# I found w32.trojan.agent -- Please help!



## salescobar (Jun 16, 2014)

Hello, everyone.
I have made a scan with Adware and found w32.trojan.agent in my computer. When scan finished I deleted the infected files as Adware suggests, then reboot but it´s still there..
I downloaded aswMBR and scan it... these are the results:
(I´m sending them attached)
I would really really appreciate your help.

Thanks!


----------



## Cookiegal (Aug 27, 2003)

What is the program you call "Adware" and what is the name and location of the file that it keeps detecting?

Please download DDS by sUBs to your desktop from the following location:

http://download.bleepingcomputer.com/sUBs/dds.scr

Double-click the *dds.scr* file to run the program.

It will automatically run in silent mode and then you will see the following note:

*"Two logs shall be created on your Desktop".*

The logs will be named *dds.txt* and *attach.txt*.

Wait until the logs appear and then copy and paste their contents in your post.


----------



## salescobar (Jun 16, 2014)

Hi, thanks for helping me with this..
I have downloaded ddl as you suggested and double click on it but it says; "DDL is not meant to run in Compatibility mode". The program shall exit now...
Do you have any other suggestion?


----------



## Cookiegal (Aug 27, 2003)

What is your operating system?

Also, please answer my question in my earlier post.


----------



## salescobar (Jun 16, 2014)

Hello,
thanks for your quick reply..
it´s Windows 8.1


----------



## salescobar (Jun 16, 2014)

Ad-Aware is a Malware Cleaner from Lavasoft


----------



## Cookiegal (Aug 27, 2003)

OK, we can't use DDS on Windows 8.

I thought you meant Ad-Aware but you typed Adware. 

Anyway, please let me know what file it detected and where it was located.


----------



## salescobar (Jun 16, 2014)

Hello, I have scanned and found this:

Logfile created: 16-06-2014 20:39:40
Ad-Aware version: 9.0.7
Extended engine: 3
Extended engine version: 3.1.2770
User performing scan: SILVINA

*********************** Definitions database information ***********************
Lavasoft definition file: 151.558
Genotype definition file version: 2012/02/13 12:34:34
Extended engine definition file: 30346.0

******************************** Scan results: *********************************
Scan profile name: Análisis completo (ID: full)
Objects scanned: 59335
Objects detected: 4

Type Detected
==========================
Processes.......: 0
Registry entries: 0
Hostfile entries: 0
Files...........: 4
Folders.........: 0
LSPs............: 0
Cookies.........: 0
Browser hijacks.: 0
MRU objects.....: 0

Quarantined items:
Description: c:\windows\system32\msac3enc.dll Family Name: Win32.Trojan.Agent Engine: 1 Clean status: Reboot required Item ID: 0 Family ID: 936 MD5: 62207e4130c3caa8a24ae799ee9ad4f4
Description: c:\windows\system32\wmspdmod.dll Family Name: Win32.Trojan.Agent Engine: 1 Clean status: Reboot required Item ID: 0 Family ID: 936 MD5: cb01832f127211fae7ce1a8d7e73805a
Description: c:\windows\syswow64\msac3enc.dll Family Name: Win32.Trojan.Agent Engine: 1 Clean status: Reboot required Item ID: 0 Family ID: 936 MD5: 62207e4130c3caa8a24ae799ee9ad4f4
Description: c:\windows\syswow64\wmspdmod.dll Family Name: Win32.Trojan.Agent Engine: 1 Clean status: Reboot required Item ID: 0 Family ID: 936 MD5: cb01832f127211fae7ce1a8d7e73805a

Scan and cleaning complete: Stopped by request after 8806 seconds

*********************************** Settings ***********************************

Scan profile:
ID: full, enabled:1, value: Análisis completo
ID: folderstoscan, enabled:1, value: C:\,D:\
ID: useantivirus, enabled:1, value: true
ID: sections, enabled:1
ID: scancriticalareas, enabled:1, value: true
ID: scanrunningapps, enabled:1, value: true
ID: scanregistry, enabled:1, value: true
ID: scanlsp, enabled:1, value: true
ID: scanads, enabled:1, value: true
ID: scanhostsfile, enabled:1, value: true
ID: scanmru, enabled:1, value: true
ID: scanbrowserhijacks, enabled:1, value: true
ID: scantrackingcookies, enabled:1, value: true
ID: closebrowsers, enabled:1, value: false
ID: filescanningoptions, enabled:1
ID: archives, enabled:1, value: true
ID: onlyexecutables, enabled:1, value: false
ID: skiplargerthan, enabled:1, value: 20480
ID: scanrootkits, enabled:1, value: true
ID: rootkitlevel, enabled:1, value: mild, domain: medium,mild,strict
ID: usespywareheuristics, enabled:1, value: true

Scan global:
ID: global, enabled:1
ID: addtocontextmenu, enabled:1, value: true
ID: playsoundoninfection, enabled:1, value: false
ID: soundfile, enabled:0, value: N/A

Scheduled scan settings:
<Empty>

Update settings:
ID: updates, enabled:1
ID: launchthreatworksafterscan, enabled:1, value: off, domain: normal,off,silently
ID: deffiles, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
ID: licenseandinfo, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
ID: schedules, enabled:1, value: true
ID: updatedaily1, enabled:1, value: Daily 1
ID: time, enabled:1, value: Wed May 07 16:34:00 2014
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value: 
ID: auto_deal_with_infections, enabled:1, value: false
ID: updatedaily2, enabled:1, value: Daily 2
ID: time, enabled:1, value: Wed May 07 22:34:00 2014
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value: 
ID: auto_deal_with_infections, enabled:1, value: false
ID: updatedaily3, enabled:1, value: Daily 3
ID: time, enabled:1, value: Wed May 07 04:34:00 2014
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value: 
ID: auto_deal_with_infections, enabled:1, value: false
ID: updatedaily4, enabled:1, value: Daily 4
ID: time, enabled:1, value: Wed May 07 10:34:00 2014
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value: 
ID: auto_deal_with_infections, enabled:1, value: false
ID: updateweekly1, enabled:1, value: Weekly
ID: time, enabled:1, value: Wed May 07 16:34:00 2014
ID: frequency, enabled:1, value: weekly, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: true
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: true
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value: 
ID: auto_deal_with_infections, enabled:1, value: false

Appearance settings:
ID: appearance, enabled:1
ID: skin, enabled:1, value: Default.eGL, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Resource
ID: showtrayicon, enabled:1, value: true
ID: autoentertainmentmode, enabled:1, value: false
ID: guimode, enabled:1, value: mode_advanced, domain: mode_advanced,mode_simple
ID: language, enabled:1, value: es, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Language

Realtime protection settings:
ID: realtime, enabled:1
ID: infomessages, enabled:1, value: onlyimportant, domain: display,dontnotify,onlyimportant
ID: layers, enabled:1
ID: useantivirus, enabled:1, value: true
ID: usespywareheuristics, enabled:1, value: true
ID: maintainbackup, enabled:1, value: true
ID: modules, enabled:1
ID: processprotection, enabled:0, value: false
ID: onaccessprotection, enabled:0, value: true
ID: registryprotection, enabled:0, value: true
ID: networkprotection, enabled:0, value: true

****************************** System information ******************************
Computer name: SILVINA
Processor name: Intel(R) Core(TM) i7-3537U CPU @ 2.00GHz
Processor identifier: Intel64 Family 6 Model 58 Stepping 9
Processor speed: ~2494MHZ
Raw info: processorarchitecture 9, processortype 8664, processorlevel 6, processor revision 14857, number of processors 4, processor features: [MMX,SSE,SSE2,SSE3]
Physical memory available: 5983731712 bytes
Physical memory total: 8470089728 bytes
Virtual memory available: 1866801152 bytes
Virtual memory total: 2147352576 bytes
Memory load: 29%
Microsoft (build 9200)
Windows startup mode:

Running processes:
PID: 728 name: C:\Windows\System32\wininit.exe owner: SYSTEM domain: NT AUTHORITY
PID: 788 name: C:\Windows\System32\winlogon.exe owner: SYSTEM domain: NT AUTHORITY
PID: 840 name: C:\Windows\System32\lsass.exe owner: SYSTEM domain: NT AUTHORITY
PID: 920 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: NT AUTHORITY
PID: 960 name: C:\Windows\System32\svchost.exe owner: Servicio de red domain: NT AUTHORITY
PID: 380 name: C:\Windows\System32\dwm.exe owner: DWM-1 domain: Window Manager
PID: 556 name: C:\Windows\System32\svchost.exe owner: SERVICIO LOCAL domain: NT AUTHORITY
PID: 588 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: NT AUTHORITY
PID: 644 name: C:\Windows\System32\svchost.exe owner: SERVICIO LOCAL domain: NT AUTHORITY
PID: 620 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1100 name: C:\Windows\System32\svchost.exe owner: Servicio de red domain: NT AUTHORITY
PID: 1172 name: C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1224 name: C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1244 name: C:\Program Files\AVAST Software\Avast\AvastSvc.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1372 name: C:\Windows\System32\spoolsv.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1412 name: C:\Windows\System32\svchost.exe owner: SERVICIO LOCAL domain: NT AUTHORITY
PID: 1428 name: C:\Windows\System32\svchost.exe owner: SERVICIO LOCAL domain: NT AUTHORITY
PID: 1548 name: C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1588 name: C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1608 name: C:\Program Files (x86)\Bluetooth Suite\AdminService.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1660 name: C:\Windows\System32\DptfParticipantProcessorService.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1684 name: C:\Windows\System32\dasHost.exe owner: SERVICIO LOCAL domain: NT AUTHORITY
PID: 1716 name: C:\Windows\System32\DptfPolicyConfigTDPService.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1732 name: C:\Windows\System32\DptfPolicyLpmService.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1756 name: C:\Program Files\Intel\iCLS Client\HeciServer.exe owner: SYSTEM domain: NT AUTHORITY
PID: 1776 name: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe owner: SYSTEM domain: NT AUTHORITY
PID: 2100 name: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe owner: SYSTEM domain: NT AUTHORITY
PID: 2260 name: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe owner: SYSTEM domain: NT AUTHORITY
PID: 2368 name: C:\Windows\System32\svchost.exe owner: SERVICIO LOCAL domain: NT AUTHORITY
PID: 2424 name: C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe owner: SYSTEM domain: NT AUTHORITY
PID: 2572 name: C:\Windows\explorer.exe owner: SILVINA domain: Silvina
PID: 2636 name: C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe owner: SYSTEM domain: NT AUTHORITY
PID: 2760 name: C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe owner: SYSTEM domain: NT AUTHORITY
PID: 2840 name: C:\Windows\System32\taskhostex.exe owner: SILVINA domain: Silvina
PID: 3044 name: C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe owner: SYSTEM domain: NT AUTHORITY
PID: 2480 name: C:\Program Files\ASUS\P4G\BatteryLife.exe owner: SILVINA domain: Silvina
PID: 2552 name: C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe owner: SILVINA domain: Silvina
PID: 2328 name: C:\Program Files (x86)\ASUS\Splendid\ACMON.exe owner: SILVINA domain: Silvina
PID: 2696 name: C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe owner: SILVINA domain: Silvina
PID: 2504 name: C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe owner: SILVINA domain: Silvina
PID: 3180 name: C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe owner: SYSTEM domain: NT AUTHORITY
PID: 3264 name: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe owner: SYSTEM domain: NT AUTHORITY
PID: 3732 name: C:\Windows\System32\svchost.exe owner: Servicio de red domain: NT AUTHORITY
PID: 3828 name: C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe owner: SILVINA domain: Silvina
PID: 4060 name: C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe owner: SILVINA domain: Silvina
PID: 4076 name: C:\Program Files\ASUS\ASUS VivoBook\VivoBook.exe owner: SILVINA domain: Silvina
PID: 1920 name: C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe owner: SILVINA domain: Silvina
PID: 3672 name: C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe owner: SILVINA domain: Silvina
PID: 4104 name: C:\Windows\System32\svchost.exe owner: SERVICIO LOCAL domain: NT AUTHORITY
PID: 4544 name: C:\Windows\System32\SearchIndexer.exe owner: SYSTEM domain: NT AUTHORITY
PID: 4912 name: C:\Windows\System32\SkyDrive.exe owner: SILVINA domain: Silvina
PID: 2756 name: C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe owner: SILVINA domain: Silvina
PID: 3920 name: C:\Windows\System32\wbem\WmiPrvSE.exe owner: SYSTEM domain: NT AUTHORITY
PID: 4456 name: C:\Windows\System32\wbem\WmiPrvSE.exe owner: Servicio de red domain: NT AUTHORITY
PID: 2916 name: C:\Windows\System32\dllhost.exe owner: SYSTEM domain: NT AUTHORITY
PID: 4832 name: C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe owner: SILVINA domain: Silvina
PID: 4904 name: C:\Windows\System32\DptfPolicyLpmServiceHelper.exe owner: SILVINA domain: Silvina
PID: 4740 name: C:\Windows\System32\SettingSyncHost.exe owner: SILVINA domain: Silvina
PID: 4692 name: C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe owner: SILVINA domain: Silvina
PID: 2112 name: C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe owner: SILVINA domain: Silvina
PID: 2956 name: C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe owner: SILVINA domain: Silvina
PID: 4868 name: C:\Windows\System32\igfxtray.exe owner: SILVINA domain: Silvina
PID: 5160 name: C:\Windows\System32\igfxsrvc.exe owner: SILVINA domain: Silvina
PID: 5196 name: C:\Windows\System32\hkcmd.exe owner: SILVINA domain: Silvina
PID: 5244 name: C:\Windows\System32\igfxpers.exe owner: SILVINA domain: Silvina
PID: 5384 name: C:\Program Files\AVAST Software\Avast\avastui.exe owner: SILVINA domain: Silvina
PID: 5656 name: C:\Windows\System32\wbem\unsecapp.exe owner: SILVINA domain: Silvina
PID: 5780 name: C:\Users\SILVINA\AppData\Roaming\Dropbox\bin\Dropbox.exe owner: SILVINA domain: Silvina
PID: 6012 name: C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe owner: SILVINA domain: Silvina
PID: 6068 name: C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe owner: SILVINA domain: Silvina
PID: 5136 name: C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe owner: SILVINA domain: Silvina
PID: 3464 name: C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe owner: SILVINA domain: Silvina
PID: 4072 name: C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe owner: SILVINA domain: Silvina
PID: 5972 name: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe owner: SYSTEM domain: NT AUTHORITY
PID: 6056 name: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe owner: SYSTEM domain: NT AUTHORITY
PID: 308 name: C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe owner: SYSTEM domain: NT AUTHORITY
PID: 2160 name: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe owner: SYSTEM domain: NT AUTHORITY
PID: 2892 name: C:\Program Files\Windows Media Player\wmpnetwk.exe owner: Servicio de red domain: NT AUTHORITY
PID: 1192 name: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe owner: SILVINA domain: Silvina
PID: 2472 name: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe owner: SILVINA domain: Silvina
PID: 5332 name: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe owner: SILVINA domain: Silvina
PID: 5576 name: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe owner: SILVINA domain: Silvina
PID: 5948 name: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe owner: SILVINA domain: Silvina
PID: 4600 name: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe owner: SILVINA domain: Silvina
PID: 944 name: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe owner: SILVINA domain: Silvina
PID: 4116 name: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe owner: SILVINA domain: Silvina
PID: 5368 name: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe owner: SILVINA domain: Silvina
PID: 5872 name: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe owner: SILVINA domain: Silvina
PID: 1260 name: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe owner: SILVINA domain: Silvina
PID: 2960 name: C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE owner: Servicio de red domain: NT AUTHORITY
PID: 2992 name: C:\Windows\splwow64.exe owner: SILVINA domain: Silvina
PID: 1748 name: C:\Windows\System32\taskhost.exe owner: SERVICIO LOCAL domain: NT AUTHORITY
PID: 1116 name: C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-Aware.exe owner: SILVINA domain: Silvina
PID: 636 name: C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe owner: SYSTEM domain: NT AUTHORITY
PID: 3880 name: C:\Windows\System32\wbem\unsecapp.exe owner: SYSTEM domain: NT AUTHORITY
PID: 2196 name: C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe owner: SILVINA domain: Silvina
PID: 5448 name: C:\Windows\ImmersiveControlPanel\SystemSettings.exe owner: SILVINA domain: Silvina
PID: 932 name: C:\Program Files (x86)\Lavasoft\Ad-Aware\AutoLaunch.exe owner: SILVINA domain: Silvina
PID: 3856 name: C:\Windows\System32\SearchProtocolHost.exe owner: SYSTEM domain: NT AUTHORITY
PID: 5912 name: C:\Windows\System32\SearchFilterHost.exe owner: SYSTEM domain: NT AUTHORITY

Startup items:
Name: Adobe Reader Speed Launcher
imagepath: "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
Name: Adobe ARM
imagepath: "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
Name: ASUSPRP
imagepath: "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
Name: ASUSWebStorage
imagepath: C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe /S
Name: mcpltui_exe
imagepath: "C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe" /platui
Name: AvastUI.exe
imagepath: "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
Name: BCSSync
imagepath: "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
Name: SDTray
imagepath: "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
Name: Stronghold AntiMalware
imagepath: C:\Program Files (x86)\Stronghold AntiMalware\StrongholdAntiMalware.exe
Name: WebCheck
imagepath: {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
Name: BtvStack
imagepath: "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
Name: 
imagepath: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\desktop.ini

Bootexecute items:
Name: 
imagepath: autocheck autochk *
Name: 
imagepath: lsdelete

Running services:
Name: AdobeARMservice
displayname: Adobe Acrobat Update Service
Name: Appinfo
displayname: Información de la aplicación
Name: ASLDRService
displayname: ASLDR Service
Name: ASUS InstantOn
displayname: ASUS InstantOn Service
Name: AtherosSvc
displayname: AtherosSvc
Name: ATKGFNEXSrv
displayname: ATKGFNEX Service
Name: AudioEndpointBuilder
displayname: Compilador de extremo de audio de Windows
Name: Audiosrv
displayname: Audio de Windows
Name: avast! Antivirus
displayname: avast! Antivirus
Name: BFE
displayname: Motor de filtrado de base
Name: BITS
displayname: Servicio de transferencia inteligente en segundo plano (BITS)
Name: BrokerInfrastructure
displayname: Servicio de infraestructura de tareas en segundo plano
Name: Browser
displayname: Examinador de equipos
Name: bthserv
displayname: Servicio de compatibilidad con Bluetooth
Name: CertPropSvc
displayname: Propagación de certificados
Name: CryptSvc
displayname: Servicios de cifrado
Name: DcomLaunch
displayname: Iniciador de procesos de servidor DCOM
Name: DeviceAssociationService
displayname: Servicio de asociación de dispositivos
Name: Dhcp
displayname: Cliente DHCP
Name: Dnscache
displayname: Cliente DNS
Name: DPS
displayname: Servicio de directivas de diagnóstico
Name: DptfParticipantProcessorService
displayname: Intel(R) Dynamic Platform and Thermal Framework Processor Participant Service Application
Name: DptfPolicyConfigTDPService
displayname: Intel(R) Dynamic Platform and Thermal Framework Config TDP Service Application
Name: DptfPolicyLpmService
displayname: Intel(R) Dynamic Platform and Thermal Framework Low Power Mode Service Application
Name: EventLog
displayname: Registro de eventos de Windows
Name: EventSystem
displayname: Sistema de eventos COM+
Name: fdPHost
displayname: Host de proveedor de detección de función
Name: FDResPub
displayname: Publicación de recurso de detección de función
Name: FontCache
displayname: Servicio de caché de fuentes de Windows
Name: gpsvc
displayname: Cliente de directiva de grupo
Name: hidserv
displayname: Servicio de dispositivo de interfaz humana
Name: HomeGroupListener
displayname: Escucha de Grupo Hogar
Name: HomeGroupProvider
displayname: Proveedor de Grupo Hogar
Name: Intel(R) Capability Licensing Service Interface
displayname: Intel(R) Capability Licensing Service Interface
Name: Intel(R) ME Service
displayname: Intel(R) ME Service
Name: iphlpsvc
displayname: Aplicación auxiliar IP
Name: jhi_service
displayname: Intel(R) Dynamic Application Loader Host Interface Service
Name: KeyIso
displayname: Aislamiento de claves CNG
Name: LanmanServer
displayname: Servidor
Name: LanmanWorkstation
displayname: Estación de trabajo
Name: Lavasoft Ad-Aware Service
displayname: Lavasoft Ad-Aware Service
Name: lmhosts
displayname: Aplicación auxiliar de NetBIOS sobre TCP/IP
Name: LMS
displayname: Intel(R) Management and Security Application Local Management Service
Name: LSM
displayname: Administrador de sesión local
Name: mcpltsvc
displayname: McAfee Platform Services
Name: MpsSvc
displayname: Firewall de Windows
Name: NcbService
displayname: Agente de conexión de red
Name: NcdAutoSetup
displayname: Configuración automática de dispositivos conectados a la red
Name: Netman
displayname: Conexiones de red
Name: netprofm
displayname: Servicio de lista de redes
Name: NlaSvc
displayname: Reconoc. ubicación de red
Name: nsi
displayname: Servicio Interfaz de almacenamiento en red
Name: osppsvc
displayname: Office Software Protection Platform
Name: p2pimsvc
displayname: Administrador de identidad de redes de mismo nivel
Name: p2psvc
displayname: Agrupación de red del mismo nivel
Name: PcaSvc
displayname: Servicio Asistente para la compatibilidad de programas
Name: PlugPlay
displayname: Plug and Play
Name: PNRPsvc
displayname: Protocolo de resolución de nombres de mismo nivel
Name: PolicyAgent
displayname: Agente de directiva IPsec
Name: Power
displayname: Energía
Name: ProfSvc
displayname: Servicio de perfil de usuario
Name: RpcEptMapper
displayname: Asignador de extremos de RPC
Name: RpcSs
displayname: Llamada a procedimiento remoto (RPC)
Name: SamSs
displayname: Administrador de cuentas de seguridad
Name: Schedule
displayname: Programador de tareas
Name: SDScannerService
displayname: Spybot-S&D 2 Scanner Service
Name: SDUpdateService
displayname: Spybot-S&D 2 Updating Service
Name: SDWSCService
displayname: Spybot-S&D 2 Security Center Service
Name: SENS
displayname: Servicio de notificación de eventos de sistema
Name: ShellHWDetection
displayname: Detección de hardware shell
Name: Spooler
displayname: Cola de impresión
Name: SSDPSRV
displayname: Detección SSDP
Name: stisvc
displayname: Adquisición de imágenes de Windows (WIA)
Name: SysMain
displayname: Superfetch
Name: SystemEventsBroker
displayname: Agente de eventos del sistema
Name: TabletInputService
displayname: Servicio de Panel de escritura a mano y teclado táctil
Name: Themes
displayname: Temas
Name: TimeBroker
displayname: Agente de eventos de tiempo
Name: TrkWks
displayname: Cliente de seguimiento de vínculos distribuidos
Name: UNS
displayname: Intel(R) Management and Security Application User Notification Service
Name: upnphost
displayname: Dispositivo host de UPnP
Name: VaultSvc
displayname: Administrador de credenciales
Name: WakeupService
displayname: ASUS Wake Service
Name: Wcmsvc
displayname: Administrador de conexiones de Windows
Name: wcncsvc
displayname: Registrador de configuración de Windows Connect Now
Name: WdiServiceHost
displayname: Host del servicio de diagnóstico
Name: WdiSystemHost
displayname: Host de sistema de diagnóstico
Name: WinHttpAutoProxySvc
displayname: Servicio de detección automática de proxy web WinHTTP
Name: Winmgmt
displayname: Instrumental de administración de Windows
Name: WlanSvc
displayname: Configuración automática de WLAN
Name: wlidsvc
displayname: Ayudante para el inicio de sesión de cuenta Microsoft
Name: WMPNetworkSvc
displayname: Servicio de uso compartido de red del Reproductor de Windows Media
Name: wscsvc
displayname: Centro de seguridad
Name: WSearch
displayname: Windows Search
Name: wudfsvc
displayname: Windows Driver Foundation - User-mode Driver Framework
Name: ZAtheros Bt and Wlan Coex Agent
displayname: ZAtheros Bt and Wlan Coex Agent

Then scanned with Kapersky, and found them too, so I deleted them... following the instrutions as suggested.
Then scanned with Ad-Aware again and found 2 instead of 4. Also deleted them from Quarantine Folder, I repeated the same process with full scan again and found 0. DO you really think it might be solved?

I also passed Glary Utilities 5 to repair... due to I noticed that some applications and programs don´t open properly.. like Skype, calculator, almost all of them open for 2 seconds and then close... how can i solve it?

Thanks for your help..


----------



## Cookiegal (Aug 27, 2003)

Please do not run any registry cleaners as they may cause more harm than good. Also, please do not do things on your own while we're working on this.

I believe those detections may be false positives.

Please download FRST (Farbar Recovery Scan Tool) and save it to your desktop.

*Note*: You need to run the version that's compatible with your system (32-bit or 64-bit).


Double-click FRST to run it. When the tool opens click *Yes* to the disclaimer.
Press the *Scan* button.
It will make a log named (*FRST.txt*) in the same directory the tool is run (which should be on the desktop). Please copy and paste the contents of the log in your reply.
The first time the tool is run it makes a second log named (*Addition.txt*). Please copy and paste the contents of that log as well.


----------



## salescobar (Jun 16, 2014)

ok. sorry..

Here are the results...

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-06-2014 01
Ran by SILVINA (administrator) on SILVINA on 22-06-2014 17:34:30
Running from C:\Users\SILVINA\Downloads
Platform: Windows 8.1 (X64) OS Language: Español (España, internacional)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS VivoBook\VivoBook.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Dropbox, Inc.) C:\Users\SILVINA\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Lavasoft Limited ) C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
(oDesk Corporation) C:\Program Files (x86)\oDesk\oDeskTeam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(oDesk Corporation) C:\Program Files (x86)\oDesk\oDeskHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [27024 2013-01-18] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13267016 2013-01-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1276488 2013-01-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe [3423104 2012-08-31] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe [645168 2013-09-11] (McAfee, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-06-05] (AVAST Software)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Stronghold AntiMalware] => C:\Program Files (x86)\Stronghold AntiMalware\StrongholdAntiMalware.exe [6478760 2014-06-04] (Security Stronghold)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [131712 2013-01-25] ( (Atheros Communications))
HKU\S-1-5-21-2344775198-52092002-376970204-1001\...\Run: [SkyDrive] => C:\Users\SILVINA\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257224 2014-04-12] (Microsoft Corporation)
HKU\S-1-5-21-2344775198-52092002-376970204-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2014-06-16] (Glarysoft Ltd)
Startup: C:\Users\SILVINA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\SILVINA\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BootExecute: autocheck autochk * BootDefrag.exelsdelete

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com.ar/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Tcpip\..\Interfaces\{6CD490F1-D777-4957-83B3-15CF80A87BE6}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome: 
=======
CHR HomePage: 
CHR StartupUrls: "hxxp://google.com/", "hxxp://www.facebook.com/", "hxxp://www.webinterpret.com/"
CHR DefaultSearchKeyword: google.com.ar
CHR Extension: (Google Docs) - C:\Users\SILVINA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-12]
CHR Extension: (Google Drive) - C:\Users\SILVINA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-12]
CHR Extension: (YouTube) - C:\Users\SILVINA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-12]
CHR Extension: (Búsqueda de Google) - C:\Users\SILVINA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-12]
CHR Extension: (avast! Online Security) - C:\Users\SILVINA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-04-12]
CHR Extension: (Google Wallet) - C:\Users\SILVINA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-12]
CHR Extension: (Gmail) - C:\Users\SILVINA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-12]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-29]

==================== Services (Whitelisted) =================

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227456 2013-01-25] (Qualcomm Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-29] (AVAST Software)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [31632 2013-01-18] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [33168 2013-01-18] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [39824 2013-01-18] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R3 Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [1737728 2014-06-06] (Lavasoft Limited ) [File not signed]
S2 McOobeSv2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S2 McSchedulerSvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 WakeupService; C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe [45488 2012-12-20] (ASUSTek Computer Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-01-25] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-04-29] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-16] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-16] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-04-29] ()
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-01-16] (ASUS Corporation)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows (R) Win 7 DDK provider)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-25] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [107920 2013-01-18] (Intel Corporation)
R3 DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [43408 2013-01-18] (Intel Corporation)
R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [65424 2013-01-18] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [97680 2013-01-18] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [229776 2013-01-18] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [363920 2013-01-18] (Intel Corporation)
R0 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20672 2014-06-21] (Glarysoft Ltd)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-03-18] (Microsoft Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 Lavasoft Kernexplorer; C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [17152 2014-06-06] ()
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-03-18] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-03-18] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2014-03-18] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-05-05] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-06-22 17:34 - 2014-06-22 17:35 - 00022211 _____ () C:\Users\SILVINA\Downloads\FRST.txt
2014-06-22 17:34 - 2014-06-22 17:34 - 00000000 ____D () C:\FRST
2014-06-22 17:33 - 2014-06-22 17:33 - 02083328 _____ (Farbar) C:\Users\SILVINA\Downloads\FRST64.exe
2014-06-21 12:37 - 2014-06-22 17:22 - 00103162 _____ () C:\WINDOWS\WindowsUpdate.log
2014-06-21 12:02 - 2014-06-21 12:22 - 00000352 _____ () C:\WINDOWS\Tasks\GlaryInitialize 5.job
2014-06-21 12:02 - 2014-06-21 12:22 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2014-06-21 12:02 - 2014-06-21 12:03 - 00002974 _____ () C:\WINDOWS\System32\Tasks\GU5SkipUAC
2014-06-21 12:02 - 2014-06-21 12:02 - 00020672 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys
2014-06-21 12:02 - 2014-06-21 12:02 - 00002630 _____ () C:\WINDOWS\System32\Tasks\GlaryInitialize 5
2014-06-21 12:02 - 2014-06-21 12:02 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2014-06-21 12:02 - 2014-06-21 12:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2014-06-21 12:00 - 2014-06-21 12:01 - 13744328 _____ () C:\Users\SILVINA\Downloads\Glary_Utilities_v5.2.0.5.exe
2014-06-21 11:43 - 2014-06-21 12:03 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 4
2014-06-21 11:41 - 2014-06-21 11:42 - 12485568 _____ () C:\Users\SILVINA\Downloads\gu4setup.exe
2014-06-16 23:33 - 2014-06-16 23:33 - 00055396 _____ () C:\Users\SILVINA\Desktop\ya.txt
2014-06-16 19:42 - 2014-06-16 20:05 - 00000000 _____ () C:\Recovery.txt
2014-06-16 09:39 - 2014-06-16 09:40 - 04745728 _____ (AVAST Software) C:\Users\SILVINA\Downloads\aswMBR.exe
2014-06-13 12:55 - 2014-06-21 11:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-06-13 12:55 - 2014-06-13 12:55 - 00000000 ____D () C:\Users\SILVINA\AppData\Roaming\SUPERAntiSpyware.com
2014-06-13 12:51 - 2014-06-13 12:53 - 29085296 _____ (SUPERAntiSpyware) C:\Users\SILVINA\Downloads\SUPERAntiSpyware.exe
2014-06-13 10:03 - 2013-08-22 10:25 - 00000824 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.20140613-100351.backup
2014-06-11 11:35 - 2014-05-08 20:06 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-06-11 10:47 - 2014-05-30 07:21 - 23414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-11 10:47 - 2014-05-30 06:45 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-11 10:47 - 2014-05-30 06:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-11 10:47 - 2014-05-30 06:20 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-06-11 10:47 - 2014-05-30 06:18 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-11 10:47 - 2014-05-30 06:08 - 05782528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-11 10:47 - 2014-05-30 06:06 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-11 10:47 - 2014-05-30 05:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-11 10:47 - 2014-05-30 05:44 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-11 10:47 - 2014-05-30 05:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-06-11 10:47 - 2014-05-30 05:38 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-11 10:47 - 2014-05-30 05:35 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-11 10:47 - 2014-05-30 05:29 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-11 10:47 - 2014-05-30 05:27 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-06-11 10:47 - 2014-05-30 05:23 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-11 10:47 - 2014-05-30 05:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-11 10:47 - 2014-05-30 05:04 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-11 10:47 - 2014-05-30 05:02 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-11 10:47 - 2014-05-30 04:56 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-11 10:47 - 2014-05-30 04:56 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-11 10:47 - 2014-05-30 04:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-11 10:47 - 2014-05-30 04:49 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-11 10:47 - 2014-05-30 04:43 - 13522944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-11 10:47 - 2014-05-30 04:40 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-11 10:47 - 2014-05-30 04:30 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-11 10:47 - 2014-05-30 04:21 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-11 10:47 - 2014-05-30 04:15 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-11 10:47 - 2014-05-30 04:13 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-06-11 10:47 - 2014-05-30 04:13 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-06-11 10:47 - 2014-02-06 08:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-11 10:47 - 2014-02-06 08:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-11 10:47 - 2014-02-06 08:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-11 10:47 - 2014-02-06 07:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-11 10:47 - 2014-02-06 07:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-11 10:47 - 2014-02-06 07:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-11 10:47 - 2014-02-06 07:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-11 10:47 - 2014-02-06 07:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-11 10:47 - 2014-02-06 06:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-11 10:47 - 2014-02-06 06:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-11 10:47 - 2014-02-06 06:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-11 10:47 - 2014-02-06 06:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-11 10:45 - 2014-05-10 00:46 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-06-11 10:45 - 2014-05-10 00:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-06-11 10:45 - 2014-05-05 01:02 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-06-11 10:44 - 2014-05-03 04:14 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-06-11 10:44 - 2014-05-03 01:21 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-11 10:44 - 2014-05-03 01:07 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-11 10:44 - 2014-05-03 00:41 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-06-11 10:44 - 2014-05-03 00:38 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-06-11 10:44 - 2014-04-30 08:16 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-06-11 10:44 - 2014-04-30 00:51 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-06-11 10:44 - 2014-04-18 11:57 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-06-11 10:44 - 2014-04-18 11:44 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-06-11 10:44 - 2014-04-18 10:29 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-06-11 10:44 - 2014-04-18 06:44 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-06-11 10:44 - 2014-04-18 06:32 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-06-11 10:44 - 2014-04-18 05:58 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-06-11 10:44 - 2014-04-18 05:32 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-06-11 10:44 - 2014-04-18 05:21 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-06-11 10:44 - 2014-04-18 05:09 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-06-11 10:44 - 2014-04-18 04:51 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-06-11 10:44 - 2014-04-18 04:49 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-06-11 10:44 - 2014-04-14 06:20 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-06-11 10:44 - 2014-04-14 05:01 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-06-11 10:44 - 2014-04-11 03:13 - 01200128 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-06-11 10:44 - 2014-04-11 01:51 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-06-11 10:44 - 2014-04-11 01:23 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-06-11 10:44 - 2014-04-11 00:30 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-06-11 10:44 - 2014-04-09 08:53 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-06-11 10:44 - 2014-04-09 03:39 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-06-11 10:44 - 2014-04-09 02:44 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-06-11 10:44 - 2014-04-09 01:35 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-06-11 10:44 - 2014-04-09 00:33 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-06-11 10:44 - 2014-04-07 23:01 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-06-11 10:44 - 2014-04-06 13:34 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-06-11 10:44 - 2014-04-06 13:34 - 00275800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-06-11 10:44 - 2014-04-06 13:32 - 00125496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-06-11 10:44 - 2014-04-06 13:31 - 21268952 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-06-11 10:44 - 2014-04-06 13:30 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-06-11 10:44 - 2014-04-06 13:24 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-06-11 10:44 - 2014-04-06 13:20 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-06-11 10:44 - 2014-04-06 13:20 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-06-11 10:44 - 2014-04-06 13:20 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-06-11 10:44 - 2014-04-06 13:20 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-06-11 10:44 - 2014-04-06 13:20 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-06-11 10:44 - 2014-04-06 13:20 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-06-11 10:44 - 2014-04-06 13:20 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-06-11 10:44 - 2014-04-06 13:20 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-06-11 10:44 - 2014-04-06 13:20 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-06-11 10:44 - 2014-04-06 13:20 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-06-11 10:44 - 2014-04-06 13:20 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-06-11 10:44 - 2014-04-06 13:20 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-06-11 10:44 - 2014-04-06 12:23 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-06-11 10:44 - 2014-04-06 12:22 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-06-11 10:44 - 2014-04-06 12:22 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-06-11 10:44 - 2014-04-06 12:16 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-06-11 10:44 - 2014-04-06 12:16 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-06-11 10:44 - 2014-04-06 12:16 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-06-11 10:44 - 2014-04-06 12:16 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-06-11 10:44 - 2014-04-06 12:16 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-06-11 10:44 - 2014-04-06 12:16 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-06-11 10:44 - 2014-04-06 12:16 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-06-11 10:44 - 2014-04-06 12:16 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-06-11 10:44 - 2014-04-06 12:16 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-06-11 10:44 - 2014-04-06 11:10 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-06-11 10:44 - 2014-04-06 09:33 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-06-11 10:44 - 2014-04-06 08:55 - 16872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-06-11 10:44 - 2014-04-06 08:54 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-06-11 10:44 - 2014-04-06 08:01 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-06-11 10:44 - 2014-04-06 07:52 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-06-11 10:44 - 2014-04-06 07:51 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-06-11 10:44 - 2014-04-06 07:37 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-06-11 10:44 - 2014-04-06 07:36 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-06-11 10:44 - 2014-04-06 07:05 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-06-11 10:44 - 2014-04-06 06:59 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-06-11 10:44 - 2014-04-03 05:12 - 02124840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-06-11 10:44 - 2014-04-03 05:12 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-06-11 10:44 - 2014-04-03 05:12 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-06-11 10:44 - 2014-04-03 04:59 - 02518872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-06-11 10:44 - 2014-04-03 04:59 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-06-11 10:44 - 2014-04-03 01:03 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-06-11 10:44 - 2014-04-03 01:03 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-06-11 10:44 - 2014-04-03 00:53 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-06-11 10:44 - 2014-04-02 23:53 - 04269056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-06-11 10:44 - 2014-04-02 23:53 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-06-11 10:44 - 2014-04-02 23:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-06-11 10:44 - 2014-04-02 23:23 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-06-11 10:44 - 2014-04-02 23:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-06-11 10:44 - 2014-04-01 03:23 - 00384856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-06-11 10:44 - 2014-03-31 02:42 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-06-11 10:44 - 2014-03-30 19:54 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-06-11 10:44 - 2014-03-28 12:58 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-06-11 10:44 - 2014-03-27 03:16 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-06-11 10:44 - 2014-03-27 02:36 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-06-11 10:44 - 2014-03-27 01:59 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-06-11 10:44 - 2014-03-27 01:19 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-06-11 10:44 - 2014-03-27 00:46 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-06-11 10:44 - 2014-03-27 00:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-06-11 10:44 - 2014-03-27 00:10 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-06-11 10:44 - 2014-03-24 19:58 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-06-11 10:44 - 2014-03-20 00:48 - 00263424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-06-11 10:44 - 2014-03-19 21:44 - 06645248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-06-11 10:44 - 2014-03-19 20:33 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-06-11 10:44 - 2014-03-19 05:07 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-06-11 10:44 - 2014-03-19 01:18 - 02688000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-06-11 10:44 - 2014-03-18 05:19 - 00077312 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-06-11 10:44 - 2014-03-18 02:00 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-06-11 10:44 - 2014-03-18 01:52 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-06-11 10:44 - 2014-03-17 02:09 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-06-11 10:44 - 2014-03-17 01:11 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-06-11 10:44 - 2014-03-17 00:01 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-06-11 10:44 - 2014-03-16 23:47 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-06-11 10:44 - 2014-03-16 23:45 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-06-11 10:44 - 2014-03-14 03:26 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-06-11 10:44 - 2014-03-14 03:10 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-06-11 10:44 - 2014-03-06 09:42 - 00310616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-06-11 10:43 - 2014-04-06 13:20 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-06-11 10:43 - 2014-04-06 09:58 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-06-11 10:43 - 2014-04-06 09:51 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-06-11 10:43 - 2014-04-06 09:24 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-06-11 10:43 - 2014-04-06 09:06 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-06-11 10:43 - 2014-04-06 08:26 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-06-11 10:43 - 2014-04-06 08:20 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-06-11 10:43 - 2014-04-02 23:23 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-06-11 10:43 - 2014-04-02 23:22 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-06-11 10:43 - 2014-03-30 21:41 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-06-11 10:43 - 2014-03-30 21:01 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-06-11 10:43 - 2014-03-30 20:43 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-06-11 10:43 - 2014-03-30 19:49 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-06-11 10:43 - 2014-03-30 19:35 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-06-11 10:43 - 2014-03-30 19:11 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-06-11 10:43 - 2014-03-30 18:47 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-06-11 10:43 - 2014-03-27 01:48 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-06-11 10:43 - 2014-03-19 05:15 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-06-11 10:43 - 2014-03-19 04:24 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-06-11 10:43 - 2014-03-19 04:17 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-06-11 10:43 - 2014-03-19 03:36 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-06-11 10:43 - 2014-03-19 02:56 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-06-11 10:43 - 2014-03-19 02:45 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-06-11 10:43 - 2014-03-19 02:19 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-06-11 10:43 - 2014-03-19 02:07 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-06-11 10:43 - 2014-03-19 02:02 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-06-11 10:43 - 2014-03-19 02:00 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-06-11 10:43 - 2014-03-19 01:51 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-06-11 10:43 - 2014-03-19 01:31 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-06-11 10:43 - 2014-01-27 15:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-06-11 10:42 - 2014-05-19 03:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-06-11 10:42 - 2014-05-19 03:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-06-11 10:42 - 2014-05-19 02:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-06-11 10:42 - 2014-04-30 01:43 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-06-11 10:42 - 2014-04-30 01:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-06-11 10:42 - 2014-04-30 00:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-06-11 10:41 - 2014-05-01 10:31 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-06-11 10:41 - 2014-05-01 10:31 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-06-11 10:41 - 2014-05-01 04:14 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-06-11 10:41 - 2014-05-01 04:05 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-06-11 10:41 - 2014-05-01 03:51 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-06-11 10:41 - 2014-05-01 02:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-06-09 16:04 - 2014-06-21 12:02 - 00000000 ____D () C:\ProgramData\GlarySoft
2014-06-09 16:02 - 2014-06-21 12:03 - 00000000 ____D () C:\Users\SILVINA\AppData\Roaming\GlarySoft
2014-06-09 16:02 - 2014-06-09 17:09 - 00000000 ____D () C:\Users\SILVINA\AppData\Roaming\DiskDefrag
2014-06-09 14:27 - 2014-06-09 14:27 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-06 08:29 - 2014-06-21 18:33 - 00000064 _____ () C:\WINDOWS\SysWOW64\rp_stats.dat
2014-06-06 08:29 - 2014-06-21 18:33 - 00000044 _____ () C:\WINDOWS\SysWOW64\rp_rules.dat
2014-06-06 01:00 - 2014-06-06 01:23 - 00000000 ____D () C:\Users\SILVINA\Doctor Web
2014-06-06 00:31 - 2014-06-06 00:31 - 00000000 ____D () C:\_OTM
2014-06-06 00:11 - 2014-06-06 00:11 - 00000000 _____ () C:\autoexec.bat
2014-06-06 00:09 - 2014-06-06 00:09 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-06-06 00:08 - 2014-06-06 00:54 - 00000000 ____D () C:\WINDOWS\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-06-05 23:32 - 2014-06-05 23:44 - 00000000 ____D () C:\Program Files (x86)\Stronghold AntiMalware
2014-06-05 23:32 - 2014-06-05 23:40 - 00000000 ____D () C:\Users\Public\Documents\Stronghold AntiMalware
2014-06-05 11:58 - 2014-06-05 12:00 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\SILVINA\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-04 20:40 - 2014-06-04 20:42 - 00026624 _____ () C:\Users\SILVINA\Downloads\reporte_140192524999392683919.xls
2014-05-30 20:46 - 2014-05-30 20:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC
2014-05-30 20:46 - 2014-05-30 20:49 - 00000000 ____D () C:\Program Files (x86)\MPC-HC
2014-05-23 10:46 - 2014-05-27 11:35 - 00041472 _____ () C:\Users\SILVINA\Downloads\z. reporte_ML vto 28 05 2014.xls

==================== One Month Modified Files and Folders =======

2014-06-22 17:35 - 2014-06-22 17:34 - 00022211 _____ () C:\Users\SILVINA\Downloads\FRST.txt
2014-06-22 17:34 - 2014-06-22 17:34 - 00000000 ____D () C:\FRST
2014-06-22 17:33 - 2014-06-22 17:33 - 02083328 _____ (Farbar) C:\Users\SILVINA\Downloads\FRST64.exe
2014-06-22 17:33 - 2014-04-12 22:58 - 00000000 ____D () C:\Users\SILVINA\AppData\Roaming\Dropbox
2014-06-22 17:27 - 2014-05-05 16:02 - 00003982 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E76C45C9-BF1C-4C05-9CD6-59B0CB3A39B5}
2014-06-22 17:22 - 2014-06-21 12:37 - 00103162 _____ () C:\WINDOWS\WindowsUpdate.log
2014-06-22 17:09 - 2013-08-22 12:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-06-22 14:35 - 2014-05-19 22:05 - 00000000 ____D () C:\Users\SILVINA\AppData\Roaming\TeamViewer
2014-06-22 14:32 - 2013-08-22 12:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-06-22 14:15 - 2014-04-14 00:05 - 00210944 ___SH () C:\Users\SILVINA\Documents\Thumbs.db
2014-06-22 14:12 - 2014-03-18 07:10 - 01829802 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-06-22 14:12 - 2014-03-18 06:31 - 00818580 _____ () C:\WINDOWS\system32\perfh00A.dat
2014-06-22 14:12 - 2014-03-18 06:31 - 00169858 _____ () C:\WINDOWS\system32\perfc00A.dat
2014-06-22 14:04 - 2014-04-12 22:42 - 00001054 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-22 12:53 - 2013-08-22 12:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-06-21 21:31 - 2014-04-12 21:03 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2344775198-52092002-376970204-1001
2014-06-21 19:04 - 2014-04-12 22:42 - 00001050 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-21 18:59 - 2014-04-12 22:42 - 00004026 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-21 18:59 - 2014-04-12 22:42 - 00003790 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-21 18:41 - 2014-04-13 22:14 - 00003626 _____ () C:\WINDOWS\System32\Tasks\Ad-Aware Update (Weekly)
2014-06-21 18:33 - 2014-06-06 08:29 - 00000064 _____ () C:\WINDOWS\SysWOW64\rp_stats.dat
2014-06-21 18:33 - 2014-06-06 08:29 - 00000044 _____ () C:\WINDOWS\SysWOW64\rp_rules.dat
2014-06-21 12:33 - 2014-04-24 11:25 - 00072704 ___SH () C:\Users\SILVINA\Desktop\Thumbs.db
2014-06-21 12:33 - 2012-07-26 02:37 - 00000000 ____D () C:\Users\Default.migrated
2014-06-21 12:24 - 2014-04-12 23:02 - 00000000 ___RD () C:\Users\SILVINA\Dropbox
2014-06-21 12:24 - 2014-04-12 21:39 - 00000000 __RDO () C:\Users\SILVINA\OneDrive
2014-06-21 12:23 - 2014-05-13 20:16 - 00000000 ____D () C:\Users\SILVINA\AppData\Roaming\DropboxMaster
2014-06-21 12:23 - 2014-04-12 20:54 - 00000062 _____ () C:\Users\SILVINA\AppData\Roaming\sp_data.sys
2014-06-21 12:22 - 2014-06-21 12:02 - 00000352 _____ () C:\WINDOWS\Tasks\GlaryInitialize 5.job
2014-06-21 12:22 - 2014-06-21 12:02 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2014-06-21 12:20 - 2014-04-15 00:43 - 00017207 _____ () C:\aaw7boot.log
2014-06-21 12:20 - 2013-08-22 11:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-06-21 12:03 - 2014-06-21 12:02 - 00002974 _____ () C:\WINDOWS\System32\Tasks\GU5SkipUAC
2014-06-21 12:03 - 2014-06-21 11:43 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 4
2014-06-21 12:03 - 2014-06-09 16:02 - 00000000 ____D () C:\Users\SILVINA\AppData\Roaming\GlarySoft
2014-06-21 12:02 - 2014-06-21 12:02 - 00020672 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys
2014-06-21 12:02 - 2014-06-21 12:02 - 00002630 _____ () C:\WINDOWS\System32\Tasks\GlaryInitialize 5
2014-06-21 12:02 - 2014-06-21 12:02 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2014-06-21 12:02 - 2014-06-21 12:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2014-06-21 12:02 - 2014-06-09 16:04 - 00000000 ____D () C:\ProgramData\GlarySoft
2014-06-21 12:01 - 2014-06-21 12:00 - 13744328 _____ () C:\Users\SILVINA\Downloads\Glary_Utilities_v5.2.0.5.exe
2014-06-21 11:49 - 2014-06-13 12:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-06-21 11:42 - 2014-06-21 11:41 - 12485568 _____ () C:\Users\SILVINA\Downloads\gu4setup.exe
2014-06-19 15:04 - 2012-07-26 04:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-06-17 00:03 - 2013-08-22 10:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-06-16 23:38 - 2014-05-05 15:24 - 00000000 ____D () C:\Users\SILVINA
2014-06-16 23:33 - 2014-06-16 23:33 - 00055396 _____ () C:\Users\SILVINA\Desktop\ya.txt
2014-06-16 20:05 - 2014-06-16 19:42 - 00000000 _____ () C:\Recovery.txt
2014-06-16 15:59 - 2012-07-26 05:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2014-06-16 09:40 - 2014-06-16 09:39 - 04745728 _____ (AVAST Software) C:\Users\SILVINA\Downloads\aswMBR.exe
2014-06-13 12:55 - 2014-06-13 12:55 - 00000000 ____D () C:\Users\SILVINA\AppData\Roaming\SUPERAntiSpyware.com
2014-06-13 12:53 - 2014-06-13 12:51 - 29085296 _____ (SUPERAntiSpyware) C:\Users\SILVINA\Downloads\SUPERAntiSpyware.exe
2014-06-13 09:07 - 2014-04-14 01:15 - 00000000 ____D () C:\Users\SILVINA\AppData\Roaming\Media Player Classic
2014-06-13 09:01 - 2014-04-13 02:53 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-12 18:21 - 2013-08-22 12:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-06-11 19:57 - 2013-08-22 11:44 - 00409848 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-06-11 19:55 - 2013-08-22 12:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-06-11 19:55 - 2013-08-22 12:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-06-11 19:54 - 2013-08-22 12:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-06-11 19:54 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-06-11 13:54 - 2014-04-13 21:56 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-11 13:53 - 2014-04-14 09:46 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-06-11 13:51 - 2014-04-14 09:46 - 95414520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-06-09 17:09 - 2014-06-09 16:02 - 00000000 ____D () C:\Users\SILVINA\AppData\Roaming\DiskDefrag
2014-06-09 16:05 - 2013-05-23 11:33 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-06-09 15:54 - 2014-04-14 00:05 - 00000000 ____D () C:\Users\SILVINA\Programas y Aplicaciones
2014-06-09 14:27 - 2014-06-09 14:27 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-06 08:28 - 2014-04-16 09:31 - 00055384 _____ (Sunbelt Software) C:\WINDOWS\system32\Drivers\SBREDrv.sys
2014-06-06 08:28 - 2014-04-14 23:51 - 00016432 _____ () C:\WINDOWS\system32\lsdelete.exe
2014-06-06 01:23 - 2014-06-06 01:00 - 00000000 ____D () C:\Users\SILVINA\Doctor Web
2014-06-06 01:23 - 2014-04-14 09:22 - 00000000 ____D () C:\Users\SILVINA\AppData\Local\WebPlayer
2014-06-06 00:54 - 2014-06-06 00:08 - 00000000 ____D () C:\WINDOWS\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-06-06 00:31 - 2014-06-06 00:31 - 00000000 ____D () C:\_OTM
2014-06-06 00:11 - 2014-06-06 00:11 - 00000000 _____ () C:\autoexec.bat
2014-06-06 00:09 - 2014-06-06 00:09 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-06-05 23:44 - 2014-06-05 23:32 - 00000000 ____D () C:\Program Files (x86)\Stronghold AntiMalware
2014-06-05 23:40 - 2014-06-05 23:32 - 00000000 ____D () C:\Users\Public\Documents\Stronghold AntiMalware
2014-06-05 22:03 - 2014-04-12 22:49 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-06-05 12:00 - 2014-06-05 11:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\SILVINA\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-04 20:42 - 2014-06-04 20:40 - 00026624 _____ () C:\Users\SILVINA\Downloads\reporte_140192524999392683919.xls
2014-06-04 20:34 - 2014-04-13 23:58 - 00000000 ____D () C:\Users\SILVINA\Downloads\David Mayer
2014-05-31 02:13 - 2013-08-22 12:38 - 00703992 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-05-31 02:13 - 2013-08-22 12:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-30 20:49 - 2014-05-30 20:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC
2014-05-30 20:49 - 2014-05-30 20:46 - 00000000 ____D () C:\Program Files (x86)\MPC-HC
2014-05-30 07:21 - 2014-06-11 10:47 - 23414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-05-30 06:45 - 2014-06-11 10:47 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-05-30 06:28 - 2014-06-11 10:47 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-05-30 06:20 - 2014-06-11 10:47 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-05-30 06:18 - 2014-06-11 10:47 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-05-30 06:08 - 2014-06-11 10:47 - 05782528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-05-30 06:06 - 2014-06-11 10:47 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-05-30 05:46 - 2014-06-11 10:47 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-05-30 05:44 - 2014-06-11 10:47 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-05-30 05:43 - 2014-06-11 10:47 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-05-30 05:38 - 2014-06-11 10:47 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-05-30 05:35 - 2014-06-11 10:47 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-05-30 05:29 - 2014-06-11 10:47 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-05-30 05:27 - 2014-06-11 10:47 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-05-30 05:23 - 2014-06-11 10:47 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-05-30 05:16 - 2014-06-11 10:47 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-05-30 05:04 - 2014-06-11 10:47 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-05-30 05:02 - 2014-06-11 10:47 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-05-30 04:56 - 2014-06-11 10:47 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-05-30 04:56 - 2014-06-11 10:47 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-05-30 04:54 - 2014-06-11 10:47 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-05-30 04:49 - 2014-06-11 10:47 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-05-30 04:43 - 2014-06-11 10:47 - 13522944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-05-30 04:40 - 2014-06-11 10:47 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-05-30 04:30 - 2014-06-11 10:47 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-05-30 04:21 - 2014-06-11 10:47 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-05-30 04:15 - 2014-06-11 10:47 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-05-30 04:13 - 2014-06-11 10:47 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-05-30 04:13 - 2014-06-11 10:47 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-05-29 21:13 - 2014-04-13 21:57 - 00000000 ____D () C:\Users\SILVINA\AppData\Local\Microsoft Help
2014-05-28 12:14 - 2014-04-24 11:29 - 00000586 _____ () C:\Users\SILVINA\Desktop\nota ML.txt
2014-05-28 01:02 - 2014-04-24 09:10 - 00032768 _____ () C:\Users\SILVINA\Downloads\z. reporte_ML vto 28 04 2014.xls
2014-05-28 00:36 - 2014-04-12 22:59 - 00000000 ____D () C:\Users\SILVINA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-27 11:35 - 2014-05-23 10:46 - 00041472 _____ () C:\Users\SILVINA\Downloads\z. reporte_ML vto 28 05 2014.xls

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS

Some content of TEMP:
====================
C:\Users\SILVINA\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp5xyuvp.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-06-21 21:31

==================== End Of Log ============================

These the results of the Addition txt:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-06-2014 01
Ran by SILVINA at 2014-06-22 17:36:54
Running from C:\Users\SILVINA\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

ASUS VivoBook (HKLM\...\{04FDBE69-F9FD-42A2-9008-E5CE7F60C6BE}) (Version: 1.0.27 - ASUS)
Ad-Aware (HKLM-x32\...\Ad-Aware) (Version: - Lavasoft)
Ad-Aware (x32 Version: 8.3.0 - Lavasoft) Hidden
Adobe Reader X (10.1.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.9.145.62246 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.9.145.62246 - Alcor Micro Corp.) Hidden
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.5 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.13 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS)
ASUS S Series Product Demo (HKLM-x32\...\{387AA3E2-B9FE-4DA1-A097-A0D2213E8794}) (Version: 1.0.0 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.1.3 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0004 - ASUS)
ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.8 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.10.123 - ASUS Cloud Corporation)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0027 - ASUS)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{CA75CBF9-B078-47CB-ABA3-74EFD4FC9A43}) (Version: - Microsoft)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Glary Utilities 5.2 (HKLM-x32\...\Glary Utilities 5) (Version: 5.2.0.5 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 6.0.7.1084 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Basque) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Catalan) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Galician) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Portuguese (Brazil)) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MPC-HC 1.6.6.6957 (3975d54) (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.6.6.6957 - MPC-HC Team)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
oDesk Team (HKCU\...\oDVT) (Version: - oDesk Corporation)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.220 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6828 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.3.39 - Safer-Networking Ltd.)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{A57A9AE3-09A9-44A0-AA78-458C71DA6FDE}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{837C1EAC-6A89-44A0-8C45-E655AAFD8CE1}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM-x32\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
Windows Driver Package - ASUS (ATP) Mouse (01/10/2013 1.0.0.170) (HKLM\...\4A9DE1E9EBC800B7F01739D4DE7363EF6751BDF5) (Version: 01/10/2013 1.0.0.170 - ASUS)
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live 软件包 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
影像中心 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

==================== Restore Points =========================

06-06-2014 03:08:16 Installed SpyHunter
11-06-2014 16:48:40 Windows Update
18-06-2014 14:43:22 Windows Update

==================== Hosts content: ==========================

2013-08-22 10:25 - 2014-06-17 00:20 - 00001048 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0102DE38-7FCB-450E-A19B-BF7B3CEA49D6} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {026F7DCD-837F-4857-AFB9-2307F2C96EFB} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0C389F8B-CA54-4E34-BCD4-34E97E01F5A0} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2014-06-16] (Glarysoft Ltd)
Task: {1766BAB1-AECF-4A20-A34C-0A12D01E9DA7} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {18659FEE-C4C5-4365-9EAE-FC95C7EA00EE} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {24F1D501-29DD-4CD2-B52A-C0F0E22BFA49} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2014-06-16] (Glarysoft Ltd)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {342B9BDE-A436-4C7C-AFAD-F3E20CF6D4BC} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {37B01862-5958-4C9B-9C26-50DAE771C576} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {42B79827-9ABA-41AB-9251-9B21DBB916F6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-06-11] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4F252ED7-4E87-4082-A416-4902644FE007} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {6440EDEA-38BD-480F-9EC2-87436ACEA853} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-22] (ASUSTeK Computer Inc.)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {76DC1106-9EB9-4014-8FFD-28855574E865} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-04-29] (AVAST Software)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {78779950-3D51-4191-97E6-F1F9B59EFC9A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-12] (Google Inc.)
Task: {7F1695D6-6709-4412-AE3C-0AA7211AC2F0} - System32\Tasks\ASUS VivoBook => C:\Program Files\ASUS\ASUS VivoBook\VivoBook.exe [2013-01-29] (ASUSTeK Computer Inc.)
Task: {83C70915-4018-4875-A2BA-45F6FC9FCDF4} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-01-31] (ASUS)
Task: {85115920-D121-4A21-A947-7C5AA06E8F13} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2013-01-09] (ASUSTek Computer INC.)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8EB5A482-F52B-4CDF-847F-67C8A51856E8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-12] (Google Inc.)
Task: {8F338C41-9F94-458F-B5E1-645429CBA08C} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-01-31] (ASUSTeK Computer Inc.)
Task: {996C4224-32F3-46B5-845C-93FFD16639CC} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-01-16] (AsusTek)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A28FA880-7DC4-43F2-9354-3147C0FD1DC5} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2014-06-06] (Lavasoft Limited )
Task: {C6513BDD-CF8A-48B9-851F-179EF5143555} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D78B65D5-DC89-47B9-BABA-BEB04BCE3859} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {D91BE49F-4ABD-4FC6-BEA9-0DAD24B7D85B} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F9E2D49E-3571-45DD-A8B7-1EF5FB9A023A} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-08-24 21:26 - 2012-08-24 21:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2013-01-25 04:09 - 2013-01-25 04:09 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-01-25 04:05 - 2013-01-25 04:05 - 00084992 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-01-25 04:12 - 2013-01-25 04:12 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2013-10-01 13:02 - 2013-10-01 13:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-06-21 12:04 - 2014-06-21 12:04 - 02783744 _____ () C:\Program Files\AVAST Software\Avast\defs\14062100\algo.dll
2014-06-22 13:20 - 2014-06-22 13:20 - 02783744 _____ () C:\Program Files\AVAST Software\Avast\defs\14062200\algo.dll
2014-05-08 12:03 - 2014-04-25 14:11 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-05-08 12:03 - 2014-04-25 14:11 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-05-08 12:03 - 2014-04-25 14:11 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-05-08 12:03 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-05-08 12:03 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-04-12 22:42 - 2014-04-12 22:42 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-06-21 12:23 - 2014-06-21 12:23 - 00043008 _____ () c:\users\silvina\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp5xyuvp.dll
2013-08-23 16:01 - 2013-08-23 16:01 - 25100288 _____ () C:\Users\SILVINA\AppData\Roaming\Dropbox\bin\libcef.dll
2013-05-23 11:32 - 2012-06-25 14:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-06-13 01:03 - 2014-06-05 10:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-13 01:03 - 2014-06-05 10:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-13 01:03 - 2014-06-05 10:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-13 01:03 - 2014-06-05 10:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-13 01:03 - 2014-06-05 10:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2010-08-12 09:15 - 2014-06-06 08:27 - 00589184 _____ () C:\Program Files (x86)\Lavasoft\Ad-Aware\RPAPI.dll
2010-08-12 09:15 - 2014-06-06 08:28 - 00430568 _____ () C:\Program Files (x86)\Lavasoft\Ad-Aware\viprebridge.dll
2010-08-12 09:15 - 2014-06-06 08:28 - 00308560 _____ () C:\Program Files (x86)\Lavasoft\Ad-Aware\Vipre.dll
2014-04-16 09:30 - 2014-05-04 10:26 - 00190752 _____ () C:\ProgramData\Lavasoft\Ad-Aware\Defs\Extended\libBase64.dll
2014-04-16 09:30 - 2014-05-04 10:26 - 00178464 _____ () C:\ProgramData\Lavasoft\Ad-Aware\Defs\Extended\libMachoUniv.dll
2014-06-06 09:03 - 2014-06-06 08:27 - 00508776 _____ () C:\ProgramData\Lavasoft\Ad-Aware\Defs\thorax.aaw

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\SILVINA\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

==================== EXE Association (whitelisted) =============

==================== MSCONFIG/TASK MANAGER disabled items =========

HKLM\...\StartupApproved\Run32: => "ATLauncher"
HKLM\...\StartupApproved\Run32: => "mcpltui_exe"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "Stronghold AntiMalware"
HKCU\...\StartupApproved\Run: => "SkyDrive"

==================== Faulty Device Manager Devices =============

Name: Bluetooth Audio Device
Description: Bluetooth Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_A2DP
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Virtual Bluetooth Support (Include Audio)
Description: Virtual Bluetooth Support (Include Audio)
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: AthBTPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Bluetooth LWFLT Device
Description: Bluetooth LWFLT Device
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_LWFLT
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

==================== Event log errors: =========================

Application errors:
==================
Error: (06/22/2014 05:27:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SILVINA)
Description: No se pudo activar la aplicación Microsoft.SkypeApp_kzf8qxf38zg5c!App debido al error: -2144927141. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

Error: (06/22/2014 05:27:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: wwahost.exe, versión: 6.3.9600.17031, marca de tiempo: 0x53085904
Nombre del módulo con errores: KERNELBASE.dll, versión: 6.3.9600.17055, marca de tiempo: 0x532943a3
Código de excepción: 0x00000004
Desplazamiento de errores: 0x00011d4d
Identificador del proceso con errores: 0x1d40
Hora de inicio de la aplicación con errores: 0xwwahost.exe0
Ruta de acceso de la aplicación con errores: wwahost.exe1
Ruta de acceso del módulo con errores: wwahost.exe2
Identificador del informe: wwahost.exe3
Nombre completo del paquete con errores: wwahost.exe4
Identificador de aplicación relativa del paquete con errores: wwahost.exe5

Error: (06/22/2014 05:12:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SILVINA)
Description: No se pudo activar la aplicación microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 debido al error: -2144927141. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

Error: (06/22/2014 05:09:39 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SILVINA)
Description: No se pudo activar la aplicación microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Calendar debido al error: -2144927141. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

Error: (06/22/2014 05:09:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SILVINA)
Description: No se pudo activar la aplicación microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Calendar debido al error: -2144927141. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

Error: (06/22/2014 05:09:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SILVINA)
Description: No se pudo activar la aplicación microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 debido al error: -2144927141. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

Error: (06/22/2014 05:09:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SILVINA)
Description: No se pudo activar la aplicación microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 debido al error: -2144927141. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

Error: (06/22/2014 05:09:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SILVINA)
Description: No se pudo activar la aplicación Microsoft.SkypeApp_kzf8qxf38zg5c!App debido al error: -2144927141. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

Error: (06/22/2014 05:09:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SILVINA)
Description: No se pudo activar la aplicación microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 debido al error: -2144927141. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

Error: (06/22/2014 05:09:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: wwahost.exe, versión: 6.3.9600.17031, marca de tiempo: 0x53085904
Nombre del módulo con errores: KERNELBASE.dll, versión: 6.3.9600.17055, marca de tiempo: 0x532943a3
Código de excepción: 0x00000004
Desplazamiento de errores: 0x00011d4d
Identificador del proceso con errores: 0xed0
Hora de inicio de la aplicación con errores: 0xwwahost.exe0
Ruta de acceso de la aplicación con errores: wwahost.exe1
Ruta de acceso del módulo con errores: wwahost.exe2
Identificador del informe: wwahost.exe3
Nombre completo del paquete con errores: wwahost.exe4
Identificador de aplicación relativa del paquete con errores: wwahost.exe5

System errors:
=============
Error: (06/22/2014 05:27:18 PM) (Source: DCOM) (EventID: 10010) (User: SILVINA)
Description: App.AppX54xz6wnkhmw763c2y8tb018n7d71dtx7.wwa

Error: (06/22/2014 05:12:19 PM) (Source: DCOM) (EventID: 10010) (User: SILVINA)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca

Error: (06/22/2014 05:09:34 PM) (Source: DCOM) (EventID: 10010) (User: SILVINA)
Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.2

Error: (06/22/2014 05:09:30 PM) (Source: DCOM) (EventID: 10010) (User: SILVINA)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca

Error: (06/22/2014 05:09:30 PM) (Source: DCOM) (EventID: 10010) (User: SILVINA)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca

Error: (06/22/2014 05:09:29 PM) (Source: DCOM) (EventID: 10010) (User: SILVINA)
Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.2

Error: (06/22/2014 05:09:29 PM) (Source: DCOM) (EventID: 10010) (User: SILVINA)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca

Error: (06/22/2014 05:09:28 PM) (Source: DCOM) (EventID: 10010) (User: SILVINA)
Description: App.AppX54xz6wnkhmw763c2y8tb018n7d71dtx7.wwa

Error: (06/22/2014 02:39:12 PM) (Source: DCOM) (EventID: 10010) (User: SILVINA)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca

Error: (06/22/2014 02:31:22 PM) (Source: DCOM) (EventID: 10010) (User: SILVINA)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca

Microsoft Office Sessions:
=========================
Error: (06/22/2014 05:27:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SILVINA)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927141

Error: (06/22/2014 05:27:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: wwahost.exe6.3.9600.1703153085904KERNELBASE.dll6.3.9600.17055532943a30000000400011d4d1d4001cf8e585c52b3c2C:\WINDOWS\syswow64\wwahost.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll9a28d6cc-fa4b-11e3-beb0-240a6436ae9aMicrosoft.SkypeApp_2.8.0.1001_x86__kzf8qxf38zg5cApp

Error: (06/22/2014 05:12:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SILVINA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (06/22/2014 05:09:39 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SILVINA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Calendar-2144927141

Error: (06/22/2014 05:09:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SILVINA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Calendar-2144927141

Error: (06/22/2014 05:09:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SILVINA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (06/22/2014 05:09:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SILVINA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (06/22/2014 05:09:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SILVINA)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927141

Error: (06/22/2014 05:09:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SILVINA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (06/22/2014 05:09:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: wwahost.exe6.3.9600.1703153085904KERNELBASE.dll6.3.9600.17055532943a30000000400011d4ded001cf8e55da19db27C:\WINDOWS\syswow64\wwahost.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll1927f10e-fa49-11e3-beb0-240a6436ae9aMicrosoft.SkypeApp_2.8.0.1001_x86__kzf8qxf38zg5cApp

==================== Memory info ===========================

Percentage of memory in use: 29%
Total physical RAM: 8077.71 MB
Available physical RAM: 5664.64 MB
Total Pagefile: 9357.71 MB
Available Pagefile: 6135.79 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:185.87 GB) (Free:126.7 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:258.15 GB) (Free:183.85 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 337AEAFE)

Partition: GPT Partition Type.

==================== End Of Log ============================

I wait for your comments


Thanks again!


----------



## Cookiegal (Aug 27, 2003)

Did you install Stronghold Antimalware intentionally?


----------



## salescobar (Jun 16, 2014)

No, I didn´t..


----------



## Cookiegal (Aug 27, 2003)

You didn't install FRST on the desktop as instructed so before following these instructions please move it there.

Please download the attached *fixlist.txt* file and save it to the desktop.

*NOTE:* It's important that both files, *FRST* and *fixlist.txt *are in the same location (on the desktop) or the fix will not work.

Run *FRST/FRST64* and press the *Fix* button just once and then wait.

If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after the restart.

*NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system.*

The tool will make a log on the Desktop (Fixlog.txt). Please post it in your reply.


----------



## salescobar (Jun 16, 2014)

These are the results:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-06-2014
Ran by SILVINA at 2014-06-24 15:34:55 Run:1
Running from C:\Users\SILVINA\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
HKLM-x32\...\Run: [Stronghold AntiMalware] => C:\Program Files (x86)\Stronghold AntiMalware\StrongholdAntiMalware.exe [6478760 2014-06-04] (Security Stronghold)
2014-06-06 00:08 - 2014-06-06 00:54 - 00000000 ____D () C:\WINDOWS\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
2014-06-05 23:32 - 2014-06-05 23:44 - 00000000 ____D () C:\Program Files (x86)\Stronghold AntiMalware
2014-06-05 23:32 - 2014-06-05 23:40 - 00000000 ____D () C:\Users\Public\Documents\Stronghold AntiMalware
*****************

HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}' => Key deleted successfully.
'HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}'=> Key not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Stronghold AntiMalware => value deleted successfully.
C:\WINDOWS\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP => Moved successfully.
C:\ProgramData\SetStretch.exe => Moved successfully.
C:\ProgramData\SetStretch.VBS => Moved successfully.
C:\Program Files (x86)\Stronghold AntiMalware => Moved successfully.
C:\Users\Public\Documents\Stronghold AntiMalware => Moved successfully.

==== End of Fixlog ====

It didn´t ask me to restart the system..

Thanks!


----------



## Cookiegal (Aug 27, 2003)

Please restart the system anyway before proceeding.

Please download *OTL* to your Desktop. 

Double-click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted. 
Click the Run Scan button. Do not change any other settings unless otherwise instructed. The scan won't take long. 
When the scan completes, it will open two Notepad windows called *OTL.Txt* and *Extras.Txt*. These are saved in the same location as OTL. 
Please copy and paste the contents of both of these files here in your next reply.


----------



## salescobar (Jun 16, 2014)

Hi,
This is the result, OTL.txt:

OTL logfile created on: 24-06-2014 9:17:03 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\SILVINA\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 0000540A | Country: Estados Unidos | Language: EST | Date Format: dd-MM-yyyy

7.89 Gb Total Physical Memory | 6.30 Gb Available Physical Memory | 79.83% Memory free
9.14 Gb Paging File | 7.41 Gb Available in Paging File | 81.07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 185.87 Gb Total Space | 132.14 Gb Free Space | 71.10% Space Free | Partition Type: NTFS
Drive D: | 258.15 Gb Total Space | 183.81 Gb Free Space | 71.20% Space Free | Partition Type: NTFS

Computer Name: SILVINA | User Name: SILVINA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014-06-24 21:14:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\SILVINA\Desktop\OTL.exe
PRC - [2014-06-16 05:36:46 | 000,792,864 | ---- | M] (Glarysoft Ltd) -- C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
PRC - [2014-06-05 22:08:56 | 003,890,208 | ---- | M] (AVAST Software) -- C:\Archivos de programa\AVAST Software\Avast\avastui.exe
PRC - [2014-06-05 10:58:39 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014-05-19 21:45:22 | 033,322,312 | ---- | M] (Dropbox, Inc.) -- C:\Users\SILVINA\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2014-05-08 04:20:58 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014-04-29 10:03:41 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe
PRC - [2014-04-25 14:12:20 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2014-04-25 14:12:10 | 002,081,752 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2014-04-25 14:12:06 | 001,738,200 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2013-01-31 19:42:44 | 000,172,688 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
PRC - [2013-01-31 19:42:44 | 000,054,488 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
PRC - [2013-01-25 03:18:32 | 000,323,584 | R--- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2013-01-16 18:11:18 | 000,020,792 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
PRC - [2013-01-15 20:20:58 | 000,303,928 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2013-01-15 20:20:54 | 000,107,320 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
PRC - [2013-01-11 19:57:24 | 000,328,504 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2012-10-17 23:08:40 | 000,205,184 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2012-09-18 16:51:54 | 001,124,032 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
PRC - [2012-08-31 23:27:20 | 000,590,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
PRC - [2012-08-22 13:24:28 | 001,559,936 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
PRC - [2012-07-17 18:57:22 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012-07-17 18:57:20 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012-06-27 16:47:02 | 000,129,856 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012-06-25 14:57:14 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2012-05-28 14:04:48 | 000,113,312 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2012-04-13 14:14:00 | 000,277,120 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
PRC - [2011-11-21 18:19:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

========== Modules (No Company Name) ==========

MOD - [2014-06-24 21:13:04 | 000,043,008 | ---- | M] () -- c:\users\silvina\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvbcoad.dll
MOD - [2014-06-16 05:37:34 | 000,080,160 | ---- | M] () -- C:\Program Files (x86)\Glary Utilities 5\zlib1.dll
MOD - [2014-04-12 22:42:16 | 019,336,120 | ---- | M] () -- C:\Archivos de programa\AVAST Software\Avast\libcef.dll
MOD - [2014-01-02 22:09:26 | 003,610,624 | ---- | M] () -- C:\Users\SILVINA\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2013-08-23 16:01:44 | 025,100,288 | ---- | M] () -- C:\Users\SILVINA\AppData\Roaming\Dropbox\bin\libcef.dll

========== Services (SafeList) ==========

SRV:*64bit:* - [2014-05-05 11:10:58 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:*64bit:* - [2014-05-05 11:10:58 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:*64bit:* - [2014-04-06 08:20:36 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:*64bit:* - [2014-04-02 23:51:48 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:*64bit:* - [2014-03-18 07:19:10 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:*64bit:* - [2014-03-18 07:19:09 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:*64bit:* - [2014-03-18 07:19:02 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:*64bit:* - [2014-03-18 07:18:59 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:*64bit:* - [2014-03-18 07:18:59 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:*64bit:* - [2014-03-18 07:18:55 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:*64bit:* - [2014-03-18 07:18:55 | 000,269,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:*64bit:* - [2014-03-18 07:18:53 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:*64bit:* - [2014-03-14 03:26:25 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:*64bit:* - [2014-02-06 07:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:*64bit:* - [2013-08-22 09:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:*64bit:* - [2013-08-22 08:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:*64bit:* - [2013-08-22 08:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:*64bit:* - [2013-08-22 08:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:*64bit:* - [2013-08-22 08:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:*64bit:* - [2013-08-22 08:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:*64bit:* - [2013-08-22 07:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:*64bit:* - [2013-08-22 07:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:*64bit:* - [2013-08-22 07:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:*64bit:* - [2013-08-22 07:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:*64bit:* - [2013-08-22 07:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:*64bit:* - [2013-08-22 07:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:*64bit:* - [2013-08-22 07:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:*64bit:* - [2013-08-22 07:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:*64bit:* - [2013-08-22 07:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:*64bit:* - [2013-08-22 06:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:*64bit:* - [2013-08-22 06:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:*64bit:* - [2013-08-22 06:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:*64bit:* - [2013-08-22 06:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:*64bit:* - [2013-08-22 06:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:*64bit:* - [2013-08-22 06:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:*64bit:* - [2013-08-22 06:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:*64bit:* - [2013-08-22 06:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:*64bit:* - [2013-07-30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe -- (McSchedulerSvc)
SRV:*64bit:* - [2013-07-30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe -- (mcpltsvc)
SRV:*64bit:* - [2013-07-30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe -- (McOobeSv2)
SRV:*64bit:* - [2013-01-18 04:20:42 | 000,039,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DptfPolicyLpmService.exe -- (DptfPolicyLpmService)
SRV:*64bit:* - [2013-01-18 04:20:42 | 000,033,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DptfPolicyConfigTDPService.exe -- (DptfPolicyConfigTDPService)
SRV:*64bit:* - [2013-01-18 04:20:42 | 000,031,632 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DptfParticipantProcessorService.exe -- (DptfParticipantProcessorService)
SRV - [2014-06-06 08:27:21 | 001,737,728 | ---- | M] (Lavasoft Limited ) [On_Demand | Stopped] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2014-05-08 04:20:58 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014-04-29 10:03:41 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Archivos de programa\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014-03-14 03:10:16 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013-10-01 13:02:42 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013-08-22 09:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013-08-22 00:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013-08-21 23:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013-01-25 04:12:12 | 000,227,456 | ---- | M] (Qualcomm Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2013-01-25 03:18:32 | 000,323,584 | R--- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt and Wlan Coex Agent)
SRV - [2013-01-15 20:20:54 | 000,107,320 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2012-12-20 03:29:48 | 000,045,488 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Archivos de programa\ASUS\ASUS VivoBook\ASUSWakeupService.exe -- (WakeupService)
SRV - [2012-07-17 18:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012-07-17 18:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012-06-27 16:47:02 | 000,129,856 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2012-06-25 14:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2012-04-20 18:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Archivos de programa\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2012-04-13 14:14:00 | 000,277,120 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe -- (ASUS InstantOn)
SRV - [2011-11-21 18:19:50 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2010-01-09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Archivos de programa\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)

========== Driver Services (SafeList) ==========

DRV:*64bit:* - [2014-06-21 12:02:53 | 000,020,672 | ---- | M] (Glarysoft Ltd) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\GUBootStartup.sys -- (GUBootStartup)
DRV:*64bit:* - [2014-05-16 09:19:42 | 001,039,096 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
DRV:*64bit:* - [2014-05-16 09:19:42 | 000,423,240 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:*64bit:* - [2014-05-16 09:19:42 | 000,085,328 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:*64bit:* - [2014-05-05 11:10:58 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:*64bit:* - [2014-05-05 11:10:58 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:*64bit:* - [2014-05-05 11:10:58 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:*64bit:* - [2014-05-05 11:10:58 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:*64bit:* - [2014-05-01 10:31:39 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:*64bit:* - [2014-04-29 10:03:48 | 000,208,416 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:*64bit:* - [2014-04-29 10:03:48 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:*64bit:* - [2014-04-29 10:03:48 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:*64bit:* - [2014-04-29 10:03:48 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:*64bit:* - [2014-04-29 10:03:48 | 000,029,208 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:*64bit:* - [2014-04-01 03:23:41 | 000,384,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:*64bit:* - [2014-03-23 23:30:57 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:*64bit:* - [2014-03-23 23:30:57 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:*64bit:* - [2014-03-23 23:27:03 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:*64bit:* - [2014-03-18 07:19:00 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:*64bit:* - [2014-03-18 07:18:56 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:*64bit:* - [2014-03-18 07:18:56 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:*64bit:* - [2014-03-18 07:18:38 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:*64bit:* - [2014-03-18 07:18:37 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:*64bit:* - [2014-03-18 07:18:36 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:*64bit:* - [2014-03-18 07:18:36 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:*64bit:* - [2014-03-18 07:18:36 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:*64bit:* - [2014-03-18 07:18:36 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:*64bit:* - [2014-03-18 07:18:36 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:*64bit:* - [2014-03-18 07:18:36 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:*64bit:* - [2014-03-18 07:18:36 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:*64bit:* - [2014-03-18 07:18:36 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:*64bit:* - [2014-03-18 06:47:35 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:*64bit:* - [2014-03-18 06:47:30 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:*64bit:* - [2013-10-01 13:02:30 | 004,177,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:*64bit:* - [2013-08-22 19:51:12 | 000,039,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:*64bit:* - [2013-08-22 19:51:12 | 000,026,008 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:*64bit:* - [2013-08-22 10:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:*64bit:* - [2013-08-22 10:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:*64bit:* - [2013-08-22 09:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:*64bit:* - [2013-08-22 09:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:*64bit:* - [2013-08-22 09:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:*64bit:* - [2013-08-22 09:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:*64bit:* - [2013-08-22 09:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:*64bit:* - [2013-08-22 09:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:*64bit:* - [2013-08-22 09:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:*64bit:* - [2013-08-22 09:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:*64bit:* - [2013-08-22 09:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:*64bit:* - [2013-08-22 09:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:*64bit:* - [2013-08-22 09:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:*64bit:* - [2013-08-22 09:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:*64bit:* - [2013-08-22 09:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:*64bit:* - [2013-08-22 09:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:*64bit:* - [2013-08-22 09:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:*64bit:* - [2013-08-22 09:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:*64bit:* - [2013-08-22 09:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:*64bit:* - [2013-08-22 09:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:*64bit:* - [2013-08-22 09:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:*64bit:* - [2013-08-22 09:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:*64bit:* - [2013-08-22 09:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:*64bit:* - [2013-08-22 09:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:*64bit:* - [2013-08-22 09:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:*64bit:* - [2013-08-22 09:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:*64bit:* - [2013-08-22 09:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:*64bit:* - [2013-08-22 09:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:*64bit:* - [2013-08-22 09:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:*64bit:* - [2013-08-22 08:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:*64bit:* - [2013-08-22 08:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:*64bit:* - [2013-08-22 08:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:*64bit:* - [2013-08-22 08:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:*64bit:* - [2013-08-22 08:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:*64bit:* - [2013-08-22 08:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:*64bit:* - [2013-08-22 08:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:*64bit:* - [2013-08-22 08:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:*64bit:* - [2013-08-22 08:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:*64bit:* - [2013-08-22 08:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:*64bit:* - [2013-08-22 08:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:*64bit:* - [2013-08-22 08:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:*64bit:* - [2013-08-22 08:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:*64bit:* - [2013-08-22 08:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:*64bit:* - [2013-08-22 08:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:*64bit:* - [2013-08-22 08:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:*64bit:* - [2013-08-22 08:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:*64bit:* - [2013-08-22 08:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:*64bit:* - [2013-08-22 08:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:*64bit:* - [2013-08-22 08:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:*64bit:* - [2013-08-22 08:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:*64bit:* - [2013-08-22 08:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:*64bit:* - [2013-08-22 05:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:*64bit:* - [2013-08-12 20:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:*64bit:* - [2013-08-09 21:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:*64bit:* - [2013-07-30 15:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:*64bit:* - [2013-07-25 16:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:*64bit:* - [2013-06-18 11:45:02 | 003,680,256 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athw8x.sys -- (athr)
DRV:*64bit:* - [2013-06-18 11:44:59 | 000,129,224 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C63x64.sys -- (L1C)
DRV:*64bit:* - [2013-01-25 03:46:26 | 000,581,200 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:*64bit:* - [2013-01-25 03:46:24 | 000,136,424 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:*64bit:* - [2013-01-25 03:46:22 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:*64bit:* - [2013-01-25 03:46:20 | 000,346,192 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:*64bit:* - [2013-01-25 03:46:20 | 000,179,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:*64bit:* - [2013-01-25 03:46:20 | 000,115,280 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:*64bit:* - [2013-01-25 03:46:20 | 000,089,168 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:*64bit:* - [2013-01-18 04:20:42 | 000,363,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DptfManager.sys -- (DptfManager)
DRV:*64bit:* - [2013-01-18 04:20:42 | 000,229,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DptfDevProc.sys -- (DptfDevProc)
DRV:*64bit:* - [2013-01-18 04:20:42 | 000,107,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DptfDevDram.sys -- (DptfDevDram)
DRV:*64bit:* - [2013-01-18 04:20:42 | 000,097,680 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DptfDevPch.sys -- (DptfDevPch)
DRV:*64bit:* - [2013-01-18 04:20:42 | 000,065,424 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DptfDevGen.sys -- (DptfDevGen)
DRV:*64bit:* - [2013-01-18 04:20:42 | 000,043,408 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DptfDevFan.sys -- (DptfDevFan)
DRV:*64bit:* - [2013-01-16 18:11:34 | 000,065,784 | ---- | M] (ASUS Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusTP.sys -- (ATP)
DRV:*64bit:* - [2012-10-03 21:26:58 | 000,095,232 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:*64bit:* - [2012-09-23 23:37:16 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:*64bit:* - [2012-09-18 16:51:54 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger)
DRV:*64bit:* - [2012-09-14 02:15:10 | 000,647,736 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:*64bit:* - [2012-08-02 00:22:48 | 000,014,992 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:*64bit:* - [2012-07-02 19:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:*64bit:* - [2012-05-31 00:47:44 | 000,021,152 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsHIDSwitch64.sys -- (HIDSwitch)
DRV - [2014-06-06 08:28:33 | 000,017,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys -- (Lavasoft Kernexplorer)
DRV - [2011-09-07 13:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009-07-02 21:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:*64bit:* - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:*64bit:* - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com.ar/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:*64bit:* - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{googleriginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{googlemniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{googleageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: 
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\SILVINA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\
CHR - Extension: Google Drive = C:\Users\SILVINA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\SILVINA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: BÃºsqueda de Google = C:\Users\SILVINA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! Online Security = C:\Users\SILVINA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\
CHR - Extension: Google Wallet = C:\Users\SILVINA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\SILVINA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014-06-17 00:20:49 | 000,001,048 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:*64bit:* - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O2:*64bit:* - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:*64bit:* - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Archivos de programa\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Archivos de programa\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O4:*64bit:* - HKLM..\Run: [DptfPolicyLpmServiceHelper] C:\Windows\SysNative\DptfPolicyLpmServiceHelper.exe (Intel Corporation)
O4:*64bit:* - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:*64bit:* - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:*64bit:* - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:*64bit:* - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:*64bit:* - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe (ASUS Cloud Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe (McAfee, Inc.)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [GUDelayStartup] C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe (Glarysoft Ltd)
O4 - HKCU..\Run: [SkyDrive] C:\Users\SILVINA\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
O4 - Startup: C:\Users\SILVINA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\SILVINA\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" (Atheros Communications)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O8:*64bit:* - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9:*64bit:* - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O13*64bit:* - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6CD490F1-D777-4957-83B3-15CF80A87BE6}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18:*64bit:* - Protocol\Handler\ms-help - No CLSID value found
O18:*64bit:* - Protocol\Handler\wlpg - No CLSID value found
O18:*64bit:* - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:*64bit:* - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:*64bit:* - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:*64bit:* - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:*64bit:* - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014-06-06 00:11:11 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (BootDefrag.exe)
O34 - HKLM BootExecute: (lsdelete)
O35:*64bit:* - HKLM\..comfile [open] -- "%1" %*
O35:*64bit:* - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:*64bit:* - HKLM\...com [@ = comfile] -- "%1" %*
O37:*64bit:* - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014-06-24 21:14:32 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\SILVINA\Desktop\OTL.exe
[2014-06-24 15:34:45 | 000,000,000 | ---D | C] -- C:\Users\SILVINA\Desktop\FRST-OlderVersion
[2014-06-22 17:34:12 | 000,000,000 | ---D | C] -- C:\FRST
[2014-06-22 17:33:26 | 002,082,816 | ---- | C] (Farbar) -- C:\Users\SILVINA\Desktop\FRST64.exe
[2014-06-21 12:02:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
[2014-06-21 12:02:52 | 000,020,672 | ---- | C] (Glarysoft Ltd) -- C:\WINDOWS\SysNative\drivers\GUBootStartup.sys
[2014-06-21 12:02:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Glary Utilities 5
[2014-06-21 11:43:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Glary Utilities 4
[2014-06-17 00:00:02 | 000,000,000 | ---D | C] -- C:\Users\SILVINA\AppData\Local\ElevatedDiagnostics
[2014-06-13 12:55:37 | 000,000,000 | ---D | C] -- C:\Users\SILVINA\AppData\Roaming\SUPERAntiSpyware.com
[2014-06-13 12:55:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2014-06-11 10:47:47 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieetwproxystub.dll
[2014-06-11 10:47:47 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll
[2014-06-11 10:47:45 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2014-06-11 10:47:45 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollectorres.dll
[2014-06-11 10:47:44 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2014-06-11 10:47:43 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwproxystub.dll
[2014-06-11 10:47:39 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll
[2014-06-11 10:47:39 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll
[2014-06-11 10:47:38 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2014-06-11 10:47:38 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe
[2014-06-11 10:47:37 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll
[2014-06-11 10:47:36 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014-06-11 10:47:33 | 000,608,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014-06-11 10:47:33 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll
[2014-06-11 10:47:32 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2014-06-11 10:47:31 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieUnatt.exe
[2014-06-11 10:47:30 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2014-06-11 10:47:30 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2014-06-11 10:47:28 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll
[2014-06-11 10:47:26 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2014-06-11 10:47:25 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2014-06-11 10:47:25 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieUnatt.exe
[2014-06-11 10:47:24 | 005,782,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014-06-11 10:47:24 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2014-06-11 10:47:22 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2014-06-11 10:45:01 | 003,360,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcorets.dll
[2014-06-11 10:44:59 | 001,336,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[2014-06-11 10:44:58 | 000,428,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2014-06-11 10:44:57 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSReset.exe
[2014-06-11 10:44:56 | 000,921,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2014-06-11 10:44:56 | 000,754,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2014-06-11 10:44:56 | 000,249,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014-06-11 10:44:56 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014-06-11 10:44:44 | 011,792,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2014-06-11 10:44:40 | 013,287,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2014-06-11 10:44:36 | 016,872,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2014-06-11 10:44:34 | 012,711,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2014-06-11 10:44:32 | 008,652,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Search.dll
[2014-06-11 10:44:30 | 007,173,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Pdf.dll
[2014-06-11 10:44:28 | 006,645,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2014-06-11 10:44:28 | 005,104,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
[2014-06-11 10:44:26 | 005,833,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Search.dll
[2014-06-11 10:44:23 | 005,774,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2014-06-11 10:44:21 | 002,688,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll
[2014-06-11 10:44:20 | 002,124,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d9.dll
[2014-06-11 10:44:18 | 004,269,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll
[2014-06-11 10:44:18 | 001,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFolder.dll
[2014-06-11 10:44:17 | 007,425,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2014-06-11 10:44:17 | 000,955,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2014-06-11 10:44:16 | 002,140,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2014-06-11 10:44:16 | 001,230,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2014-06-11 10:44:14 | 001,025,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2014-06-11 10:44:14 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2014-06-11 10:44:14 | 000,765,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2014-06-11 10:44:13 | 001,411,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2014-06-11 10:44:13 | 000,888,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2014-06-11 10:44:13 | 000,669,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2014-06-11 10:44:12 | 002,144,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2014-06-11 10:44:12 | 001,584,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\workfolderssvc.dll
[2014-06-11 10:44:12 | 001,403,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll
[2014-06-11 10:44:12 | 000,491,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2014-06-11 10:44:11 | 001,379,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpmde.dll
[2014-06-11 10:44:11 | 000,387,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2014-06-11 10:44:10 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GeofenceMonitorService.dll
[2014-06-11 10:44:10 | 000,486,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winspool.drv
[2014-06-11 10:44:10 | 000,407,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\services.exe
[2014-06-11 10:44:09 | 001,222,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Streaming.dll
[2014-06-11 10:44:09 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsGdiConverter.dll
[2014-06-11 10:44:09 | 000,364,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll
[2014-06-11 10:44:08 | 001,209,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmde.dll
[2014-06-11 10:44:08 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GeofenceMonitorService.dll
[2014-06-11 10:44:08 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsGdiConverter.dll
[2014-06-11 10:44:08 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDEServer.exe
[2014-06-11 10:44:08 | 000,305,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AUDIOKSE.dll
[2014-06-11 10:44:07 | 000,982,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Streaming.dll
[2014-06-11 10:44:07 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll
[2014-06-11 10:44:07 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpencom.dll
[2014-06-11 10:44:07 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpencom.dll
[2014-06-11 10:44:06 | 000,324,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFCaptureEngine.dll
[2014-06-11 10:44:06 | 000,263,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlows.exe
[2014-06-11 10:44:06 | 000,125,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmapi.dll
[2014-06-11 10:44:06 | 000,032,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ploptin.dll
[2014-06-11 10:44:05 | 000,337,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Classpnp.sys
[2014-06-11 10:44:05 | 000,285,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFCaptureEngine.dll
[2014-06-11 10:44:05 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\resutils.dll
[2014-06-11 10:44:05 | 000,201,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSVideoDSP.dll
[2014-06-11 10:44:05 | 000,130,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpapi.dll
[2014-06-11 10:44:04 | 000,384,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2014-06-11 10:44:04 | 000,372,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2014-06-11 10:44:04 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rpchttp.dll
[2014-06-11 10:44:04 | 000,178,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSVideoDSP.dll
[2014-06-11 10:44:04 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rpchttp.dll
[2014-06-11 10:44:03 | 001,466,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\propsys.dll
[2014-06-11 10:44:03 | 000,609,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf.dll
[2014-06-11 10:44:02 | 000,707,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2014-06-11 10:44:02 | 000,518,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mf.dll
[2014-06-11 10:44:02 | 000,467,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2014-06-11 10:44:01 | 000,463,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2014-06-11 10:44:01 | 000,233,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2014-06-11 10:44:00 | 000,881,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2014-06-11 10:44:00 | 000,426,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clusapi.dll
[2014-06-11 10:44:00 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clusapi.dll
[2014-06-11 10:44:00 | 000,307,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wintrust.dll
[2014-06-11 10:44:00 | 000,244,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2014-06-11 10:44:00 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\energyprov.dll
[2014-06-11 10:43:59 | 000,467,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srcore.dll
[2014-06-11 10:43:59 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkFoldersShell.dll
[2014-06-11 10:43:59 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tlscsp.dll
[2014-06-11 10:43:59 | 000,028,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfpmp.exe
[2014-06-11 10:43:58 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\resutils.dll
[2014-06-11 10:43:57 | 000,761,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkfoldersControl.dll
[2014-06-11 10:43:57 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BootMenuUX.dll
[2014-06-11 10:43:57 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tlscsp.dll
[2014-06-11 10:43:56 | 001,287,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mispace.dll
[2014-06-11 10:43:56 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mispace.dll
[2014-06-11 10:43:55 | 002,100,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlowUI.dll
[2014-06-11 10:43:55 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveTelemetry.dll
[2014-06-11 10:43:54 | 001,057,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdvidcrl.dll
[2014-06-11 10:43:54 | 000,443,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansec.dll
[2014-06-11 10:43:54 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2014-06-11 10:43:53 | 000,872,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDrive.exe
[2014-06-11 10:43:53 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdvidcrl.dll
[2014-06-11 10:43:53 | 000,370,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanmsm.dll
[2014-06-11 10:43:53 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanapi.dll
[2014-06-11 10:43:52 | 000,300,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanmsm.dll
[2014-06-11 10:43:52 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rstrui.exe
[2014-06-11 10:43:52 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanapi.dll
[2014-06-11 10:43:52 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srclient.dll
[2014-06-11 10:43:52 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsgqec.dll
[2014-06-11 10:43:52 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tsgqec.dll
[2014-06-11 10:43:51 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanhlp.dll
[2014-06-11 10:43:51 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanhlp.dll
[2014-06-11 10:42:42 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvinst.exe
[2014-06-11 10:42:42 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvinst.exe
[2014-06-11 10:42:42 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvcfg.exe
[2014-06-11 10:42:41 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWrite.dll
[2014-06-11 10:41:29 | 003,048,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcMon.exe
[2014-06-11 10:41:28 | 003,118,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Wpc.dll
[2014-06-11 10:41:28 | 002,861,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcWebSync.dll
[2014-06-11 10:41:27 | 002,834,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpccpl.dll
[2014-06-11 10:41:27 | 002,344,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Wpc.dll
[2014-06-11 10:41:26 | 000,055,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wpcfltr.sys
[2014-06-09 16:04:29 | 000,000,000 | ---D | C] -- C:\ProgramData\GlarySoft
[2014-06-09 16:02:34 | 000,000,000 | ---D | C] -- C:\Users\SILVINA\AppData\Roaming\GlarySoft
[2014-06-09 16:02:34 | 000,000,000 | ---D | C] -- C:\Users\SILVINA\AppData\Roaming\DiskDefrag
[2014-06-09 14:27:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014-06-06 01:00:53 | 000,000,000 | ---D | C] -- C:\Users\SILVINA\Doctor Web
[2014-06-06 00:31:05 | 000,000,000 | ---D | C] -- C:\_OTM
[2014-06-06 00:09:01 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2014-06-06 00:08:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2014-05-30 20:46:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC
[2014-05-30 20:46:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MPC-HC
[1 C:\WINDOWS\SysNative\drivers\*.tmp files -> C:\WINDOWS\SysNative\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014-06-24 21:14:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\SILVINA\Desktop\OTL.exe
[2014-06-24 21:13:55 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014-06-24 21:13:44 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize 5.job
[2014-06-24 21:12:59 | 000,000,062 | ---- | M] () -- C:\Users\SILVINA\AppData\Roaming\sp_data.sys
[2014-06-24 21:12:53 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014-06-24 21:10:52 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014-06-24 21:10:52 | 2481,102,847 | -HS- | M] () -- C:\hiberfil.sys
[2014-06-24 21:04:37 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014-06-24 15:34:45 | 002,082,816 | ---- | M] (Farbar) -- C:\Users\SILVINA\Desktop\FRST64.exe
[2014-06-22 14:12:24 | 001,829,802 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014-06-22 14:12:24 | 000,818,580 | ---- | M] () -- C:\WINDOWS\SysNative\perfh00A.dat
[2014-06-22 14:12:24 | 000,729,902 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014-06-22 14:12:24 | 000,169,858 | ---- | M] () -- C:\WINDOWS\SysNative\perfc00A.dat
[2014-06-22 14:12:24 | 000,138,536 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014-06-21 18:33:40 | 000,000,064 | ---- | M] () -- C:\WINDOWS\SysWow64\rp_stats.dat
[2014-06-21 18:33:40 | 000,000,044 | ---- | M] () -- C:\WINDOWS\SysWow64\rp_rules.dat
[2014-06-21 12:02:53 | 000,020,672 | ---- | M] (Glarysoft Ltd) -- C:\WINDOWS\SysNative\drivers\GUBootStartup.sys
[2014-06-17 00:20:49 | 000,001,048 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts
[2014-06-11 19:57:07 | 000,409,848 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014-06-06 08:28:34 | 000,055,384 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\SysNative\drivers\SBREDrv.sys
[2014-06-06 08:28:22 | 000,016,432 | ---- | M] () -- C:\WINDOWS\SysNative\lsdelete.exe
[2014-06-06 00:11:11 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2014-05-31 02:13:24 | 000,703,992 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014-05-31 02:13:24 | 000,105,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014-05-30 06:20:36 | 000,752,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2014-05-30 06:08:22 | 005,782,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014-05-30 06:06:42 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll
[2014-05-30 05:46:48 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2014-05-30 05:44:23 | 000,295,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll
[2014-05-30 05:43:06 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll
[2014-05-30 05:35:44 | 000,608,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014-05-30 05:29:31 | 000,631,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014-05-30 05:27:56 | 000,592,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2014-05-30 05:23:22 | 002,040,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2014-05-30 05:04:20 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2014-05-30 04:49:38 | 001,964,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2014-05-30 04:13:47 | 000,704,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2014-05-30 04:13:09 | 000,846,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2014-05-28 00:36:25 | 000,001,104 | ---- | M] () -- C:\Users\SILVINA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[1 C:\WINDOWS\SysNative\drivers\*.tmp files -> C:\WINDOWS\SysNative\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014-06-21 12:02:57 | 000,001,102 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
[2014-06-21 12:02:55 | 000,000,352 | ---- | C] () -- C:\WINDOWS\tasks\GlaryInitialize 5.job
[2014-06-06 08:29:07 | 000,000,064 | ---- | C] () -- C:\WINDOWS\SysWow64\rp_stats.dat
[2014-06-06 08:29:07 | 000,000,044 | ---- | C] () -- C:\WINDOWS\SysWow64\rp_rules.dat
[2014-06-06 00:11:11 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2014-04-12 20:54:12 | 000,000,062 | ---- | C] () -- C:\Users\SILVINA\AppData\Roaming\sp_data.sys
[2014-03-18 07:19:14 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014-03-18 07:18:40 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2013-10-01 13:02:30 | 000,303,104 | ---- | C] () -- C:\WINDOWS\SysWow64\igdmd32.dll
[2013-10-01 13:02:26 | 000,180,736 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2013-10-01 13:02:26 | 000,142,848 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2013-08-22 12:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013-08-22 12:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013-08-22 11:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013-08-22 04:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013-08-22 00:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013-08-21 20:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013-08-21 20:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013-03-27 08:28:59 | 000,004,362 | ---- | C] () -- C:\WINDOWS\SysWow64\DptfInvalidPolicyRemover.ini
[2012-11-27 15:26:00 | 000,000,256 | ---- | C] () -- C:\ProgramData\SetStretch.cmd
[2012-07-25 17:22:56 | 000,267,284 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng600.bin
[2012-07-25 17:22:54 | 000,963,376 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng600.bin

========== ZeroAccess Check ==========

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014-04-06 13:31:39 | 021,268,952 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014-04-06 12:22:20 | 018,755,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013-08-22 06:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013-08-21 23:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013-08-22 06:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 237 bytes -> C:\Users\SILVINA\OneDrive:ms-properties

< End of report >


----------



## salescobar (Jun 16, 2014)

-------------------------------------------------------------------------------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------------------------------------------------------------------------------

This is the result of Extras.txt

OTL Extras logfile created on: 24-06-2014 9:17:03 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\SILVINA\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 0000540A | Country: Estados Unidos | Language: EST | Date Format: dd-MM-yyyy

7.89 Gb Total Physical Memory | 6.30 Gb Available Physical Memory | 79.83% Memory free
9.14 Gb Paging File | 7.41 Gb Available in Paging File | 81.07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 185.87 Gb Total Space | 132.14 Gb Free Space | 71.10% Space Free | Partition Type: NTFS
Drive D: | 258.15 Gb Total Space | 183.81 Gb Free Space | 71.20% Space Free | Partition Type: NTFS

Computer Name: SILVINA | User Name: SILVINA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

*64bit:* [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

*64bit:* [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

*64bit:* [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

*64bit:* [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

*64bit:* [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

*64bit:* [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

*64bit:* [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1638961D-BC63-45D8-97B3-58D7576989E2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{1954263F-068D-4E77-8008-3A6DC1C33D77}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{409A28B6-AC33-424D-9DA7-DBC0F8D81349}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{63DD9484-9973-4881-AADF-70E21768070F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{6512065C-5164-44F0-B722-219C45A90A88}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{89A8808F-8A4A-4CD6-8FFD-B8643FC13ABF}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{9628D192-18EE-4A97-ACF8-C7BA05FC6759}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{963C85A6-046F-40AB-92E5-424F10D98037}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{A6E186FD-EEA9-40A7-ACE6-E352E53FD95A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{AF956534-EA45-4E01-AA42-F1431F2DF521}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{FB379B35-964A-43A0-B8CC-5F63571A42A0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06EA600E-D9D0-439F-AA25-A58601B40BC5}" = dir=in | name=sonicwall mobile connect | 
"{09C28112-524A-4A25-BF58-6CF2656C7331}" = dir=out | [email protected]{microsoft.bingsports_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} | 
"{0A699707-3714-43E9-A884-E5BDFAB97550}" = dir=out | name=windows_ie_ac_001 | 
"{0B81E138-00BA-48B2-9B7F-16EC7A917A6E}" = dir=out | [email protected]{microsoft.bingfinance_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} | 
"{10098485-6C21-49A8-AEE8-5E962A5E48A9}" = dir=out | [email protected]{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{109A99AA-0F23-4818-9FB6-88BA869BC9AB}" = dir=out | [email protected]{microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{11E747FF-D7F5-4200-86BD-6CB61EB6EB2E}" = dir=out | [email protected]{microsoft.bingfoodanddrink_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} | 
"{1D7C0521-C55C-4E36-98EA-5FAE6223B593}" = dir=in | name=onenote | 
"{208DF9DD-9D12-4184-878B-B955B4A02DF1}" = dir=in | [email protected]{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | 
"{21B4F4FA-0D43-427F-BA94-5BA80E22B57C}" = dir=in | [email protected]{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{2397F0BB-B7B4-497E-875B-8DB65FD2C762}" = dir=out | name=onenote | 
"{2523F602-466C-4C26-A6E9-0850F170B659}" = dir=out | name=pinball fx2 | 
"{281627A8-0D05-424B-B2D8-710CFD91F405}" = dir=in | app=c:\users\silvina\appdata\local\microsoft\skydrive\skydrive.exe | 
"{32BDB799-35D0-47A6-9746-DB72061DCC75}" = dir=out | [email protected]{microsoft.zunevideo_2.2.902.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | 
"{3656E5F5-6BE4-4532-9B89-0D798D2C36C7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{42654713-8ABE-4453-82DF-52500922B071}" = protocol=6 | dir=out | app=system | 
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn | 
"{4704D6ED-A3E9-45B8-9704-D9D3ED8413C3}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{5361ED5F-7094-4E4A-A147-B2D995A4789F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | [email protected]{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{560401A7-C76D-4BF2-8BF8-85B39401BD91}" = dir=out | [email protected]{microsoft.bingnews_3.0.2.261_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} | 
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect | 
"{58B6B398-18CF-4A90-A9DD-A44D2D2FC277}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe | 
"{59796BEC-1BD5-4EBE-86B9-87D17757E285}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{5A10DC3D-696B-4949-96E2-3003BB1DF795}" = protocol=6 | dir=in | app=c:\users\silvina\appdata\roaming\dropbox\bin\dropbox.exe | 
"{5C6DBFC6-C118-4970-8518-4F1E7A0A8240}" = dir=out | [email protected]{microsoft.binghealthandfitness_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} | 
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect | 
"{62E1D755-9EC9-4BDE-83BC-E0EBBD16C80D}" = dir=in | name=skype | 
"{6449582F-F383-40FC-9869-DEF4BAE51ADF}" = dir=out | [email protected]{microsoft.bingtravel_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} | 
"{67703B3D-FD0F-4E94-88D9-BDDAA975DED9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{6795CEDA-1DF3-4356-A9DE-F47E863613F4}" = dir=out | name=skype | 
"{6B4C64A2-308D-4944-9355-FFD80F12840D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | 
"{6B8294B9-E3F6-4D7E-93F1-3C61966570D5}" = protocol=17 | dir=in | app=c:\users\silvina\appdata\roaming\dropbox\bin\dropbox.exe | 
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | [email protected]{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{8BD8BC2E-FBFA-49E3-BAD4-2CD2769EB521}" = dir=out | name=check point vpn | 
"{8E111FFA-7403-41C1-8090-B3DCD1869FE8}" = dir=out | name=windows_ie_ac_001 | 
"{8E1E8896-3C4C-4B0B-8957-A83827ACD13E}" = dir=out | [email protected]{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{92CAD6E8-25AA-4D88-9251-F4F431E2E1E6}" = dir=out | [email protected]{microsoft.bingmaps_2.1.2922.2139_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{932269C7-880A-41DC-8B16-BCCE60185B8F}" = dir=in | name=check point vpn | 
"{9BC6C6BF-D694-4C54-927A-764FD54C9D9C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | [email protected]{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{9FF9B033-D454-4FD4-AD9C-F87DD6B8DF80}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{A0DC7175-B71C-4A6F-A006-89F7FE224F3F}" = dir=in | name=pinball fx2 | 
"{A22AB37A-F536-4EBD-BFF7-CD9661FA6E39}" = dir=out | [email protected]{microsoft.bingweather_2.0.0.310_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{A82873A6-FA1D-40C1-BFE0-7C3FCA9E85CF}" = dir=in | [email protected]{microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{AA562267-29A7-4ED2-AC94-FB305B421CBC}" = dir=out | [email protected]{microsoft.zunemusic_2.2.903.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | 
"{ABCB475B-8367-45FB-8D36-31224597CB53}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe | 
"{B044A7D5-2FCF-4322-9BB6-D9A1FAC89178}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | 
"{B1CE85DC-A69C-4FD4-930A-9CC4B0EE808A}" = dir=out | [email protected]{microsoft.xboxlivegames_1.3.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{B46E5BAB-B8C0-4E4A-AB78-5083D583642F}" = dir=out | name=juniper networks junos pulse | 
"{B817702A-CB1E-4ABB-8461-53568BAEC851}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{B9CAD3E7-32FF-40DB-ADD1-4779A5BB3B10}" = dir=out | [email protected]{disney.wheresmywater2_1.2.0.4_x86__6rarf9sa4v8jt?ms-resource://disney.wheresmywater2/resources/appname} | 
"{BEB13F3E-C518-43E6-AD95-CF195913E3A9}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe | 
"{C287E7E5-BD35-4308-897D-B5B551EA718E}" = dir=in | name=f5 vpn | 
"{C3FAEED5-847C-43DA-99D1-6F4168460E26}" = dir=out | [email protected]{microsoft.bingweather_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{CDF8864A-B0C2-4BA8-8D80-0F64CBA7735E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn | 
"{D92A8121-86C1-4F49-9761-DB0B63C7912E}" = dir=out | name=f5 vpn | 
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn | 
"{DCD7EAD9-9282-4ECF-955F-5F5EF9398973}" = dir=out | name=windows_ie_ac_001 | 
"{E74A689E-D553-4953-A41E-F448A9BF591E}" = dir=out | [email protected]{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | 
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | [email protected]{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{EA57248D-A17F-4DD0-A3B3-E6F62CACD5BB}" = dir=out | name=sonicwall mobile connect | 
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn | 
"{F2D334FE-145D-44DC-A8E1-F8316E5DF98F}" = dir=in | name=juniper networks junos pulse | 
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client | 
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client | 
"{F92374AE-A873-43AB-8AA2-1DA57B43BD3C}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe | 
"TCP Query User{8C38EB46-034D-43FC-8146-CB93A46E24A9}C:\users\silvina\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\silvina\appdata\roaming\dropbox\bin\dropbox.exe | 
"UDP Query User{1007E0FA-0D5A-45DE-900B-424A02073D40}C:\users\silvina\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\silvina\appdata\roaming\dropbox\bin\dropbox.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04FDBE69-F9FD-42A2-9008-E5CE7F60C6BE}" = ASUS VivoBook
"{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}" = ASUS Screen Saver
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0C0A-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Spanish) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"4A9DE1E9EBC800B7F01739D4DE7363EF6751BDF5" = Windows Driver Package - ASUS (ATP) Mouse (01/10/2013 1.0.0.170)
"CCleaner" = CCleaner

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{017E337D-D709-437C-83DB-71F82AA78BF6}" = 照片库
"{022C7C52-B294-4346-88BC-C7C2FF7FF1B7}" = Movie Maker
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{061FF8F3-5226-4278-8AAB-282C1B024F58}" = Photo Common
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{13F3CEA5-9E2C-4C4E-9F0F-D0DB389CF4A9}" = Movie Maker
"{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1FEE19BC-6F0C-42E4-82FF-FB597F6141DF}" = Windows Live Essentials
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = MPC-HC 1.6.6.6957 (3975d54)
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros Client Installation Program
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{387AA3E2-B9FE-4DA1-A097-A0D2213E8794}" = ASUS S Series Product Demo
"{3C63F944-803E-49A7-B3A2-B8AB3313E883}" = Windows Live UX Platform Language Pack
"{446CC8CE-0E90-44F7-ADD0-774B243EF090}" = Galerie de photos
"{44A3A561-AE74-472D-A51C-43F4C9E7B5E5}" = Windows Live 软件包
"{4592BAE7-B99A-47A5-9B6B-3BC236B9D3E9}" = Alcor Micro USB Card Reader
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4D3286A6-F6AB-498A-82A4-E4F040529F3D}" = ASUS Smart Gesture
"{58172D66-2F69-4215-9AEC-ED8196023736}" = ASUS Tutor
"{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
"{631C4E4F-6FDC-4CC0-A067-E9876A9BA7FD}" = 影像中心
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{749F674B-2674-47E8-879C-5626A06B2A91}" = ASUS InstantOn
"{802E137D-DA8F-47CC-AC21-6DD075CD948C}" = Windows Live UX Platform Language Pack
"{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}" = ASUS Instant Connect
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8D813AFF-D91D-4EE0-821F-B901FC2E89FA}" = Windows Live
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8F7FECEC-088F-431D-A5FB-2B59E1E69943}" = Galería de fotos
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0C0A-0000-0000000FF1CE}" = Microsoft Office Access MUI (Spanish) 2010
"{90140000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2010
"{90140000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2010
"{90140000-0019-0C0A-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Spanish) 2010
"{90140000-001A-0C0A-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Spanish) 2010
"{90140000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2010
"{90140000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2010
"{90140000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2010
"{90140000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2010
"{90140000-0044-0C0A-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Spanish) 2010
"{90140000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2010
"{90140000-00A1-0C0A-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Spanish) 2010
"{90140000-00BA-0C0A-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Spanish) 2010
"{90993BD9-C7D9-4C2F-B56C-2F7AFEBD4CD0}" = Windows Live UX Platform Language Pack
"{A17946CA-18E5-4CF0-8D55-A56D804718F8}" = Movie Maker
"{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}" = ASUS USB Charger Plus
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.10) MUI
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
"{C40D110E-0718-4E11-A69B-D4EC7BF2EB04}" = Windows Live UX Platform Language Pack
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{D5082B89-2E86-447E-A02C-922534592FA8}" = Photo Common
"{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0B5FDF0-6940-44B2-8204-CFA746A6B4AF}" = Movie Maker
"{EA2BE047-FF29-4336-BB70-6AF201085BAF}" = Windows Live 程式集
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EE2E1BED-0821-4244-ABDC-149E9F9750C3}" = Photo Common
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F54030F3-14B6-432D-9361-78DCB1473920}" = Photo Common
"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
"{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"Ad-Aware" = Ad-Aware
"AmUStor" = Alcor Micro USB Card Reader
"ASUS WebStorage" = ASUS WebStorage Sync Agent
"Avast" = avast! Free Antivirus
"FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C" = Intel(R) Dynamic Platform and Thermal Framework
"Glary Utilities 5" = Glary Utilities 5.2
"Google Chrome" = Google Chrome
"IrfanView" = IrfanView (remove only)
"MyBitCast" = MyBitCast 2.0
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"WinLiveSuite" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"oDVT" = oDesk Team
"OneDriveSetup.exe" = Microsoft OneDrive

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 23-06-2014 9:13:29 AM | Computer Name = Silvina | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = No se pudo activar la aplicación microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Calendar
debido al error: -2144927141. Consulte el registro Microsoft-Windows-TWinUI/Operational
para obtener más información.

Error - 23-06-2014 9:13:30 AM | Computer Name = Silvina | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = No se pudo activar la aplicación microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1
debido al error: -2144927141. Consulte el registro Microsoft-Windows-TWinUI/Operational
para obtener más información.

Error - 23-06-2014 9:13:30 AM | Computer Name = Silvina | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = No se pudo activar la aplicación microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1
debido al error: -2144927141. Consulte el registro Microsoft-Windows-TWinUI/Operational
para obtener más información.

Error - 23-06-2014 9:13:30 AM | Computer Name = Silvina | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = No se pudo activar la aplicación microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1
debido al error: -2144927141. Consulte el registro Microsoft-Windows-TWinUI/Operational
para obtener más información.

Error - 23-06-2014 9:13:36 AM | Computer Name = Silvina | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = No se pudo activar la aplicación microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1
debido al error: -2144927141. Consulte el registro Microsoft-Windows-TWinUI/Operational
para obtener más información.

Error - 23-06-2014 9:13:36 AM | Computer Name = Silvina | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = No se pudo activar la aplicación microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Calendar
debido al error: -2144927141. Consulte el registro Microsoft-Windows-TWinUI/Operational
para obtener más información.

Error - 23-06-2014 9:13:41 AM | Computer Name = Silvina | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = No se pudo activar la aplicación microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1
debido al error: -2144927141. Consulte el registro Microsoft-Windows-TWinUI/Operational
para obtener más información.

Error - 23-06-2014 9:22:09 AM | Computer Name = Silvina | Source = Application Error | ID = 1000
Description = Nombre de la aplicación con errores: wwahost.exe, versión: 6.3.9600.17031,
marca de tiempo: 0x53085904 Nombre del módulo con errores: KERNELBASE.dll, versión:
6.3.9600.17055, marca de tiempo: 0x532943a3 Código de excepción: 0x00000004 Desplazamiento
de errores: 0x00011d4d Identificador del proceso con errores: 0x14c0 Hora de inicio
de la aplicación con errores: 0x01cf8ee6228f8176 Ruta de acceso de la aplicación
con errores: C:\WINDOWS\syswow64\wwahost.exe Ruta de acceso del módulo con errores:
C:\WINDOWS\SYSTEM32\KERNELBASE.dll Identificador del informe: 60456cce-fad9-11e3-beb0-240a6436ae9a
Nombre
completo del paquete con errores: Microsoft.SkypeApp_2.8.0.1001_x86__kzf8qxf38zg5c
Identificador
de aplicación relativa del paquete con errores: App

Error - 23-06-2014 9:22:14 AM | Computer Name = Silvina | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = No se pudo activar la aplicación Microsoft.SkypeApp_kzf8qxf38zg5c!App
debido al error: -2144927141. Consulte el registro Microsoft-Windows-TWinUI/Operational
para obtener más información.

Error - 23-06-2014 9:26:04 AM | Computer Name = Silvina | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = No se pudo activar la aplicación microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Calendar
debido al error: -2144927141. Consulte el registro Microsoft-Windows-TWinUI/Operational
para obtener más información.

[ System Events ]
Error - 20-06-2014 10:14:33 AM | Computer Name = Silvina | Source = DCOM | ID = 10010
Description =

Error - 20-06-2014 10:14:37 AM | Computer Name = Silvina | Source = DCOM | ID = 10010
Description =

Error - 20-06-2014 10:14:43 AM | Computer Name = Silvina | Source = DCOM | ID = 10010
Description =

Error - 20-06-2014 10:31:10 AM | Computer Name = Silvina | Source = DCOM | ID = 10010
Description =

Error - 20-06-2014 10:41:06 AM | Computer Name = Silvina | Source = DCOM | ID = 10010
Description =

Error - 20-06-2014 10:41:07 AM | Computer Name = Silvina | Source = DCOM | ID = 10010
Description =

Error - 20-06-2014 10:41:09 AM | Computer Name = Silvina | Source = DCOM | ID = 10010
Description =

Error - 20-06-2014 10:41:10 AM | Computer Name = Silvina | Source = DCOM | ID = 10010
Description =

Error - 20-06-2014 10:41:14 AM | Computer Name = Silvina | Source = DCOM | ID = 10010
Description =

Error - 20-06-2014 10:41:45 AM | Computer Name = Silvina | Source = DCOM | ID = 10010
Description =

< End of report >

Thanks again


----------



## Cookiegal (Aug 27, 2003)

I don't see any problems there other than you seem to be running Avast as your anti-virus program but I see items from McAfee in the logs. Did you have McAfee at one time and uninstall it? 

Are there any problems with the machine?

Did these files get recreated and is Ad-Aware still detecting them?

c:\windows\system32\msac3enc.dll
c:\windows\system32\wmspdmod.dll

They look like false positives.


----------



## salescobar (Jun 16, 2014)

Hi,
I actually have Avast as my Antivirus.
When I bought my PC it came with McAfee and we changed to Avast.
I did a complete scan again with Ad-Adware and nothing appeared...
The problems I have now is that all Windows applications don´t open properly, like CAlculator, Skype, etc.. I open them.. then they remain for two seconds and then minimize.
With skype it happens the same, I tried to uninstall it and install it again from the Control Panel but it´s not there, just the icon on my desktop.. so I go to the website to download it, click on "Download for Windows" and Windows Store opens, but it also remains open for 2 seconds and minimize, so I can do anything..
What should it be?

Thanks!


----------



## Cookiegal (Aug 27, 2003)

Did this problem just start occurring?


----------



## salescobar (Jun 16, 2014)

It happened around two weeks ago.. more or less
I cannot open any application.. skype neither
I updated by force from windows 8 to 8.1 around that time
I googled this situation and it seems that it´s a problem from the update... i proved all solutions suggested by Microsoft but problem still persists... 
Any suggestion?


Thanks!


----------



## Cookiegal (Aug 27, 2003)

What do you mean by "updated by force"?


----------



## salescobar (Jun 16, 2014)

I mean that it made me do it.


----------



## Cookiegal (Aug 27, 2003)

Try running the Apps troubleshooter tool:

http://windows.microsoft.com/en-US/windows-8/what-troubleshoot-problems-app

In the second line the words "apps troubleshooter" is a link to download the tool.

Please run that and report back the status of the computer afterwards.


----------



## salescobar (Jun 16, 2014)

I already did in fact, I send results attached.
It seems that it´s a problem form the update...


----------



## Cookiegal (Aug 27, 2003)

Can you translate a couple of things please?

"con el controlador"

and the last line in the screenshot as well.

Is there anything else now showing there is you move the scroll bar down?


----------



## salescobar (Jun 16, 2014)

con el controlador=with the controller

Last line-4th= It´s possible that changes in hardware hasn´t been detected


----------



## Cookiegal (Aug 27, 2003)

There were errors in the Event Viewer saying something about unable to register some applications. There also appears to be a problem with Bluetooth.

I don't think this is malware-related at this point and I don't know what to suggest to fix ti so I'll move this over to the Windows 8 forum.


----------



## salescobar (Jun 16, 2014)

ok
Thanks for all your help.


----------



## Cookiegal (Aug 27, 2003)

You're welcome.


----------

