hijckthis log

This forum is for removing Malware, Spyware, Adware. Post your HijackThis, DDS, RSIT, Combofix logs here.

Moderator: Moderators

hijckthis log

Postby mickeymontes » Fri Mar 31, 2017 5:58 pm

GOod day, I seem to be having issues with my computer. Attached is the Hijackthis log.

Thak you in advance for your support :)


Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 11:54:55 a. m., on 31/03/2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0953)

FIREFOX: 52.0.1 (x86 es-ES)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Users\Michael Montes\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Extensis\Suitcase Fusion 6\FMCore.exe
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeNativeMessagingHost.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
C:\Users\Michael Montes\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://noblok.org/wpad.dat?66357bd87cd1 ... df26619787
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 127.0.0.3 www.anchorfree.net
O1 - Hosts: 127.0.0.2 mefeedia.com
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [PDF3 Registry Controller] "C:\Program Files (x86)\ScanSoft\PDF Converter 3.0\\RegistryController.exe"
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [GrpConv] grpconv -o
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIPCE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-230 Series"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Michael Montes\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Michael Montes\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Spotify] "C:\Users\Michael Montes\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [CyberGhost] "C:\Program Files\CyberGhost 6\CyberGhost.exe" /autostart /min
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Michael Montes\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michael Montes\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Michael Montes\AppData\Local\Microsoft\OneDrive\17.3.6390.0509] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michael Montes\AppData\Local\Microsoft\OneDrive\17.3.6390.0509"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03252017021041101\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User '?')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'Servicio de red')
O4 - HKUS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03252017021041450\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User '?')
O4 - HKUS\S-1-5-21-2952967907-3114153538-507899254-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03252017021041771\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" (User '?')
O4 - HKUS\S-1-5-21-2952967907-3114153538-507899254-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03252017021041771\..\Run: [Spotify] "C:\Users\Michael Montes\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized (User '?')
O4 - HKUS\S-1-5-21-2952967907-3114153538-507899254-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03252017021041771\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun (User '?')
O4 - HKUS\S-1-5-21-2952967907-3114153538-507899254-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03252017021041771\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR (User '?')
O4 - HKUS\S-1-5-21-2952967907-3114153538-507899254-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03252017021041771\..\Run: [CyberGhost] "C:\Program Files\CyberGhost 6\CyberGhost.exe" /autostart /min (User '?')
O4 - HKUS\S-1-5-21-2952967907-3114153538-507899254-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03252017021041771\..\RunOnce: [Uninstall C:\Users\Michael Montes\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michael Montes\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64" (User '?')
O4 - HKUS\S-1-5-21-2952967907-3114153538-507899254-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03252017021043267\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User '?')
O4 - HKUS\S-1-5-21-2952967907-3114153538-507899254-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03252017021043267\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User '?')
O4 - HKUS\S-1-5-21-2952967907-3114153538-507899254-1006\..\Run: [OneDrive] "C:\Users\LUCIANA\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background (User 'LUCIANA')
O4 - HKUS\S-1-5-21-2952967907-3114153538-507899254-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03252017021043466\..\Run: [OneDrive] "C:\Users\LUCIANA\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background (User '?')
O4 - Global Startup: Actualizar notificador.lnk = C:\Program Files\WinZip\WZUpdateNotifier.exe
O4 - Global Startup: FAH.lnk = C:\Program Files\WinZip\FAHConsole.exe
O8 - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~1\MICROS~1\Office16\ONBttnIE.dll/105
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: SafeKey Fill Forms - file://C:\Users\Michael Montes\AppData\LocalLow\SafeKey\context.html?cmd=fillforms
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll/105
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: @%CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: @%CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{a0a1e632-6c4d-429e-9f8c-0e5ed15f840a}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18 - Protocol: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\AJRouter.dll,-2 (AJRouter) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\AppReadiness.dll,-1000 (AppReadiness) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\appxdeploymentserver.dll,-1 (AppXSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Aroqercult - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\AudioEndpointBuilder.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%windir%\system32\bisrv.dll,-100 (BrokerInfrastructure) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\BthHFSrv.dll,-103 (BthHFSrv) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cdpsvc.dll,-100 (CDPSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cdpusersvc.dll,-100 (CDPUserSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: CDPUserSvc_11356ce5 - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: CDPUserSvc_2e9b099 - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: CyberGhost 6 Service (CG6Service) - CyberGhost S.R.L - C:\Program Files\CyberGhost 6\CyberGhost.Service.exe
O23 - Service: Ckovch - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ClipSVC.dll,-103 (ClipSVC) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\coremessaging.dll,-1 (CoreMessagingRegistrar) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @combase.dll,-5012 (DcomLaunch) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dcpsvc.dll,-3001 (DcpSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Dell Customer Connect - Dell Inc. - C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
O23 - Service: Dell Product Registration Manager (DellProdRegManager) - Aviata, Inc. - C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe
O23 - Service: @%SystemRoot%\system32\das.dll,-100 (DeviceAssociationService) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (DeviceInstall) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\DevQueryBroker.dll,-100 (DevQueryBroker) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\diagtrack.dll,-3001 (DiagTrack) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%systemroot%\system32\Windows.Internal.Management.dll,-100 (DmEnrollmentSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dmwappushsvc.dll,-200 (dmwappushservice) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dosvc.dll,-100 (DoSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\DeviceSetupManager.dll,-1000 (DsmSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dssvc.dll,-10003 (DsSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\embeddedmodesvc.dll,-201 (embeddedmode) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @EnterpriseAppMgmtSvc.dll,-1 (EntAppSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\WINDOWS\system32\EscSvc64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (EventLog) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fhsvc.dll,-101 (fhsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FrameServer.dll,-100 (FrameServer) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Game Protection Service (GmSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Google Update Servicio (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Servicio (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\hvhostsvc.dll,-100 (HvHost) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @oem226.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\System32\tetheringservice.dll,-4097 (icssvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: IntelUSBoverIP - Intel - C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\irmon.dll,-2000 (irmon) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\lfsvc.dll,-1 (lfsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\licensemanagersvc.dll,-200 (LicenseManager) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @%windir%\system32\lsm.dll,-1001 (LSM) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\moshost.dll,-100 (MapsBroker) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @%SystemRoot%\system32\MessagingService.dll,-100 (MessagingService) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: MessagingService_11356ce5 - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: MessagingService_2e9b099 - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\WINDOWS\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\ncasvc.dll,-3009 (NcaSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ncbservice.dll,-500 (NcbService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\NcdAutoSetup.dll,-100 (NcdAutoSetup) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofmsvc.dll,-202 (netprofm) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\NetSetupSvc.dll,-3 (NetSetupSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\NgcCtnrSvc.dll,-1 (NgcCtnrSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: @%SystemRoot%\system32\APHostRes.dll,-10002 (OneSyncSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Sincronizar host_11356ce5 (OneSyncSvc_11356ce5) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Sincronizar host_2e9b099 (OneSyncSvc_2e9b099) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\WINDOWS\SysWow64\perfhost.exe
O23 - Service: @%SystemRoot%\system32\PhoneserviceRes.dll,-10000 (PhoneSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\UserDataAccessRes.dll,-15001 (PimIndexMaintenanceSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Datos de contactos_11356ce5 (PimIndexMaintenanceSvc_11356ce5) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Datos de contactos_2e9b099 (PimIndexMaintenanceSvc_2e9b099) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-200 (PlugPlay) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll,-1 (PrintNotify) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\RDXService.dll,-256 (RetailDemo) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\RMapi.dll,-1001 (RmSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @combase.dll,-5010 (RpcSs) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ScDeviceEnum.dll,-100 (ScDeviceEnum) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\sensorservice.dll,-1000 (SensorService) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\System32\smphost.dll,-102 (smphost) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SmsRouterSvc.dll,-10001 (SmsRouter) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: @%SystemRoot%\system32\windows.staterepository.dll,-1 (StateRepository) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\svsvc.dll,-101 (svsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%windir%\system32\SystemEventsBrokerServer.dll,-1001 (SystemEventsBroker) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\tileobjserver.dll,-1 (tiledatamodelsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%windir%\system32\TimeBrokerServer.dll,-1001 (TimeBrokerSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\WINDOWS\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\UserDataAccessRes.dll,-10003 (UnistoreSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Almacenamiento de datos de usuarios_11356ce5 (UnistoreSvc_11356ce5) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Almacenamiento de datos de usuarios_2e9b099 (UnistoreSvc_2e9b099) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\UserDataAccessRes.dll,-14001 (UserDataSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Acceso a datos de usuarios_11356ce5 (UserDataSvc_11356ce5) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Acceso a datos de usuarios_2e9b099 (UserDataSvc_2e9b099) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\usermgr.dll,-100 (UserManager) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\usocore.dll,-102 (UsoSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\icsvc.dll,-801 (vmicguestinterface) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\icsvc.dll,-101 (vmicheartbeat) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\icsvc.dll,-201 (vmickvpexchange) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\icsvcext.dll,-601 (vmicrdv) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\icsvc.dll,-301 (vmicshutdown) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\icsvc.dll,-401 (vmictimesync) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\icsvc.dll,-901 (vmicvmsession) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\icsvcext.dll,-501 (vmicvss) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\WalletService.dll,-1000 (WalletService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Waves Audio Services (WavesSysSvc) - Waves Audio Ltd. - C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wcmsvc.dll,-4097 (Wcmsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wephostsvc.dll,-100 (WEPHOSTSVC) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiarpc.dll,-2 (WiaRpc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\flightsettings.dll,-104 (wisvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (WlanSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wlidsvc.dll,-100 (wlidsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\workfolderssvc.dll,-102 (workfolderssvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpnservice.dll,-1 (WpnService) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WpnUserService.dll,-1 (WpnUserService) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Servicio de usuario de notificaciones de inserción de Windows_11356ce5 (WpnUserService_11356ce5) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Servicio de usuario de notificaciones de inserción de Windows_2e9b099 (WpnUserService_2e9b099) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files (x86)\Wondershare\WAF\2.3.2.219\WsAppService.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\WINDOWS\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\XblAuthManager.dll,-100 (XblAuthManager) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\XblGameSave.dll,-100 (XblGameSave) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\XboxNetApiSvc.dll,-100 (XboxNetApiSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

--
End of file - 44176 bytes
mickeymontes
 
Posts: 4
Joined: Fri Mar 31, 2017 5:48 pm

Re: hijckthis log

Postby patrik » Mon Apr 03, 2017 7:52 am

Hello, welcome to the Myantispyware forum.

Run HijackThis. Click "Do a system scan only" button.
Now select the following entries by placing a tick in the left hand check box, if still present:
Code: Select all
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://noblok.org/wpad.dat?66357bd87cd1 ... df26619787

Once you have selected all entries, close all running programs then click once on the "fix checked" button.
Reboot your computer.

Please download Farbar Recovery Scan Tool from here.
* Save it to your desktop.
* Double click on the icon on your desktop.
* Push the "Scan" button.
* The scan should take just a few minutes.
* Two reports will open (FRST.txt and Addition.txt).


Post back with both FRST logs. Post each log in separate post.
patrik
Site Admin
 
Posts: 9313
Joined: Sun Jan 08, 2006 1:11 pm

Re: hijckthis log

Postby mickeymontes » Wed Apr 05, 2017 6:28 pm

did the scan and the entry was no longer there


I received this message whe trying to post results :Your message contains 163017 characters. The maximum number of allowed characters is 160000.

FIRST FRST LOG , divided in two posts

part 1:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by MichaelMontes (administrator) on MONTES_LT1 (05-04-2017 12:50:15)
Running from C:\Users\Michael Montes\Downloads
Loaded Profiles: MichaelMontes (Available Profiles: MichaelMontes & Alejandra & LUCIANA)
Platform: Windows 10 Home Single Language Version 1607 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Intel) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 6\CyberGhost.Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Spotify Ltd) C:\Users\Michael Montes\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Celartem, Inc., doing business as Extensis.) C:\Program Files (x86)\Extensis\Suitcase Fusion 6\FMCore.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8843784 2016-10-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1460744 2016-10-11] (Realtek Semiconductor)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [528384 2015-11-10] (Greenshot)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (IvoSoft)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323040 2015-11-17] (Intel Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [714672 2015-09-25] (Waves Audio Ltd.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499920 2014-09-12] (Adobe Systems Inc.)
HKLM-x32\...\Run: [PDF3 Registry Controller] => C:\Program Files (x86)\ScanSoft\PDF Converter 3.0\\RegistryController.exe [106496 2005-04-12] (ScanSoft, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2380480 2016-06-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065024 2014-06-10] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4127488 2015-06-16] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4594552 2015-06-16] (Safer-Networking Ltd.)
HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIPCE.EXE [417776 2014-11-13] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\Run: [Spotify Web Helper] => C:\Users\Michael Montes\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1431664 2016-12-04] (Spotify Ltd)
HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\Run: [Spotify] => C:\Users\Michael Montes\AppData\Roaming\Spotify\Spotify.exe [6987376 2016-12-04] (Spotify Ltd)
HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd)
HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 6\CyberGhost.exe [1191472 2017-03-08] (CyberGhost S.R.L.)
HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\RunOnce: [Uninstall C:\Users\Michael Montes\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michael Montes\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\RunOnce: [Uninstall C:\Users\Michael Montes\AppData\Local\Microsoft\OneDrive\17.3.6390.0509] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michael Montes\AppData\Local\Microsoft\OneDrive\17.3.6390.0509"
HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\MountPoints2: {570b3cba-9c28-11e6-92b7-34e6ad95d2f5} - "F:\autorun.exe"
ShellExecuteHooks: No Name - {B1857F42-AC19-11E6-9C51-64006A5CFC23} - -> No File
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [DBRShellOverlayBackupFile] -> {831CEBDD-6BAF-4432-BE76-9E0989C14AEF} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconBackuped.dll [2014-12-30] (Softthinks SAS)
ShellIconOverlayIdentifiers: [DBRShellOverlayModifiedBackupFile] -> {275E4FD7-21EF-45CF-A836-832E5D2CC1B3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconNotBackuped.dll [2014-12-30] (Softthinks SAS)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Actualizar notificador.lnk [2017-01-20]
ShortcutTarget: Actualizar notificador.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (WinZip)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2017-01-20]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (WinZip Computing, S.L.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{54d262f7-4304-4d60-bd78-729c2925f474}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{8f0f6870-db3d-4def-a40b-ff7e2bd1fd94}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{a0a1e632-6c4d-429e-9f8c-0e5ed15f840a}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2952967907-3114153538-507899254-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKU\S-1-5-21-2952967907-3114153538-507899254-1001 -> {244CA216-E613-4DB3-8D0B-3F67E7D4C3EE} URL =
SearchScopes: HKU\S-1-5-21-2952967907-3114153538-507899254-1001 -> {BBFC2D7A-5457-42C2-9091-B06A452A649E} URL = hxxps://mx.search.yahoo.com/search?p={searchTerms}&intl=mx&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-09-13] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2014-11-14] (SEIKO EPSON CORPORATION)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-08-17] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-07] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-08-17] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-07] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2014-11-14] (SEIKO EPSON CORPORATION)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-09-13] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-09-13] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-09-13] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-09-13] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: bn0xbzuc.default
FF ProfilePath: C:\Users\Michael Montes\AppData\Roaming\Mozilla\Firefox\Profiles\bn0xbzuc.default [2017-04-05]
FF Homepage: Mozilla\Firefox\Profiles\bn0xbzuc.default -> hxxps://www.google.com.mx/
FF Extension: (Post To Tumblr) - C:\Users\Michael Montes\AppData\Roaming\Mozilla\Firefox\Profiles\bn0xbzuc.default\Extensions\@posttotumblr.xpi [2016-11-17]
FF Extension: (Ace Stream Web Extension) - C:\Users\Michael Montes\AppData\Roaming\Mozilla\Firefox\Profiles\bn0xbzuc.default\Extensions\acewebextension@acestream.org.xpi [2016-12-16]
FF Extension: (Diccionario de Español/México) - C:\Users\Michael Montes\AppData\Roaming\Mozilla\Firefox\Profiles\bn0xbzuc.default\Extensions\es-MX@dictionaries.addons.mozilla.org [2015-12-30]
FF Extension: (MEGA) - C:\Users\Michael Montes\AppData\Roaming\Mozilla\Firefox\Profiles\bn0xbzuc.default\Extensions\firefox@mega.co.nz.xpi [2017-04-04]
FF Extension: (Tumblr) - C:\Users\Michael Montes\AppData\Roaming\Mozilla\Firefox\Profiles\bn0xbzuc.default\Extensions\jid0-505z9sfBXZaQjzjmiUDpPsTKvHo@jetpack.xpi [2016-06-10]
FF Extension: (Search and New Tab by Yahoo) - C:\Users\Michael Montes\AppData\Roaming\Mozilla\Firefox\Profiles\bn0xbzuc.default\Extensions\jid1-16aeif9OQIRKxA@jetpack.xpi [2017-02-07]
FF Extension: (JavaScript Toggle On and Off) - C:\Users\Michael Montes\AppData\Roaming\Mozilla\Firefox\Profiles\bn0xbzuc.default\Extensions\jid1-EbhJmw1yu6Juy@jetpack.xpi [2017-03-13]
FF Extension: (Dropbox Button) - C:\Users\Michael Montes\AppData\Roaming\Mozilla\Firefox\Profiles\bn0xbzuc.default\Extensions\jid1-T7Dhm0RvuQqfHw@jetpack.xpi [2016-07-09]
FF Extension: (Pin It button) - C:\Users\Michael Montes\AppData\Roaming\Mozilla\Firefox\Profiles\bn0xbzuc.default\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2015-08-20]
FF Extension: (Español (México) Language Pack) - C:\Users\Michael Montes\AppData\Roaming\Mozilla\Firefox\Profiles\bn0xbzuc.default\Extensions\langpack-es-MX@firefox.mozilla.org.xpi [2017-03-10]
FF Extension: (Multifox) - C:\Users\Michael Montes\AppData\Roaming\Mozilla\Firefox\Profiles\bn0xbzuc.default\Extensions\multifox@hultmann.xpi [2016-06-26]
FF Extension: (Share on Tumblr+) - C:\Users\Michael Montes\AppData\Roaming\Mozilla\Firefox\Profiles\bn0xbzuc.default\Extensions\shareontumblr@raulness.net.xpi [2016-12-04]
FF Extension: (Google Translator for Firefox) - C:\Users\Michael Montes\AppData\Roaming\Mozilla\Firefox\Profiles\bn0xbzuc.default\Extensions\translator@zoli.bod.xpi [2017-02-01]
FF Extension: (JavaScript on-off applet) - C:\Users\Michael Montes\AppData\Roaming\Mozilla\Firefox\Profiles\bn0xbzuc.default\Extensions\{54e46280-0211-11e3-b778-0800200c9a66}.xpi [2017-03-22]
FF Extension: (NoScript) - C:\Users\Michael Montes\AppData\Roaming\Mozilla\Firefox\Profiles\bn0xbzuc.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-03-17]
FF Extension: (Tumblr Post) - C:\Users\Michael Montes\AppData\Roaming\Mozilla\Firefox\Profiles\bn0xbzuc.default\Extensions\{99210d54-6321-41e8-bd1b-2b4c55874efb} [2016-12-04]
FF Extension: (RightToClick) - C:\Users\Michael Montes\AppData\Roaming\Mozilla\Firefox\Profiles\bn0xbzuc.default\Extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi [2016-03-12]
FF Extension: (Adblock Plus) - C:\Users\Michael Montes\AppData\Roaming\Mozilla\Firefox\Profiles\bn0xbzuc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF ProfilePath: C:\Users\Michael Montes\AppData\Roaming\Firefox\Firefox\Profiles\bn0xbzuc.default [2017-01-03]
FF Homepage: Firefox\Firefox\Profiles\bn0xbzuc.default -> hxxps://www.google.com.mx/
FF Extension: (Post To Tumblr) - C:\Users\Michael Montes\AppData\Roaming\Firefox\Firefox\Profiles\bn0xbzuc.default\Extensions\@posttotumblr.xpi [2016-11-17]
FF Extension: (Ace Stream Web Extension) - C:\Users\Michael Montes\AppData\Roaming\Firefox\Firefox\Profiles\bn0xbzuc.default\Extensions\acewebextension@acestream.org.xpi [2016-12-16]
FF Extension: (Diccionario de Español/México) - C:\Users\Michael Montes\AppData\Roaming\Firefox\Firefox\Profiles\bn0xbzuc.default\Extensions\es-MX@dictionaries.addons.mozilla.org [2017-01-03]
FF Extension: (Tumblr) - C:\Users\Michael Montes\AppData\Roaming\Firefox\Firefox\Profiles\bn0xbzuc.default\Extensions\jid0-505z9sfBXZaQjzjmiUDpPsTKvHo@jetpack.xpi [2016-06-10]
FF Extension: (Dropbox Button) - C:\Users\Michael Montes\AppData\Roaming\Firefox\Firefox\Profiles\bn0xbzuc.default\Extensions\jid1-T7Dhm0RvuQqfHw@jetpack.xpi [2016-07-09]
FF Extension: (Pin It button) - C:\Users\Michael Montes\AppData\Roaming\Firefox\Firefox\Profiles\bn0xbzuc.default\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2015-08-20]
FF Extension: (Español (México) Language Pack) - C:\Users\Michael Montes\AppData\Roaming\Firefox\Firefox\Profiles\bn0xbzuc.default\Extensions\langpack-es-MX@firefox.mozilla.org.xpi [2016-11-18]
FF Extension: (Multifox) - C:\Users\Michael Montes\AppData\Roaming\Firefox\Firefox\Profiles\bn0xbzuc.default\Extensions\multifox@hultmann.xpi [2016-06-26]
FF Extension: (Share on Tumblr+) - C:\Users\Michael Montes\AppData\Roaming\Firefox\Firefox\Profiles\bn0xbzuc.default\Extensions\shareontumblr@raulness.net.xpi [2016-12-04]
FF Extension: (Google Translator for Firefox) - C:\Users\Michael Montes\AppData\Roaming\Firefox\Firefox\Profiles\bn0xbzuc.default\Extensions\translator@zoli.bod.xpi [2016-06-06]
FF Extension: (NoScript) - C:\Users\Michael Montes\AppData\Roaming\Firefox\Firefox\Profiles\bn0xbzuc.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-11-29]
FF Extension: (Tumblr Post) - C:\Users\Michael Montes\AppData\Roaming\Firefox\Firefox\Profiles\bn0xbzuc.default\Extensions\{99210d54-6321-41e8-bd1b-2b4c55874efb} [2017-01-03]
FF Extension: (RightToClick) - C:\Users\Michael Montes\AppData\Roaming\Firefox\Firefox\Profiles\bn0xbzuc.default\Extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi [2016-03-12]
FF Extension: (Adblock Plus) - C:\Users\Michael Montes\AppData\Roaming\Firefox\Firefox\Profiles\bn0xbzuc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-07-31] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-16] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-06-08] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-16] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1228198.dll [2017-02-27] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-09-05] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-07] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-09-13] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll [2012-04-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-03-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-03-16] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-06-08] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2952967907-3114153538-507899254-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Michael Montes\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-11-06] (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-09-13] (Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: ChromeDefaultData2
CHR DefaultSearchURL: ChromeDefaultData2 -> hxxps://es.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: ChromeDefaultData2 -> Yahoo
CHR DefaultSuggestURL: ChromeDefaultData2 -> hxxps://es.search.yahoo.com/sugg/ie?out ... n&command={searchTerms}&nResults=10
CHR Profile: C:\Users\Michael Montes\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2 [2017-04-04] <==== ATTENTION
CHR Extension: (Diapositivas de Google) - C:\Users\Michael Montes\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-03]
CHR Extension: (Google Docs) - C:\Users\Michael Montes\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-03]
CHR Extension: (Google Drive) - C:\Users\Michael Montes\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Michael Montes\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (zate.tv) - C:\Users\Michael Montes\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\cblhkipaocdkhlidpakonilnopaiadco [2015-08-03]
CHR Extension: (Búsqueda de Google) - C:\Users\Michael Montes\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (Post To Tumblr) - C:\Users\Michael Montes\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\dbpicbbcpanckagpdjflgojlknomoiah [2017-02-06]
CHR Extension: (Adobe Acrobat) - C:\Users\Michael Montes\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-12]
CHR Extension: (Hojas de cálculo de Google) - C:\Users\Michael Montes\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-03]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Michael Montes\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (MondoZooPark) - C:\Users\Michael Montes\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\jmpkmeghlkkggopeiplfmbigjhnodnij [2015-08-03]
CHR Extension: (Skype) - C:\Users\Michael Montes\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-03-12]
CHR Extension: (Ace Stream Web Extension) - C:\Users\Michael Montes\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2016-12-16]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Michael Montes\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-12]
CHR Extension: (Gmail) - C:\Users\Michael Montes\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-03]
CHR Extension: (Chrome Media Router) - C:\Users\Michael Montes\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-06]
CHR HKU\S-1-5-21-2952967907-3114153538-507899254-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-09-12]
CHR HKLM-x32\...\Chrome\Extension: [fdbpcigaolookbahgdofnimidinicfid] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [737984 2016-06-03] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems, Incorporated)
R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed]
R2 CG6Service; C:\Program Files\CyberGhost 6\CyberGhost.Service.exe [77872 2017-03-08] (CyberGhost S.R.L)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2016-12-21] (Dell Inc.)
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [293440 2014-04-01] (Aviata, Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19424 2015-11-17] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [382456 2017-02-28] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
R2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [394184 2014-10-15] (Intel)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-10] (Intel Corporation)
R2 LMS; C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [415520 2015-07-10] (Intel Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [464440 2017-03-16] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-02-23] (NVIDIA Corporation)
S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [314624 2016-10-11] (Realtek Semiconductor)
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1750712 2015-06-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [578480 2015-09-25] (Waves Audio Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-03-04] (Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.2.219\WsAppService.exe [440832 2016-12-07] (Wondershare) [File not signed]
S2 Aroqercult; C:\Program Files (x86)\Atervuiedclufition\fegeingPrv.dll [X]
S2 Ckovch; C:\Program Files (x86)\Nupowardplihosh\vkwrenew.dll [X]
S2 GmSvc; C:\Program Files (x86)\LDSGameCenter\GmSvc.dll [X]
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
S3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [23760 2015-05-22] (Dell Computer Corporation)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation)
S3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [16880 2016-11-04] (OSR Open Systems Resources, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30352 2016-10-28] (Disc Soft Ltd)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283200 2015-08-01] (DT Soft Ltd)
R1 ElRawDisk; C:\WINDOWS\system32\drivers\ElRawDsk.sys [30752 2013-12-03] (EldoS Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77408 2017-02-24] ()
S3 facap; C:\WINDOWS\system32\DRIVERS\facap.sys [37888 2012-09-03] (Windows (R) Win 7 DDK provider)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [20160 2015-12-29] (Glarysoft Ltd)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-10-03] (REALiX(tm))
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-05-16] (Huawei Technologies Co., Ltd.)
S3 iaLPSS_GPIO; C:\WINDOWS\System32\drivers\iaLPSS_GPIO.sys [35832 2014-06-10] (Intel Corporation)
S3 iaLPSS_SPI; C:\WINDOWS\System32\drivers\iaLPSS_SPI.sys [100856 2014-06-10] (Intel Corporation)
S3 iaLPSS_UART2; C:\WINDOWS\System32\drivers\iaLPSS_UART2.sys [143864 2014-06-10] (Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [228112 2017-02-01] (Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [186304 2017-04-03] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [111544 2017-04-03] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-04-03] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251840 2017-04-03] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3517200 2017-02-01] (Intel Corporation)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_ea62e0c945f71b38\nvlddmkm.sys [14574640 2017-03-17] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-02-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2017-01-20] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [59448 2017-03-16] (NVIDIA Corporation)
R1 RawDisk3; C:\WINDOWS\system32\drivers\rawdsk3.sys [32568 2015-07-25] (EldoS Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [946696 2017-02-01] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [418784 2017-02-01] (Realsil Semiconductor Corporation)
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42600 2016-10-03] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [42088 2015-12-18] (Anchorfree Inc.)
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [213296 2014-10-15] (Windows (R) Win 7 DDK provider)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [23040 2016-07-16] (Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2016-12-19] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2016-10-27] (Zemana Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVCx32: HpSvc -> no filepath.
NETSVCx32: GmSvc -> C:\Program Files (x86)\LDSGameCenter\GmSvc.dll ==> No File
NETSVCx32: WpSvc -> no filepath.

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-05 12:50 - 2017-04-05 12:51 - 00041318 _____ C:\Users\Michael Montes\Downloads\FRST.txt
2017-04-05 11:54 - 2017-04-05 12:50 - 00000000 ____D C:\FRST
2017-04-05 11:53 - 2017-04-05 11:54 - 02424832 _____ (Farbar) C:\Users\Michael Montes\Downloads\FRST64.exe
2017-04-05 10:58 - 2017-04-05 11:56 - 00000000 ____D C:\Users\Michael Montes\Desktop\PARQUE SAN JOSE
2017-04-04 19:36 - 2017-04-04 19:37 - 00392657 _____ C:\Users\Michael Montes\Downloads\Logotipo Rustica .pdf
2017-04-03 01:18 - 2017-04-03 01:31 - 07942193 _____ C:\Users\Michael Montes\Downloads\Watercolor_Marijuana_Pack_47elements-GraphicEx.com.rar.part
2017-04-02 17:03 - 2017-04-02 17:04 - 00000000 ____D C:\Users\Michael Montes\Desktop\GraphicEx.com-Chevalier
2017-04-02 17:02 - 2017-04-02 17:02 - 00428217 _____ C:\Users\Michael Montes\Downloads\GraphicEx.com-Chevalier.rar
2017-03-31 13:11 - 2017-04-05 12:46 - 00000000 ____D C:\Users\Michael Montes\Desktop\HIJACKTHIS
2017-03-30 23:29 - 2017-03-30 23:29 - 00000978 _____ C:\Users\Michael Montes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GraphicEx.lnk
2017-03-29 16:33 - 2017-03-29 16:34 - 07023208 _____ (Tim Kosse) C:\Users\Michael Montes\Downloads\FileZilla_3.25.1_win64-setup.exe
2017-03-29 09:09 - 2017-03-29 09:10 - 00402138 _____ C:\Users\Michael Montes\Downloads\consejosvisas.pdf
2017-03-27 18:08 - 2017-03-27 18:08 - 04392544 _____ C:\Users\Michael Montes\Downloads\SEO.pdf
2017-03-27 12:53 - 2017-03-27 12:53 - 06997603 _____ C:\Users\Michael Montes\Downloads\uso_medico_cannabis.pdf
2017-03-27 11:29 - 2017-03-27 11:29 - 01987532 _____ C:\Users\Michael Montes\Downloads\fwdrvhojasparalosniosdek2gabyrizo.zip
2017-03-26 16:44 - 2017-03-26 16:44 - 05837984 _____ (Adobe Systems Inc.) C:\Users\Michael Montes\Downloads\Shockwave_Installer_Slim.exe
2017-03-26 16:44 - 2017-03-26 16:44 - 00000000 ____D C:\WINDOWS\SysWOW64\Adobe
2017-03-26 16:43 - 2017-03-26 16:43 - 05206016 _____ () C:\Users\Michael Montes\Downloads\Verti Golf.exe
2017-03-26 16:43 - 2017-03-26 16:43 - 05206016 _____ () C:\Users\Michael Montes\Downloads\Verti Golf v1.0.exe
2017-03-25 14:51 - 2017-03-25 14:51 - 00251840 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\0D1B61E3.sys
2017-03-24 12:07 - 2017-03-24 12:08 - 22471941 _____ C:\Users\Michael Montes\Downloads\Graphicex.com_It's time to legalize Marijuana.rar
2017-03-22 13:57 - 2017-03-22 13:58 - 02940282 _____ C:\Users\Michael Montes\Downloads\Chrome-Reflection-Text-Styles-Vol2.zip
2017-03-22 13:52 - 2017-03-29 16:32 - 00000000 ____D C:\Users\Michael Montes\Desktop\WEED SENBERG
2017-03-22 12:50 - 2017-03-22 12:55 - 106268085 _____ C:\Users\Michael Montes\Downloads\GraphicEx.com-dropper-bottle-mock-up-15513502.rar
2017-03-22 11:19 - 2017-04-03 11:20 - 00251840 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-22 11:19 - 2017-04-03 11:20 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-03-22 11:19 - 2017-04-03 11:20 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-03-22 11:19 - 2017-04-03 11:20 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-03-22 11:19 - 2017-04-02 12:29 - 00092088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-03-22 11:18 - 2017-03-22 11:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-22 11:18 - 2017-02-24 07:23 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-03-21 15:41 - 2017-03-21 15:41 - 00033207 _____ C:\Users\Michael Montes\Downloads\SO 4698 MICHAEL MONTES.pdf
2017-03-21 14:34 - 2017-03-21 14:39 - 40030674 _____ (Xara Group Ltd) C:\Users\Michael Montes\Downloads\designerprox365-64.exe.part
2017-03-21 10:33 - 2017-03-21 10:34 - 00000000 ____D C:\Users\Michael Montes\Desktop\XARA TEMPLATES
2017-03-21 09:58 - 2017-03-21 09:58 - 00000000 ____D C:\Users\Michael Montes\Documents\MAGIX Downloads
2017-03-20 21:45 - 2016-11-10 07:06 - 00000000 ____D C:\Users\Michael Montes\Desktop\Xara.Designer.Pro.X365_12.4.0.47404.x64.KaranPC
2017-03-20 21:31 - 2017-03-20 21:31 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-03-20 21:31 - 2017-03-16 17:56 - 00134592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-03-20 21:29 - 2017-03-20 21:30 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-03-20 21:27 - 2017-03-16 20:01 - 40190400 _____ C:\WINDOWS\system32\nvcompiler.dll
2017-03-20 21:27 - 2017-03-16 20:01 - 35272760 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-03-20 21:27 - 2017-03-16 20:01 - 34991672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-03-20 21:27 - 2017-03-16 20:01 - 28254264 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-03-20 21:27 - 2017-03-16 20:01 - 19006832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-03-20 21:27 - 2017-03-16 20:01 - 14674896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-03-20 21:27 - 2017-03-16 20:01 - 11122728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-03-20 21:27 - 2017-03-16 20:01 - 11019888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-03-20 21:27 - 2017-03-16 20:01 - 09306312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-03-20 21:27 - 2017-03-16 20:01 - 08990256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-03-20 21:27 - 2017-03-16 20:01 - 03169848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-03-20 21:27 - 2017-03-16 20:01 - 02716096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-03-20 21:27 - 2017-03-16 20:01 - 01983424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437892.dll
2017-03-20 21:27 - 2017-03-16 20:01 - 01589696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437892.dll
2017-03-20 21:27 - 2017-03-16 20:01 - 01052096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-03-20 21:27 - 2017-03-16 20:01 - 00991288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-03-20 21:27 - 2017-03-16 20:01 - 00959424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-03-20 21:27 - 2017-03-16 20:01 - 00910784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-03-20 21:27 - 2017-03-16 20:01 - 00687408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-03-20 21:27 - 2017-03-16 20:01 - 00609728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-03-20 21:27 - 2017-03-16 20:01 - 00576192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-03-20 21:27 - 2017-03-16 20:01 - 00500792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-03-20 21:27 - 2017-03-16 20:01 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-03-20 21:27 - 2017-03-16 20:01 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-03-20 21:26 - 2017-03-20 21:45 - 168176641 _____ C:\Users\Michael Montes\Downloads\Xara.Designer.Pro.X365_12.4.0.47404.x64.KaranPC.rar
2017-03-20 21:00 - 2017-03-20 21:04 - 45592820 _____ C:\Users\Michael Montes\Downloads\concrete5-8.1.0.zip
2017-03-18 08:45 - 2017-03-18 08:52 - 120022851 _____ C:\Users\Michael Montes\Downloads\Bundle_Luxury_Text_Styles_VB1.3_19544604-GraphicEx.com.rar
2017-03-17 23:59 - 2017-03-17 23:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disabled Startup
2017-03-16 16:17 - 2017-03-16 16:17 - 00008468 _____ C:\Users\Michael Montes\Downloads\html.reg
2017-03-16 11:41 - 2017-03-16 11:41 - 00518119 _____ C:\Users\Michael Montes\Downloads\3336126968_201703.pdf
2017-03-16 10:12 - 2017-03-16 10:12 - 00000000 ___HD C:\$SysReset
2017-03-16 09:20 - 2017-03-16 09:21 - 70207368 _____ C:\Users\Michael Montes\Downloads\Letter_Logos_Design_with_Ink_Cloud_Texture-GraphicEx.com.rar
2017-03-15 18:11 - 2017-03-15 18:11 - 00018394 _____ C:\Users\Michael Montes\Downloads\Tarea_17644.pdf
2017-03-15 18:11 - 2017-03-15 18:11 - 00018394 _____ C:\Users\Michael Montes\Downloads\Tarea_15279.pdf
2017-03-15 16:20 - 2017-03-04 02:57 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-03-15 16:20 - 2017-03-04 02:57 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-03-15 16:20 - 2017-03-04 02:40 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-03-15 16:20 - 2017-03-04 02:24 - 00090976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2017-03-15 16:20 - 2017-03-04 02:09 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-03-15 16:20 - 2017-03-04 02:09 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2017-03-15 16:20 - 2017-03-04 02:09 - 00497416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-03-15 16:20 - 2017-03-04 02:08 - 00130912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-03-15 16:20 - 2017-03-04 02:07 - 00557400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-03-15 16:20 - 2017-03-04 02:04 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-03-15 16:20 - 2017-03-04 02:02 - 00184416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IPHLPAPI.DLL
2017-03-15 16:20 - 2017-03-04 01:56 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-03-15 16:20 - 2017-03-04 01:56 - 00248992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-03-15 16:20 - 2017-03-04 01:54 - 02277288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-03-15 16:20 - 2017-03-04 01:54 - 00524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-03-15 16:20 - 2017-03-04 01:53 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-03-15 16:20 - 2017-03-04 01:53 - 02256080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-03-15 16:20 - 2017-03-04 01:53 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-03-15 16:20 - 2017-03-04 01:53 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-03-15 16:20 - 2017-03-04 01:53 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-03-15 16:20 - 2017-03-04 01:53 - 00781152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-03-15 16:20 - 2017-03-04 01:53 - 00493912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-03-15 16:20 - 2017-03-04 01:53 - 00313568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2017-03-15 16:20 - 2017-03-04 01:53 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-03-15 16:20 - 2017-03-04 01:52 - 00549088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-03-15 16:20 - 2017-03-04 01:52 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2017-03-15 16:20 - 2017-03-04 01:51 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-03-15 16:20 - 2017-03-04 01:51 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-03-15 16:20 - 2017-03-04 01:50 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-03-15 16:20 - 2017-03-04 01:47 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-03-15 16:20 - 2017-03-04 01:47 - 06667528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-03-15 16:20 - 2017-03-04 01:47 - 04023000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-03-15 16:20 - 2017-03-04 01:47 - 01853224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-03-15 16:20 - 2017-03-04 01:47 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-03-15 16:20 - 2017-03-04 01:47 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-03-15 16:20 - 2017-03-04 01:47 - 01344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-03-15 16:20 - 2017-03-04 01:47 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-03-15 16:20 - 2017-03-04 01:47 - 01202384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-03-15 16:20 - 2017-03-04 01:47 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-03-15 16:20 - 2017-03-04 01:47 - 00981376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-03-15 16:20 - 2017-03-04 01:47 - 00976184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2017-03-15 16:20 - 2017-03-04 01:47 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-03-15 16:20 - 2017-03-04 01:47 - 00640976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2017-03-15 16:20 - 2017-03-04 01:47 - 00530480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2017-03-15 16:20 - 2017-03-04 01:47 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2017-03-15 16:20 - 2017-03-04 01:47 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-03-15 16:20 - 2017-03-04 01:47 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2017-03-15 16:20 - 2017-03-04 01:46 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-03-15 16:20 - 2017-03-04 01:46 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2017-03-15 16:20 - 2017-03-04 01:45 - 00173408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-03-15 16:20 - 2017-03-04 01:45 - 00112120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2017-03-15 16:20 - 2017-03-04 01:42 - 01415240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-03-15 16:20 - 2017-03-04 01:42 - 01260784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-03-15 16:20 - 2017-03-04 01:42 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-03-15 16:20 - 2017-03-04 01:42 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2017-03-15 16:20 - 2017-03-04 01:40 - 00306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-03-15 16:20 - 2017-03-04 01:36 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-03-15 16:20 - 2017-03-04 01:34 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-03-15 16:20 - 2017-03-04 01:30 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-03-15 16:20 - 2017-03-04 01:30 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-03-15 16:20 - 2017-03-04 01:30 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-03-15 16:20 - 2017-03-04 01:30 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-03-15 16:20 - 2017-03-04 01:30 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-03-15 16:20 - 2017-03-04 01:29 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2017-03-15 16:20 - 2017-03-04 01:29 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfp.dll
2017-03-15 16:20 - 2017-03-04 01:29 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XInputUap.dll
2017-03-15 16:20 - 2017-03-04 01:29 - 00019968 _____ C:\WINDOWS\SysWOW64\GamePanelExternalHook.dll
2017-03-15 16:20 - 2017-03-04 01:28 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-03-15 16:20 - 2017-03-04 01:27 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\accountaccessor.dll
2017-03-15 16:20 - 2017-03-04 01:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-03-15 16:20 - 2017-03-04 01:27 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2017-03-15 16:20 - 2017-03-04 01:27 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddrawex.dll
2017-03-15 16:20 - 2017-03-04 01:26 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-03-15 16:20 - 2017-03-04 01:26 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-03-15 16:20 - 2017-03-04 01:26 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2017-03-15 16:20 - 2017-03-04 01:26 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-03-15 16:20 - 2017-03-04 01:26 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-03-15 16:20 - 2017-03-04 01:26 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-03-15 16:20 - 2017-03-04 01:26 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.UI.GameBar.dll
2017-03-15 16:20 - 2017-03-04 01:26 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2017-03-15 16:20 - 2017-03-04 01:26 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2017-03-15 16:20 - 2017-03-04 01:26 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2017-03-15 16:20 - 2017-03-04 01:25 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-03-15 16:20 - 2017-03-04 01:25 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscandui.dll
2017-03-15 16:20 - 2017-03-04 01:25 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2017-03-15 16:20 - 2017-03-04 01:25 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCCSEngineShared.dll
2017-03-15 16:20 - 2017-03-04 01:25 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-03-15 16:20 - 2017-03-04 01:25 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2017-03-15 16:20 - 2017-03-04 01:25 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2017-03-15 16:20 - 2017-03-04 01:25 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2017-03-15 16:20 - 2017-03-04 01:24 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-03-15 16:20 - 2017-03-04 01:24 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-03-15 16:20 - 2017-03-04 01:24 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-03-15 16:20 - 2017-03-04 01:24 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-03-15 16:20 - 2017-03-04 01:24 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfui.dll
2017-03-15 16:20 - 2017-03-04 01:24 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2017-03-15 16:20 - 2017-03-04 01:24 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-03-15 16:20 - 2017-03-04 01:24 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2017-03-15 16:20 - 2017-03-04 01:23 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-03-15 16:20 - 2017-03-04 01:23 - 00506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-03-15 16:20 - 2017-03-04 01:23 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-03-15 16:20 - 2017-03-04 01:23 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-03-15 16:20 - 2017-03-04 01:23 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DavSyncProvider.dll
2017-03-15 16:20 - 2017-03-04 01:23 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-03-15 16:20 - 2017-03-04 01:23 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-03-15 16:20 - 2017-03-04 01:23 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2017-03-15 16:20 - 2017-03-04 01:23 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-03-15 16:20 - 2017-03-04 01:23 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-03-15 16:20 - 2017-03-04 01:23 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiohlp.dll
2017-03-15 16:20 - 2017-03-04 01:22 - 01299968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-03-15 16:20 - 2017-03-04 01:22 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2017-03-15 16:20 - 2017-03-04 01:22 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-03-15 16:20 - 2017-03-04 01:22 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-03-15 16:20 - 2017-03-04 01:22 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-03-15 16:20 - 2017-03-04 01:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\icm32.dll
2017-03-15 16:20 - 2017-03-04 01:22 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2017-03-15 16:20 - 2017-03-04 01:22 - 00183296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2017-03-15 16:20 - 2017-03-04 01:22 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-03-15 16:20 - 2017-03-04 01:22 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2017-03-15 16:20 - 2017-03-04 01:21 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-03-15 16:20 - 2017-03-04 01:21 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-03-15 16:20 - 2017-03-04 01:21 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\main.cpl
2017-03-15 16:20 - 2017-03-04 01:21 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2017-03-15 16:20 - 2017-03-04 01:21 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-03-15 16:20 - 2017-03-04 01:21 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-03-15 16:20 - 2017-03-04 01:21 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2017-03-15 16:20 - 2017-03-04 01:21 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-03-15 16:20 - 2017-03-04 01:21 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-03-15 16:20 - 2017-03-04 01:21 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi32.dll
2017-03-15 16:20 - 2017-03-04 01:21 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-03-15 16:20 - 2017-03-04 01:20 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-03-15 16:20 - 2017-03-04 01:20 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2017-03-15 16:20 - 2017-03-04 01:20 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-03-15 16:20 - 2017-03-04 01:20 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPTpm12.dll
2017-03-15 16:20 - 2017-03-04 01:20 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-03-15 16:20 - 2017-03-04 01:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-03-15 16:20 - 2017-03-04 01:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-03-15 16:20 - 2017-03-04 01:20 - 00424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msutb.dll
2017-03-15 16:20 - 2017-03-04 01:20 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-03-15 16:20 - 2017-03-04 01:20 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanui.dll
2017-03-15 16:20 - 2017-03-04 01:20 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-03-15 16:20 - 2017-03-04 01:20 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-03-15 16:20 - 2017-03-04 01:20 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-03-15 16:20 - 2017-03-04 01:20 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-03-15 16:20 - 2017-03-04 01:20 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-03-15 16:20 - 2017-03-04 01:20 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-03-15 16:20 - 2017-03-04 01:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-03-15 16:20 - 2017-03-04 01:19 - 00714752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2017-03-15 16:20 - 2017-03-04 01:19 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-03-15 16:20 - 2017-03-04 01:19 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-03-15 16:20 - 2017-03-04 01:19 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-03-15 16:20 - 2017-03-04 01:19 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2017-03-15 16:20 - 2017-03-04 01:19 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2017-03-15 16:20 - 2017-03-04 01:19 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-03-15 16:20 - 2017-03-04 01:19 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2017-03-15 16:20 - 2017-03-04 01:19 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2017-03-15 16:20 - 2017-03-04 01:18 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2017-03-15 16:20 - 2017-03-04 01:18 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2017-03-15 16:20 - 2017-03-04 01:18 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-03-15 16:20 - 2017-03-04 01:18 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-03-15 16:20 - 2017-03-04 01:18 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2017-03-15 16:20 - 2017-03-04 01:18 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2017-03-15 16:20 - 2017-03-04 01:18 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-03-15 16:20 - 2017-03-04 01:18 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-03-15 16:20 - 2017-03-04 01:18 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-03-15 16:20 - 2017-03-04 01:18 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2017-03-15 16:20 - 2017-03-04 01:18 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-15 16:20 - 2017-03-04 01:18 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2017-03-15 16:20 - 2017-03-04 01:18 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-03-15 16:20 - 2017-03-04 01:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-03-15 16:20 - 2017-03-04 01:17 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-03-15 16:20 - 2017-03-04 01:17 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-03-15 16:20 - 2017-03-04 01:16 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-03-15 16:20 - 2017-03-04 01:16 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2017-03-15 16:20 - 2017-03-04 01:16 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-03-15 16:20 - 2017-03-04 01:16 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2017-03-15 16:20 - 2017-03-04 01:16 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-03-15 16:20 - 2017-03-04 01:16 - 00762880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2017-03-15 16:20 - 2017-03-04 01:16 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2017-03-15 16:20 - 2017-03-04 01:16 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-03-15 16:20 - 2017-03-04 01:16 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-03-15 16:20 - 2017-03-04 01:16 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-03-15 16:20 - 2017-03-04 01:16 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2017-03-15 16:20 - 2017-03-04 01:16 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-03-15 16:20 - 2017-03-04 01:16 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2017-03-15 16:20 - 2017-03-04 01:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-03-15 16:20 - 2017-03-04 01:16 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-03-15 16:20 - 2017-03-04 01:15 - 01543680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2017-03-15 16:20 - 2017-03-04 01:15 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-03-15 16:20 - 2017-03-04 01:15 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroleui.dll
2017-03-15 16:20 - 2017-03-04 01:15 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-03-15 16:20 - 2017-03-04 01:14 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-03-15 16:20 - 2017-03-04 01:14 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2017-03-15 16:20 - 2017-03-04 01:13 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-03-15 16:20 - 2017-03-04 01:13 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-03-15 16:20 - 2017-03-04 01:13 - 04613120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-03-15 16:20 - 2017-03-04 01:13 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-03-15 16:20 - 2017-03-04 01:13 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2017-03-15 16:20 - 2017-03-04 01:13 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-03-15 16:20 - 2017-03-04 01:13 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2017-03-15 16:20 - 2017-03-04 01:13 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-03-15 16:20 - 2017-03-04 01:13 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-03-15 16:20 - 2017-03-04 01:13 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-03-15 16:20 - 2017-03-04 01:13 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-03-15 16:20 - 2017-03-04 01:12 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-03-15 16:20 - 2017-03-04 01:12 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-03-15 16:20 - 2017-03-04 01:12 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2017-03-15 16:20 - 2017-03-04 01:12 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
2017-03-15 16:20 - 2017-03-04 01:12 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-03-15 16:20 - 2017-03-04 01:12 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-03-15 16:20 - 2017-03-04 01:11 - 01357312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2017-03-15 16:20 - 2017-03-04 01:11 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-03-15 16:20 - 2017-03-04 01:11 - 01320448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2017-03-15 16:20 - 2017-03-04 01:11 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-03-15 16:20 - 2017-03-04 01:11 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-03-15 16:20 - 2017-03-04 01:10 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-03-15 16:20 - 2017-03-04 01:10 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-03-15 16:20 - 2017-03-04 01:10 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2017-03-15 16:20 - 2017-03-04 01:10 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regedit.exe
2017-03-15 16:20 - 2017-03-04 01:10 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2017-03-15 16:20 - 2017-03-04 01:09 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-03-15 16:20 - 2017-03-04 01:09 - 00570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2017-03-15 16:20 - 2017-03-04 01:09 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-03-15 16:20 - 2017-03-04 01:09 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2017-03-15 16:20 - 2017-03-04 01:08 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-03-15 16:20 - 2017-03-04 01:07 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-03-15 16:20 - 2017-03-04 01:07 - 02643456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-03-15 16:20 - 2017-03-04 01:07 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-03-15 16:20 - 2017-03-04 01:07 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-03-15 16:20 - 2017-03-04 01:07 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2017-03-15 16:20 - 2017-03-04 01:06 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-03-15 16:20 - 2017-03-04 01:06 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-03-15 16:20 - 2017-03-04 01:06 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-03-15 16:20 - 2017-03-04 01:06 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-03-15 16:20 - 2017-03-04 01:06 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-03-15 16:20 - 2017-03-04 01:06 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-03-15 16:20 - 2017-03-04 01:05 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-03-15 16:20 - 2017-03-04 01:05 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-03-15 16:20 - 2017-03-04 01:05 - 01133568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2017-03-15 16:20 - 2017-03-04 01:05 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-03-15 16:20 - 2017-03-04 01:05 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2017-03-15 16:20 - 2017-03-04 01:05 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2017-03-15 16:20 - 2017-03-04 01:05 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-03-15 16:20 - 2017-03-04 01:05 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2017-03-15 16:20 - 2017-03-04 01:04 - 00753152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2017-03-15 16:20 - 2017-03-04 01:04 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2017-03-15 16:20 - 2017-03-04 01:04 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-03-15 16:20 - 2017-03-04 01:03 - 02363904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-03-15 16:20 - 2017-03-04 01:03 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-03-15 16:20 - 2017-03-04 01:03 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-03-15 16:20 - 2017-03-04 01:03 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2017-03-15 16:20 - 2017-03-04 01:03 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-03-15 16:20 - 2017-03-04 01:03 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2017-03-15 16:20 - 2017-03-04 01:02 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-03-15 16:20 - 2017-03-04 01:02 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-03-15 16:20 - 2017-03-04 01:02 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2017-03-15 16:20 - 2017-03-04 01:02 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-03-15 16:20 - 2017-03-04 01:02 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-03-15 16:20 - 2017-03-04 01:02 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-03-15 16:20 - 2017-03-04 01:02 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-03-15 16:20 - 2017-03-04 01:02 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-03-15 16:20 - 2017-03-04 01:02 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2017-03-15 16:20 - 2017-03-04 01:01 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-03-15 16:20 - 2017-03-04 01:01 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-03-15 16:20 - 2017-03-04 01:01 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-03-15 16:20 - 2017-03-04 01:01 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-03-15 16:20 - 2017-03-04 01:01 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-03-15 16:20 - 2017-03-04 01:01 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-03-15 16:20 - 2017-03-04 01:01 - 01571840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-03-15 16:20 - 2017-03-04 01:01 - 01564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-03-15 16:20 - 2017-03-04 01:01 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-03-15 16:20 - 2017-03-04 01:01 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2017-03-15 16:20 - 2017-03-04 01:01 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-03-15 16:20 - 2017-03-04 01:01 - 01154560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Pimstore.dll
2017-03-15 16:20 - 2017-03-04 01:01 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-03-15 16:20 - 2017-03-04 01:01 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-03-15 16:20 - 2017-03-04 01:01 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-03-15 16:20 - 2017-03-04 01:01 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-03-15 16:20 - 2017-03-04 01:01 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-03-15 16:20 - 2017-03-04 01:01 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2017-03-15 16:20 - 2017-03-04 01:01 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2017-03-15 16:20 - 2017-03-04 01:00 - 04557824 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-03-15 16:20 - 2017-03-04 01:00 - 02996736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-03-15 16:20 - 2017-03-04 01:00 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-03-15 16:20 - 2017-03-04 01:00 - 02003968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-03-15 16:20 - 2017-03-04 01:00 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-03-15 16:20 - 2017-03-04 01:00 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-03-15 16:20 - 2017-03-04 01:00 - 00862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-03-15 16:20 - 2017-03-04 01:00 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2017-03-15 16:20 - 2017-03-04 01:00 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2017-03-15 16:20 - 2017-03-04 01:00 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-03-15 16:20 - 2017-03-04 01:00 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-03-15 16:20 - 2017-03-04 01:00 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-03-15 16:20 - 2017-03-04 01:00 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-03-15 16:20 - 2017-03-04 01:00 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-03-15 16:20 - 2017-03-04 01:00 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2017-03-15 16:20 - 2017-03-04 01:00 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-03-15 16:20 - 2017-03-04 00:59 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-03-15 16:20 - 2017-03-04 00:59 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2017-03-15 16:20 - 2017-03-04 00:57 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-03-15 16:20 - 2017-03-04 00:57 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-03-15 16:20 - 2017-03-04 00:57 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-03-15 16:20 - 2017-03-04 00:57 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2017-03-15 16:20 - 2017-03-04 00:36 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-03-15 16:19 - 2017-03-04 02:26 - 00794416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-03-15 16:19 - 2017-03-04 02:24 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-03-15 16:19 - 2017-03-04 02:24 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2017-03-15 16:19 - 2017-03-04 02:24 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-03-15 16:19 - 2017-03-04 02:23 - 02512304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2017-03-15 16:19 - 2017-03-04 02:22 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-03-15 16:19 - 2017-03-04 02:19 - 02049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-03-15 16:19 - 2017-03-04 02:18 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-03-15 16:19 - 2017-03-04 02:18 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-03-15 16:19 - 2017-03-04 02:17 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2017-03-15 16:19 - 2017-03-04 02:15 - 01000280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-03-15 16:19 - 2017-03-04 02:10 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-03-15 16:19 - 2017-03-04 02:09 - 07220696 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-03-15 16:19 - 2017-03-04 02:09 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-03-15 16:19 - 2017-03-04 02:09 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-03-15 16:19 - 2017-03-04 02:09 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-03-15 16:19 - 2017-03-04 02:09 - 00527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2017-03-15 16:19 - 2017-03-04 02:09 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2017-03-15 16:19 - 2017-03-04 02:06 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-03-15 16:19 - 2017-03-04 02:04 - 08169536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-03-15 16:19 - 2017-03-04 02:04 - 01362512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2017-03-15 16:19 - 2017-03-04 02:04 - 01063472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-03-15 16:19 - 2017-03-04 02:03 - 22223968 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-03-15 16:19 - 2017-03-04 02:03 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-03-15 16:19 - 2017-03-04 02:03 - 01989072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-03-15 16:19 - 2017-03-04 02:03 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-03-15 16:19 - 2017-03-04 02:03 - 01723560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2017-03-15 16:19 - 2017-03-04 02:03 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-03-15 16:19 - 2017-03-04 02:03 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-03-15 16:19 - 2017-03-04 02:03 - 01454512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-03-15 16:19 - 2017-03-04 02:03 - 01301112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-03-15 16:19 - 2017-03-04 02:03 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-03-15 16:19 - 2017-03-04 02:03 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-03-15 16:19 - 2017-03-04 02:03 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2017-03-15 16:19 - 2017-03-04 02:03 - 00596040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2017-03-15 16:19 - 2017-03-04 02:03 - 00443232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-03-15 16:19 - 2017-03-04 02:03 - 00382272 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2017-03-15 16:19 - 2017-03-04 02:01 - 00137936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2017-03-15 16:19 - 2017-03-04 01:57 - 02536288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-03-15 16:19 - 2017-03-04 01:57 - 00387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-03-15 16:19 - 2017-03-04 01:39 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-03-15 16:19 - 2017-03-04 01:36 - 22565376 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-03-15 16:19 - 2017-03-04 01:36 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2017-03-15 16:19 - 2017-03-04 01:36 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-03-15 16:19 - 2017-03-04 01:36 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2017-03-15 16:19 - 2017-03-04 01:36 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-03-15 16:19 - 2017-03-04 01:35 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-03-15 16:19 - 2017-03-04 01:35 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-03-15 16:19 - 2017-03-04 01:34 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-03-15 16:19 - 2017-03-04 01:34 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-03-15 16:19 - 2017-03-04 01:34 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-03-15 16:19 - 2017-03-04 01:34 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-03-15 16:19 - 2017-03-04 01:34 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2017-03-15 16:19 - 2017-03-04 01:33 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-03-15 16:19 - 2017-03-04 01:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.UI.GameBar.dll
2017-03-15 16:19 - 2017-03-04 01:33 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2017-03-15 16:19 - 2017-03-04 01:32 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2017-03-15 16:19 - 2017-03-04 01:32 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-03-15 16:19 - 2017-03-04 01:32 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCCSEngineShared.dll
2017-03-15 16:19 - 2017-03-04 01:32 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-03-15 16:19 - 2017-03-04 01:31 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-03-15 16:19 - 2017-03-04 01:31 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2017-03-15 16:19 - 2017-03-04 01:31 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-03-15 16:19 - 2017-03-04 01:31 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-03-15 16:19 - 2017-03-04 01:30 - 00535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-03-15 16:19 - 2017-03-04 01:30 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-03-15 16:19 - 2017-03-04 01:30 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2017-03-15 16:19 - 2017-03-04 01:30 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2017-03-15 16:19 - 2017-03-04 01:30 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2017-03-15 16:19 - 2017-03-04 01:30 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2017-03-15 16:19 - 2017-03-04 01:29 - 01291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-03-15 16:19 - 2017-03-04 01:29 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-03-15 16:19 - 2017-03-04 01:29 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2017-03-15 16:19 - 2017-03-04 01:29 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi32.dll
2017-03-15 16:19 - 2017-03-04 01:29 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2017-03-15 16:19 - 2017-03-04 01:29 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-03-15 16:19 - 2017-03-04 01:29 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2017-03-15 16:19 - 2017-03-04 01:28 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-03-15 16:19 - 2017-03-04 01:28 - 00741888 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2017-03-15 16:19 - 2017-03-04 01:28 - 00556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-03-15 16:19 - 2017-03-04 01:28 - 00462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-03-15 16:19 - 2017-03-04 01:28 - 00390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2017-03-15 16:19 - 2017-03-04 01:28 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-03-15 16:19 - 2017-03-04 01:27 - 06574592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2017-03-15 16:19 - 2017-03-04 01:27 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2017-03-15 16:19 - 2017-03-04 01:27 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-03-15 16:19 - 2017-03-04 01:27 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-03-15 16:19 - 2017-03-04 01:27 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-03-15 16:19 - 2017-03-04 01:27 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-03-15 16:19 - 2017-03-04 01:27 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2017-03-15 16:19 - 2017-03-04 01:27 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-03-15 16:19 - 2017-03-04 01:27 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-03-15 16:19 - 2017-03-04 01:27 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-03-15 16:19 - 2017-03-04 01:27 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-03-15 16:19 - 2017-03-04 01:27 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2017-03-15 16:19 - 2017-03-04 01:26 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2017-03-15 16:19 - 2017-03-04 01:26 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-03-15 16:19 - 2017-03-04 01:26 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2017-03-15 16:19 - 2017-03-04 01:26 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanui.dll
2017-03-15 16:19 - 2017-03-04 01:26 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\DavSyncProvider.dll
2017-03-15 16:19 - 2017-03-04 01:26 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2017-03-15 16:19 - 2017-03-04 01:26 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-03-15 16:19 - 2017-03-04 01:25 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-03-15 16:19 - 2017-03-04 01:25 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2017-03-15 16:19 - 2017-03-04 01:25 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-03-15 16:19 - 2017-03-04 01:25 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-03-15 16:19 - 2017-03-04 01:25 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-15 16:19 - 2017-03-04 01:25 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-03-15 16:19 - 2017-03-04 01:25 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-03-15 16:19 - 2017-03-04 01:25 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2017-03-15 16:19 - 2017-03-04 01:25 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WPDShServiceObj.dll
2017-03-15 16:19 - 2017-03-04 01:24 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2017-03-15 16:19 - 2017-03-04 01:24 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-03-15 16:19 - 2017-03-04 01:23 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-03-15 16:19 - 2017-03-04 01:23 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-03-15 16:19 - 2017-03-04 01:23 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-03-15 16:19 - 2017-03-04 01:23 - 00945152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-03-15 16:19 - 2017-03-04 01:23 - 00820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintRenderAPIHost.DLL
2017-03-15 16:19 - 2017-03-04 01:23 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-03-15 16:19 - 2017-03-04 01:23 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-03-15 16:19 - 2017-03-04 01:23 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-03-15 16:19 - 2017-03-04 01:22 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2017-03-15 16:19 - 2017-03-04 01:21 - 06285824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-03-15 16:19 - 2017-03-04 01:21 - 01937920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2017-03-15 16:19 - 2017-03-04 01:21 - 00809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2017-03-15 16:19 - 2017-03-04 01:20 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-03-15 16:19 - 2017-03-04 01:19 - 23676416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-03-15 16:19 - 2017-03-04 01:19 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-03-15 16:19 - 2017-03-04 01:19 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-03-15 16:19 - 2017-03-04 01:19 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-03-15 16:19 - 2017-03-04 01:19 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-03-15 16:19 - 2017-03-04 01:18 - 17198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-03-15 16:19 - 2017-03-04 01:18 - 01762816 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2017-03-15 16:19 - 2017-03-04 01:18 - 01189376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2017-03-15 16:19 - 2017-03-04 01:18 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2017-03-15 16:19 - 2017-03-04 01:17 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-03-15 16:19 - 2017-03-04 01:17 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-03-15 16:19 - 2017-03-04 01:16 - 13441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-03-15 16:19 - 2017-03-04 01:16 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-03-15 16:19 - 2017-03-04 01:16 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2017-03-15 16:19 - 2017-03-04 01:16 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-03-15 16:19 - 2017-03-04 01:16 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2017-03-15 16:19 - 2017-03-04 01:16 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-03-15 16:19 - 2017-03-04 01:15 - 18362368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-03-15 16:19 - 2017-03-04 01:15 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-03-15 16:19 - 2017-03-04 01:13 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-03-15 16:19 - 2017-03-04 01:13 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-03-15 16:19 - 2017-03-04 01:13 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2017-03-15 16:19 - 2017-03-04 01:13 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2017-03-15 16:19 - 2017-03-04 01:12 - 13085184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-03-15 16:19 - 2017-03-04 01:12 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-03-15 16:19 - 2017-03-04 01:12 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-03-15 16:19 - 2017-03-04 01:12 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-03-15 16:19 - 2017-03-04 01:12 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-03-15 16:19 - 2017-03-04 01:11 - 03441664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-03-15 16:19 - 2017-03-04 01:11 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-03-15 16:19 - 2017-03-04 01:11 - 01891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-03-15 16:19 - 2017-03-04 01:10 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-03-15 16:19 - 2017-03-04 01:10 - 01917440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-03-15 16:19 - 2017-03-04 01:10 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2017-03-15 16:19 - 2017-03-04 01:10 - 01536000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-03-15 16:19 - 2017-03-04 01:10 - 01399296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Pimstore.dll
2017-03-15 16:19 - 2017-03-04 01:10 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-03-15 16:19 - 2017-03-04 01:10 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-03-15 16:19 - 2017-03-04 01:10 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-03-15 16:19 - 2017-03-04 01:10 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-03-15 16:19 - 2017-03-04 01:09 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-03-15 16:19 - 2017-03-04 01:09 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-03-15 16:19 - 2017-03-04 01:09 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2017-03-15 16:19 - 2017-03-04 01:09 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-03-15 16:19 - 2017-03-04 01:08 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-03-15 16:19 - 2017-03-04 01:08 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-03-15 16:19 - 2017-03-04 01:08 - 03405312 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-03-15 16:19 - 2017-03-04 01:08 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-03-15 16:19 - 2017-03-04 01:08 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-03-15 16:19 - 2017-03-04 01:08 - 01981440 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-03-15 16:19 - 2017-03-04 01:08 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-03-15 16:19 - 2017-03-04 01:08 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-03-15 16:19 - 2017-03-04 01:08 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-03-15 16:19 - 2017-03-04 01:07 - 12178944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-03-15 16:19 - 2017-03-04 01:07 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2017-03-15 16:19 - 2017-03-04 01:07 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2017-03-15 16:19 - 2017-03-04 01:07 - 01512448 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2017-03-15 16:19 - 2017-03-04 01:07 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-03-15 16:19 - 2017-03-04 01:07 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-03-15 16:19 - 2017-03-04 01:06 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-03-15 16:19 - 2017-03-04 01:06 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-03-15 16:19 - 2017-03-04 01:06 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-03-15 16:19 - 2017-03-04 01:06 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-03-15 16:19 - 2017-03-04 01:06 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-03-15 16:19 - 2017-03-04 01:06 - 01013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2017-03-15 16:19 - 2017-03-04 01:06 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2017-03-15 16:19 - 2017-03-04 01:05 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-03-15 16:19 - 2017-03-04 01:04 - 01826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-03-15 16:19 - 2017-03-04 01:04 - 00998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-03-15 16:19 - 2017-03-04 01:04 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-03-15 16:19 - 2017-03-04 01:04 - 00433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-03-15 16:19 - 2017-03-04 01:04 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2017-03-15 16:19 - 2017-03-04 01:01 - 01493504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2017-03-15 16:19 - 2017-02-21 21:17 - 00448285 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-03-15 16:18 - 2017-03-04 02:57 - 00192352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-03-15 16:18 - 2017-03-04 02:35 - 01617760 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-03-15 16:18 - 2017-03-04 02:35 - 01294688 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-03-15 16:18 - 2017-03-04 02:35 - 00655200 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-03-15 16:18 - 2017-03-04 02:35 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-03-15 16:18 - 2017-03-04 02:35 - 00378720 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-03-15 16:18 - 2017-03-04 02:35 - 00343904 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-03-15 16:18 - 2017-03-04 02:35 - 00315232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-03-15 16:18 - 2017-03-04 02:35 - 00242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-03-15 16:18 - 2017-03-04 02:35 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-03-15 16:18 - 2017-03-04 02:35 - 00086368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-03-15 16:18 - 2017-03-04 02:35 - 00038240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-03-15 16:18 - 2017-03-04 02:27 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-03-15 16:18 - 2017-03-04 02:25 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-03-15 16:18 - 2017-03-04 02:24 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-03-15 16:18 - 2017-03-04 02:24 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-03-15 16:18 - 2017-03-04 02:24 - 00646688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-03-15 16:18 - 2017-03-04 02:22 - 07786336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-03-15 16:18 - 2017-03-04 02:22 - 01354312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-03-15 16:18 - 2017-03-04 02:22 - 01172984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-03-15 16:18 - 2017-03-04 02:21 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-03-15 16:18 - 2017-03-04 02:19 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-03-15 16:18 - 2017-03-04 02:18 - 00219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL
2017-03-15 16:18 - 2017-03-04 02:15 - 00404320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2017-03-15 16:18 - 2017-03-04 02:15 - 00063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-03-15 16:18 - 2017-03-04 02:13 - 00635456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-03-15 16:18 - 2017-03-04 02:11 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-03-15 16:18 - 2017-03-04 02:11 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-03-15 16:18 - 2017-03-04 02:10 - 02828384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-03-15 16:18 - 2017-03-04 02:10 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-03-15 16:18 - 2017-03-04 02:09 - 02750384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-03-15 16:18 - 2017-03-04 02:09 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-03-15 16:18 - 2017-03-04 02:09 - 00681312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2017-03-15 16:18 - 2017-03-04 02:09 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-03-15 16:18 - 2017-03-04 02:09 - 00635864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-03-15 16:18 - 2017-03-04 02:09 - 00578392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-03-15 16:18 - 2017-03-04 02:09 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-03-15 16:18 - 2017-03-04 02:08 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-03-15 16:18 - 2017-03-04 02:08 - 00450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-03-15 16:18 - 2017-03-04 02:08 - 00342456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2017-03-15 16:18 - 2017-03-04 02:08 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-03-15 16:18 - 2017-03-04 02:07 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-03-15 16:18 - 2017-03-04 02:07 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-03-15 16:18 - 2017-03-04 02:07 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-03-15 16:18 - 2017-03-04 02:07 - 00682808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-03-15 16:18 - 2017-03-04 02:07 - 00432992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-03-15 16:18 - 2017-03-04 02:03 - 04674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-03-15 16:18 - 2017-03-04 02:03 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-03-15 16:18 - 2017-03-04 02:03 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-03-15 16:18 - 2017-03-04 02:03 - 00755648 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2017-03-15 16:18 - 2017-03-04 02:03 - 00523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2017-03-15 16:18 - 2017-03-04 02:03 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2017-03-15 16:18 - 2017-03-04 02:03 - 00241496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-03-15 16:18 - 2017-03-04 02:03 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-03-15 16:18 - 2017-03-04 01:59 - 01570208 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-03-15 16:18 - 2017-03-04 01:58 - 01416224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-03-15 16:18 - 2017-03-04 01:58 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-03-15 16:18 - 2017-03-04 01:42 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-03-15 16:18 - 2017-03-04 01:37 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-03-15 16:18 - 2017-03-04 01:36 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2017-03-15 16:18 - 2017-03-04 01:35 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddrawex.dll
2017-03-15 16:18 - 2017-03-04 01:33 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-03-15 16:18 - 2017-03-04 01:33 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-03-15 16:18 - 2017-03-04 01:33 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2017-03-15 16:18 - 2017-03-04 01:31 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2017-03-15 16:18 - 2017-03-04 01:31 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2017-03-15 16:18 - 2017-03-04 01:31 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2017-03-15 16:18 - 2017-03-04 01:30 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-03-15 16:18 - 2017-03-04 01:30 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-03-15 16:18 - 2017-03-04 01:30 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-03-15 16:18 - 2017-03-04 01:30 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-03-15 16:18 - 2017-03-04 01:30 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2017-03-15 16:18 - 2017-03-04 01:30 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2017-03-15 16:18 - 2017-03-04 01:30 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2017-03-15 16:18 - 2017-03-04 01:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2017-03-15 16:18 - 2017-03-04 01:29 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-03-15 16:18 - 2017-03-04 01:29 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-03-15 16:18 - 2017-03-04 01:29 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-03-15 16:18 - 2017-03-04 01:29 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-03-15 16:18 - 2017-03-04 01:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2017-03-15 16:18 - 2017-03-04 01:28 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-03-15 16:18 - 2017-03-04 01:28 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2017-03-15 16:18 - 2017-03-04 01:28 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-03-15 16:18 - 2017-03-04 01:28 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2017-03-15 16:18 - 2017-03-04 01:28 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-03-15 16:18 - 2017-03-04 01:28 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-03-15 16:18 - 2017-03-04 01:27 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2017-03-15 16:18 - 2017-03-04 01:27 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-03-15 16:18 - 2017-03-04 01:27 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-03-15 16:18 - 2017-03-04 01:27 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-03-15 16:18 - 2017-03-04 01:27 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-03-15 16:18 - 2017-03-04 01:26 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-03-15 16:18 - 2017-03-04 01:26 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-03-15 16:18 - 2017-03-04 01:26 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2017-03-15 16:18 - 2017-03-04 01:26 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-03-15 16:18 - 2017-03-04 01:26 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2017-03-15 16:18 - 2017-03-04 01:26 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-03-15 16:18 - 2017-03-04 01:26 - 00264704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-03-15 16:18 - 2017-03-04 01:26 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-03-15 16:18 - 2017-03-04 01:25 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-03-15 16:18 - 2017-03-04 01:25 - 01016320 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-03-15 16:18 - 2017-03-04 01:25 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-03-15 16:18 - 2017-03-04 01:25 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-03-15 16:18 - 2017-03-04 01:24 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-03-15 16:18 - 2017-03-04 01:24 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-03-15 16:18 - 2017-03-04 01:24 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-03-15 16:18 - 2017-03-04 01:24 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2017-03-15 16:18 - 2017-03-04 01:23 - 03753984 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2017-03-15 16:18 - 2017-03-04 01:23 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-03-15 16:18 - 2017-03-04 01:23 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-03-15 16:18 - 2017-03-04 01:23 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-03-15 16:18 - 2017-03-04 01:23 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-03-15 16:18 - 2017-03-04 01:23 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-03-15 16:18 - 2017-03-04 01:23 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2017-03-15 16:18 - 2017-03-04 01:22 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-03-15 16:18 - 2017-03-04 01:22 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-03-15 16:18 - 2017-03-04 01:21 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-03-15 16:18 - 2017-03-04 01:21 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-03-15 16:18 - 2017-03-04 01:20 - 01913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-03-15 16:18 - 2017-03-04 01:20 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-03-15 16:18 - 2017-03-04 01:20 - 01280512 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-03-15 16:18 - 2017-03-04 01:20 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-03-15 16:18 - 2017-03-04 01:20 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-03-15 16:18 - 2017-03-04 01:20 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2017-03-15 16:18 - 2017-03-04 01:19 - 01639424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-03-15 16:18 - 2017-03-04 01:19 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-03-15 16:18 - 2017-03-04 01:19 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-03-15 16:18 - 2017-03-04 01:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-03-15 16:18 - 2017-03-04 01:19 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Tabbtn.dll
2017-03-15 16:18 - 2017-03-04 01:18 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-03-15 16:18 - 2017-03-04 01:17 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-03-15 16:18 - 2017-03-04 01:17 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-03-15 16:18 - 2017-03-04 01:17 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2017-03-15 16:18 - 2017-03-04 01:17 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-03-15 16:18 - 2017-03-04 01:17 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-03-15 16:18 - 2017-03-04 01:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-03-15 16:18 - 2017-03-04 01:16 - 03289088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-03-15 16:18 - 2017-03-04 01:16 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-03-15 16:18 - 2017-03-04 01:15 - 09130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-03-15 16:18 - 2017-03-04 01:15 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-03-15 16:18 - 2017-03-04 01:15 - 01837056 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-03-15 16:18 - 2017-03-04 01:14 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-03-15 16:18 - 2017-03-04 01:14 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2017-03-15 16:18 - 2017-03-04 01:14 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-03-15 16:18 - 2017-03-04 01:14 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-03-15 16:18 - 2017-03-04 01:13 - 19411968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-03-15 16:18 - 2017-03-04 01:13 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2017-03-15 16:18 - 2017-03-04 01:13 - 00961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2017-03-15 16:18 - 2017-03-04 01:13 - 00937472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-03-15 16:18 - 2017-03-04 01:13 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-03-15 16:18 - 2017-03-04 01:13 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-03-15 16:18 - 2017-03-04 01:13 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2017-03-15 16:18 - 2017-03-04 01:13 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2017-03-15 16:18 - 2017-03-04 01:13 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2017-03-15 16:18 - 2017-03-04 01:12 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-03-15 16:18 - 2017-03-04 01:12 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-03-15 16:18 - 2017-03-04 01:12 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2017-03-15 16:18 - 2017-03-04 01:12 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-03-15 16:18 - 2017-03-04 01:11 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-03-15 16:18 - 2017-03-04 01:11 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2017-03-15 16:18 - 2017-03-04 01:11 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-03-15 16:18 - 2017-03-04 01:11 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-03-15 16:18 - 2017-03-04 01:11 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-03-15 16:18 - 2017-03-04 01:11 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-03-15 16:18 - 2017-03-04 01:11 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2017-03-15 16:18 - 2017-03-04 01:11 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2017-03-15 16:18 - 2017-03-04 01:11 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2017-03-15 16:18 - 2017-03-04 01:10 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-03-15 16:18 - 2017-03-04 01:10 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-03-15 16:18 - 2017-03-04 01:10 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-03-15 16:18 - 2017-03-04 01:10 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-03-15 16:18 - 2017-03-04 01:10 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-03-15 16:18 - 2017-03-04 01:10 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-03-15 16:18 - 2017-03-04 01:10 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-03-15 16:18 - 2017-03-04 01:10 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2017-03-15 16:18 - 2017-03-04 01:09 - 08125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-03-15 16:18 - 2017-03-04 01:09 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-03-15 16:18 - 2017-03-04 01:08 - 01780224 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-03-15 16:18 - 2017-03-04 01:08 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2017-03-15 16:18 - 2017-03-04 01:07 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-03-15 16:18 - 2017-03-04 01:07 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-03-15 16:18 - 2017-03-04 01:07 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-03-15 16:18 - 2017-03-04 01:07 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2017-03-15 16:18 - 2017-03-04 01:07 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-03-15 16:18 - 2017-03-04 01:07 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-03-15 16:18 - 2017-03-04 01:07 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-03-15 16:18 - 2017-03-04 01:07 - 01348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2017-03-15 16:18 - 2017-03-04 01:07 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-03-15 16:18 - 2017-03-04 01:07 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-03-15 16:18 - 2017-03-04 01:07 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-03-15 16:18 - 2017-03-04 01:07 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-03-15 16:18 - 2017-03-04 01:07 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-03-15 16:18 - 2017-03-04 01:06 - 05384192 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2017-03-15 16:18 - 2017-03-04 01:06 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-03-15 16:18 - 2017-03-04 01:06 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-03-15 16:18 - 2017-03-04 01:06 - 04060672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-03-15 16:18 - 2017-03-04 01:06 - 03614720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-03-15 16:18 - 2017-03-04 01:06 - 03202048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-03-15 16:18 - 2017-03-04 01:06 - 02475008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-03-15 16:18 - 2017-03-04 01:06 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-03-15 16:18 - 2017-03-04 01:06 - 02287104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-03-15 16:18 - 2017-03-04 01:06 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2017-03-15 16:18 - 2017-03-04 01:06 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2017-03-15 16:18 - 2017-03-04 01:05 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-03-15 16:18 - 2017-03-04 01:05 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-03-15 16:18 - 2017-03-04 01:05 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-03-15 16:18 - 2017-03-04 01:05 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-03-15 16:18 - 2017-03-04 01:03 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-03-15 16:18 - 2017-03-04 01:03 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-03-15 16:18 - 2017-03-04 01:03 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-03-15 16:18 - 2017-03-04 01:02 - 00510464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2017-03-15 16:18 - 2017-03-04 01:01 - 03478528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2017-03-15 16:18 - 2017-03-04 01:00 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-03-15 16:18 - 2016-07-15 21:29 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\CspCellularSettings.dll
2017-03-15 16:18 - 2016-07-15 21:28 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-03-15 16:18 - 2016-07-15 21:26 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-03-15 16:17 - 2017-03-04 02:35 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-03-15 16:17 - 2017-03-04 02:24 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2017-03-15 16:17 - 2017-03-04 02:20 - 00379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2017-03-15 16:17 - 2017-03-04 02:20 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-03-15 16:17 - 2017-03-04 02:18 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-03-15 16:17 - 2017-03-04 02:09 - 00178520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-03-15 16:17 - 2017-03-04 02:08 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-03-15 16:17 - 2017-03-04 02:07 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-03-15 16:17 - 2017-03-04 02:07 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-03-15 16:17 - 2017-03-04 02:07 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-03-15 16:17 - 2017-03-04 02:07 - 00989016 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-03-15 16:17 - 2017-03-04 02:07 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2017-03-15 16:17 - 2017-03-04 02:07 - 00110944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2017-03-15 16:17 - 2017-03-04 02:07 - 00080224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-03-15 16:17 - 2017-03-04 02:03 - 00038768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2017-03-15 16:17 - 2017-03-04 02:01 - 00201568 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-03-15 16:17 - 2017-03-04 02:01 - 00128648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2017-03-15 16:17 - 2017-03-04 01:58 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2017-03-15 16:17 - 2017-03-04 01:57 - 00372432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-03-15 16:17 - 2017-03-04 01:37 - 00025088 _____ C:\WINDOWS\system32\GamePanelExternalHook.dll
2017-03-15 16:17 - 2017-03-04 01:36 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfp.dll
2017-03-15 16:17 - 2017-03-04 01:36 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-03-15 16:17 - 2017-03-04 01:36 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-03-15 16:17 - 2017-03-04 01:35 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-03-15 16:17 - 2017-03-04 01:34 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-03-15 16:17 - 2017-03-04 01:34 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfui.dll
2017-03-15 16:17 - 2017-03-04 01:34 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-03-15 16:17 - 2017-03-04 01:33 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-03-15 16:17 - 2017-03-04 01:33 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2017-03-15 16:17 - 2017-03-04 01:33 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothDesktopHandlers.dll
2017-03-15 16:17 - 2017-03-04 01:33 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\XInputUap.dll
2017-03-15 16:17 - 2017-03-04 01:32 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-03-15 16:17 - 2017-03-04 01:32 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-03-15 16:17 - 2017-03-04 01:32 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-03-15 16:17 - 2017-03-04 01:32 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2017-03-15 16:17 - 2017-03-04 01:32 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-03-15 16:17 - 2017-03-04 01:31 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-03-15 16:17 - 2017-03-04 01:31 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-03-15 16:17 - 2017-03-04 01:30 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscandui.dll
2017-03-15 16:17 - 2017-03-04 01:30 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-03-15 16:17 - 2017-03-04 01:30 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2017-03-15 16:17 - 2017-03-04 01:30 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-03-15 16:17 - 2017-03-04 01:29 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-03-15 16:17 - 2017-03-04 01:29 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-03-15 16:17 - 2017-03-04 01:28 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-03-15 16:17 - 2017-03-04 01:28 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-03-15 16:17 - 2017-03-04 01:28 - 00623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPTpm12.dll
2017-03-15 16:17 - 2017-03-04 01:28 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2017-03-15 16:17 - 2017-03-04 01:28 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-03-15 16:17 - 2017-03-04 01:28 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-03-15 16:17 - 2017-03-04 01:28 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-03-15 16:17 - 2017-03-04 01:28 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-03-15 16:17 - 2017-03-04 01:27 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-03-15 16:17 - 2017-03-04 01:27 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-03-15 16:17 - 2017-03-04 01:27 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-03-15 16:17 - 2017-03-04 01:27 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-03-15 16:17 - 2017-03-04 01:27 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-03-15 16:17 - 2017-03-04 01:26 - 00643072 _____ (Microsoft Corporation) C:\WINDOWS\system32\main.cpl
2017-03-15 16:17 - 2017-03-04 01:26 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-03-15 16:17 - 2017-03-04 01:26 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2017-03-15 16:17 - 2017-03-04 01:26 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-03-15 16:17 - 2017-03-04 01:26 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-03-15 16:17 - 2017-03-04 01:26 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-03-15 16:17 - 2017-03-04 01:26 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-03-15 16:17 - 2017-03-04 01:25 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-03-15 16:17 - 2017-03-04 01:24 - 01092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2017-03-15 16:17 - 2017-03-04 01:24 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2017-03-15 16:17 - 2017-03-04 01:24 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-03-15 16:17 - 2017-03-04 01:24 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll
2017-03-15 16:17 - 2017-03-04 01:24 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-03-15 16:17 - 2017-03-04 01:23 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2017-03-15 16:17 - 2017-03-04 01:22 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-03-15 16:17 - 2017-03-04 01:21 - 00776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabletPC.cpl
2017-03-15 16:17 - 2017-03-04 01:21 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-03-15 16:17 - 2017-03-04 01:20 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-03-15 16:17 - 2017-03-04 01:20 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2017-03-15 16:17 - 2017-03-04 01:19 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-03-15 16:17 - 2017-03-04 01:19 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\tabcal.exe
2017-03-15 16:17 - 2017-03-04 01:18 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2017-03-15 16:17 - 2017-03-04 01:18 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\regedit.exe
2017-03-15 16:17 - 2017-03-04 01:16 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2017-03-15 16:17 - 2017-03-04 01:16 - 00583168 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-03-15 16:17 - 2017-03-04 01:15 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2017-03-15 16:17 - 2017-03-04 01:14 - 01562112 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2017-03-15 16:17 - 2017-03-04 01:14 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2017-03-15 16:17 - 2017-03-04 01:14 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-03-15 16:17 - 2017-03-04 01:14 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2017-03-15 16:17 - 2017-03-04 01:13 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-03-15 16:17 - 2017-03-04 01:13 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2017-03-15 16:17 - 2017-03-04 01:13 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MultiDigiMon.exe
2017-03-15 16:17 - 2017-03-04 01:11 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2017-03-15 16:17 - 2017-03-04 01:11 - 00818176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-03-15 16:17 - 2017-03-04 01:10 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-03-15 16:17 - 2017-03-04 01:10 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-03-15 16:17 - 2017-03-04 01:10 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-03-15 16:17 - 2017-03-04 01:09 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2017-03-15 16:17 - 2017-03-04 01:08 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2017-03-15 16:17 - 2017-03-04 01:08 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2017-03-15 16:17 - 2017-03-04 01:07 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-03-15 16:17 - 2017-03-04 01:07 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2017-03-15 16:17 - 2017-03-04 01:05 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-03-15 16:17 - 2017-03-04 01:04 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2017-03-15 16:17 - 2016-05-29 13:38 - 08886976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSetup.exe
2017-03-14 17:21 - 2017-03-14 17:21 - 00002771 _____ C:\Users\Public\Desktop\Business Plan Pro.lnk
2017-03-11 01:02 - 2017-03-15 23:04 - 00000000 ____D C:\Users\Michael Montes\AppData\Roaming\Imminent
2017-03-11 01:01 - 2017-03-17 10:28 - 00000000 ____D C:\Users\Michael Montes\AppData\Local\CyberGhost
2017-03-11 01:01 - 2017-03-11 01:01 - 00002073 _____ C:\Users\Michael Montes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberGhost 6.lnk
2017-03-11 01:01 - 2017-03-11 01:01 - 00000000 ____D C:\WINDOWS\System32\Tasks\Update
2017-03-11 01:01 - 2017-03-11 01:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 6
2017-03-11 01:01 - 2017-03-11 01:01 - 00000000 ____D C:\Program Files\CyberGhost 6
2017-03-09 13:07 - 2017-03-09 13:08 - 46434866 _____ C:\Users\Michael Montes\Downloads\SamsungToolPRO 24.3 Crack 100% Tested By Gsm Pagla.rar
2017-03-09 10:50 - 2017-03-09 10:50 - 04871297 _____ C:\Users\Michael Montes\Downloads\Web-Services-Company-Website-Template-Free-PSD.zip
2017-03-09 09:34 - 2017-03-09 09:34 - 01201708 _____ C:\Users\Michael Montes\Downloads\0.92652400 1408908519Devices Mockup.zip
2017-03-08 13:55 - 2017-03-08 13:55 - 00080162 _____ C:\Users\Michael Montes\Downloads\US_PassportTemplate_v1.zip
2017-03-07 20:49 - 2017-03-29 19:52 - 00000000 ____D C:\Users\Michael Montes\Desktop\WEBPLUS
2017-03-07 20:49 - 2017-03-07 20:53 - 00000000 ____D C:\Users\Michael Montes\Desktop\ROOT
2017-03-07 20:30 - 2017-03-07 20:30 - 00000181 _____ C:\Users\Michael Montes\Desktop\error_log
2017-03-06 14:19 - 2017-03-06 14:19 - 00158814 _____ C:\Users\Michael Montes\Downloads\SAT.pdf
mickeymontes
 
Posts: 4
Joined: Fri Mar 31, 2017 5:48 pm

Re: hijckthis log

Postby mickeymontes » Wed Apr 05, 2017 6:29 pm

FRST LOG part 2:

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-05 12:50 - 2016-10-27 21:31 - 00173805 _____ C:\WINDOWS\ZAM.krnl.trace
2017-04-05 12:50 - 2016-10-27 21:31 - 00132723 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2017-04-05 12:26 - 2015-07-31 16:06 - 00000000 ____D C:\Users\Michael Montes\AppData\Local\ClassicShell
2017-04-05 12:25 - 2016-10-27 04:10 - 00000000 ____D C:\ProgramData\NVIDIA
2017-04-05 11:55 - 2016-10-27 04:16 - 00000000 ____D C:\Users\Michael Montes
2017-04-05 11:55 - 2015-11-29 11:38 - 00000000 ____D C:\Users\Michael Montes\AppData\Roaming\FileZilla
2017-04-05 11:30 - 2016-10-27 04:05 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-04-05 11:25 - 2015-08-03 14:04 - 497307648 _____ C:\Users\Michael Montes\AppData\Local\SageThumbs.db3
2017-04-05 11:02 - 2016-11-18 11:07 - 00000000 ____D C:\Users\Michael Montes\AppData\LocalLow\Mozilla
2017-04-05 11:00 - 2016-11-01 13:22 - 00000000 ____D C:\Users\Michael Montes\Documents\Plantillas personalizadas de Office
2017-04-04 19:52 - 2015-08-03 10:32 - 00000000 ____D C:\Users\Michael Montes\Desktop\LUCIANA
2017-04-04 19:46 - 2016-07-16 06:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-04-04 19:46 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-04-04 19:44 - 2015-08-03 08:43 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-03 11:40 - 2015-12-01 11:53 - 00000000 ____D C:\Users\Michael Montes\AppData\Local\CrashDumps
2017-04-03 11:30 - 2015-12-29 21:10 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5
2017-04-03 11:23 - 2017-02-01 12:54 - 00003060 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (MichaelMontes)
2017-04-03 11:23 - 2016-07-16 17:40 - 01219032 _____ C:\WINDOWS\system32\perfh00A.dat
2017-04-03 11:23 - 2016-07-16 17:40 - 00292694 _____ C:\WINDOWS\system32\perfc00A.dat
2017-04-03 11:23 - 2015-08-06 08:27 - 02773976 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-03 11:20 - 2016-10-27 04:09 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-04-03 11:18 - 2016-10-27 04:55 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-03 02:40 - 2016-10-27 04:05 - 07010768 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-04-03 01:51 - 2016-10-27 11:09 - 00000000 ____D C:\Users\Michael Montes\AppData\Roaming\Spotify
2017-04-03 01:46 - 2016-10-27 11:10 - 00000000 ____D C:\Users\Michael Montes\AppData\Local\Spotify
2017-04-03 00:50 - 2015-08-03 22:29 - 00000000 ____D C:\Users\Michael Montes\AppData\Roaming\vlc
2017-04-02 12:26 - 2015-12-21 14:44 - 00000000 ____D C:\Users\Michael Montes\Desktop\03. GCL WEB DIVISION
2017-03-31 18:36 - 2016-10-27 04:16 - 00000000 ____D C:\Users\LUCIANA
2017-03-31 18:36 - 2016-05-04 17:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-31 18:36 - 2015-07-31 16:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-31 18:35 - 2016-07-16 01:04 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-03-31 18:34 - 2015-07-31 18:41 - 00000000 ____D C:\Users\Michael Montes\AppData\Roaming\Azureus
2017-03-31 13:09 - 2015-11-29 11:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2017-03-31 13:09 - 2015-11-29 11:38 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2017-03-31 12:45 - 2015-07-31 18:41 - 00000000 ____D C:\Users\Michael Montes\Documents\Vuze Downloads
2017-03-30 23:29 - 2015-10-04 08:51 - 00000000 ____D C:\Users\Michael Montes\Desktop\PSD PARA REVISAR
2017-03-30 20:10 - 2015-08-08 17:39 - 00260096 _____ C:\Users\LUCIANA\AppData\Local\SageThumbs.db3
2017-03-28 18:11 - 2015-12-23 21:53 - 00000000 ____D C:\Users\Michael Montes\Documents\K FILES
2017-03-27 12:49 - 2015-07-31 15:39 - 00000000 ____D C:\Users\Michael Montes\AppData\Local\Packages
2017-03-27 12:45 - 2017-01-20 09:17 - 00000000 ____D C:\Users\Michael Montes\Desktop\EMILIA
2017-03-27 12:44 - 2015-08-07 18:26 - 00000000 ____D C:\Users\Michael Montes\Desktop\02. GCL DESIGN DIVISION
2017-03-27 11:10 - 2015-08-01 17:13 - 00000000 ___RD C:\Users\Michael Montes\Desktop\PROGRAMAS
2017-03-27 11:08 - 2015-08-09 19:25 - 00000000 ____D C:\Users\Michael Montes\Desktop\DESIGN ELEMENTS
2017-03-26 16:45 - 2015-07-31 22:28 - 00000000 ____D C:\Users\Michael Montes\AppData\LocalLow\Adobe
2017-03-25 14:51 - 2016-12-10 08:31 - 00000000 ____D C:\Users\LUCIANA\AppData\LocalLow\Mozilla
2017-03-25 14:49 - 2016-04-27 00:43 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-03-25 14:49 - 2015-08-08 17:39 - 00000000 __SHD C:\Users\LUCIANA\IntelGraphicsProfiles
2017-03-25 14:49 - 2015-08-08 17:39 - 00000000 ____D C:\Users\LUCIANA\AppData\Local\Packages
2017-03-25 04:08 - 2015-08-02 15:39 - 00000000 ____D C:\Users\Michael Montes\Downloads\PopcornTime
2017-03-25 03:20 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-03-24 12:32 - 2015-11-04 11:00 - 00000034 _____ C:\Users\Michael Montes\AppData\Roaming\AdobeWLCMCache.dat
2017-03-23 19:32 - 2015-12-27 17:55 - 00001456 _____ C:\Users\Michael Montes\AppData\Local\Adobe Save for Web 13.0 Prefs
2017-03-22 11:18 - 2017-01-03 09:53 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-22 10:29 - 2015-07-31 18:41 - 00001865 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk
2017-03-22 10:29 - 2015-07-31 18:41 - 00000000 ____D C:\Program Files\Vuze
2017-03-21 14:37 - 2016-10-27 16:49 - 00000000 ____D C:\Users\Michael Montes\AppData\Roaming\DAEMON Tools Lite
2017-03-21 12:45 - 2016-10-27 04:09 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-03-21 11:38 - 2015-11-04 09:54 - 00000000 ____D C:\Users\Michael Montes\AppData\Local\Xara
2017-03-21 09:58 - 2015-11-04 09:54 - 00000000 ____D C:\Users\Michael Montes\AppData\Roaming\MAGIX
2017-03-20 21:49 - 2015-11-04 09:49 - 00000000 ____D C:\ProgramData\MAGIX
2017-03-20 21:47 - 2016-05-01 20:11 - 00000000 ____D C:\Program Files\Xara
2017-03-20 21:47 - 2015-12-27 19:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xara
2017-03-20 21:47 - 2015-11-04 09:55 - 00000000 ____D C:\ProgramData\Xara
2017-03-20 21:32 - 2016-07-16 06:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-20 21:31 - 2015-06-09 08:34 - 00000000 ____D C:\Temp
2017-03-20 21:30 - 2016-10-27 04:09 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-03-20 21:30 - 2015-06-09 08:28 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-03-18 08:50 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\rescache
2017-03-17 23:59 - 2016-12-16 14:57 - 00208679 ____H C:\Users\Michael Montes\AppData\Local\IconCache.db.backup
2017-03-17 23:59 - 2015-06-09 08:18 - 00000000 ____D C:\ProgramData\Temp
2017-03-17 13:46 - 2017-02-22 10:58 - 00000000 ___RD C:\Users\Michael Montes\Desktop\FOJAL
2017-03-17 10:41 - 2016-12-31 13:44 - 00003296 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-03-17 10:41 - 2015-08-06 08:40 - 00002466 _____ C:\Users\Michael Montes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-03-17 10:41 - 2015-08-06 08:40 - 00000000 ___RD C:\Users\Michael Montes\OneDrive
2017-03-17 10:39 - 2017-01-10 13:43 - 00000000 ____D C:\Users\Michael Montes\Desktop\ANTIVIRUS
2017-03-17 10:37 - 2017-02-23 11:53 - 00000000 ____D C:\Users\Michael Montes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MobiKin
2017-03-16 21:49 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-03-16 21:49 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-03-16 21:49 - 2015-07-31 22:20 - 00000000 ____D C:\Users\Michael Montes\AppData\Local\Adobe
2017-03-16 21:43 - 2016-10-27 04:55 - 00004394 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-03-16 20:01 - 2017-02-01 13:35 - 00059448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-03-16 20:01 - 2016-10-27 04:09 - 00512960 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-03-16 20:01 - 2016-10-27 04:09 - 00418752 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2017-03-16 20:01 - 2016-10-11 11:28 - 04078008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-03-16 20:01 - 2016-10-11 11:28 - 03597456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-03-16 20:01 - 2016-10-11 11:28 - 00043636 _____ C:\WINDOWS\system32\nvinfo.pb
2017-03-16 18:31 - 2016-10-11 09:49 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-03-16 18:16 - 2016-10-27 04:10 - 06401984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-03-16 18:16 - 2016-10-27 04:10 - 02477504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-03-16 18:16 - 2016-10-27 04:10 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-03-16 18:16 - 2016-10-27 04:10 - 00549944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-03-16 18:16 - 2016-10-27 04:10 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-03-16 18:16 - 2016-10-27 04:10 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-03-16 18:16 - 2016-10-27 04:10 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-03-16 11:47 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-03-16 11:47 - 2016-07-16 06:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-03-16 08:49 - 2016-12-05 16:23 - 00000000 ____D C:\WINDOWS\Minidump
2017-03-16 08:49 - 2015-06-09 10:18 - 00480951 ____N C:\WINDOWS\Minidump\031617-57859-01.dmp
2017-03-16 04:39 - 2016-10-27 04:10 - 07813427 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-03-15 23:01 - 2015-07-31 23:29 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-03-15 22:00 - 2016-07-16 06:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-03-15 22:00 - 2016-07-16 06:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-03-15 22:00 - 2016-07-16 06:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2017-03-15 22:00 - 2016-07-16 06:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-03-15 22:00 - 2016-07-16 06:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-03-15 22:00 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2017-03-15 22:00 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\setup
2017-03-15 22:00 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-03-15 22:00 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-03-15 22:00 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2017-03-15 22:00 - 2016-07-16 06:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-03-15 22:00 - 2016-07-16 06:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-03-15 22:00 - 2016-07-16 06:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-03-15 21:49 - 2015-06-09 10:18 - 00415323 ____N C:\WINDOWS\Minidump\031517-44937-01.dmp
2017-03-15 16:40 - 2015-07-31 23:29 - 138634176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-03-15 09:07 - 2016-10-27 04:16 - 00000000 ____D C:\Users\Alejandra
2017-03-15 09:05 - 2015-06-09 10:18 - 00411739 ____N C:\WINDOWS\Minidump\031517-61515-01.dmp
2017-03-14 17:21 - 2016-09-02 11:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Business Plan Pro
2017-03-14 10:34 - 2015-08-01 11:26 - 00000000 ____D C:\Users\Michael Montes\Desktop\DWNLD PX
2017-03-14 09:53 - 2015-06-09 08:22 - 00000000 ____D C:\ProgramData\Package Cache
2017-03-10 15:29 - 2016-10-27 04:55 - 00003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-10 15:28 - 2017-02-01 13:36 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-10 15:28 - 2016-10-27 04:55 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-10 15:28 - 2016-10-27 04:55 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-10 15:28 - 2016-10-27 04:55 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-10 15:28 - 2016-10-27 04:55 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-10 15:28 - 2016-10-27 04:55 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-10 15:28 - 2015-07-31 15:41 - 00000000 ____D C:\Users\Michael Montes\AppData\Local\NVIDIA Corporation
2017-03-10 06:28 - 2017-02-07 14:09 - 00000000 ____D C:\Users\Michael Montes\Desktop\PASAPORTE
2017-03-10 00:17 - 2016-07-16 06:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-03-10 00:17 - 2016-07-16 06:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-09 13:09 - 2017-01-03 13:02 - 00000000 ____D C:\Users\Michael Montes\Desktop\SAMSUNG TOOL
2017-03-07 21:27 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-07 21:22 - 2015-08-08 17:43 - 00002445 _____ C:\Users\LUCIANA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-03-07 21:22 - 2015-08-08 17:43 - 00000000 ___RD C:\Users\LUCIANA\OneDrive

==================== Files in the root of some directories =======

2015-07-31 19:48 - 2015-07-31 19:48 - 27093992 _____ (McAfee) C:\Program Files (x86)\Common Files\lpuninstall.exe
2015-08-03 09:22 - 2015-08-04 15:30 - 0000132 _____ () C:\Users\Michael Montes\AppData\Roaming\Adobe PNG Format CS6 Prefs
2015-11-04 11:00 - 2017-03-24 12:32 - 0000034 _____ () C:\Users\Michael Montes\AppData\Roaming\AdobeWLCMCache.dat
2016-09-01 17:03 - 2017-03-14 17:23 - 0064230 _____ () C:\Users\Michael Montes\AppData\Roaming\bppenu11.log
2016-08-07 22:31 - 2017-02-28 13:17 - 0000112 _____ () C:\Users\Michael Montes\AppData\Roaming\JP2K CS6 Prefs
2017-01-10 10:07 - 2017-02-03 09:01 - 0601088 _____ () C:\Users\Michael Montes\AppData\Roaming\SharedSettings.ccs
2015-08-03 10:18 - 2016-12-13 23:37 - 0000010 _____ () C:\Users\Michael Montes\AppData\Local\.DG212F11-EC8C-210D-DE1E-D9584D18D740
2015-12-27 17:55 - 2017-03-23 19:32 - 0001456 _____ () C:\Users\Michael Montes\AppData\Local\Adobe Save for Web 13.0 Prefs
2017-03-01 10:52 - 2017-03-01 10:53 - 0000600 _____ () C:\Users\Michael Montes\AppData\Local\PUTTY.RND
2015-08-10 22:53 - 2017-01-20 11:51 - 0007671 _____ () C:\Users\Michael Montes\AppData\Local\Resmon.ResmonCfg
2015-08-03 14:04 - 2017-04-05 11:25 - 497307648 _____ () C:\Users\Michael Montes\AppData\Local\SageThumbs.db3
2015-08-03 10:18 - 2016-12-13 23:37 - 0000010 _____ () C:\ProgramData\.D6E5339F-CB2B-32C1-CD2D-C0295C19C822
2015-08-03 10:30 - 2015-08-06 13:39 - 0000075 _____ () C:\ProgramData\.SF170
2016-10-27 04:10 - 2016-10-27 04:10 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-09-27 16:38 - 2016-09-28 10:47 - 0001947 _____ () C:\ProgramData\hpzinstall.log
2016-12-10 14:30 - 2016-12-10 14:30 - 0000016 _____ () C:\ProgramData\mntexmp
2016-12-19 20:15 - 2017-02-01 13:35 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-19 20:15 - 2017-02-01 12:50 - 0004090 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
2015-06-09 08:22 - 2015-06-09 08:22 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2015-06-09 08:18 - 2015-06-09 08:19 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2015-06-09 08:20 - 2015-06-09 08:20 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2015-06-09 08:21 - 2015-06-09 08:22 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2015-06-09 08:18 - 2015-06-09 08:18 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Files to move or delete:
====================
C:\Users\Alejandra\CAMBIO DE USUARIO.exe


Some files in TEMP:
====================
2017-03-08 09:37 - 2017-03-08 09:37 - 1662032 _____ () C:\Users\Michael Montes\AppData\Local\Temp\CyberGhost.exe
2015-12-18 19:47 - 2015-12-18 19:47 - 0599248 _____ (AnchorFree Inc.) C:\Users\Michael Montes\AppData\Local\Temp\HssInstaller.exe
2017-02-25 12:08 - 2017-03-31 12:44 - 0079904 _____ () C:\Users\Michael Montes\AppData\Local\Temp\i4jdel0.exe
2017-03-20 21:27 - 2016-10-01 14:25 - 0345024 _____ (NVIDIA Corporation) C:\Users\Michael Montes\AppData\Local\Temp\nvStInst.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-04-02 18:37

==================== End of FRST.txt ============================
mickeymontes
 
Posts: 4
Joined: Fri Mar 31, 2017 5:48 pm

Re: hijckthis log

Postby mickeymontes » Wed Apr 05, 2017 6:30 pm

ADDITION LOG:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by MichaelMontes (05-04-2017 12:52:16)
Running from C:\Users\Michael Montes\Downloads
Windows 10 Home Single Language Version 1607 (X64) (2016-10-27 10:00:47)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-2952967907-3114153538-507899254-500 - Administrator - Disabled)
Alejandra (S-1-5-21-2952967907-3114153538-507899254-1004 - Limited - Enabled) => C:\Users\Alejandra
DefaultAccount (S-1-5-21-2952967907-3114153538-507899254-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2952967907-3114153538-507899254-1003 - Limited - Enabled)
Invitado (S-1-5-21-2952967907-3114153538-507899254-501 - Limited - Disabled)
LUCIANA (S-1-5-21-2952967907-3114153538-507899254-1006 - Limited - Enabled) => C:\Users\LUCIANA
MichaelMontes (S-1-5-21-2952967907-3114153538-507899254-1001 - Administrator - Enabled) => C:\Users\Michael Montes

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Spybot - Search and Destroy (Disabled - Out of date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AAA Logo 2014 v4.11 FULL (HKLM-x32\...\AAA Logo 2014_is1) (Version: - SWGSoft)
Actualización de NVIDIA 23.23.30.0 (Version: 23.23.30.0 - NVIDIA Corporation) Hidden
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.09 - Adobe Systems)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.7.0.272 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Illustrator CC 2014 (HKLM-x32\...\{2B4B4082-8043-4646-8334-B0A29E641211}) (Version: 18.0 - Adobe Systems Incorporated)
Adobe Muse CC 2015 (HKLM-x32\...\{7C54712F-A477-4E6A-AC81-7175494DD179}) (Version: 2015.0.0.597 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.8.198 - Adobe Systems, Inc.)
Ansel (Version: 378.92 - NVIDIA Corporation) Hidden
Ashampoo Home Designer Pro 3 (HKLM\...\{CEAF6AE1-CE17-4ED1-A817-C31012B8D6CD}_is1) (Version: 3.0.0 - Ashampoo GmbH & Co. KG)
Aurora 3D Text & Logo Maker version 12.09.26 (HKLM-x32\...\{4F6B6582-B9F6-42B2-AAFC-48E097D07837}_is1) (Version: 12.09.26 - Aurora3D Software)
Business Plan Pro 15th Anniversary Edition (HKLM-x32\...\{3E9E68FB-49FA-410A-8787-424F2A506E0F}) (Version: 11.25.0009 - Palo Alto Software, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{E5F6D26D-E180-4547-A865-565EAB61000C}) (Version: 1.0.362 - Citrix)
Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
CoffeeCup Responsive Site Designer (HKLM\...\CoffeeCup Responsive Site Designer 1.5-1419) (Version: 1.5-1419 - CoffeeCup Software, Inc.)
CoffeeCup Shopping Cart Creator (HKLM-x32\...\CoffeeCup Shopping Cart Creator 3.9.4355) (Version: 3.9.4355 - CoffeeCup Software, Inc.)
CyberGhost 6 (HKLM\...\CyberGhost 6_is1) (Version: - CyberGhost S.R.L.)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
Data Rescue PC3 v110714 (HKLM-x32\...\Data Rescue PC3_is1) (Version: v110714 - Prosoft Engineering, Inc.)
DataRescueProfessional 3.8.0.300 (HKLM-x32\...\{acd50603-6d54-4700-a492-c63b87559ffc}_is1) (Version: 3.8.0.300 - DataRescueProfessional)
Decrap my Computer (HKLM-x32\...\Decrap my Computer) (Version: - Macecraft Software)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.8.1.70 - Dell Inc.)
Dell Customer Connect (HKLM-x32\...\{4FA72FF9-DD64-43A8-8704-6380A11F11D5}) (Version: 1.4.15.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP)
Dell Power Manager Lite (HKLM-x32\...\InstallShield_{BF1F9D57-57A1-4E87-A8E8-41F2B2AD6F53}) (Version: 1.0.0.1 - Compal Inc.)
Dell Power Manager Lite (x32 Version: 1.0.0.1 - Compal Inc.) Hidden
Dell Product Registration (HKLM-x32\...\{17FFE63C-6734-4950-B488-134B5A2505F7}) (Version: 2.04.0280 - Aviata Inc.)
Dell System Detect (HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\58d94f3ce2c27db0) (Version: 7.9.0.10 - Dell)
Dell Update (HKLM-x32\...\{90437913-9D4D-4D9D-B438-B8664DF851E9}) (Version: 1.7.1007.0 - Dell Inc.)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Driver Booster 4.0 (HKLM-x32\...\Driver Booster_is1) (Version: 4.0.3 - IObit)
Dropbox 20 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
Easy Photo Scan (HKLM-x32\...\{1A6DED1E-A024-455D-AA82-203D6B3B0CBC}) (Version: 1.00.0006 - Seiko Epson Corporation)
Eines de correcció del Microsoft Office 2016: català (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Epson Easy Photo Print 2 (HKLM-x32\...\{922E2D91-9314-45AA-9AEF-E585F93B59A9}) (Version: 2.6.1.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{4B22C430-7EA8-4534-8358-376FD900B953}) (Version: 3.10.0042 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON XP-230 Series Printer Uninstall (HKLM\...\EPSON XP-230 Series) (Version: - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{15A0F113-BF2C-4C12-8AA8-42AE0D9AE1C9}) (Version: 3.1.2.0 - SEIKO EPSON Corporation)
EximiousSoft Logo Designer V3.78 (HKLM-x32\...\EximiousSoft Logo Designer_is1) (Version: - EximiousSoft)
Extensis Suitcase Fusion 6 (HKLM-x32\...\{4712B540-4413-48E1-9249-8574E0EAE944}) (Version: 17.2.1 - 2015 Celartem, Inc. d.b.a Extensis All rights reserved)
FastPictureViewer Professional 1.9.325.0 (64-bit) (HKLM\...\{80E008DE-75E4-4785-8203-5C75DF283BB0}) (Version: 1.9.325.0 - Axel Rietschin Software Developments)
Ferramentas de verificación de Microsoft Office 2016 - Galego (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
FileZilla Client 3.25.1 (HKLM-x32\...\FileZilla Client) (Version: 3.25.1 - Tim Kosse)
Forms To Go 4.5.4 (HKLM-x32\...\Forms To Go_is1) (Version: - Bebosoft, Inc.)
Forms To Go Lite 4.5.4 (HKLM-x32\...\Forms To Go Lite_is1) (Version: - Bebosoft, Inc.)
Glary Utilities PRO 5.44 (HKLM-x32\...\Glary Utilities 5) (Version: 5.44.0.64 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Earth (HKLM-x32\...\{A2264E8F-1649-11E3-8BED-B8AC6F98CCE3}) (Version: 7.1.2.2019 - Google)
Google Earth Pro (HKLM-x32\...\{35DAA04C-1720-4BE3-A920-A03731EC6A1D}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
gpedt.msc 1.0 (HKLM-x32\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version: - Richard)
Greenshot 1.2.8.12 (HKLM\...\Greenshot_is1) (Version: 1.2.8.12 - Greenshot)
Herramientas de corrección de Microsoft Office 2016: español (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Incomedia WebSite X5 v12 - Evolution (HKLM-x32\...\{B7B23A06-AD7B-4ADE-809C-E8E34676EE13}_is1) (Version: 12.0.9.30 - Incomedia s.r.l.)
Intel Driver Update Utility (HKLM-x32\...\{ca4bc3a8-b99c-4416-90d8-351a8ceab458}) (Version: 2.2.0.2 - Intel)
Intel(R) Driver Update Utility 2.2 (x32 Version: 2.2.0.1 - Intel) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.1.1043 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.226.0 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{2F97FBC6-7992-4DF7-A7C7-B68455E307F7}) (Version: 5.1.20.0 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{A767BC90-75B4-47CE-B097-EC93DD0FA6A1}) (Version: 17.1.1531.1764 - Intel Corporation)
Intel(R) Wireless Bluetooth(R)(patch version 17.1.1449.356) (HKLM\...\{302600C1-6BDF-4FD1-1411-148929CC1385}) (Version: 17.1.1411.0506 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Jeta Logo Designer FREE EDITION 1.30 (HKLM-x32\...\{B9552944-5DB8-48C1-890A-9D4419F4984B}_is1) (Version: 1.30 - JETA.COM)
Lauyan TOWeb V6 (HKLM-x32\...\TOWeb-SetupID-0006_is1) (Version: 6.0 - Lauyan Software)
Light Image Resizer 4.7.0.0 (HKLM-x32\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.7.0.0 - ObviousIdea)
LogoMaker 4.0 (HKLM-x32\...\LogoMaker_is1) (Version: - Avanquest)
MAGIX Fonts Package 3 (x32 Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Malwarebytes Anti-Malware versione 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Malwarebytes versión 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Manual Epson XP-231 versión 1.0 (HKLM-x32\...\UsersGuideManual Epson XP-231_is1) (Version: 1.0 - )
Maxx Audio Installer (x64) (Version: 2.6.6570.1 - Waves Audio Ltd.) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Language Pack 2010 - Spanish/Español (HKLM\...\Office14.OMUI.es-es) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.10411.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{5c75eda4-d029-43bf-a70b-a73d380f52ee}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{246dcb72-b18c-4ab9-9de9-8a996296b01d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Mihov Picture Downloader 1.5 (remove only) (HKLM-x32\...\Mihov Picture Downloader) (Version: - )
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Firefox 52.0.1 (x86 es-ES) (HKLM-x32\...\Mozilla Firefox 52.0.1 (x86 es-ES)) (Version: 52.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.1.6284 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
NeoDownloader 2.9.5 (HKLM-x32\...\NeoDownloader_is1) (Version: 2.9.5 - Neowise Software)
NVIDIA Controlador de 3D Vision 378.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 378.92 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 378.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.92 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.4.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.4.0.70 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.3.16.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Ontrack Easy Recovery 10 (HKLM-x32\...\Ontrack Easy Recovery 10) (Version: 10 - eSportsKosova)
Panel de control de NVIDIA 378.92 (Version: 378.92 - NVIDIA Corporation) Hidden
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
PDF to Word (HKLM-x32\...\{E6CBC979-E613-49E6-A37B-3C342DE35235}_is1) (Version: - Quick PDF)
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 5.5.1.2 - Popcorn Time) <==== ATTENTION
PSD Codec by Ardfry Imaging, LLC (32 bit) (x32 Version: 1.0.15.0 - Ardfry Imaging, LLC) Hidden
PSD Codec by Ardfry Imaging, LLC (64 bit) (Version: 1.0.15.0 - Ardfry Imaging, LLC) Hidden
PSD CODEC Version 1.6.1.0 (HKLM\...\Ardfry PSD CODEC_is1) (Version: 1.6.1.0 - Ardfry Imaging, LLC)
RAR Password Unlocker 4.2.0.0 (HKLM-x32\...\{B789FA51-6A71-408F-92DE-EDE4A517B8F9}_is1) (Version: - Password Unlocker Studio)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7891 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
RocketCake 1.1 (remove only) (HKLM-x32\...\RocketCake 1.1) (Version: - Ambiera)
SageThumbs 2.0.0.22 (HKLM\...\SageThumbs) (Version: 2.0.0.22 - Cherubic Software)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
ScanSoft PDF Converter 3.0 (HKLM-x32\...\{602A205F-8D02-48EE-8782-262B2103B984}) (Version: 3.00.0000 - ScanSoft, Inc)
Serif WebPlus Pro Template Collection 10 (HKLM-x32\...\{FB039B15-9AF0-490B-84C6-58523F42C92F}) (Version: 1.2.0.033 - Serif (Europe) Ltd)
Serif WebPlus X7 (HKLM\...\{DDC54AEA-0ED0-4F2F-9C3C-7C382D80B5FB}) (Version: 15.0.4.38 - Serif (Europe) Ltd)
Serif WebPlus X8 (HKLM\...\{471E0EA1-37E7-4C4C-B0E1-518883231403}) (Version: 16.0.3.030 - Serif (Europe) Ltd)
Serif WebPlus: Business Template - Real Estate 1 (HKLM-x32\...\{182D9A20-F5AE-4E6C-A4FC-651351DD083E}) (Version: 1.2.0.027 - Serif (Europe) Ltd)
Serif WebPlus: Business Template - Real Estate 2 (HKLM-x32\...\{7D775738-C2CC-4E91-9E87-B3F77833A238}) (Version: 1.2.0.027 - Serif (Europe) Ltd)
Serif WebPlus: Interest Template - Photography 1 (HKLM-x32\...\{E23FEC6A-C2D9-4D91-ADF4-FD513B4421A3}) (Version: 1.2.0.027 - Serif (Europe) Ltd)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 64-Bit Edition (HKLM\...\{90140000-0100-0C0A-1000-0000000FF1CE}_Office14.OMUI.es-es_{6DC7FDEB-75D2-4019-9CFC-C8900FEF71F6}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 64-Bit Edition (Version: - Microsoft) Hidden
SHIELD Streaming (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
Simpo PDF Merge & Split 2.2.1.0 (HKLM-x32\...\Simpo PDF Merge & Split_is1) (Version: - )
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16121.3 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.16121.3 - Samsung Electronics Co., Ltd.) Hidden
SmartDraw 2012 (HKLM-x32\...\SmartDraw 2012) (Version: - SmartDraw.com)
Software Intel® PROSet/Wireless (HKLM-x32\...\{4c8b7360-62a2-4339-b745-41323055d0bb}) (Version: 18.20.0 - Intel Corporation)
Software para dispositivos de chipset Intel® (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Software Updater (HKLM-x32\...\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}) (Version: 4.3.7 - SEIKO EPSON CORPORATION)
Sothink Logo Maker Professional (HKLM-x32\...\{D597C3D3-13D7-4BF1-9D60-AAEBBD350FF5}) (Version: 4.4.4625 - SourceTec Software)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spotify (HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\Spotify) (Version: 1.0.42.151.g19de0aa6 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.5.43 - Safer-Networking Ltd.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
The Logo Creator v6 6.0 (HKLM-x32\...\The Logo Creator v6) (Version: 6.0 - Laughingbird Software)
VisiPics V1.31 (HKLM-x32\...\VisiPics_is1) (Version: - Ozone)
Viva Designer 9.0 (Build 8109) (HKLM-x32\...\{582A72CA-516A-4A62-8EDF-CAFB91581352}) (Version: 9.0 - Viva Technology)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.5.0 - Azureus Software, Inc.)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
WinUSB Drivers x64 (HKLM\...\{370C1839-B7D8-425E-8D3F-C79638E7D09C}) (Version: 2011.44.1.182 - Nokia)
WinZip 21.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2410D}) (Version: 21.0.12288 - WinZip Computing, S.L. )
Wondershare Data Recovery(Build 5.0.0.5) (HKLM-x32\...\{FEA3976F-D621-45F3-AFBD-E812A1F2F00D}_is1) (Version: 5.0.0.5 - Wondershare Software Co.,Ltd.)
WYSIWYG Web Builder 11 (HKLM-x32\...\WYSIWYG_Web_Builder_11) (Version: - )
Xara 3D Maker 7 (HKLM-x32\...\MAGIX_{19B9DAD6-5E6E-4B80-8EFE-314B5638D6D4}) (Version: 7.0.0.442 - Xara Group Ltd)
Xara 3D Maker 7 (Version: 7.0.0.442 - Xara Group Ltd) Hidden
Xara Designer Pro X (HKLM\...\MX.{1217D374-57A9-4710-ABD7-D2F78C3209E2}) (Version: 12.4.0.47404 - Xara Group Ltd)
Xara Designer Pro X (Version: 12.4.0.47404 - Xara Group Ltd) Hidden
Xara Web Designer Premium (HKLM\...\MX.{1631C608-CE6F-483B-AA4F-F98AAE3C28E8}) (Version: 12.0.0.44262 - Xara Group Ltd)
Xara Web Designer Premium (Version: 12.0.0.44262 - Xara Group Ltd) Hidden
Your Uninstaller! 7 (HKLM-x32\...\YU2010_is1) (Version: 7.5.2014.3 - URSoft, Inc.)
ZyXEL PLA Series Configuration (HKLM-x32\...\{65FB8889-07CF-4ECC-859D-927EA587A7C1}) (Version: 7.00.0004 - ZyXEL)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2952967907-3114153538-507899254-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-2967EB25FE2C}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-2952967907-3114153538-507899254-1001_Classes\CLSID\{65545209-E245-4026-94AE-DEABE04DA1BF}\localserver32 -> C:\Program Files\Xara\Xara Designer Pro X\12\DesignerPro.exe (Xara Group Ltd.)
CustomCLSID: HKU\S-1-5-21-2952967907-3114153538-507899254-1001_Classes\CLSID\{79CEB7F8-0A0A-4D4A-9FA2-104DC1A87DF4}\InprocServer32 -> C:\Program Files\Xara\Xara Web Designer Premium\Filters\ENG\PSDFilter.dll ()
CustomCLSID: HKU\S-1-5-21-2952967907-3114153538-507899254-1001_Classes\CLSID\{BF94BE14-0B72-448C-843D-467934E50895}\InprocServer32 -> C:\Program Files\Xara\Xara Web Designer Premium\Filters\ENG\TIFFImport.dll ()
CustomCLSID: HKU\S-1-5-21-2952967907-3114153538-507899254-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-2952967907-3114153538-507899254-1001_Classes\CLSID\{CB58FF31-2539-11D0-BDEE-0020AFE14B84}\localserver32 -> C:\Program Files\Xara\Xara Designer Pro X\12\DesignerPro.exe (Xara Group Ltd.)
CustomCLSID: HKU\S-1-5-21-2952967907-3114153538-507899254-1001_Classes\CLSID\{CB58FF32-2539-11D0-BDEE-0020AFE14B84}\localserver32 -> C:\Program Files\Xara\Xara Designer Pro X\12\DesignerPro.exe (Xara Group Ltd.)
CustomCLSID: HKU\S-1-5-21-2952967907-3114153538-507899254-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {018D917F-8A22-4EB8-A49B-D749D5152A3B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {0355225A-54F4-464A-89A7-769935239956} - System32\Tasks\WindowsUpdate => c:\windows\svchost.exe
Task: {0BB89E09-FD75-43CD-85D4-6FDDE248E127} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-02-23] (NVIDIA Corporation)
Task: {0E208619-19F2-4D10-9A3F-AA2479B8B203} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-02-23] (NVIDIA Corporation)
Task: {11A0BB39-DD79-4643-BB0E-9693448CADF9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {13D1DCC6-B0BD-4BFA-8572-1FB1AB252C58} - System32\Tasks\Driver Booster SkipUAC (MichaelMontes) => C:\Program Files (x86)\IObit\Driver Booster\4.0.3\DriverBooster.exe [2016-09-22] (IObit)
Task: {17D430D9-18A7-4A6B-99EB-F46AF1B3A728} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {1E2837E6-BEF0-4121-8969-89F8D886EF0A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-03] (Google Inc.)
Task: {215538D1-39BB-44D8-99F0-E6DD801D3E9B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {23F3727E-D731-4D1A-B8A1-26B7DC6784CB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {24B2A21E-EC72-457E-B13F-FD5F169AAD89} - System32\Tasks\Raseck Manager => C:\Program Files (x86)\Atervuiedclufition\soqether.exe
Task: {26B9639B-2A0E-4DFF-96D1-280433814DB5} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {2876489E-D535-475A-9B0C-EC074709EDB3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {2E6B3B1C-3460-4910-8261-7D2913DE705C} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2016-01-31] (Glarysoft Ltd)
Task: {31F1137B-D154-4E25-A1A3-1B5CC4492376} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe
Task: {37D910F3-174E-44C4-B616-D47FE08789B4} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {3B4B7106-99E8-471D-B3A3-DD7D4CD67999} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {4427BD09-AC25-454C-B018-015EA52D5337} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\LUCIANA\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {448F1776-E296-4419-859F-4EDE76EB7F6B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-02-23] (NVIDIA Corporation)
Task: {4A8EBE16-5C44-41CF-996E-51691E780046} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-04] (CyberLink)
Task: {4CF8CD9D-8ADC-42D4-AEF1-7F676C4FFF30} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {4D0C6F55-6678-4FB7-9882-2D6B1F35D200} - System32\Tasks\Dell\Dell Product Registration Update => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-04-01] (Aviata Inc)
Task: {4F64D82B-8A61-4424-9A34-3FAA587DB30B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-03] (Google Inc.)
Task: {54E5BA30-5AA3-41B5-816A-2293DF0A4E5E} - System32\Tasks\WinZip Update Notifier => C:\Program Files\WinZip\WZUpdateNotifier.exe [2016-12-08] (WinZip)
Task: {5500E673-C8EF-4BE8-87BD-043F83DCB80D} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {56AC3030-E5BA-4713-BED1-048FD974DDA7} - System32\Tasks\EPSON XP-230 Series Update {8331BCDD-77F4-4A84-82BA-A04EE139BA9E} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPCE.EXE [2013-11-21] (SEIKO EPSON CORPORATION)
Task: {5B7B1B2D-6807-4693-A9E4-5B4E0F1B4CDF} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe
Task: {5C92E895-836B-4A99-9DA0-7B101FE3471F} - System32\Tasks\SDMsgUpdate (TE) => C:\Program Files (x86)\SmartDraw 2012\Messages\SDNotify.exe [2011-09-26] ()
Task: {5D6A56B6-4098-4822-BF46-5F1ED2B11601} - System32\Tasks\UninstallDDS-C960901F-CE14-4DE1-9729-1305F719A337 => C:\WINDOWS\TEMP\DeleteFolderTask.exe <==== ATTENTION
Task: {64075DB0-BDA5-45B0-A9F4-6E898DECA82A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
Task: {67E4B51E-53A2-40AD-9BCC-0FA347DA1D20} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.0.3\Scheduler.exe [2016-09-20] (IObit)
Task: {6CF58090-7CB7-423E-8AF6-F8676BE0850F} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {7E076A4B-0BEC-4980-820E-492AD78D70BC} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-22] (CyberLink Corp.)
Task: {884C5148-60A2-49CB-9FAF-5AAF4096B0C6} - System32\Tasks\AdobeAAMUpdater-1.0-Montes_LT1-Michael Montes => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-05-05] (Adobe Systems Incorporated)
Task: {8A465A21-9119-4AA2-883F-02B289AA6211} - System32\Tasks\WinZipBackGroundToolsTask => C:\Program Files\WinZip\WzBGTools.exe [2016-12-08] (WinZip Computing, S.L.)
Task: {8AB5C685-3ADA-49E8-A8A6-1E9EFEB6ACAD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-16] (Adobe Systems Incorporated)
Task: {8D1256C2-A703-454A-ADD5-8B4987B52F23} - \WPD\SqmUpload_S-1-5-21-2952967907-3114153538-507899254-1001 -> No File <==== ATTENTION
Task: {8EBA58E6-697B-48AD-A154-9A6B01D82E36} - System32\Tasks\{C2952856-EA42-4913-900C-9A6F530215E2} => Firefox.exe hxxps://ui.skype.com/ui/0/7.30.64.105/e ... rogressBar
Task: {91EB6485-BEC2-442B-BD60-47B63C123958} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe
Task: {9B5AD88E-58A6-4E33-9B9E-4BF031B857E1} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {9EF906BB-88DB-4DCE-9ED2-F16726B363A0} - System32\Tasks\Dell\Dell Product Registration => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-04-01] (Aviata Inc)
Task: {A07EA05F-F8C4-4BC0-80DC-2045A2D8549A} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-10-11] (Realtek Semiconductor)
Task: {AC599031-ED0B-47C9-BA0B-2D79B50E8A8E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {B592927C-B6DC-464E-B466-B468D85C444A} - System32\Tasks\{7E3A3BCC-0F82-415F-9BF3-4E66D9F785E8} => Firefox.exe hxxps://ui.skype.com/ui/0/7.30.64.105/e ... rogressBar
Task: {B86BCB45-D129-4C73-B5E1-7B9AB58FC3E2} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2016-01-31] (Glarysoft Ltd)
Task: {B92DDF0F-DE79-4766-9890-5C0AB1C99A09} - System32\Tasks\Update\9557a288-3983-4e09-85e7-52b083448e87 => C:\ProgramData\system.exe <==== ATTENTION
Task: {BD7CE250-D34E-441C-8876-233C9B2AB761} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {C23CE517-25B9-4A4E-85AC-195442817FC9} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {C57E8232-DBE0-452B-9CA0-8E408F0DC005} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {D10B8252-42C5-4E20-AA96-F39FE338197D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {DBF1A221-6BD0-4261-99B9-4F0E9A0B681C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {E21FB46E-62D1-41F7-A6D2-4CEB9A81089F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {E2C782FB-76D8-464C-8716-EA0564AAB1E6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {E723694F-D87D-4B37-A7D1-30C05B8CD23E} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {EF773D7E-B99F-444C-A496-46A8FA88484B} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {F0F9ABD9-53AF-4045-9580-8FD437EEF07E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {FA9AE927-709B-47B2-A37E-4FA92EE3983D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {FDF19272-0417-4273-BB38-7FF2FF17C9EC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\WINDOWS\AutoKMS\AutoKMS.exe
Task: C:\WINDOWS\Tasks\EPSON XP-230 Series Update {8331BCDD-77F4-4A84-82BA-A04EE139BA9E}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPCE.EXE :/EXE:{8331BCDD-77F4-4A84-82BA-A04EE139BA9E} /F:Update WORKGROUP\MONTES_LT1$ ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\RunDFS.job => cmd /c sc start Dell Foundation Services WORKGROUP MONTES_LT1
Task: C:\WINDOWS\Tasks\SDMsgUpdate (TE).job => C:\PROGRA~2\SMARTD~1\Messages\SDNotify.exe \-PTE -V20000010 -SSDU.ini -A -Mhxxp:/www.smartdraw.com/msgs/messagecheck.asp

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Michael Montes\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxps://launchpage.org/?uid=oTlKGKjNhxo ... Xwyg%3D%3D
ShortcutWithArgument: C:\Users\Michael Montes\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7eacadfa43776aec\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxps://launchpage.org/?uid=oTlKGKjNhxo ... Xwyg%3D%3D

==================== Loaded Modules (Whitelisted) ==============

2016-10-27 04:10 - 2017-03-16 18:16 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-10-11 09:49 - 2017-02-23 13:35 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-11 09:49 - 2017-02-23 13:35 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2017-03-15 16:18 - 2017-03-04 02:19 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-03-15 16:18 - 2017-03-04 02:19 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-05-22 19:33 - 2016-05-22 19:33 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-07-31 22:59 - 2011-03-02 12:40 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2017-03-20 10:44 - 2017-03-20 10:44 - 00052392 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2016-07-03 12:04 - 2017-02-28 01:14 - 00410608 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-03-15 16:18 - 2017-03-04 01:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 16:18 - 2017-03-04 01:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 16:18 - 2017-03-04 01:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-03-15 16:18 - 2017-03-04 01:05 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-03-15 16:18 - 2017-03-04 01:05 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-03-15 16:18 - 2017-03-04 01:08 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-07-16 06:42 - 2016-07-16 06:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-01-01 15:55 - 2016-09-06 23:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 16:17 - 2017-03-04 01:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-13 10:49 - 2017-03-13 10:49 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-03-13 10:49 - 2017-03-13 10:49 - 00182784 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-03-13 10:49 - 2017-03-13 10:50 - 41048064 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-03-13 10:49 - 2017-03-13 10:49 - 02236896 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\roottools.dll
2016-07-04 14:28 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-10-07 17:36 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-07-31 19:08 - 2017-02-23 13:35 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-10-11 09:49 - 2017-02-23 13:35 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-11 09:49 - 2017-02-23 13:35 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-06-09 08:19 - 2013-03-04 22:40 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-03-05 11:41 - 2013-03-05 11:41 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2012-09-23 20:44 - 2012-09-23 20:44 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\es_es\acrotray.esp
2016-07-04 14:28 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-10-11 09:50 - 2017-02-23 09:30 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-10-11 09:50 - 2017-02-23 09:30 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-10-11 09:50 - 2017-02-23 09:30 - 02443320 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-10-11 09:50 - 2017-02-23 09:30 - 00385592 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-10-11 09:50 - 2017-02-23 09:30 - 00543288 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-10-11 09:50 - 2017-02-23 09:30 - 00468536 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-12-21 11:24 - 2016-12-21 11:24 - 00134008 _____ () C:\Program Files (x86)\Dell Customer Connect\ServiceTagPlusPlus.dll
2015-03-16 11:28 - 2015-03-16 11:28 - 00155528 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2015-07-10 23:37 - 2015-07-10 23:37 - 01243936 _____ () C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-01-31 21:16 - 2016-01-31 21:16 - 00080064 _____ () C:\Program Files (x86)\Glary Utilities 5\zlib1.dll
2015-08-27 12:50 - 2015-08-27 12:50 - 01007616 _____ () C:\Program Files (x86)\Extensis\Suitcase Fusion 6\libxml2.2.6.24.dll
2015-08-27 12:50 - 2015-08-27 12:50 - 00901120 _____ () C:\Program Files (x86)\Extensis\Suitcase Fusion 6\iconv-1.9.2.dll
2015-08-27 12:50 - 2015-08-27 12:50 - 00007168 _____ () C:\Program Files (x86)\Extensis\Suitcase Fusion 6\libcharset.dll
2017-03-20 10:44 - 2017-03-20 10:44 - 00048296 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:1CE11B51 [152]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKLM\...\.scr: SageThumbsImage.scr => "%1" /S <===== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7915 more sites.

IE restricted site: HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\123simsen.com -> www.123simsen.com

There are 7915 more sites.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2017-02-27 16:28 - 00454174 ___RA C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate.adobe.com127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info

There are 15573 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2952967907-3114153538-507899254-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Michael Montes\Desktop\DWNLD PX\pool-water-background.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\StartupFolder: => "Install SafeKey FF RunOnce.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "BCSSync"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "DropboxOEM"
HKLM\...\StartupApproved\Run32: => "FATrayAlert"
HKLM\...\StartupApproved\Run32: => "ScanSoft PDF Converter 3.0-reminder"
HKLM\...\StartupApproved\Run32: => "PDF3 Registry Controller"
HKLM\...\StartupApproved\Run32: => "SSBkgdUpdate"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\StartupApproved\Run: => "CyberGhost"
HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\StartupApproved\Run: => "AceStream"
HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\StartupApproved\Run: => "GUDelayStartup"
HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\StartupApproved\Run: => "Spybot-S&D Cleaning"
HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\StartupApproved\Run: => "DellSystemDetect"
HKU\S-1-5-21-2952967907-3114153538-507899254-1001\...\StartupApproved\Run: => "Spotify"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{364EF870-00F8-4BE9-BBB9-80FAEE07A1A4}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.3\AutoUpdate.exe
FirewallRules: [{35D82369-DF6C-4B64-9F04-7B2778DB57F4}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.3\AutoUpdate.exe
FirewallRules: [{F54E1FC3-2504-43A1-B826-ADAE6DC815EF}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.3\DBDownloader.exe
FirewallRules: [{DBCFC0B2-EF9D-4A00-9A8B-62BE7B62B8D7}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.3\DBDownloader.exe
FirewallRules: [{6C45DE90-1255-4830-B9C3-2FBD0911C73C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.3\DriverBooster.exe
FirewallRules: [{F7478ECE-0A63-4FF3-A0EF-5E2A250466B8}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.3\DriverBooster.exe
FirewallRules: [UDP Query User{D7CC80FD-8A6D-4BE5-8382-918809C562DE}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{19F18987-0D62-4011-86B1-30025716C31F}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{5F6CBBED-0026-48B5-964B-2E159C63E812}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3535FFDB-0324-4AFB-BE0A-0E034D0E5628}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{53995224-87BA-4323-BC34-4E971E35DA1C}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
FirewallRules: [{E9CE7D4A-B846-4D0D-A309-D3DED4C597EE}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{4BA8D840-8384-4D5C-8A54-0A1BC457B7D8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{A9F346CB-BAE9-4E9F-BF35-56A230676E47}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{5528F0AD-BA7A-41CA-914B-04BB396B9662}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{48C2F80C-309A-41F4-B005-FB702F76E2F7}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{FA052A9A-BBC4-4AD8-8784-F263665C3BD1}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{E3EE6709-C916-4851-BD28-4330E89808AC}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{4AC39DFC-97E2-4981-90B6-817CA22A2423}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{B6CE5F77-EB8E-431E-B1B6-A4F58A7F54D3}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{C1D3C547-A12D-4214-A2F9-B2AACB258508}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{B34FF7AD-CAB4-44C6-BA35-2B3F04A5FDCD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4C3D378C-9989-4C50-960E-1CBB09B7984A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C3B01137-ECBD-49FC-816E-1C9AE09B2A5B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E7545B06-08B0-4CF7-ACB1-D08D669BFA47}] => (Block) %ProgramFiles%\Adobe\Adobe Illustrator CC 2014\Support Files\Contents\Windows\Illustrator.exe
FirewallRules: [TCP Query User{6765E4D5-D171-4EAC-9B85-095F9190DC7A}C:\program files\adobe\adobe photoshop cc 2014\photoshop.exe] => (Allow) C:\program files\adobe\adobe photoshop cc 2014\photoshop.exe
FirewallRules: [UDP Query User{A2DD3D9D-3DE8-470E-BFCF-7B5772FEB4FD}C:\program files\adobe\adobe photoshop cc 2014\photoshop.exe] => (Allow) C:\program files\adobe\adobe photoshop cc 2014\photoshop.exe
FirewallRules: [TCP Query User{68F4DB14-22BD-4317-B94D-5B4481658749}C:\program files\adobe\adobe muse cc 2015\muse.exe] => (Allow) C:\program files\adobe\adobe muse cc 2015\muse.exe
FirewallRules: [UDP Query User{17490CD6-C9D7-423A-A076-4147729EF185}C:\program files\adobe\adobe muse cc 2015\muse.exe] => (Allow) C:\program files\adobe\adobe muse cc 2015\muse.exe
FirewallRules: [{714E823F-B129-4E3C-A684-ED25ED50F7EE}] => (Block) %ProgramFiles%\Ashampoo\Ashampoo Home Designer Pro 3\Program\CACAD.exe
FirewallRules: [{7B6236F1-3A86-4E63-ABF4-4D922DFAADD2}] => (Block) %ProgramFiles% (x86)\Ashampoo GmbH & Co. KG\Ashampoo Home Designer Pro 3\ashampoo_home_designer_pro_3_3.0.0_sm.exe
FirewallRules: [TCP Query User{1535EA61-8F3C-4B55-83C8-9AE117C4112F}C:\program files (x86)\winpcap\rpcapd.exe] => (Allow) C:\program files (x86)\winpcap\rpcapd.exe
FirewallRules: [UDP Query User{F62D95CF-6A97-4E24-AF2A-A87BDF4E47F7}C:\program files (x86)\winpcap\rpcapd.exe] => (Allow) C:\program files (x86)\winpcap\rpcapd.exe
FirewallRules: [TCP Query User{228A117F-CBD1-4FC8-8BD7-A568A16BECCF}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{9478E63C-B1C9-4EC5-840E-58D5841C4B74}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{9C9A58C5-F890-48E4-BBDF-162BF64C9ABA}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{A93B1E9A-004D-4332-88E8-9C7923298317}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{38532B39-398A-4E8F-AA27-E620609DF7CA}] => (Allow) D:\Network\EpsonNetSetup\ENEASYAPP.EXE
FirewallRules: [{B50DC760-3445-4364-AD74-444BE2F54249}] => (Allow) D:\Network\EpsonNetSetup\ENEASYAPP.EXE
FirewallRules: [TCP Query User{66F4C918-89B2-42D2-BD84-B237CD722B19}C:\users\michael montes\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\michael montes\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{44238542-59C1-468B-995A-63824F75C434}C:\users\michael montes\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\michael montes\appdata\roaming\spotify\spotify.exe
FirewallRules: [{1585E928-523B-4F38-9894-5AC26C6D11A8}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{F43D6935-1AB2-47C2-89FF-B27745B66541}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{31744B9E-2CBC-4C99-AEAF-ACC3E9F8B474}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{F7426056-CF95-4148-9FDB-07ACFEF97A8B}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{6057EC0E-DC92-4049-9266-555943725EC7}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{38BE76AE-C47E-477F-BD84-6E9C1FAED404}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{709E7027-7B7E-4048-A121-B196E005F241}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{FF9DCAE0-EFC6-410B-A734-2BC42140A826}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{B6C543F1-2EFC-4D94-902C-6B61AC5C8BE0}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{F80E2DBC-796B-484D-8579-3948FF4527B1}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{0971D957-87E1-4C32-9F38-8CE1B8E42B79}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{CEF5809E-6EC0-459A-A59D-3C9D7D64A20E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{6DBBC7AE-E96E-4DB7-A96C-C29A820804FD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{891C09D4-CE61-4DAF-B164-8F38AD6EE139}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D5B98D92-178B-4BF0-8A65-AB53BAFE9778}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{D5864315-99CC-40D8-8A81-3A318D98580E}C:\users\michael montes\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\michael montes\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{41A1047F-507E-4C6D-AB79-BD757117D294}C:\users\michael montes\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\michael montes\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{7BFDC046-1F36-4D37-A9CE-C2740B8CE13B}C:\program files\adobe\adobe photoshop cc 2014\photoshop.exe] => (Allow) C:\program files\adobe\adobe photoshop cc 2014\photoshop.exe
FirewallRules: [UDP Query User{53DDD8C2-7D6B-4AF8-B359-2187510F6F71}C:\program files\adobe\adobe photoshop cc 2014\photoshop.exe] => (Allow) C:\program files\adobe\adobe photoshop cc 2014\photoshop.exe
FirewallRules: [{04300EBF-403D-43D4-B52E-CE398A98402A}] => (Block) %ProgramFiles% (x86)\WebSite X5 v12 - Evolution\WebSiteX5.exe
FirewallRules: [{9944CD49-DB3F-4B00-83F5-E7C3CA804BE3}] => (Block) %ProgramFiles% (x86)\WebSite X5 v12 - Evolution\imRegister.exe
FirewallRules: [TCP Query User{6E2FE5B6-5732-4D4B-9A58-64F7E5001E1A}C:\program files (x86)\mobikin\mobikin assistant for android\bin\androidassistserver.exe] => (Allow) C:\program files (x86)\mobikin\mobikin assistant for android\bin\androidassistserver.exe
FirewallRules: [UDP Query User{06F0812E-BA5A-4031-8255-541BA40F4FE8}C:\program files (x86)\mobikin\mobikin assistant for android\bin\androidassistserver.exe] => (Allow) C:\program files (x86)\mobikin\mobikin assistant for android\bin\androidassistserver.exe
FirewallRules: [{8DBA28EF-181F-4013-AE77-5D123D761643}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{377B9F98-88E7-4060-9B72-457C08609DCB}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{E7267020-ED43-483F-BE28-4E133A30B3C7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

14-03-2017 12:04:41 Punto de control programado
23-03-2017 17:48:58 PROPLUS
04-04-2017 20:14:43 Punto de control programado

==================== Faulty Device Manager Devices =============

Name: Airplane Mode Switch
Description: Airplane Mode Switch
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Dell Inc
Service: DellRbtn
Problem: : The software for this device has been blocked from starting because it is known to have problems with Windows. Contact the hardware vendor for a new driver. (Code 48)
Resolution: Download the latest drivers from the manufacturer, uninstall the current driver, and then install the latest drivers.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/05/2017 12:46:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa HijackThis.exe, versión 2.0.0.5, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, comprueba el historial de problemas en la sección Seguridad y mantenimiento del Panel de control.

Identificador de proceso: 2978

Hora de inicio: 01d2ae2dada78124

Hora de finalización: 6

Ruta de la aplicación: C:\Users\Michael Montes\Desktop\HIJACKTHIS\HijackThis.exe

Identificador de informe: d3bc8ac8-1a27-11e7-8305-34e6ad95d2f5

Nombre completo de paquete con errores:

Identificador de aplicación relativa del paquete con errores:

Error: (04/05/2017 11:42:44 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Montes_LT1)
Description: No se pudo activar la aplicación Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge debido al error: -2144927141. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

Error: (04/05/2017 11:12:04 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Error al generar el contexto de activación de "c:\program files (x86)\spybot - search & destroy 2\Tools.dll". Error en el manifiesto o el archivo de directiva "c:\program files (x86)\spybot - search & destroy 2\Tools.dll", línea 2.
El elemento de la raíz del archivo de manifiesto debe ser un ensamblado.

Error: (04/05/2017 11:12:03 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Error al generar el contexto de activación de "c:\program files (x86)\spybot - search & destroy 2\SDTasks.dll". Error en el manifiesto o el archivo de directiva "c:\program files (x86)\spybot - search & destroy 2\SDTasks.dll", línea 2.
El elemento de la raíz del archivo de manifiesto debe ser un ensamblado.

Error: (04/05/2017 11:12:03 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Error al generar el contexto de activación de "c:\program files (x86)\spybot - search & destroy 2\SDResources.dll". Error en el manifiesto o el archivo de directiva "c:\program files (x86)\spybot - search & destroy 2\SDResources.dll", línea 2.
El elemento de la raíz del archivo de manifiesto debe ser un ensamblado.

Error: (04/05/2017 11:12:03 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Error al generar el contexto de activación de "c:\program files (x86)\spybot - search & destroy 2\SDScanLibrary.dll". Error en el manifiesto o el archivo de directiva "c:\program files (x86)\spybot - search & destroy 2\SDScanLibrary.dll", línea 2.
El elemento de la raíz del archivo de manifiesto debe ser un ensamblado.

Error: (04/05/2017 11:12:03 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Error al generar el contexto de activación de "c:\program files (x86)\spybot - search & destroy 2\SDLists.dll". Error en el manifiesto o el archivo de directiva "c:\program files (x86)\spybot - search & destroy 2\SDLists.dll", línea 2.
El elemento de la raíz del archivo de manifiesto debe ser un ensamblado.

Error: (04/05/2017 11:12:02 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Error al generar el contexto de activación de "c:\program files (x86)\spybot - search & destroy 2\SDWinLogon.dll". Error en el manifiesto o el archivo de directiva "c:\program files (x86)\spybot - search & destroy 2\SDWinLogon.dll", línea 2.
El elemento de la raíz del archivo de manifiesto debe ser un ensamblado.

Error: (04/05/2017 11:12:02 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Error al generar el contexto de activación de "c:\program files (x86)\spybot - search & destroy 2\NotificationSpreader.dll". Error en el manifiesto o el archivo de directiva "c:\program files (x86)\spybot - search & destroy 2\NotificationSpreader.dll", línea 2.
El elemento de la raíz del archivo de manifiesto debe ser un ensamblado.

Error: (04/05/2017 11:12:02 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Error al generar el contexto de activación de "c:\program files (x86)\spybot - search & destroy 2\SDHookDrv32.sys". Error en el manifiesto o el archivo de directiva "c:\program files (x86)\spybot - search & destroy 2\SDHookDrv32.sys", línea 2.
El elemento de la raíz del archivo de manifiesto debe ser un ensamblado.


System errors:
=============
Error: (04/05/2017 12:47:19 PM) (Source: DCOM) (EventID: 10010) (User: Montes_LT1)
Description: El servidor {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (04/05/2017 11:42:44 AM) (Source: DCOM) (EventID: 10010) (User: Montes_LT1)
Description: El servidor MicrosoftEdge.AppXeb42j1vh6rk395pm0vmcx57dxqjhej5d.mca no se registró con DCOM dentro del tiempo de espera requerido.

Error: (04/05/2017 11:03:34 AM) (Source: DCOM) (EventID: 10010) (User: Montes_LT1)
Description: El servidor {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (04/05/2017 11:01:07 AM) (Source: DCOM) (EventID: 10010) (User: Montes_LT1)
Description: El servidor {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (04/04/2017 07:34:39 PM) (Source: DCOM) (EventID: 10010) (User: Montes_LT1)
Description: El servidor Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider no se registró con DCOM dentro del tiempo de espera requerido.

Error: (04/03/2017 11:28:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Malwarebytes Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (04/03/2017 11:26:34 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: El servicio Administrador de mapas descargados no respondió después de iniciar.

Error: (04/03/2017 11:24:50 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: El servidor {784E29F4-5EBE-4279-9948-1E8FE941646D} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (04/03/2017 11:20:40 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
y APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (04/03/2017 11:20:40 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
y APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.


CodeIntegrity:
===================================
Date: 2017-01-03 07:11:11.684
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2017-01-03 07:03:24.324
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2016-12-04 20:30:54.162
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_96feac2ff3979cc1\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-04 20:30:53.957
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-11-28 09:23:11.021
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_96feac2ff3979cc1\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-11-28 09:23:10.465
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-10-28 12:23:07.298
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_96feac2ff3979cc1\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-10-28 12:23:06.694
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-10-28 00:26:56.149
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows.old\WINDOWS\System32\aadcloudap.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-10-28 00:26:56.096
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows.old\WINDOWS\System32\aadcloudap.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Percentage of memory in use: 45%
Total physical RAM: 8102.44 MB
Available physical RAM: 4425.93 MB
Total Virtual: 10662.44 MB
Available Virtual: 6733.61 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:921.32 GB) (Free:427.05 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 411AA3B9)

Partition: GPT.

==================== End of Addition.txt ============================
mickeymontes
 
Posts: 4
Joined: Fri Mar 31, 2017 5:48 pm

Re: hijckthis log

Postby patrik » Fri Apr 21, 2017 3:19 am

Run Notepad, copy/paste the text in the code box below into notepad:
Code: Select all
CreateRestorePoint:
CHR HKLM-x32\...\Chrome\Extension: [fdbpcigaolookbahgdofnimidinicfid] - hxxps://clients2.google.com/service/update2/crx
S2 Aroqercult; C:\Program Files (x86)\Atervuiedclufition\fegeingPrv.dll [X]
S2 Ckovch; C:\Program Files (x86)\Nupowardplihosh\vkwrenew.dll [X]
S2 GmSvc; C:\Program Files (x86)\LDSGameCenter\GmSvc.dll [X]
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
NETSVCx32: HpSvc -> no filepath.
NETSVCx32: GmSvc -> C:\Program Files (x86)\LDSGameCenter\GmSvc.dll ==> No File
NETSVCx32: WpSvc -> no filepath.
Task: {0355225A-54F4-464A-89A7-769935239956} - System32\Tasks\WindowsUpdate => c:\windows\svchost.exe
Task: {11A0BB39-DD79-4643-BB0E-9693448CADF9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {17D430D9-18A7-4A6B-99EB-F46AF1B3A728} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {24B2A21E-EC72-457E-B13F-FD5F169AAD89} - System32\Tasks\Raseck Manager => C:\Program Files (x86)\Atervuiedclufition\soqether.exe
Task: {2876489E-D535-475A-9B0C-EC074709EDB3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {31F1137B-D154-4E25-A1A3-1B5CC4492376} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {37D910F3-174E-44C4-B616-D47FE08789B4} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {54E5BA30-5AA3-41B5-816A-2293DF0A4E5E} - System32\Tasks\WinZip Update Notifier => C:\Program Files\WinZip\WZUpdateNotifier.exe [2016-12-08] (WinZip)
Task: {5D6A56B6-4098-4822-BF46-5F1ED2B11601} - System32\Tasks\UninstallDDS-C960901F-CE14-4DE1-9729-1305F719A337 => C:\WINDOWS\TEMP\DeleteFolderTask.exe <==== ATTENTION
Task: {8D1256C2-A703-454A-ADD5-8B4987B52F23} - \WPD\SqmUpload_S-1-5-21-2952967907-3114153538-507899254-1001 -> No File <==== ATTENTION
Task: {9B5AD88E-58A6-4E33-9B9E-4BF031B857E1} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {AC599031-ED0B-47C9-BA0B-2D79B50E8A8E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {B92DDF0F-DE79-4766-9890-5C0AB1C99A09} - System32\Tasks\Update\9557a288-3983-4e09-85e7-52b083448e87 => C:\ProgramData\system.exe <==== ATTENTION
Task: {C23CE517-25B9-4A4E-85AC-195442817FC9} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {C57E8232-DBE0-452B-9CA0-8E408F0DC005} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {E2C782FB-76D8-464C-8716-EA0564AAB1E6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {EF773D7E-B99F-444C-A496-46A8FA88484B} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {F0F9ABD9-53AF-4045-9580-8FD437EEF07E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
ShortcutWithArgument: C:\Users\Michael Montes\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxps://launchpage.org/?uid=oTlKGKjNhxo ... Xwyg%3D%3D
ShortcutWithArgument: C:\Users\Michael Montes\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7eacadfa43776aec\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxps://launchpage.org/?uid=oTlKGKjNhxo ... Xwyg%3D%3D
C:\Program Files (x86)\Atervuiedclufition
C:\ProgramData\system.exe
EmptyTemp:
Reboot:

Name the Notepad file as fixlist and Save it to a folder where FRST is located.
Run FRST and press the Fix button. When the tool is finished, it will produce a report for you.

Post back with the fix log + new "scan" logs (Run FRST, click Scan).
patrik
Site Admin
 
Posts: 9313
Joined: Sun Jan 08, 2006 1:11 pm


Return to Spyware Removal

Who is online

Users browsing this forum: No registered users and 1 guest

cron