page.com/?type=hp&ts=1405292633&from=cor&uid=SAMSUNGXHD161GJ_S14DJ9FZ103804"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Sandrita\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Presentaciones de Google) - C:\Users\Sandrita\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-04]
CHR Extension: (Google Docs) - C:\Users\Sandrita\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-04]
CHR Extension: (Google Drive) - C:\Users\Sandrita\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-04]
CHR Extension: (Kaboom) - C:\Users\Sandrita\AppData\Local\Google\Chrome\User Data\Default\Extensions\beahobhgpojnjfdjglaehfhdanaioode [2014-11-06]
CHR Extension: (YouTube) - C:\Users\Sandrita\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-04]
CHR Extension: (Adblock Plus) - C:\Users\Sandrita\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-11-06]
CHR Extension: (Búsqueda de Google) - C:\Users\Sandrita\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-04]
CHR Extension: (Hojas de cálculo de Google) - C:\Users\Sandrita\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-04]
CHR Extension: (Google Wallet) - C:\Users\Sandrita\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-04]
CHR Extension: (Gmail) - C:\Users\Sandrita\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-04]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-29] (Advanced Micro Devices, Inc.) [File not signed]
S4 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2014-11-04] (VIA Technologies, Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-04] (Disc Soft Ltd)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [532480 2009-04-28] (PixArt Imaging Inc.)
S3 RTL85n64; C:\Windows\System32\DRIVERS\RTL85n64.sys [378368 2009-06-10] (Realtek)
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-16 01:11 - 2014-11-16 01:12 - 00011224 _____ () C:\Users\Sandrita\Desktop\FRST.txt
2014-11-16 01:11 - 2014-11-16 01:11 - 00000000 ____D () C:\FRST
2014-11-16 01:04 - 2014-11-16 01:08 - 02116608 _____ (Farbar) C:\Users\Sandrita\Desktop\FRST64.exe
2014-11-16 01:04 - 2014-11-16 01:04 - 00001245 _____ () C:\Users\Sandrita\AppData\Roaming\BF79.exe
2014-11-16 01:04 - 2014-11-16 01:04 - 00001245 _____ () C:\Users\Sandrita\AppData\Roaming\B7DA.exe
2014-11-16 01:04 - 2014-11-16 01:04 - 00001245 _____ () C:\Users\Sandrita\AppData\Roaming\A591.exe
2014-11-16 01:01 - 2014-11-16 01:01 - 00196608 _____ () C:\Users\Sandrita\AppData\Roaming\c731200
2014-11-16 00:54 - 2014-11-16 00:59 - 00000000 ____D () C:\AdwCleaner
2014-11-16 00:53 - 2014-11-16 00:53 - 02140160 _____ () C:\Users\Sandrita\Downloads\AdwCleaner.exe
2014-11-15 17:23 - 2014-11-15 23:28 - 00000940 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3701867710-947133529-1713004044-1000UA.job
2014-11-15 17:23 - 2014-11-15 17:28 - 00000918 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3701867710-947133529-1713004044-1000Core.job
2014-11-15 17:23 - 2014-11-15 17:24 - 00000000 ____D () C:\Users\Sandrita\AppData\Local\Facebook
2014-11-15 17:23 - 2014-11-15 17:23 - 00501248 _____ (Facebook Inc.) C:\Users\Sandrita\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe
2014-11-15 17:23 - 2014-11-15 17:23 - 00003922 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3701867710-947133529-1713004044-1000UA
2014-11-15 17:23 - 2014-11-15 17:23 - 00003554 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3701867710-947133529-1713004044-1000Core
2014-11-15 17:09 - 2014-11-15 17:09 - 00000000 ____D () C:\Windows\PixArt
2014-11-15 17:09 - 2014-11-15 17:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLook 300
2014-11-15 17:09 - 2009-07-01 09:56 - 00000885 _____ () C:\Windows\SysWOW64\SP7302.ini
2014-11-15 17:09 - 2009-04-28 10:07 - 00532480 _____ (PixArt Imaging Inc.) C:\Windows\system32\Drivers\PAC7302.SYS
2014-11-15 17:09 - 2008-03-24 11:09 - 00141824 _____ (PixArt Imaging Incorporation) C:\Windows\SysWOW64\SP7302.ax
2014-11-15 17:09 - 2007-11-02 11:07 - 00008704 _____ (PixArt Imaging Inc.) C:\Windows\system32\CoInst_071029.dll
2014-11-15 17:09 - 2006-10-12 11:57 - 00014336 _____ (PixArt Imaging Inc.) C:\Windows\SysWOW64\P7302USD.dll
2014-11-15 17:05 - 2014-11-15 17:09 - 07991365 _____ () C:\Users\Sandrita\Downloads\iLook300W7.zip
2014-11-15 04:07 - 2014-11-15 04:07 - 00000219 _____ () C:\Users\Sandrita\Desktop\Portal 2.url
2014-11-14 22:23 - 2014-11-14 22:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\A4TECH Software
2014-11-14 22:23 - 2014-11-14 22:23 - 00000000 ____D () C:\Program Files (x86)\OSCAR Editor X7
2014-11-14 22:14 - 2014-11-14 22:22 - 21107252 _____ () C:\Users\Sandrita\Downloads\7Key_V12.08V17.zip
2014-11-14 14:44 - 2014-11-14 14:44 - 00688992 ____R (Swearware) C:\Users\Sandrita\Desktop\dds.scr
2014-11-13 02:33 - 2014-11-13 02:33 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-11-13 02:33 - 2014-11-13 02:33 - 00000000 ____D () C:\ProgramData\DSDCS
2014-11-13 02:32 - 2014-11-13 02:37 - 00000000 ____D () C:\Users\Sandrita\AppData\Roaming\DS4Windows
2014-11-13 02:32 - 2014-11-13 02:32 - 00001067 _____ () C:\Users\Public\Desktop\DS4Windows.lnk
2014-11-13 02:32 - 2014-11-13 02:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DS4Windows
2014-11-13 02:32 - 2014-11-13 02:32 - 00000000 ____D () C:\ProgramData\Caphyon
2014-11-13 02:32 - 2014-11-13 02:32 - 00000000 ____D () C:\Program Files (x86)\DSDCS
2014-11-13 02:15 - 2014-11-13 02:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2014-11-13 02:15 - 2014-11-13 02:15 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories
2014-11-13 02:09 - 2014-11-13 02:32 - 00000000 ____D () C:\Users\Sandrita\AppData\Roaming\DSDCS
2014-11-13 01:59 - 2014-11-13 02:09 - 30551637 _____ (DSDCS) C:\Users\Sandrita\Downloads\DS4Windows(1.5.11).exe
2014-11-13 01:58 - 2014-11-13 01:58 - 00889416 _____ (Microsoft Corporation) C:\Users\Sandrita\Downloads\dotNetFx40_Full_setup.exe
2014-11-13 01:57 - 2014-11-13 01:57 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-11-13 01:57 - 2014-11-13 01:57 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-11-13 01:55 - 2014-11-13 01:55 - 00292184 _____ (Microsoft Corporation) C:\Users\Sandrita\Downloads\dxwebsetup.exe
2014-11-12 18:38 - 2014-11-12 18:38 - 00000000 ____D () C:\Users\Sandrita\AppData\Local\Elohim_Soft
2014-11-12 18:32 - 2014-11-12 18:32 - 00000000 ____D () C:\ProgramData\Isolated Storage
2014-11-12 18:31 - 2014-11-12 18:31 - 01245743 _____ (Elohim Soft ) C:\Users\Sandrita\Downloads\Setup_ActiCleanUSB.exe
2014-11-12 18:31 - 2014-11-12 18:31 - 00000000 ____D () C:\Program Files (x86)\Elohim Soft
2014-11-12 18:30 - 2014-11-12 18:30 - 00003158 _____ () C:\Windows\System32\Tasks\{633C2DC9-378C-467F-B8DC-6EFC168C7A17}
2014-11-12 18:13 - 2014-11-12 18:14 - 02632384 _____ () C:\Users\Sandrita\Downloads\acticlean_usb.exe
2014-11-12 18:02 - 2014-11-12 18:02 - 00035749 _____ () C:\Users\Sandrita\Downloads\Desinfecta_USB_LC.rar
2014-11-12 11:15 - 2014-11-12 11:17 - 07878008 _____ (Microsoft Corporation) C:\Users\Sandrita\Downloads\Xbox360_64Eng.exe
2014-11-11 11:36 - 2014-11-11 11:36 - 00001827 _____ () C:\Users\Sandrita\Desktop\LaunchGTAIV - Acceso directo.lnk
2014-11-11 11:23 - 2014-11-11 11:23 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-11-11 02:29 - 2014-11-11 02:29 - 00000000 ____D () C:\Users\Sandrita\Documents\Rockstar Games
2014-11-11 02:19 - 2014-11-11 02:27 - 00000000 ____D () C:\Users\Sandrita\AppData\Local\Rockstar Games
2014-11-11 02:19 - 2014-11-11 02:19 - 00000000 __RHD () C:\Users\Sandrita\AppData\Roaming\SecuROM
2014-11-11 02:18 - 2014-11-11 02:18 - 00000000 ____D () C:\Users\Sandrita\AppData\Roaming\WinRAR
2014-11-11 02:18 - 2014-11-11 02:18 - 00000000 ____D () C:\Users\Sandrita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-11-11 02:18 - 2014-11-11 02:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-11-11 02:18 - 2014-11-11 02:18 - 00000000 ____D () C:\Program Files\WinRAR
2014-11-11 02:17 - 2014-11-11 02:17 - 02011648 _____ () C:\Users\Sandrita\Downloads\winrar-x64-511es.exe
2014-11-11 02:16 - 2014-11-11 02:16 - 00085370 _____ () C:\Users\Sandrita\Downloads\1275678067xliveless-0.999b7.rar
2014-11-11 02:10 - 2014-11-11 02:10 - 00178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll
2014-11-11 01:40 - 2014-11-11 01:46 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2014-11-11 01:40 - 2014-11-11 01:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2014-11-09 19:56 - 2014-11-09 19:56 - 00001422 _____ () C:\Users\Sandrita\Documents\startup.txt
2014-11-09 04:01 - 2014-11-09 04:01 - 00000219 _____ () C:\Users\Sandrita\Desktop\Left 4 Dead 2.url
2014-11-08 21:58 - 2014-11-08 22:21 - 00003186 _____ () C:\Windows\System32\Tasks\{10D9C7BD-D2DF-4FF3-89DF-3FC44EA5F61E}
2014-11-08 21:58 - 2014-11-08 22:00 - 00000000 ___HD () C:\Program Files (x86)\Temp
2014-11-08 21:58 - 2014-11-08 21:58 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-11-08 21:58 - 2014-02-26 15:16 - 02080472 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2014-11-08 21:11 - 2014-11-08 21:48 - 125683715 _____ (Realtek Semiconductor Corp.) C:\Users\Sandrita\Downloads\64bit_Win7_Win8_Win81_R275.exe
2014-11-08 13:11 - 2014-11-09 18:32 - 00000000 ____D () C:\Users\Sandrita\AppData\Roaming\TeamViewer
2014-11-08 13:10 - 2014-11-08 13:11 - 06627192 _____ (TeamViewer GmbH) C:\Users\Sandrita\Downloads\TeamViewer_Setup_es-cjz.exe
2014-11-08 09:44 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-11-08 09:44 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-11-08 09:44 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-11-08 09:44 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-11-08 09:44 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-11-08 09:44 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-11-08 09:44 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-11-08 09:44 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-11-08 09:44 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-11-08 09:44 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-11-08 09:44 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-11-08 09:44 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-11-08 09:44 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-11-08 09:44 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-11-08 09:44 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-11-08 09:44 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-11-08 09:44 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-11-08 09:44 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-11-08 09:44 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-11-08 09:44 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-11-08 09:44 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-11-08 09:44 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-11-08 09:44 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-11-08 09:44 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-11-08 09:44 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-11-08 09:44 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2014-11-08 09:44 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-11-08 09:44 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-11-08 09:44 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-11-08 09:44 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-11-08 09:44 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-11-08 09:44 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-11-08 09:44 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-11-08 09:44 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-11-08 09:44 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2014-11-08 09:44 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-11-08 09:44 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-11-08 09:44 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-11-08 09:44 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-11-08 09:44 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-11-08 09:44 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-11-08 09:44 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-11-08 09:44 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-11-08 09:44 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-11-08 09:44 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-11-08 09:44 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-11-08 09:44 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2014-11-08 09:44 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-11-08 09:44 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2014-11-08 09:44 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-11-08 09:44 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2014-11-08 09:44 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-11-08 09:44 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-11-08 09:44 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-11-08 09:44 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-11-08 09:44 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-11-08 09:44 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-11-08 09:44 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-11-08 09:44 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-11-08 09:44 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-11-08 09:44 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-11-08 09:44 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-11-08 09:44 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-11-08 00:04 - 2014-11-08 00:16 - 00000000 ____D () C:\Users\Public\Documents\Silent Hill Homecoming
2014-11-08 00:01 - 2014-11-13 02:15 - 00223075 _____ () C:\Windows\DirectX.log
2014-11-08 00:01 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-11-08 00:01 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-11-08 00:01 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-11-08 00:01 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-11-08 00:01 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-11-08 00:01 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-11-08 00:01 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-11-08 00:01 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-11-08 00:01 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-11-08 00:01 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-11-08 00:01 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-11-08 00:01 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-11-08 00:01 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-11-08 00:01 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-11-08 00:01 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-11-08 00:01 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-11-08 00:01 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-11-08 00:01 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-11-08 00:01 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-11-08 00:01 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-11-08 00:01 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-11-08 00:01 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-11-08 00:01 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-11-08 00:01 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-11-08 00:01 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-11-08 00:01 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-11-08 00:01 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-11-08 00:01 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-11-08 00:01 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-11-08 00:01 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-11-08 00:01 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-11-08 00:01 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-11-08 00:01 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-11-08 00:01 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-11-08 00:01 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-11-08 00:01 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-11-08 00:01 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-11-08 00:01 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-11-08 00:01 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-11-08 00:01 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-11-08 00:01 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-11-08 00:01 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-11-08 00:01 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-11-08 00:01 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-11-08 00:01 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-11-08 00:01 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-11-08 00:01 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-11-08 00:01 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-11-08 00:01 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-11-08 00:01 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-11-08 00:01 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-11-08 00:01 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-11-08 00:01 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-11-08 00:01 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-11-08 00:01 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-11-08 00:01 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-11-08 00:01 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-11-08 00:01 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-11-08 00:01 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-11-08 00:01 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-11-08 00:01 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-11-08 00:01 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-11-08 00:01 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-11-08 00:01 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-11-08 00:01 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-11-08 00:01 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-11-08 00:01 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-11-08 00:01 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-11-08 00:01 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-11-08 00:01 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2014-11-08 00:01 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-11-08 00:01 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-11-08 00:01 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-11-08 00:01 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-11-08 00:01 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-11-08 00:01 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-11-08 00:01 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-11-08 00:01 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-11-08 00:01 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-11-08 00:01 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-11-08 00:01 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-11-08 00:01 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-11-08 00:01 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-11-08 00:01 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-11-08 00:01 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-11-08 00:01 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-11-08 00:01 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-11-08 00:01 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-11-08 00:01 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-11-08 00:01 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-11-08 00:01 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-11-08 00:01 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-11-08 00:01 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-11-08 00:01 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2014-11-08 00:01 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-11-08 00:01 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-11-08 00:01 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2014-11-08 00:01 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-11-08 00:01 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-11-08 00:01 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-11-08 00:01 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-11-08 00:01 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-11-08 00:01 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-11-08 00:01 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-11-08 00:01 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-11-08 00:01 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-11-08 00:01 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-11-08 00:01 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-11-08 00:01 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-11-08 00:01 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-11-08 00:01 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2014-11-08 00:01 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-11-08 00:01 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-11-08 00:01 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-11-08 00:01 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-11-08 00:01 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-11-08 00:01 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-11-07 23:35 - 2014-11-07 23:35 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-11-07 23:26 - 2014-11-07 23:27 - 05144273 _____ () C:\Users\Sandrita\Downloads\Driver Bluetooth Windows 7 64bits.exe
2014-11-07 23:22 - 2014-11-07 23:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medieval Software
2014-11-07 23:21 - 2014-11-07 23:22 - 00884323 _____ (Medieval Software) C:\Users\Sandrita\Downloads\blueftp_setup.exe
2014-11-07 22:51 - 2014-11-07 22:52 - 04171576 _____ (Broadcom Corporation.) C:\Users\Sandrita\Downloads\SetupBtwDownloadSE.exe
2014-11-07 22:49 - 2014-11-07 23:00 - 13875855 _____ () C:\Users\Sandrita\Downloads\BT-stack-toshiba.zip
2014-11-07 22:43 - 2014-11-07 22:43 - 00000000 ____D () C:\Users\Sandrita\AppData\Roaming\ATI
2014-11-07 22:43 - 2014-11-07 22:43 - 00000000 ____D () C:\Users\Sandrita\AppData\Local\ATI
2014-11-07 22:43 - 2014-11-07 22:43 - 00000000 ____D () C:\Users\Sandrita\AppData\Local\AMD
2014-11-07 22:43 - 2014-11-07 22:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
2014-11-07 22:43 - 2014-11-07 22:43 - 00000000 ____D () C:\ProgramData\ATI
2014-11-07 22:43 - 2014-11-07 22:43 - 00000000 ____D () C:\ProgramData\AMD
2014-11-07 22:43 - 2014-11-07 22:43 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-11-07 22:43 - 2014-11-07 22:43 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-11-07 22:43 - 2014-11-07 22:43 - 00000000 ____D () C:\Program Files (x86)\AMD APP
2014-11-07 22:43 - 2010-02-18 09:18 - 00046136 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdiox64.sys
2014-11-07 22:42 - 2014-11-07 22:43 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-11-07 22:42 - 2014-11-07 22:42 - 00000000 ____D () C:\Program Files\ATI
2014-11-07 22:42 - 2014-11-07 22:42 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-11-07 22:41 - 2014-11-07 22:41 - 00000000 ____D () C:\AMD
2014-11-07 22:17 - 2014-11-07 22:39 - 160489864 _____ (Advanced Micro Devices, Inc.) C:\Users\Sandrita\Downloads\13-9-legacy_vista_win7_64_dd_ccc_whql.exe
2014-11-07 21:57 - 2014-11-15 17:12 - 00301460 _____ () C:\Windows\WindowsUpdate.log
2014-11-07 14:14 - 2014-11-07 14:14 - 00000000 _____ () C:\Windows\ativpsrm.bin
2014-11-07 13:35 - 2014-11-07 13:35 - 00000017 _____ () C:\Users\Sandrita\AppData\Local\resmon.resmoncfg
2014-11-07 13:08 - 2014-11-07 13:08 - 00000219 _____ () C:\Users\Sandrita\Desktop\Counter-Strike Global Offensive.url
2014-11-06 23:49 - 2014-11-16 01:00 - 00007033 _____ () C:\Windows\setupact.log
2014-11-06 23:49 - 2014-11-16 00:59 - 00000692 _____ () C:\Windows\PFRO.log
2014-11-06 23:49 - 2014-11-06 23:49 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-06 23:43 - 2014-11-06 23:43 - 00000701 _____ () C:\Users\Sandrita\Desktop\JRT.txt
2014-11-06 23:40 - 2014-11-06 23:40 - 00000000 ____D () C:\Windows\ERUNT
2014-11-06 23:35 - 2014-11-06 23:37 - 00000000 ____D () C:\ProgramData\TEMP
2014-11-06 23:35 - 2014-11-06 23:35 - 00000000 ____D () C:\ProgramData\Licenses
2014-11-06 23:35 - 2009-03-24 12:52 - 00129872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSSTDFMT.DLL
2014-11-06 23:32 - 2014-11-06 23:35 - 04095448 _____ (BrightFort LLC ) C:\Users\Sandrita\Downloads\spywareblastersetup50.exe
2014-11-06 23:18 - 2009-06-10 18:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20141106-231811.backup
2014-11-06 23:12 - 2014-11-06 23:20 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-11-06 23:12 - 2014-11-06 23:20 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-11-06 23:04 - 2014-11-06 23:08 - 16409960 _____ (Safer Networking Limited ) C:\Users\Sandrita\Downloads\spybotsd162.exe
2014-11-06 23:01 - 2014-11-06 23:01 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-06 22:52 - 2014-11-06 22:58 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Sandrita\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-06 20:54 - 2014-11-06 23:20 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-11-06 20:49 - 2014-11-06 20:53 - 14105760 _____ (Microsoft Corporation) C:\Users\Sandrita\Downloads\mseinstall.exe
2014-11-06 20:45 - 2014-11-06 20:47 - 03383499 _____ (Microsoft Corporation) C:\Users\Sandrita\Downloads\Sin confirmar 335291.crdownload
2014-11-06 20:39 - 2014-11-12 18:34 - 00000000 ____D () C:\Windows\pss
2014-11-06 19:55 - 2014-11-16 01:02 - 00000000 ____D () C:\Users\Sandrita\AppData\Roaming\Update
2014-11-06 13:40 - 2014-11-06 13:40 - 00000000 ____D () C:\Users\Sandrita\AppData\Roaming\NVIDIA
2014-11-06 12:16 - 2014-11-06 12:16 - 00002214 _____ () C:\Windows\system32\RaCoInst.log
2014-11-06 12:16 - 2014-11-06 12:16 - 00000000 ____D () C:\ProgramData\Ralink Driver
2014-11-06 12:16 - 2013-09-06 20:43 - 02273072 _____ (Ralink Technology Corp.) C:\Windows\system32\Drivers\netr28ux.sys
2014-11-06 12:16 - 2013-08-27 09:18 - 00331568 _____ (Ralink Technology, Inc.) C:\Windows\system32\RaCoInstx.dll
2014-11-06 12:16 - 2013-08-27 09:18 - 00013973 _____ () C:\Windows\SysWOW64\RaCoInst.dat
2014-11-06 12:16 - 2013-08-27 09:18 - 00013973 _____ () C:\Windows\system32\RaCoInst.dat
2014-11-06 12:16 - 2013-08-23 14:10 - 00080316 _____ () C:\Windows\SysWOW64\Drivers\FW_7610.bin
2014-11-06 12:16 - 2013-08-23 14:10 - 00080316 _____ () C:\Windows\system32\Drivers\FW_7610.bin
2014-11-06 12:16 - 2013-07-03 09:59 - 00046692 _____ () C:\Windows\SysWOW64\Drivers\FW_7601.bin
2014-11-06 12:16 - 2013-07-03 09:59 - 00046692 _____ () C:\Windows\system32\Drivers\FW_7601.bin
2014-11-06 12:16 - 2013-07-03 09:59 - 00008192 _____ () C:\Windows\SysWOW64\Drivers\FW_2870.bin
2014-11-06 12:16 - 2013-07-03 09:59 - 00008192 _____ () C:\Windows\system32\Drivers\FW_2870.bin
2014-11-06 12:16 - 2013-07-03 09:59 - 00004096 _____ () C:\Windows\SysWOW64\Drivers\FW_3573.bin
2014-11-06 12:16 - 2013-07-03 09:59 - 00004096 _____ () C:\Windows\system32\Drivers\FW_3573.bin
2014-11-06 12:15 - 2014-11-15 17:09 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-06 03:25 - 2014-11-06 03:25 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-11-06 03:08 - 2014-11-15 04:07 - 00000000 ____D () C:\Users\Sandrita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-11-06 03:08 - 2014-11-06 03:08 - 00000219 _____ () C:\Users\Sandrita\Desktop\Team Fortress 2.url
2014-11-06 03:05 - 2014-11-06 03:12 - 00000000 ____D () C:\Users\Sandrita\AppData\Roaming\Apple Computer
2014-11-06 03:05 - 2014-11-06 03:05 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-11-06 03:05 - 2014-11-06 03:05 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-11-06 03:05 - 2014-11-06 03:05 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-11-06 03:05 - 2014-11-06 03:05 - 00000000 ____D () C:\Users\Sandrita\AppData\Local\Apple Computer
2014-11-06 03:05 - 2014-11-06 03:05 - 00000000 ____D () C:\Users\Sandrita\AppData\Local\Apple
2014-11-06 03:05 - 2014-11-06 03:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-11-06 03:05 - 2014-11-06 03:05 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-11-06 03:05 - 2014-11-06 03:05 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-11-06 03:05 - 2014-11-06 03:05 - 00000000 ____D () C:\Program Files\iTunes
2014-11-06 03:05 - 2014-11-06 03:05 - 00000000 ____D () C:\Program Files\iPod
2014-11-06 03:05 - 2014-11-06 03:05 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-11-06 03:05 - 2014-11-06 03:05 - 00000000 ____D () C:\Program Files\Bonjour
2014-11-06 03:05 - 2014-11-06 03:05 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-11-06 03:05 - 2014-11-06 03:05 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-11-06 03:05 - 2014-11-06 03:05 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-11-06 03:05 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-11-06 03:04 - 2014-11-06 03:05 - 00000000 ____D () C:\ProgramData\Apple
2014-11-06 02:49 - 2014-11-13 02:30 - 01659064 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-11-06 02:41 - 2014-11-06 03:04 - 122418480 _____ (Apple Inc.) C:\Users\Sandrita\Downloads\iTunes64Setup.exe
2014-11-06 02:40 - 2014-11-06 02:40 - 00000979 _____ () C:\Users\Public\Desktop\Winamp.lnk
2014-11-06 02:40 - 2014-11-06 02:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2014-11-06 02:40 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2014-11-06 02:40 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-11-06 02:38 - 2014-11-09 21:20 - 00000000 ____D () C:\Users\Sandrita\AppData\Roaming\Winamp
2014-11-06 02:38 - 2014-11-06 02:41 - 00000000 ____D () C:\Program Files (x86)\Winamp
2014-11-06 02:32 - 2014-11-06 02:37 - 12432368 _____ (Nullsoft, Inc.) C:\Users\Sandrita\Downloads\winamp5666_full_en-us.exe
2014-11-06 02:23 - 2014-11-13 22:40 - 00000000 ____D () C:\Users\Sandrita\AppData\Local\Spotify
2014-11-06 02:23 - 2014-11-06 02:23 - 00001823 _____ () C:\Users\Sandrita\Desktop\Spotify.lnk
2014-11-06 02:23 - 2014-11-06 02:23 - 00001809 _____ () C:\Users\Sandrita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-11-06 02:16 - 2014-11-15 03:06 - 00000000 ____D () C:\Users\Sandrita\AppData\Roaming\Spotify
2014-11-06 02:16 - 2014-11-06 02:16 - 00137888 _____ (Spotify Ltd) C:\Users\Sandrita\Downloads\SpotifySetup.exe
2014-11-06 00:13 - 2014-11-13 22:41 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-11-06 00:13 - 2014-11-06 00:13 - 02174848 _____ () C:\Users\Sandrita\Downloads\instsf450.exe
2014-11-06 00:13 - 2014-11-06 00:13 - 00001007 _____ () C:\Users\Sandrita\Desktop\SpeedFan.lnk
2014-11-06 00:13 - 2014-11-06 00:13 - 00000000 ____D () C:\Users\Sandrita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-11-06 00:02 - 2014-11-06 00:02 - 04728938 _____ (Nullsoft, Inc.) C:\Users\Sandrita\Downloads\Sin confirmar 699463.crdownload
2014-11-05 23:59 - 2014-11-16 01:00 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-05 23:59 - 2014-11-05 23:59 - 00000963 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-11-05 23:59 - 2014-11-05 23:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-11-05 23:58 - 2014-11-05 23:58 - 01142392 _____ () C:\Users\Sandrita\Downloads\SteamSetup.exe
2014-11-05 23:49 - 2014-11-06 22:47 - 00000000 ____D () C:\Windows\Minidump
2014-11-05 22:10 - 2014-11-05 22:10 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-11-04 18:55 - 2014-11-04 18:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-11-04 18:54 - 2014-11-04 18:54 - 00000000 ____D () C:\Windows\PCHEALTH
2014-11-04 18:54 - 2014-11-04 18:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-11-04 18:53 - 2014-11-04 18:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-11-04 18:52 - 2014-11-04 18:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-11-04 18:52 - 2014-11-04 18:52 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-11-04 18:52 - 2014-11-04 18:52 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-11-04 18:51 - 2014-11-04 18:51 - 00000000 __RHD () C:\MSOCache
2014-11-04 18:50 - 2014-11-04 18:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-04 18:50 - 2014-11-04 18:51 - 00000000 ____D () C:\Users\Sandrita\AppData\Roaming\Mozilla
2014-11-04 18:50 - 2014-11-04 18:51 - 00000000 ____D () C:\Users\Sandrita\AppData\Local\Mozilla
2014-11-04 18:50 - 2014-11-04 18:50 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-11-04 18:50 - 2014-11-04 18:50 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-11-04 18:50 - 2014-11-04 18:50 - 00000000 ____D () C:\ProgramData\Mozilla
2014-11-04 18:50 - 2014-11-04 18:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-04 18:48 - 2014-11-06 22:47 - 00000000 ____D () C:\Users\Sandrita\AppData\Roaming\DAEMON Tools Lite
2014-11-04 18:48 - 2014-11-04 18:48 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-11-04 18:48 - 2014-11-04 18:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2014-11-04 18:48 - 2014-11-04 18:48 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-11-04 18:47 - 2014-11-06 00:13 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo
2014-11-04 18:47 - 2014-11-04 18:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-11-04 18:45 - 2014-11-12 18:54 - 00000866 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-11-04 18:45 - 2014-11-04 18:56 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-04 18:45 - 2014-11-04 18:50 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-11-04 18:45 - 2014-11-04 18:45 - 00002778 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-11-04 18:45 - 2014-11-04 18:45 - 00000000 ____D () C:\Users\Sandrita\AppData\Local\Microsoft Help
2014-11-04 18:45 - 2014-11-04 18:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-11-04 18:45 - 2014-11-04 18:45 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-04 18:42 - 2014-11-11 11:25 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-04 18:40 - 2014-11-04 18:40 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-11-04 18:40 - 2014-07-02 15:55 - 06783776 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-11-04 18:40 - 2014-07-02 15:55 - 03522392 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-11-04 18:40 - 2014-07-02 15:55 - 00935368 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-11-04 18:40 - 2014-07-02 15:55 - 00386520 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-11-04 18:40 - 2014-07-02 15:55 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-11-04 18:40 - 2014-07-02 07:14 - 03826628 _____ () C:\Windows\system32\nvcoproc.bin
2014-11-04 18:39 - 2014-11-11 11:23 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-11-04 18:39 - 2014-11-04 18:39 - 31512520 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 27646720 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 24196896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 22994208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 18626304 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 17555104 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 16122344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 14498552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 13922752 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 13835208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 12866008 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-11-04 18:39 - 2014-11-04 18:39 - 11283344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 11222048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 07163744 _____ (Dolby Laboratories) C:\Windows\system32\EEP64H.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 07163744 _____ (Dolby Laboratories) C:\Windows\system32\EEP64A.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 04247000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 03989960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 03322368 _____ (VIA Technologies, Inc.) C:\Windows\system32\VIAPropPageExt.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 03196816 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 02814656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 01985024 _____ (Creative Technology Ltd.) C:\Windows\system32\VMAPO264.DLL
2014-11-04 18:39 - 2014-11-04 18:39 - 01890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434052.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 01845424 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViaMicArrayAPO.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 01713664 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\VMAPO232.DLL
2014-11-04 18:39 - 2014-11-04 18:39 - 01539928 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434052.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 01161336 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViaKaraokeApo.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 01013504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 00965312 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 00953344 _____ (NVIDIA Corporation) C:\Windows\system32\fdco2.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 00944928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 00907096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 00903624 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 00884400 _____ (VIA Technologies, Inc.) C:\Windows\system32\VIASysFx.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 00879616 _____ (Creative Technology Ltd.) C:\Windows\system32\VMAPO64.DLL
2014-11-04 18:39 - 2014-11-04 18:39 - 00869152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 00846832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 00758272 _____ (NVIDIA Corporation) C:\Windows\system32\cohelper.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 00739328 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\VMAPO32.DLL
2014-11-04 18:39 - 2014-11-04 18:39 - 00689840 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viahduaa.sys
2014-11-04 18:39 - 2014-11-04 18:39 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 00619520 _____ (Creative Technology Ltd.) C:\Windows\system32\VMTHX64.DLL
2014-11-04 18:39 - 2014-11-04 18:39 - 00554496 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\VMTHX32.DLL
2014-11-04 18:39 - 2014-11-04 18:39 - 00433504 _____ (Dolby Laboratories) C:\Windows\system32\EED64H.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 00433504 _____ (Dolby Laboratories) C:\Windows\system32\EED64A.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 00388096 _____ (Creative Technology Ltd.) C:\Windows\system32\VMWRP64.DLL
2014-11-04 18:39 - 2014-11-04 18:39 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 00349416 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvmf6264.sys
2014-11-04 18:39 - 2014-11-04 18:39 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 00248952 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Dts2APO.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 00229480 _____ (NVIDIA Corporation) C:\Windows\system32\nvconrm.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 00137056 _____ (Dolby Laboratories) C:\Windows\system32\EEL64H.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 00137056 _____ (Dolby Laboratories) C:\Windows\system32\EEL64A.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 00123512 _____ (VIA Technologies,Inc.) C:\Windows\system32\ViaKaraokePropPageExt.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 00120160 _____ (Dolby Laboratories) C:\Windows\system32\EEA64H.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 00120160 _____ (Dolby Laboratories) C:\Windows\system32\EEA64A.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 00095352 _____ (VIA Technologies,Inc.) C:\Windows\system32\ViaMicArrayPropPageExt.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 00092280 _____ (VIA Technologies, Inc.) C:\Windows\system32\Dts2PropPageExt.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 00086016 _____ (QSound Labs, Inc.) C:\Windows\system32\nQPropPageExt.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 00083968 _____ (QSound Labs, Inc.) C:\Windows\system32\nQAPO.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 00075104 _____ (Dolby Laboratories) C:\Windows\system32\EEG64H.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 00075104 _____ (Dolby Laboratories) C:\Windows\system32\EEG64A.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 00070776 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\VtSrdAPO.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 00057856 _____ (Creative Technology Ltd.) C:\Windows\system32\VMPPLD64.DLL
2014-11-04 18:39 - 2014-11-04 18:39 - 00055416 _____ (TODO: <Company name>) C:\Windows\system32\PropPageExt.dll
2014-11-04 18:39 - 2014-11-04 18:39 - 00053760 _____ (Creative Technology Ltd.) C:\Windows\system32\VMPPCN64.DLL
2014-11-04 18:39 - 2014-11-04 18:39 - 00033456 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\VMfilt64.sys
2014-11-04 18:39 - 2014-11-04 18:39 - 00027768 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViakaraokeSrv.exe
2014-11-04 18:39 - 2014-11-04 18:39 - 00026353 _____ () C:\Windows\system32\nvinfo.pb
2014-11-04 18:39 - 2014-11-04 18:39 - 00010084 _____ () C:\Windows\system32\Drivers\nvphy.bin
2014-11-04 18:39 - 2014-11-04 18:39 - 00000000 ____D () C:\Windows\system32\SRSLabs
2014-11-04 18:39 - 2014-11-04 18:39 - 00000000 ____D () C:\Program Files\VIA
2014-11-04 18:38 - 2014-11-04 18:38 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-11-04 18:38 - 2014-11-04 18:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-11-04 18:38 - 2014-11-04 18:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-11-04 18:24 - 2014-11-09 19:56 - 00003216 _____ () C:\Windows\System32\Tasks\Windows Update Check - 0x0E7302EC
2014-11-04 18:14 - 2014-11-04 18:14 - 00002253 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-04 18:14 - 2014-11-04 18:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-04 18:11 - 2014-11-16 01:01 - 00000000 __SHD () C:\ProgramData\CreativeAudio
2014-11-04 18:03 - 2014-11-05 22:23 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-04 18:03 - 2014-11-05 22:13 - 00004112 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-04 18:03 - 2014-11-05 22:13 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-04 18:02 - 2014-11-05 22:23 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-04 18:02 - 2014-11-04 22:15 - 00111536 _____ () C:\Users\Sandrita\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-04 18:02 - 2014-11-04 18:14 - 00000000 ____D () C:\Users\Sandrita\AppData\Local\Google
2014-11-04 18:02 - 2014-11-04 18:14 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-04 18:02 - 2014-11-04 18:02 - 00000000 ____D () C:\Users\Sandrita\AppData\Local\Deployment
2014-11-04 18:02 - 2014-11-04 18:02 - 00000000 ____D () C:\Users\Sandrita\AppData\Local\Apps\2.0
2014-11-04 18:00 - 2014-11-05 22:13 - 00002862 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Sandrita)
2014-11-04 17:59 - 2014-11-04 17:59 - 00000000 ____D () C:\Users\Sandrita\AppData\Local\Clover
2014-11-04 17:58 - 2014-11-04 17:58 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-11-04 17:57 - 2014-05-14 13:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-11-04 17:57 - 2014-05-14 13:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-11-04 17:57 - 2014-05-14 13:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-11-04 17:57 - 2014-05-14 13:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-11-04 17:57 - 2014-05-14 13:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-11-04 17:57 - 2014-05-14 13:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-11-04 17:57 - 2014-05-14 13:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-11-04 17:57 - 2014-05-14 13:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-11-04 17:57 - 2014-05-14 13:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-11-04 17:57 - 2014-05-14 13:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-11-04 17:57 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-11-04 17:57 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-11-04 17:57 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-11-04 17:57 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-11-04 17:55 - 2014-11-04 17:55 - 00001427 _____ () C:\Users\Sandrita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-11-04 17:55 - 2014-11-04 17:55 - 00001393 _____ () C:\Users\Sandrita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-11-04 17:55 - 2014-11-04 17:55 - 00000000 ____D () C:\Users\Sandrita\AppData\Local\VirtualStore
2014-11-04 17:54 - 2014-11-04 17:55 - 00000000 ____D () C:\Users\Sandrita
2014-11-04 17:54 - 2014-11-04 17:54 - 00000020 ___SH () C:\Users\Sandrita\ntuser.ini
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\Users\Sandrita\Reciente
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\Users\Sandrita\Plantillas
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\Users\Sandrita\Mis documentos
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\Users\Sandrita\Menú Inicio
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\Users\Sandrita\Impresoras
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\Users\Sandrita\Entorno de red
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\Users\Sandrita\Documents\Mis vídeos
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\Users\Sandrita\Documents\Mis imágenes
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\Users\Sandrita\Documents\Mi música
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\Users\Sandrita\Datos de programa
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\Users\Sandrita\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\Users\Sandrita\AppData\Local\Historial
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\Users\Sandrita\AppData\Local\Datos de programa
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\Users\Sandrita\AppData\Local\Archivos temporales de Internet
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\Users\Public\Documents\Mis vídeos
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\Users\Public\Documents\Mis imágenes
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\Users\Public\Documents\Mi música
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\Users\Default\Reciente
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\Users\Default\Plantillas
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\Users\Default\Mis documentos
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\Users\Default\Menú Inicio
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\Users\Default\Impresoras
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\Users\Default\Entorno de red
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\Users\Default\Documents\Mis vídeos
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\Users\Default\Documents\Mis imágenes
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\Users\Default\Documents\Mi música
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\Users\Default\Datos de programa
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Historial
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Datos de programa
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Archivos temporales de Internet
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\Users\Default User\Documents\Mis vídeos
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\Users\Default User\Documents\Mis imágenes
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\Users\Default User\Documents\Mi música
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Historial
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Datos de programa
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Archivos temporales de Internet
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\ProgramData\Plantillas
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\ProgramData\Menú Inicio
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\ProgramData\Favoritos
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\ProgramData\Escritorio
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\ProgramData\Documentos
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\ProgramData\Datos de programa
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\Program Files\Archivos comunes
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 _SHDL () C:\Archivos de programa
2014-11-04 17:54 - 2014-11-04 17:54 - 00000000 __SHD () C:\Recovery
2014-11-04 17:54 - 2009-07-14 01:54 - 00000000 ___RD () C:\Users\Sandrita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-04 17:54 - 2009-07-14 01:49 - 00000000 ___RD () C:\Users\Sandrita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-11-04 17:38 - 2014-11-04 17:38 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-11-04 17:38 - 2014-11-04 17:38 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-11-04 13:34 - 2014-11-04 18:46 - 00000000 ____D () C:\Windows\Panther
2014-11-04 13:33 - 2014-11-04 13:33 - 00008192 __RSH () C:\BOOTSECT.BAK
2014-11-04 13:33 - 2010-11-21 00:23 - 00383786 __RSH () C:\bootmgr

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-16 01:07 - 2010-11-21 04:09 - 00750772 _____ () C:\Windows\system32\perfh00A.dat
2014-11-16 01:07 - 2010-11-21 04:09 - 00159796 _____ () C:\Windows\system32\perfc00A.dat
2014-11-16 01:07 - 2009-07-14 02:13 - 01685182 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-16 01:00 - 2009-07-14 02:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-16 00:21 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-12 17:56 - 2009-07-14 02:08 - 00022144 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-11 02:07 - 2009-07-14 02:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-11-10 18:43 - 2009-07-14 01:45 - 00016640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-10 18:43 - 2009-07-14 01:45 - 00016640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-07 22:42 - 2009-07-14 00:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-11-07 02:48 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\rescache
2014-11-06 20:47 - 2010-11-21 00:24 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-11-06 20:47 - 2010-11-21 00:24 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-11-06 20:47 - 2010-11-21 00:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
2014-11-06 20:47 - 2010-11-21 00:24 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2014-11-06 20:47 - 2010-11-21 00:23 - 00013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll
2014-11-05 23:49 - 2009-07-14 02:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-11-05 23:48 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-11-05 23:38 - 2009-07-14 01:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-11-04 20:00 - 2009-07-14 01:45 - 00441888 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-04 18:54 - 2010-11-21 04:19 - 00000000 ____D () C:\Windows\ShellNew
2014-11-04 18:53 - 2009-07-13 23:34 - 00000478 _____ () C:\Windows\win.ini
2014-11-04 18:47 - 2009-07-14 00:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-11-04 18:40 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\Help
2014-11-04 17:56 - 2009-07-14 02:32 - 00000000 ____D () C:\Windows\system32\restore
2014-11-04 17:56 - 2009-07-14 00:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-11-04 17:54 - 2009-07-14 00:20 - 00000000 __RHD () C:\Users\Default
2014-11-04 17:54 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\system32\Recovery
2014-11-04 17:54 - 2009-07-14 00:20 - 00000000 ____D () C:\Program Files\Windows NT
2014-11-04 17:38 - 2009-07-14 00:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-04 17:38 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-11-04 17:35 - 2010-11-21 04:19 - 00000000 ____D () C:\Windows\CSC
2014-11-04 13:33 - 2009-07-14 02:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-11-04 13:33 - 2009-07-14 02:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-10-30 03:50 - 2010-11-21 00:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Files to move or delete:
====================
C:\Users\Sandrita\AppData\Local\Temp\Adobe\Reader_sl.exe
C:\ProgramData\mspsuoyh.exe


Some content of TEMP:
====================
C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe
C:\Users\Sandrita\AppData\Local\Temp\31m7z.exe
C:\Users\Sandrita\AppData\Local\Temp\adolpaaekwh.exe
C:\Users\Sandrita\AppData\Local\Temp\aqxtk.exe
C:\Users\Sandrita\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Sandrita\AppData\Local\Temp\Newtonsoft.Json.dll
C:\Users\Sandrita\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Sandrita\AppData\Local\Temp\sqlite3.dll
C:\Users\Sandrita\AppData\Local\Temp\txgxvjubzfo.exe
C:\Users\Sandrita\AppData\Local\Temp\wzw8k.exe
C:\Users\Sandrita\AppData\Local\Temp\ybiuvtxzvpi.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-15 04:25

==================== End Of Log ============================
BrianWesker
Active Member
 
Posts: 9
Joined: November 13th, 2014, 9:09 am

Re: Suspicious tasks on start up that I cant delete

Unread postby BrianWesker » November 16th, 2014, 12:20 am

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-11-2014
Ran by Sandrita at 2014-11-16 01:12:32
Running from C:\Users\Sandrita\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ActiClean USB (HKLM-x32\...\{CD0226C2-1B06-473D-A280-B7DE30AA8EC3}_is1) (Version: 1.2.0.0 - Elohim Soft)
AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
Compatibilidad con Aplicaciones de Apple (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DS4Windows (HKLM-x32\...\{17FB9AB3-F723-45EB-8E9C-26C663374928}) (Version: 1.5.11 - DSDCS)
Eines de correcció del Microsoft Office 2013: català (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Ferramentas de verificación de Microsoft Office 2013 - Galego (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
iLook 300 (HKLM-x32\...\{7EF900F4-61A8-4D95-8A65-488D3BECA206}) (Version: 1.0.0.28 - )
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Microsoft .NET Framework 4.5.1 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Mozilla Firefox 33.0.2 (x86 es-AR) (HKLM-x32\...\Mozilla Firefox 33.0.2 (x86 es-AR)) (Version: 33.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0.2 - Mozilla)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation)
OSCAR Editor (x32 Version: 12.08.0002 - A4TECH) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Panel de control de NVIDIA 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
Ralink RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.31.0 - Ralink)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Rockstar Games Social Club (HKLM-x32\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spotify (HKU\S-1-5-21-3701867710-947133529-1713004044-1000\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
X7 Oscar Editor (HKLM-x32\...\InstallShield_{ED21F22F-EF3A-446D-B4BB-AE92D916B7DA}) (Version: 12.08.0002 - A4TECH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

13-11-2014 04:59:44 Windows Update
13-11-2014 05:10:57 Se ha instalado DirectX
13-11-2014 05:11:40 Se ha instalado DirectX
13-11-2014 05:12:40 Se ha instalado DirectX
13-11-2014 05:15:28 Se ha instalado DirectX
13-11-2014 05:32:37 Instalación del paquete de controladores de dispositivo: Scarlet.Crush Productions Dispositivos del sistema
15-11-2014 01:22:41 Instalado OSCAR Editor
15-11-2014 20:09:40 Instalado iLook 300

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 23:34 - 2014-11-06 23:18 - 00000824 ____R C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0B0B3700-79D8-4AEA-ACF8-49CD3CC312C8} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {12C24EA2-CEEF-4A59-9108-955A7771D60D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {1A5A648D-6EDB-4533-8871-859E513F6B20} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {2E712BCF-D0C8-4EF7-B6E0-03449C2D5AE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-04] (Google Inc.)
Task: {3243F28C-0F7E-4C69-B41A-D1D4B06D9E5C} - System32\Tasks\Driver Booster SkipUAC (Sandrita) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {55DAE50B-85D6-44FF-8C1F-7F0424706E6D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {95653F2E-DC44-4F25-A983-84F0BFC16B92} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3701867710-947133529-1713004044-1000UA => C:\Users\Sandrita\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-11-15] (Facebook Inc.)
Task: {9F295603-11A7-48FE-9392-452BCF7B615A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-04] (Google Inc.)
Task: {9F68ABA9-99B0-4776-B77B-698AEC6EB9A5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3701867710-947133529-1713004044-1000Core => C:\Users\Sandrita\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-11-15] (Facebook Inc.)
Task: {AEA9BD74-2A53-44FF-B54A-85B92441058E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {FD50458E-AB7C-41C0-B6C3-6A4BA2D7C3AB} - System32\Tasks\Windows Update Check - 0x0E7302EC => C:\PROGRA~3\CREATI~1\XSLJQL~1.EXE
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3701867710-947133529-1713004044-1000Core.job => C:\Users\Sandrita\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3701867710-947133529-1713004044-1000UA.job => C:\Users\Sandrita\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-11-16 01:02 - 2014-11-16 01:02 - 00123904 _____ () C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe
2014-11-16 01:02 - 2014-11-16 01:02 - 00299520 _____ () C:\Users\Sandrita\AppData\Local\Temp\aqxtk.exe
2014-11-06 02:12 - 2014-11-11 15:48 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-11-06 02:12 - 2014-11-11 15:48 - 00442368 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-11-06 02:12 - 2014-11-11 15:48 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-11-06 02:12 - 2014-11-11 15:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-11-06 02:12 - 2014-11-11 22:04 - 02227904 _____ () C:\Program Files (x86)\Steam\video.dll
2014-11-06 02:12 - 2014-11-11 15:48 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-11-06 02:12 - 2014-11-11 15:48 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-11-06 02:12 - 2014-11-11 22:04 - 00690880 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-11-06 02:12 - 2014-11-11 15:48 - 34589888 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-11-04 18:14 - 2014-10-22 01:04 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-11-04 18:14 - 2014-10-22 01:04 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll
2014-11-04 18:14 - 2014-10-22 01:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-11-04 18:14 - 2014-10-22 01:04 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
2014-11-04 18:14 - 2014-10-22 01:05 - 14902600 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: AMD FUEL Service => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: msiserver => 3
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: ose => 3
MSCONFIG\Services: osppsvc => 3
MSCONFIG\Services: VIAKaraokeService => 2
MSCONFIG\Services: WerSvc => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ActiClean USB.lnk => C:\Windows\pss\ActiClean USB.lnk.CommonStartup
MSCONFIG\startupreg: Adobe System Incorporated => C:\Users\Sandrita\AppData\Local\Temp\Adobe\Reader_sl.exe
MSCONFIG\startupreg: AMD AVT => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
MSCONFIG\startupreg: CreativeAudio => "C:\ProgramData\CreativeAudio\ndtcrvgiu.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Facebook Update => "C:\Users\Sandrita\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: hh.exe => C:\Users\Sandrita\AppData\Roaming\SANDRITA-PC\hh.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: OscarEditor => "C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe" Minimum
MSCONFIG\startupreg: PAC7302_Monitor => C:\Windows\PixArt\PAC7302\Monitor.exe
MSCONFIG\startupreg: splwow64.exe => C:\Users\Sandrita\AppData\Roaming\SANDRITA-PC\splwow64.exe
MSCONFIG\startupreg: Spotify => "C:\Users\Sandrita\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Sandrita\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: Tvbkbd => C:\Users\Sandrita\AppData\Roaming\Identities\Tvbkbd.exe
MSCONFIG\startupreg: winhlp32.exe => C:\Users\Sandrita\AppData\Roaming\SANDRITA-PC\winhlp32.exe
MSCONFIG\startupreg: write.exe => C:\Users\Sandrita\AppData\Roaming\SANDRITA-PC\write.exe
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun

========================= Accounts: ==========================

Administrador (S-1-5-21-3701867710-947133529-1713004044-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-3701867710-947133529-1713004044-1002 - Limited - Enabled)
Invitado (S-1-5-21-3701867710-947133529-1713004044-501 - Limited - Disabled)
Sandrita (S-1-5-21-3701867710-947133529-1713004044-1000 - Administrator - Enabled) => C:\Users\Sandrita

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/16/2014 01:01:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/16/2014 00:28:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/16/2014 00:22:59 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Error de activación de la licencia de Windows. Error 0x80070005.

Error: (11/15/2014 11:28:15 PM) (Source: Google Update) (EventID: 20) (User: Sandrita-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (11/15/2014 06:44:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: chrome.exe, versión: 38.0.2125.111, marca de tiempo: 0x5447163b
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00000008
Id. del proceso con errores: 0x674
Hora de inicio de la aplicación con errores: 0xchrome.exe0
Ruta de acceso de la aplicación con errores: chrome.exe1
Ruta de acceso del módulo con errores: chrome.exe2
Id. del informe: chrome.exe3

Error: (11/15/2014 05:59:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: chrome.exe, versión: 38.0.2125.111, marca de tiempo: 0x5447163b
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00360039
Id. del proceso con errores: 0x258
Hora de inicio de la aplicación con errores: 0xchrome.exe0
Ruta de acceso de la aplicación con errores: chrome.exe1
Ruta de acceso del módulo con errores: chrome.exe2
Id. del informe: chrome.exe3

Error: (11/15/2014 05:15:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/14/2014 08:20:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/14/2014 02:30:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/14/2014 01:20:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (11/16/2014 01:00:32 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.

Error: (11/16/2014 00:26:58 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.

Error: (11/16/2014 00:18:39 AM) (Source: Microsoft-Windows-Diagnostics-Networking) (EventID: 5300) (User: NT AUTHORITY)
Description: Error. Error de Marco de diagnóstico de redes al completar la fase de reparación de la operación. Se generó un Informe de errores de Windows. [2147942487]

Error: (11/15/2014 05:14:34 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.

Error: (11/14/2014 10:28:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Windows Installer terminó inesperadamente. Esto se ha repetido 2 veces. Se realizará la siguiente acción correctora en 300000 milisegundos: Reiniciar el servicio.

Error: (11/14/2014 10:26:35 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: El Administrador de control de servicios intentó realizar una acción correctora (Reiniciar el servicio) después de la terminación inesperada del servicio Windows Search, pero ocurrió el siguiente error:
%%1056

Error: (11/14/2014 10:26:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Windows Installer terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio.

Error: (11/14/2014 10:26:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Windows Search terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.

Error: (11/14/2014 08:19:02 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.

Error: (11/14/2014 06:56:43 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: El servicio Escucha de Grupo Hogar se cerró con el error específico de servicio %%-2147023143.


Microsoft Office Sessions:
=========================
Error: (11/16/2014 01:01:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/16/2014 00:28:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/16/2014 00:22:59 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000

Error: (11/15/2014 11:28:15 PM) (Source: Google Update) (EventID: 20) (User: Sandrita-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (11/15/2014 06:44:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe38.0.2125.1115447163bunknown0.0.0.000000000c00000050000000867401d0011ca1babbd0C:\Program Files (x86)\Google\Chrome\Application\chrome.exeunknown9ccac420-6d10-11e4-92d7-f46d04d94e2d

Error: (11/15/2014 05:59:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe38.0.2125.1115447163bunknown0.0.0.000000000c00000050036003925801d00116604c74a0C:\Program Files (x86)\Google\Chrome\Application\chrome.exeunknown59da49c0-6d0a-11e4-92d7-f46d04d94e2d

Error: (11/15/2014 05:15:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/14/2014 08:20:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/14/2014 02:30:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/14/2014 01:20:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info ===========================

Processor: AMD Athlon(tm) II X2 255 Processor
Percentage of memory in use: 36%
Total physical RAM: 4095.23 MB
Available physical RAM: 2580.58 MB
Total Pagefile: 8188.65 MB
Available Pagefile: 6533.2 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:368.1 GB) (Free:271.75 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (PARTICION D) (Fixed) (Total:97.66 GB) (Free:97.57 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 27F027EF)
Partition 1: (Active) - (Size=368.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================
BrianWesker
Active Member
 
Posts: 9
Joined: November 13th, 2014, 9:09 am

Re: Suspicious tasks on start up that I cant delete

Unread postby Cypher » November 16th, 2014, 9:15 am

Hi,
Looking over your log, it seems you don't have any evidence of an anti-virus software.

Anti-virus software are programs that detect, cleanse, and erase harmful virus files on a computer, Web server, or network. Unchecked, virus files can unintentionally be forwarded to others, including trading partners and thereby spreading infection. Because new viruses regularly emerge, anti-virus software should be updated frequently. Anti-virus software can scan the computer memory and disk drives for malicious code. They can alert the user if a virus is present, and will clean, delete (or quarantine) infected files or directories. Please download a free anti-virus software from one these excellent vendors.


Note: You should run only one antivirus program at a time. Having more than one antivirus program active in memory uses additional resources and results in program conflicts and false virus alerts.

Next.

  • Click Start
  • Type notepad.exe in the search programs and files box and click Enter.
  • A blank Notepad page should open.
    • Copy and Paste the following script into Notepad, Do not include the words Code: select all
    • (Click the select all button next to code to select the entire script).
    Code: Select all
    () C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe
    () C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe
    () C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe
    () C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe
    () C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe
    () C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe
    () C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe
    () C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe
    () C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe
    () C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe
    () C:\Users\Sandrita\AppData\Local\Temp\aqxtk.exe
    () C:\Users\Sandrita\AppData\Local\Temp\aqxtk.exe
    C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe
    C:\Users\Sandrita\AppData\Local\Temp\aqxtk.exe
    HKLM\...\Policies\Explorer\Run: [1756353434] => C:\ProgramData\mspsuoyh.exe [120832 2010-11-21] ( ())
    HKU\S-1-5-21-3701867710-947133529-1713004044-1000\...\Run: [Tvbkbd] => C:\Users\Sandrita\AppData\Roaming\Identities\Tvbkbd.exe
    HKU\S-1-5-21-3701867710-947133529-1713004044-1000\...\Run: [Windows Update Manager] => C:\Users\Sandrita\AppData\Roaming\Update\MSupdate.exe [123904 2014-11-16] ()
    HKU\S-1-5-21-3701867710-947133529-1713004044-1000\...\Winlogon: [Shell] C:\Users\Sandrita\AppData\Roaming\Update\MSupdate.exe,explorer.exe <==== ATTENTION
    IFEO\mbam.exe: [Debugger] mwvaz.exe
    IFEO\mbamgui.exe: [Debugger] safpd.exe
    IFEO\rstrui.exe: [Debugger] vxddm.exe
    HKU\S-1-5-21-3701867710-947133529-1713004044-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]
    2014-11-16 01:04 - 2014-11-16 01:04 - 00001245 _____ () C:\Users\Sandrita\AppData\Roaming\BF79.exe
    2014-11-16 01:04 - 2014-11-16 01:04 - 00001245 _____ () C:\Users\Sandrita\AppData\Roaming\B7DA.exe
    2014-11-16 01:04 - 2014-11-16 01:04 - 00001245 _____ () C:\Users\Sandrita\AppData\Roaming\A591.exe
    2014-11-16 01:01 - 2014-11-16 01:01 - 00196608 _____ () C:\Users\Sandrita\AppData\Roaming\c731200
    2014-11-13 02:32 - 2014-11-13 02:37 - 00000000 ____D () C:\Users\Sandrita\AppData\Roaming\DS4Windows
    2014-11-12 18:30 - 2014-11-12 18:30 - 00003158 _____ () C:\Windows\System32\Tasks\{633C2DC9-378C-467F-B8DC-6EFC168C7A17}
    C:\Users\Sandrita\AppData\Local\Temp\Adobe\Reader_sl.exe
    C:\ProgramData\mspsuoyh.ex
    C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe
    C:\Users\Sandrita\AppData\Local\Temp\31m7z.exe
    C:\Users\Sandrita\AppData\Local\Temp\adolpaaekwh.exe
    C:\Users\Sandrita\AppData\Local\Temp\aqxtk.exe
    C:\Users\Sandrita\AppData\Local\Temp\drm_dyndata_7380014.dll
    C:\Users\Sandrita\AppData\Local\Temp\Newtonsoft.Json.dll
    C:\Users\Sandrita\AppData\Local\Temp\sfamcc00001.dll
    C:\Users\Sandrita\AppData\Local\Temp\sqlite3.dll
    C:\Users\Sandrita\AppData\Local\Temp\txgxvjubzfo.exe
    C:\Users\Sandrita\AppData\Local\Temp\wzw8k.exe
    C:\Users\Sandrita\AppData\Local\Temp\ybiuvtxzvpi.exe
    AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
    
    EmptyTemp:
    CMD: ipconfig /flushdns
    
  • Save it next to FRST.exe on your Desktop as filename fixlist.txt
  • NOTE: It's important that both files, FRST/FRST64 and fixlist.txt are saved in the same location or the fix will not work.
  • Right-click FRST.exe and select " Run as administrator " to run it.
  • Press the Fix button just once. Then wait.
  • When finished, it will create a Fixlog.txt log on your Desktop.
  • Please post the content of the Fixlog.txt in your next reply.

Next.

Please download Malwarebytes' Anti-Malware and save to your desktop.

  • Right-click mbam-setup.exe And select " Run as administrator " then follow the prompts to install the program.
  • At the end, Uncheck enable free trial of Malwarebytes' Anti-Malware, (You can activate this when we've finished, if you wish)
  • Then click Finish.
  • You'll see an alert that "Databases out of date" Click the "Update Now" button.
  • Press the Scan Settings icon on the top bar of the MBAM interface, make sure Threat Scan is checked.
  • Press the Scan Now >> button.
  • When the scan is finished:
  • If clean, a message will be displayed "The scan completed successfully! No malicious items were detected!"
  • If infections were found, click the Quarantine all button.
  • Press the View detailed log >> link to display the results log.
  • Press the Copy to Clipboard button.
  • Copy and paste the scan results in your next reply and exit MBAM.

Logs/Information to Post in your Next Reply

  • FRST Fixlog.txt.
  • Malwarebytes log.
  • Please give me an update on your computers performance.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Suspicious tasks on start up that I cant delete

Unread postby BrianWesker » November 16th, 2014, 7:18 pm

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-11-2014 03
Ran by Sandrita at 2014-11-16 20:14:01 Run:1
Running from C:\Users\Sandrita\Desktop
Loaded Profile: Sandrita (Available profiles: Sandrita)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
() C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe
() C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe
() C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe
() C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe
() C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe
() C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe
() C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe
() C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe
() C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe
() C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe
() C:\Users\Sandrita\AppData\Local\Temp\aqxtk.exe
() C:\Users\Sandrita\AppData\Local\Temp\aqxtk.exe
C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe
C:\Users\Sandrita\AppData\Local\Temp\aqxtk.exe
HKLM\...\Policies\Explorer\Run: [1756353434] => C:\ProgramData\mspsuoyh.exe [120832 2010-11-21] ( ())
HKU\S-1-5-21-3701867710-947133529-1713004044-1000\...\Run: [Tvbkbd] => C:\Users\Sandrita\AppData\Roaming\Identities\Tvbkbd.exe
HKU\S-1-5-21-3701867710-947133529-1713004044-1000\...\Run: [Windows Update Manager] => C:\Users\Sandrita\AppData\Roaming\Update\MSupdate.exe [123904 2014-11-16] ()
HKU\S-1-5-21-3701867710-947133529-1713004044-1000\...\Winlogon: [Shell] C:\Users\Sandrita\AppData\Roaming\Update\MSupdate.exe,explorer.exe <==== ATTENTION
IFEO\mbam.exe: [Debugger] mwvaz.exe
IFEO\mbamgui.exe: [Debugger] safpd.exe
IFEO\rstrui.exe: [Debugger] vxddm.exe
HKU\S-1-5-21-3701867710-947133529-1713004044-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2014-11-16 01:04 - 2014-11-16 01:04 - 00001245 _____ () C:\Users\Sandrita\AppData\Roaming\BF79.exe
2014-11-16 01:04 - 2014-11-16 01:04 - 00001245 _____ () C:\Users\Sandrita\AppData\Roaming\B7DA.exe
2014-11-16 01:04 - 2014-11-16 01:04 - 00001245 _____ () C:\Users\Sandrita\AppData\Roaming\A591.exe
2014-11-16 01:01 - 2014-11-16 01:01 - 00196608 _____ () C:\Users\Sandrita\AppData\Roaming\c731200
2014-11-13 02:32 - 2014-11-13 02:37 - 00000000 ____D () C:\Users\Sandrita\AppData\Roaming\DS4Windows
2014-11-12 18:30 - 2014-11-12 18:30 - 00003158 _____ () C:\Windows\System32\Tasks\{633C2DC9-378C-467F-B8DC-6EFC168C7A17}
C:\Users\Sandrita\AppData\Local\Temp\Adobe\Reader_sl.exe
C:\ProgramData\mspsuoyh.ex
C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe
C:\Users\Sandrita\AppData\Local\Temp\31m7z.exe
C:\Users\Sandrita\AppData\Local\Temp\adolpaaekwh.exe
C:\Users\Sandrita\AppData\Local\Temp\aqxtk.exe
C:\Users\Sandrita\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Sandrita\AppData\Local\Temp\Newtonsoft.Json.dll
C:\Users\Sandrita\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Sandrita\AppData\Local\Temp\sqlite3.dll
C:\Users\Sandrita\AppData\Local\Temp\txgxvjubzfo.exe
C:\Users\Sandrita\AppData\Local\Temp\wzw8k.exe
C:\Users\Sandrita\AppData\Local\Temp\ybiuvtxzvpi.exe
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

EmptyTemp:
CMD: ipconfig /flushdns
*****************

C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe => No running process found
C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe => No running process found
C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe => No running process found
C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe => No running process found
C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe => No running process found
C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe => No running process found
C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe => No running process found
C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe => No running process found
C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe => No running process found
C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe => No running process found
C:\Users\Sandrita\AppData\Local\Temp\aqxtk.exe => No running process found
C:\Users\Sandrita\AppData\Local\Temp\aqxtk.exe => No running process found
"C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe" => File/Directory not found.
"C:\Users\Sandrita\AppData\Local\Temp\aqxtk.exe" => File/Directory not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\ => Value not found.
HKU\S-1-5-21-3701867710-947133529-1713004044-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Tvbkbd => value deleted successfully.
HKU\S-1-5-21-3701867710-947133529-1713004044-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Windows Update Manager => value deleted successfully.
HKU\S-1-5-21-3701867710-947133529-1713004044-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mbam.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mbamgui.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\rstrui.exe" => Key deleted successfully.
"HKU\S-1-5-21-3701867710-947133529-1713004044-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
C:\Program Files (x86)\IObit Apps Toolbar\FF not found.
VGPU => Service deleted successfully.
C:\Users\Sandrita\AppData\Roaming\BF79.exe => Moved successfully.
C:\Users\Sandrita\AppData\Roaming\B7DA.exe => Moved successfully.
C:\Users\Sandrita\AppData\Roaming\A591.exe => Moved successfully.
C:\Users\Sandrita\AppData\Roaming\c731200 => Moved successfully.
C:\Users\Sandrita\AppData\Roaming\DS4Windows => Moved successfully.
C:\Windows\System32\Tasks\{633C2DC9-378C-467F-B8DC-6EFC168C7A17} => Moved successfully.
C:\Users\Sandrita\AppData\Local\Temp\Adobe\Reader_sl.exe => Moved successfully.
"C:\ProgramData\mspsuoyh.ex" => File/Directory not found.
"C:\Users\Sandrita\AppData\Local\Temp\1u6g2.exe" => File/Directory not found.
"C:\Users\Sandrita\AppData\Local\Temp\31m7z.exe" => File/Directory not found.
"C:\Users\Sandrita\AppData\Local\Temp\adolpaaekwh.exe" => File/Directory not found.
"C:\Users\Sandrita\AppData\Local\Temp\aqxtk.exe" => File/Directory not found.
C:\Users\Sandrita\AppData\Local\Temp\drm_dyndata_7380014.dll => Moved successfully.
C:\Users\Sandrita\AppData\Local\Temp\Newtonsoft.Json.dll => Moved successfully.
C:\Users\Sandrita\AppData\Local\Temp\sfamcc00001.dll => Moved successfully.
C:\Users\Sandrita\AppData\Local\Temp\sqlite3.dll => Moved successfully.
"C:\Users\Sandrita\AppData\Local\Temp\txgxvjubzfo.exe" => File/Directory not found.
"C:\Users\Sandrita\AppData\Local\Temp\wzw8k.exe" => File/Directory not found.
"C:\Users\Sandrita\AppData\Local\Temp\ybiuvtxzvpi.exe" => File/Directory not found.
C:\ProgramData\TEMP => ":5C321E34" ADS removed successfully.

========= ipconfig /flushdns =========


Configuraci�n IP de Windows

Se vaci� correctamente la cach� de resoluci�n de DNS.

========= End of CMD: =========

EmptyTemp: => Removed 377.6 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====
BrianWesker
Active Member
 
Posts: 9
Joined: November 13th, 2014, 9:09 am

Re: Suspicious tasks on start up that I cant delete

Unread postby BrianWesker » November 16th, 2014, 7:26 pm

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 16/11/2014
Scan Time: 08:17:31 p.m.
Logfile:
Administrator: Yes

Version: 2.00.3.1025
Malware Database: v2014.09.19.05
Rootkit Database: v2014.11.12.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Sandrita

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 305633
Time Elapsed: 7 min, 0 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 4
Trojan.Agent.MSDGen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN|1756353434, C:\PROGRA~3\mspsuoyh.exe, , [651c2ec1e6956bcbf35cb74c4eb59967]
Trojan.Agent.MSDGen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN|1756353434, C:\PROGRA~3\mspsuoyh.exe, , [651c2ec1e6956bcbf35cb74c4eb59967]
Trojan.Agent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Taskman, C:\Users\Sandrita\AppData\Roaming\Update\MSupdate.exe, , [59281ed197e459dd225a06587093c43c]
Backdoor.Agent.ADBGen, HKU\S-1-5-21-3701867710-947133529-1713004044-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Adobe System Incorporated, C:\Users\Sandrita\AppData\Local\Temp\Adobe\Reader_sl.exe, , [6120dc132b50c3733e5e224c7391cf31]

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 2
Trojan.JobX, C:\Windows\System32\Tasks\Windows Update Check - 0x0E7302EC, , [b4cd806f96e531059fafb35fbb4833cd],
Trojan.Agent.MSDGen, C:\ProgramData\mspsuoyh.exe, , [651c2ec1e6956bcbf35cb74c4eb59967],

Physical Sectors: 0
(No malicious items detected)


(end)
BrianWesker
Active Member
 
Posts: 9
Joined: November 13th, 2014, 9:09 am

Re: Suspicious tasks on start up that I cant delete

Unread postby BrianWesker » November 16th, 2014, 7:27 pm

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 16/11/2014
Scan Time: 08:17:31 p.m.
Logfile:
Administrator: Yes

Version: 2.00.3.1025
Malware Database: v2014.09.19.05
Rootkit Database: v2014.11.12.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Sandrita

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 305633
Time Elapsed: 7 min, 0 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 4
Trojan.Agent.MSDGen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN|1756353434, C:\PROGRA~3\mspsuoyh.exe, Quarantined, [651c2ec1e6956bcbf35cb74c4eb59967]
Trojan.Agent.MSDGen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN|1756353434, C:\PROGRA~3\mspsuoyh.exe, Quarantined, [651c2ec1e6956bcbf35cb74c4eb59967]
Trojan.Agent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Taskman, C:\Users\Sandrita\AppData\Roaming\Update\MSupdate.exe, Quarantined, [59281ed197e459dd225a06587093c43c]
Backdoor.Agent.ADBGen, HKU\S-1-5-21-3701867710-947133529-1713004044-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Adobe System Incorporated, C:\Users\Sandrita\AppData\Local\Temp\Adobe\Reader_sl.exe, Quarantined, [6120dc132b50c3733e5e224c7391cf31]

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 2
Trojan.JobX, C:\Windows\System32\Tasks\Windows Update Check - 0x0E7302EC, Quarantined, [b4cd806f96e531059fafb35fbb4833cd],
Trojan.Agent.MSDGen, C:\ProgramData\mspsuoyh.exe, Quarantined, [651c2ec1e6956bcbf35cb74c4eb59967],

Physical Sectors: 0
(No malicious items detected)


(end)
BrianWesker
Active Member
 
Posts: 9
Joined: November 13th, 2014, 9:09 am

Re: Suspicious tasks on start up that I cant delete

Unread postby Cypher » November 17th, 2014, 6:25 am

How is your computer running now, any problems?

ESET online scannner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

Note: If you are using Windows Vista or Windows 7, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

  • First please Disable any Antivirus you have active, as shown in This topic.
  • Note: Don't forget to re-enable it after the scan.
  • Next hold down Control then click on the following link to open a new window to ESET online scannner
    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • When prompted allow the Add-On/Active X to install.
  • Click on Run ESET Online Scanner, then elect the option YES, I accept the Terms of Use, then click Start.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on Start.
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on Finish.
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Suspicious tasks on start up that I cant delete

Unread postby BrianWesker » November 19th, 2014, 9:55 am

C:\Users\All Users\CreativeAudio\ndtcrvgiu.exe a variant of Win32/Injector.BPIF trojan
C:\Users\All Users\CreativeAudio\qpqpdndnn.exe Win32/Neurevt.B trojan
C:\Users\All Users\CreativeAudio\riaiccape.exe a variant of Win32/Injector.BPMY trojan
C:\Users\All Users\CreativeAudio\skskjbpjx.exe Win32/Neurevt.B trojan
C:\FRST\Quarantine\C\Users\Sandrita\AppData\Local\Temp\Adobe\Reader_sl.exe.xBAD Win32/Dorkbot.B worm cleaned by deleting - quarantined
C:\FRST\Quarantine\C\Users\Sandrita\AppData\Roaming\c731200.xBAD Win32/Dorkbot.B worm cleaned by deleting - quarantined
C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe Win32/HackTool.Crack.BC potentially unsafe application deleted - quarantined
C:\ProgramData\CreativeAudio\ndtcrvgiu.exe a variant of Win32/Injector.BPIF trojan cleaned by deleting - quarantined
C:\ProgramData\CreativeAudio\qpqpdndnn.exe Win32/Neurevt.B trojan cleaned by deleting - quarantined
C:\ProgramData\CreativeAudio\riaiccape.exe a variant of Win32/Injector.BPMY trojan cleaned by deleting - quarantined
C:\ProgramData\CreativeAudio\skskjbpjx.exe Win32/Neurevt.B trojan cleaned by deleting - quarantined
C:\Users\Sandrita\AppData\Roaming\9B16.exe Win32/Agent.NQS worm cleaned by deleting - quarantined
C:\Users\Sandrita\AppData\Roaming\SANDRITA-PC\winhlp32.exe Win32/Agent.NQS worm cleaned by deleting - quarantined
C:\Users\Sandrita\AppData\Roaming\Update\MSupdate.exe a variant of Win32/Injector.BPMY trojan cleaned by deleting - quarantined
BrianWesker
Active Member
 
Posts: 9
Joined: November 13th, 2014, 9:09 am

Re: Suspicious tasks on start up that I cant delete

Unread postby Cypher » November 19th, 2014, 1:51 pm

Cypher wrote:How is your computer running now, any problems?

Can you answer this question from my previous post please.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Suspicious tasks on start up that I cant delete

Unread postby BrianWesker » November 21st, 2014, 7:49 pm

Wow all the programs that used to auto open on start up finally stoped! thanks dude!!
BrianWesker
Active Member
 
Posts: 9
Joined: November 13th, 2014, 9:09 am

Re: Suspicious tasks on start up that I cant delete

Unread postby Cypher » November 22nd, 2014, 6:28 am

BrianWesker wrote:Wow all the programs that used to auto open on start up finally stoped! thanks dude!!

Good.
Your latest logs appear to be clean so you should be good to go.
Lets tidy up and remove the tools we used to clean your computer.

Please download delfix and save it to your desktop.
  • Right-click on delfix.exe and select " Run as administrator " to run it.
  • Check the following boxes then click on Run.

    • Activate UAC
    • Remove disinfection tools
    • Create registry backup
    • Purge system restore
    • Reset system settings
  • All tools we used to clean your computer should be gone now.
  • You can now delete any tools/logs we used if they remain on your computer.

Protection Programs
Don't forget to re-enable any protection programs we disabled during your fix.

Please read the article below which will give you a few suggestions for how to minimise your chances of getting another infection.

I would be grateful if you could reply to this post so that I know you have read it and, if you've no other questions, the thread can be closed.

Safe surfing!
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Suspicious tasks on start up that I cant delete

Unread postby Cypher » November 23rd, 2014, 6:34 am

BrianWesker wrote:Wow all the programs that used to auto open on start up finally stoped! thanks dude!!

As your problems appear to have been resolved, this topic is now closed.

We are pleased we could help you resolve your computer's issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 110 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware