Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

After Win32 / Virut.NBP what to do?


  • This topic is locked This topic is locked
9 replies to this topic

#1 ika

ika

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:10:09 PM

Posted 01 April 2016 - 04:44 PM

Hi.
I got rid of my operating system to virut virus. I wanted to know if I have to perform some other action to make it all ok.
Thank you very much.
Greetings.



BC AdBot (Login to Remove)

 


#2 ika

ika
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:10:09 PM

Posted 02 April 2016 - 06:20 AM

Hi.
You can run the OTL, the FIRST after a while does not respond or run in safe mode. Deputy OTL report. I hope your help.
Thank you very much.
Greetings.

 

[attachment=178763:OTL.Txt]

 

OTL logfile created on: 2/4/2016 8:04:37 a. m. - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\emanu\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.10586.0)
Locale: 00002C0A | Country: Argentina | Language: ESS | Date Format: d/M/yyyy
 
3,87 Gb Total Physical Memory | 2,03 Gb Available Physical Memory | 52,40% Memory free
4,44 Gb Paging File | 2,60 Gb Available in Paging File | 58,59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,16 Gb Total Space | 397,70 Gb Free Space | 85,50% Space Free | Partition Type: NTFS
 
Computer Name: DESKTOP-158NLDR | User Name: emanu | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC -  File not found
PRC - C:\Users\emanu\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Ad Muncher\AdMunch.exe (Murray Hurps Software Pty Ltd)
PRC - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe ()
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe ()
PRC - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll ()
MOD - C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll ()
MOD - C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll ()
MOD - C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe ()
MOD - C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (ClipSVC) -- C:\Windows\SysNative\ClipSVC.dll (Microsoft Corporation)
SRV:64bit: - (DsSvc) -- C:\Windows\SysNative\dssvc.dll (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc) -- C:\Windows\SysNative\PimIndexMaintenance.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc) -- C:\Windows\SysNative\Unistore.dll (Microsoft Corporation)
SRV:64bit: - (UserDataSvc) -- C:\Windows\SysNative\UserDataService.dll (Microsoft Corporation)
SRV:64bit: - (DoSvc) -- C:\Windows\SysNative\dosvc.dll (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (XblGameSave) -- C:\Windows\SysNative\XblGameSave.dll (Microsoft Corporation)
SRV:64bit: - (NgcSvc) -- C:\Windows\SysNative\ngcsvc.dll (Microsoft Corporation)
SRV:64bit: - (NetSetupSvc) -- C:\Windows\SysNative\NetSetupSvc.dll (Microsoft Corporation)
SRV:64bit: - (SmsRouter) -- C:\Windows\SysNative\SmsRouterSvc.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (XblAuthManager) -- C:\Windows\SysNative\XblAuthManager.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (XboxNetApiSvc) -- C:\Windows\SysNative\XboxNetApiSvc.dll (Microsoft Corporation)
SRV:64bit: - (UserManager) -- C:\Windows\SysNative\usermgr.dll (Microsoft Corporation)
SRV:64bit: - (PhoneSvc) -- C:\Windows\SysNative\PhoneService.dll (Microsoft Corporation)
SRV:64bit: - (SensorService) -- C:\Windows\SysNative\SensorService.dll (Microsoft Corporation)
SRV:64bit: - (icssvc) -- C:\Windows\SysNative\tetheringservice.dll (Microsoft Corporation)
SRV:64bit: - (MapsBroker) -- C:\Windows\SysNative\moshost.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (tzautoupdate) -- C:\Windows\SysNative\tzautoupdate.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (igfxCUIService2.0.0.0) -- C:\Windows\SysNative\igfxCUIService.exe (Intel Corporation)
SRV:64bit: - (VIAKaraokeService) -- C:\Windows\SysNative\ViakaraokeSrv.exe (VIA Technologies, Inc.)
SRV:64bit: - (PDAgent) -- C:\Program Files\Raxco\PerfectDisk\PDAgent.exe (Raxco Software, Inc.)
SRV:64bit: - (PDEngine) -- C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe (Raxco Software, Inc.)
SRV:64bit: - (acssrv) -- C:\Program Files\Agnitum\Outpost Firewall Pro\acs.exe (Agnitum Ltd.)
SRV:64bit: - (RetailDemo) -- C:\Windows\SysNative\RDXService.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (WalletService) -- C:\Windows\SysNative\WalletService.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (IEEtwCollectorService) -- C:\WINDOWS\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (SensorDataService) -- C:\Windows\SysNative\SensorDataService.exe (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (tiledatamodelsvc) -- C:\Windows\SysNative\tileobjserver.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (NgcCtnrSvc) -- C:\Windows\SysNative\NgcCtnrSvc.dll (Microsoft Corporation)
SRV:64bit: - (WpnService) -- C:\Windows\SysNative\wpnservice.dll (Microsoft Corporation)
SRV:64bit: - (DevQueryBroker) -- C:\Windows\SysNative\DevQueryBroker.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\lfsvc.dll (Microsoft Corporation)
SRV:64bit: - (LicenseManager) -- C:\Windows\SysNative\LicenseManagerSvc.dll (Microsoft Corporation)
SRV:64bit: - (StateRepository) -- C:\Windows\SysNative\Windows.StateRepository.dll (Microsoft Corporation)
SRV:64bit: - (embeddedmode) -- C:\Windows\SysNative\embeddedmodesvc.dll (Microsoft Corporation)
SRV:64bit: - (AJRouter) -- C:\Windows\SysNative\AJRouter.dll (Microsoft Corporation)
SRV:64bit: - (CoreMessagingRegistrar) -- C:\Windows\SysNative\CoreMessaging.dll (Microsoft Corporation)
SRV:64bit: - (CDPSvc) -- C:\Windows\SysNative\cdpsvc.dll (Microsoft Corporation)
SRV:64bit: - (UsoSvc) -- C:\Windows\SysNative\usocore.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (diagnosticshub.standardcollector.service) -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc) -- C:\Windows\SysNative\APHostService.dll (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_da470) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_78ade) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_721a0) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_6c737) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_62cde) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_52a14) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_4d686) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_3ea84) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_3a320) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_1e877d) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_12835a) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_da470) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_78ade) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_721a0) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_6c737) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_62cde) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_52a14) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_4d686) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_3ea84) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_3a320) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_1e877d) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_12835a) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_da470) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_78ade) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_721a0) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_6c737) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_62cde) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_52a14) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_4d686) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_3ea84) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_3a320) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_1e877d) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_12835a) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_da470) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_78ade) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_721a0) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_6c737) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_62cde) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_52a14) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_4d686) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_3ea84) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_3a320) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_1e877d) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_12835a) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_dcc12) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_da470) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_78ade) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_721a0) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_6c737) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_62cde) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_52a14) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_4d686) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_3ea84) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_3a320) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_1e877d) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_12835a) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (TieringEngineService) -- C:\Windows\SysNative\TieringEngineService.exe (Microsoft Corporation)
SRV:64bit: - (DcpSvc) -- C:\Windows\SysNative\dcpsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (EntAppSvc) -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll (Microsoft Corporation)
SRV:64bit: - (DmEnrollmentSvc) -- C:\Windows\SysNative\Windows.Internal.Management.dll (Microsoft Corporation)
SRV:64bit: - (dmwappushservice) -- C:\Windows\SysNative\dmwappushsvc.dll (Microsoft Corporation)
SRV:64bit: - (MessagingService) -- C:\Windows\SysNative\MessagingService.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvmsession) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (BthHFSrv) -- C:\Windows\SysNative\BthHFSrv.dll (Microsoft Corporation)
SRV:64bit: - (OODefragAgent) -- C:\Program Files\OO Software\Defrag\oodag.exe (O&O Software GmbH)
SRV:64bit: - (Intel® -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe (Intel® Corporation)
SRV:64bit: - (IAStorDataMgrSvc) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV:64bit: - (HPSIService) -- C:\Windows\SysNative\HPSIsvc.exe (HP)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (UnistoreSvc) -- C:\Windows\SysWOW64\Unistore.dll (Microsoft Corporation)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (EMET_Service) -- C:\Program Files (x86)\EMET 5.5\EMET_Service.exe (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (BRN_APPGUARD_SERVICE) -- C:\Program Files (x86)\Blue Ridge Networks\AppGuard\AppGuardAgent.exe (Blue Ridge Networks)
SRV - (StateRepository) -- C:\Windows\SysWOW64\Windows.StateRepository.dll (Microsoft Corporation)
SRV - (lfsvc) -- C:\Windows\SysWOW64\lfsvc.dll (Microsoft Corporation)
SRV - (CoreMessagingRegistrar) -- C:\Windows\SysWOW64\CoreMessaging.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (DmEnrollmentSvc) -- C:\Windows\SysWOW64\Windows.Internal.Management.dll (Microsoft Corporation)
SRV - (PrintNotify) -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (isaHelperSvc) -- C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe ()
SRV - (Intel® -- C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe (Intel Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (dtliteusbbus) -- C:\Windows\SysNative\drivers\dtliteusbbus.sys (Disc Soft Ltd)
DRV:64bit: - (dtlitescsibus) -- C:\Windows\SysNative\drivers\dtlitescsibus.sys (Disc Soft Ltd)
DRV:64bit: - (GUBootStartup) -- C:\Windows\SysNative\drivers\GUBootStartup.sys (Glarysoft Ltd)
DRV:64bit: - (adgnetworkwfpdrv) -- C:\Windows\SysNative\drivers\adgnetworkwfpdrv.sys ()
DRV:64bit: - (tsusbhub) -- C:\Windows\SysNative\drivers\tsusbhub.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (xboxgip) -- C:\Windows\SysNative\drivers\xboxgip.sys (Microsoft Corporation)
DRV:64bit: - (xinputhid) -- C:\Windows\SysNative\drivers\xinputhid.sys (Microsoft Corporation)
DRV:64bit: - (CapImg) -- C:\Windows\SysNative\drivers\capimg.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (BrnFileLock) -- C:\Windows\SysNative\drivers\brnfilelock.sys (Blue Ridge Networks)
DRV:64bit: - (SandBox) -- C:\Windows\SysNative\drivers\SandBox64.sys (Agnitum Ltd.)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (ReFSv1) -- C:\WINDOWS\SysNative\drivers\refsv1.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (WindowsTrustedRT) -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys (Microsoft Corporation)
DRV:64bit: - (storqosflt) -- C:\Windows\SysNative\drivers\storqosflt.sys (Microsoft Corporation)
DRV:64bit: - (UcmCx0101) -- C:\Windows\SysNative\drivers\UcmCx.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (IoQos) -- C:\Windows\SysNative\drivers\ioqos.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (MMCSS) -- C:\Windows\SysNative\drivers\mmcss.sys (Microsoft Corporation)
DRV:64bit: - (Ufx01000) -- C:\Windows\SysNative\drivers\ufx01000.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (UrsCx01000) -- C:\Windows\SysNative\drivers\urscx01000.sys (Microsoft Corporation)
DRV:64bit: - (cnghwassist) -- C:\Windows\SysNative\drivers\cnghwassist.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (Wof) -- C:\WINDOWS\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (GpuEnergyDrv) -- C:\Windows\SysNative\drivers\gpuenergydrv.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (wdiwifi) -- C:\Windows\SysNative\drivers\WdiWiFi.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (Ucx01000) -- C:\Windows\SysNative\drivers\Ucx01000.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (FileCrypt) -- C:\Windows\SysNative\drivers\filecrypt.sys (Microsoft Corporation)
DRV:64bit: - (tsusbflt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (UdeCx) -- C:\Windows\SysNative\drivers\Udecx.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (vhf) -- C:\Windows\SysNative\drivers\vhf.sys (Microsoft Corporation)
DRV:64bit: - (WindowsTrustedRTProxy) -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (UrsChipidea) -- C:\Windows\SysNative\drivers\urschipidea.sys (Microsoft Corporation)
DRV:64bit: - (UrsSynopsys) -- C:\Windows\SysNative\drivers\urssynopsys.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (mlx4_bus) -- C:\Windows\SysNative\drivers\mlx4_bus.sys (Mellanox)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (ibbus) -- C:\Windows\SysNative\drivers\ibbus.sys (Mellanox)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (ufxsynopsys) -- C:\Windows\SysNative\drivers\ufxsynopsys.sys (Microsoft Corporation)
DRV:64bit: - (LSI_SAS2i) -- C:\Windows\SysNative\drivers\lsi_sas2i.sys (LSI Corporation)
DRV:64bit: - (LSI_SAS3i) -- C:\Windows\SysNative\drivers\lsi_sas3i.sys (Avago Technologies)
DRV:64bit: - (UfxChipidea) -- C:\Windows\SysNative\drivers\UfxChipidea.sys (Microsoft Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (ndfltr) -- C:\Windows\SysNative\drivers\ndfltr.sys (Mellanox)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (WinVerbs) -- C:\Windows\SysNative\drivers\winverbs.sys (Mellanox)
DRV:64bit: - (percsas3i) -- C:\Windows\SysNative\drivers\percsas3i.sys (Avago Technologies)
DRV:64bit: - (percsas2i) -- C:\Windows\SysNative\drivers\percsas2i.sys (LSI Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (UcmUcsi) -- C:\Windows\SysNative\drivers\UcmUcsi.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (storufs) -- C:\Windows\SysNative\drivers\storufs.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (WinMad) -- C:\Windows\SysNative\drivers\winmad.sys (Mellanox)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (QLogic Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (hidinterrupt) -- C:\Windows\SysNative\drivers\hidinterrupt.sys (Microsoft Corporation)
DRV:64bit: - (buttonconverter) -- C:\Windows\SysNative\drivers\buttonconverter.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (genericusbfn) -- C:\Windows\SysNative\drivers\genericusbfn.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (bcmfn) -- C:\Windows\SysNative\drivers\bcmfn.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (iaLPSS2i_I2C) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys (Intel Corporation)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (iai2c) -- C:\Windows\SysNative\drivers\iai2c.sys (Intel® Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (rt640x64) -- C:\Windows\SysNative\drivers\rt640x64.sys (Realtek                                            )
DRV:64bit: - (afwcore) -- C:\Windows\SysNative\drivers\afwcore.sys (Agnitum Ltd.)
DRV:64bit: - (afw) -- C:\Windows\SysNative\drivers\afw.sys (Agnitum Ltd.)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\TeeDriverW8x64.sys (Intel Corporation)
DRV:64bit: - (DefragFS) -- C:\WINDOWS\SysNative\drivers\DefragFS.sys (Raxco Software, Inc.)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation)
DRV:64bit: - (PDFSFilter) -- C:\Windows\SysNative\drivers\PDFsFilter.sys (Raxco Software, Inc.)
DRV:64bit: - (mvusbews) -- C:\Windows\SysNative\drivers\mvusbews.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (Revoflt) -- C:\Windows\SysNative\drivers\revoflt.sys (VS Revo Group)
DRV - (CompositeBus) -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0D8F8606-9DB4-4E44-B42D-8824463082E1}
IE:64bit: - HKLM\..\SearchScopes\{0D8F8606-9DB4-4E44-B42D-8824463082E1}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRNAM1&src=IE11TR&pc=NMTE
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0D8F8606-9DB4-4E44-B42D-8824463082E1}
IE - HKLM\..\SearchScopes\{0D8F8606-9DB4-4E44-B42D-8824463082E1}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRNAM1&src=IE11TR&pc=NMTE
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
 
IE - HKU\S-1-5-21-902784678-1999700244-2965566074-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.oem15.msn.com/?pc=NMTE
IE - HKU\S-1-5-21-902784678-1999700244-2965566074-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.exo.com.ar/bienvenida [binary data]
IE - HKU\S-1-5-21-902784678-1999700244-2965566074-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKU\S-1-5-21-902784678-1999700244-2965566074-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-902784678-1999700244-2965566074-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.countryCode: "AR"
FF - prefs.js..browser.search.region: "AR"
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20151208
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.9.0.10
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:45.0.1
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\WebProtection@360safe.com: C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 45.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 45.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2016/03/19 04:25:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 38.7.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 38.7.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 45.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 45.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2016/03/19 04:25:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 38.7.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 38.7.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc2@internetdownloadmanager.com: C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
 
[2016/02/22 05:07:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\emanu\AppData\Roaming\mozilla\Extensions
[2016/03/31 18:10:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\emanu\AppData\Roaming\mozilla\Firefox\Profiles\pekeoj4h.default\extensions
[2016/02/22 05:09:58 | 000,000,000 | ---D | M] (WOT) -- C:\Users\emanu\AppData\Roaming\mozilla\Firefox\Profiles\pekeoj4h.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2016/03/18 12:11:49 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Users\emanu\AppData\Roaming\mozilla\Firefox\Profiles\pekeoj4h.default\extensions\en-US@dictionaries.addons.mozilla.org
[2016/02/22 06:45:30 | 000,000,000 | ---D | M] (Diccionario Español Argentina) -- C:\Users\emanu\AppData\Roaming\mozilla\Firefox\Profiles\pekeoj4h.default\extensions\es-AR@dictionaries.addons.mozilla.org
[2016/03/22 00:05:34 | 004,277,297 | ---- | M] () (No name found) -- C:\Users\emanu\AppData\Roaming\mozilla\firefox\profiles\pekeoj4h.default\extensions\firefox@mega.co.nz.xpi
[2016/03/23 09:07:12 | 000,562,951 | ---- | M] () (No name found) -- C:\Users\emanu\AppData\Roaming\mozilla\firefox\profiles\pekeoj4h.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2016/02/24 05:18:04 | 001,013,992 | ---- | M] () (No name found) -- C:\Users\emanu\AppData\Roaming\mozilla\firefox\profiles\pekeoj4h.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2016/03/28 20:23:12 | 001,656,045 | ---- | M] () (No name found) -- C:\Users\emanu\AppData\Roaming\mozilla\firefox\profiles\pekeoj4h.default\features\{24cbcf00-f914-4cb0-b852-8b76d4d63623}\loop@mozilla.org.xpi
[2016/03/19 04:25:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2015/11/18 02:50:52 | 000,039,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
 
========== Chrome  ==========
 
 
O1 HOSTS File: ([2015/07/10 08:02:42 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Microsoft OneDrive for Business Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [OutpostMonitor] C:\Program Files\Agnitum\Outpost Firewall Pro\op_mon.exe (Agnitum Ltd.)
O4 - HKLM..\Run: [Ad Muncher] C:\Program Files (x86)\Ad Muncher\AdMunch.exe (Murray Hurps Software Pty Ltd)
O4 - HKLM..\Run: [AppGuardGUI] C:\Program Files (x86)\Blue Ridge Networks\AppGuard\AppGuardGUI.exe (Blue Ridge Networks)
O4 - HKU\S-1-5-19..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-902784678-1999700244-2965566074-1002..\Run: [GUDelayStartup] C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe (Glarysoft Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 186.12.238.16 186.12.238.15 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{b0beaa19-6818-48d5-be3b-ea07ea66dfdc}: DhcpNameServer = 186.12.238.16 186.12.238.15 192.168.0.1
O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\WINDOWS\System32\Userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (PDBoot.exe)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs:64bit: dosvc - C:\Windows\SysNative\dosvc.dll (Microsoft Corporation)
NetSvcs:64bit: DcpSvc - C:\Windows\SysNative\dcpsvc.dll (Microsoft Corporation)
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
NetSvcs:64bit: NetSetupSvc - C:\Windows\SysNative\NetSetupSvc.dll (Microsoft Corporation)
NetSvcs:64bit: RetailDemo - C:\Windows\SysNative\RDXService.dll (Microsoft Corporation)
NetSvcs:64bit: lfsvc - C:\Windows\SysNative\lfsvc.dll (Microsoft Corporation)
NetSvcs:64bit: dmwappushservice - C:\Windows\SysNative\dmwappushsvc.dll (Microsoft Corporation)
NetSvcs:64bit: XboxNetApiSvc - C:\Windows\SysNative\XboxNetApiSvc.dll (Microsoft Corporation)
NetSvcs:64bit: UsoSvc - C:\Windows\SysNative\usocore.dll (Microsoft Corporation)
NetSvcs:64bit: XblGameSave - C:\Windows\SysNative\XblGameSave.dll (Microsoft Corporation)
NetSvcs:64bit: DmEnrollmentSvc - C:\Windows\SysNative\Windows.Internal.Management.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: UserManager - C:\Windows\SysNative\usermgr.dll (Microsoft Corporation)
NetSvcs:64bit: XblAuthManager - C:\Windows\SysNative\XblAuthManager.dll (Microsoft Corporation)
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
 
MsConfig:64bit - State: "bootini" - Reg Error: Key error.
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2016/04/02 08:03:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\emanu\Desktop\OTL.exe
[2016/04/02 07:16:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enhanced Mitigation Experience Toolkit
[2016/04/02 07:16:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EMET 5.5
[2016/04/02 07:10:55 | 000,000,000 | ---D | C] -- C:\Users\emanu\AppData\Roaming\blue ridge networks
[2016/04/02 07:06:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Ridge Networks
[2016/04/02 07:06:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Blue Ridge Networks
[2016/04/02 07:06:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Blue Ridge Networks
[2016/04/02 05:02:30 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro.Alert
[2016/04/01 05:47:49 | 000,000,000 | ---D | C] -- C:\Users\emanu\AppData\Local\Apps
[2016/04/01 05:38:38 | 000,000,000 | ---D | C] -- C:\Users\emanu\AppData\Local\Disc_Soft_Ltd
[2016/04/01 03:20:23 | 000,047,672 | ---- | C] (Disc Soft Ltd) -- C:\WINDOWS\SysNative\drivers\dtliteusbbus.sys
[2016/04/01 03:20:10 | 000,030,264 | ---- | C] (Disc Soft Ltd) -- C:\WINDOWS\SysNative\drivers\dtlitescsibus.sys
[2016/04/01 02:44:11 | 000,000,000 | -H-D | C] -- C:\$Windows.~WS
[2016/04/01 02:31:01 | 000,000,000 | ---D | C] -- C:\$WINDOWS.~BT
[2016/03/31 14:26:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad Muncher
[2016/03/31 14:26:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad Muncher
[2016/03/31 14:26:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ad Muncher
[2016/03/31 04:04:21 | 000,000,000 | ---D | C] -- C:\Users\emanu\AppData\Local\NPE
[2016/03/27 11:08:57 | 000,000,000 | ---D | C] -- C:\Users\emanu\AppData\Local\Macromedia
[2016/03/27 10:49:25 | 000,000,000 | ---D | C] -- C:\Users\emanu\OneDrive\Documentos\Proyectos VideoPad
[2016/03/27 10:47:07 | 000,000,000 | ---D | C] -- C:\Users\emanu\AppData\Roaming\NCH Software
[2016/03/27 10:47:05 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Software
[2016/03/27 10:47:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NCH Software
[2016/03/25 19:57:20 | 000,000,000 | ---D | C] -- C:\Users\emanu\AppData\Local\CrashDumps
[2016/03/25 16:17:41 | 000,000,000 | ---D | C] -- C:\Users\emanu\AppData\Roaming\TechSmith
[2016/03/25 16:17:35 | 000,000,000 | ---D | C] -- C:\Users\emanu\OneDrive\Documentos\Camtasia Studio
[2016/03/25 16:17:26 | 000,000,000 | ---D | C] -- C:\Users\emanu\AppData\Local\TechSmith
[2016/03/25 16:15:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
[2016/03/25 16:15:39 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1995-08.com.techsmith
[2016/03/25 16:15:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2016/03/25 16:15:28 | 000,000,000 | ---D | C] -- C:\ProgramData\TechSmith
[2016/03/25 16:15:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\TechSmith Shared
[2016/03/25 16:15:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TechSmith
[2016/03/25 14:50:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2016/03/24 18:09:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2016/03/24 07:38:03 | 000,000,000 | ---D | C] -- C:\Users\emanu\AppData\Local\ElevatedDiagnostics
[2016/03/24 07:34:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2016/03/24 06:43:27 | 000,000,000 | ---D | C] -- C:\Users\emanu\AppData\Local\Diagnostics
[2016/03/23 04:12:59 | 000,000,000 | ---D | C] -- C:\Users\emanu\AppData\Local\calibre-cache
[2016/03/23 04:11:15 | 000,000,000 | ---D | C] -- C:\Users\emanu\AppData\Roaming\calibre
[2016/03/23 04:10:52 | 000,000,000 | ---D | C] -- C:\Program Files\Calibre2
[2016/03/23 04:10:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
[2016/03/22 15:35:24 | 000,000,000 | ---D | C] -- C:\Users\emanu\OneDrive\Documentos\Plantillas personalizadas de Office
[2016/03/19 04:25:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2016/03/17 14:51:51 | 000,000,000 | ---D | C] -- C:\ProgramData\GZ
[2016/03/16 10:30:42 | 000,000,000 | ---D | C] -- C:\Users\emanu\AppData\Roaming\QuickScan
[2016/03/16 06:51:21 | 000,000,000 | ---D | C] -- C:\Users\emanu\OneDrive\Documentos\SMRecorder
[2016/03/16 06:51:21 | 000,000,000 | ---D | C] -- C:\Users\emanu\AppData\Roaming\SMRecorder
[2016/03/14 05:03:22 | 000,000,000 | ---D | C] -- C:\Users\emanu\AppData\Local\gtk-2.0
[2016/03/14 05:03:15 | 000,000,000 | ---D | C] -- C:\Users\emanu\.thumbnails
[2016/03/14 05:00:39 | 000,000,000 | ---D | C] -- C:\Users\emanu\AppData\Local\fontconfig
[2016/03/14 05:00:37 | 000,000,000 | ---D | C] -- C:\Users\emanu\AppData\Local\gegl-0.2
[2016/03/14 05:00:37 | 000,000,000 | ---D | C] -- C:\Users\emanu\.gimp-2.8
[2016/03/14 04:58:16 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2016/03/12 10:53:53 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office 2016
[2016/03/12 10:52:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2016/03/12 10:52:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2016/03/12 10:51:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server
[2016/03/12 10:51:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\PCHEALTH
[2016/03/12 10:51:37 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2016/03/12 10:49:27 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2016/03/12 10:49:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2016/03/12 10:48:46 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2016/03/11 13:28:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\CryptoGuard
[2016/03/11 13:05:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2016/03/11 13:04:59 | 000,000,000 | -H-D | C] -- C:\OneDriveTemp
[2016/03/10 03:17:15 | 000,000,000 | ---D | C] -- C:\Users\emanu\AppData\Roaming\uTorrent
[2016/03/09 14:04:38 | 000,000,000 | ---D | C] -- C:\Users\emanu\AppData\Roaming\tor
[2016/03/08 16:56:13 | 000,000,000 | ---D | C] -- C:\Users\emanu\AppData\Local\O&O
[2016/03/08 16:55:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\oodag
[2016/03/08 16:55:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software
[2016/03/08 16:55:51 | 000,000,000 | ---D | C] -- C:\Program Files\OO Software
[2016/03/08 16:51:41 | 000,000,000 | ---D | C] -- C:\ProgramData\OO Software
[2016/03/07 15:56:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
[2016/03/07 15:56:24 | 000,020,160 | ---- | C] (Glarysoft Ltd) -- C:\WINDOWS\SysNative\drivers\GUBootStartup.sys
[2016/03/07 15:56:21 | 000,000,000 | ---D | C] -- C:\Users\emanu\AppData\Roaming\GlarySoft
[2016/03/07 15:56:21 | 000,000,000 | ---D | C] -- C:\Users\emanu\AppData\Roaming\DiskDefrag
[2016/03/07 15:56:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Glary Utilities 5
[2016/03/07 06:47:59 | 000,000,000 | ---D | C] -- C:\Users\emanu\AppData\Roaming\DMCache
[2016/03/06 17:38:46 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2016/03/06 17:38:35 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2016/03/05 09:51:20 | 000,000,000 | ---D | C] -- C:\ProgramData\LGE
[2016/03/05 09:51:20 | 000,000,000 | ---D | C] -- C:\ProgramData\HTC
[2016/03/05 09:50:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft
[2016/03/05 05:33:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2016/03/05 05:33:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Phone Silverlight Kits
[2016/03/05 05:32:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 12.0
[2016/03/05 05:32:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2016/03/05 05:32:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Phone Kits
[2016/03/05 05:32:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XDE
[2016/03/05 05:32:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SDKs
[2016/03/04 06:26:00 | 000,000,000 | ---D | C] -- C:\Users\emanu\AppData\Roaming\vlc
[2016/03/03 08:52:36 | 000,000,000 | ---D | C] -- C:\Users\emanu\AppData\Local\CEF
[2016/03/03 08:51:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2016/03/03 08:51:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2016/03/03 08:50:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2016/03/03 08:49:17 | 000,000,000 | ---D | C] -- C:\Users\emanu\AppData\Local\Adobe
[2016/03/03 08:48:08 | 000,000,000 | ---D | C] -- C:\Users\emanu\AppData\Roaming\Macromedia
[2016/03/03 08:48:04 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2016/03/03 08:47:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2016/03/03 08:44:41 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[1 C:\WINDOWS\SysNative\drivers\*.tmp files -> C:\WINDOWS\SysNative\drivers\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2016/04/02 08:04:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\emanu\Desktop\OTL.exe
[2016/04/02 08:00:41 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2016/04/02 08:00:10 | 000,001,126 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2016/04/02 07:59:18 | 000,000,180 | ---- | M] () -- C:\WINDOWS\SysNative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
[2016/04/02 07:58:37 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2016/04/02 07:58:36 | 1663,422,464 | -HS- | M] () -- C:\hiberfil.sys
[2016/04/02 07:54:05 | 000,000,214 | ---- | M] () -- C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job
[2016/04/02 07:33:00 | 000,001,130 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2016/04/02 07:10:51 | 000,003,120 | ---- | M] () -- C:\WINDOWS\ULYP5O85.ocx
[2016/04/02 07:10:51 | 000,003,120 | ---- | M] () -- C:\WINDOWS\SysNative\JE9I4EW5.ocx
[2016/04/02 07:06:37 | 000,002,310 | ---- | M] () -- C:\Users\Public\Desktop\AppGuard.lnk
[2016/04/01 15:36:19 | 000,025,663 | ---- | M] () -- C:\WINDOWS\ZAM.krnl.trace
[2016/04/01 15:34:23 | 000,000,119 | ---- | M] () -- C:\WINDOWS\ZAM_Guard.krnl.trace
[2016/04/01 03:20:23 | 000,047,672 | ---- | M] (Disc Soft Ltd) -- C:\WINDOWS\SysNative\drivers\dtliteusbbus.sys
[2016/04/01 03:20:10 | 000,030,264 | ---- | M] (Disc Soft Ltd) -- C:\WINDOWS\SysNative\drivers\dtlitescsibus.sys
[2016/04/01 02:33:58 | 000,013,906 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2016/04/01 02:33:58 | 000,012,044 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2016/03/31 11:33:21 | 000,001,254 | ---- | M] () -- C:\Users\Public\Desktop\VideoPad, software para edición de vídeo.lnk
[2016/03/30 20:14:11 | 000,000,500 | ---- | M] () -- C:\WINDOWS\SysNative\.crusader
[2016/03/30 17:34:57 | 000,002,265 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2016/03/30 15:35:21 | 001,758,276 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2016/03/30 15:35:21 | 000,780,224 | ---- | M] () -- C:\WINDOWS\SysNative\perfh00A.dat
[2016/03/30 15:35:21 | 000,700,038 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2016/03/30 15:35:21 | 000,150,820 | ---- | M] () -- C:\WINDOWS\SysNative\perfc00A.dat
[2016/03/30 15:35:21 | 000,131,592 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2016/03/30 05:20:34 | 000,016,384 | ---- | M] () -- C:\WINDOWS\SysWow64\0
[2016/03/25 16:15:39 | 000,001,248 | ---- | M] () -- C:\Users\Public\Desktop\Camtasia Studio 8.lnk
[2016/03/23 04:11:05 | 000,001,006 | ---- | M] () -- C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
[2016/03/22 11:10:29 | 000,000,870 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2016/03/21 14:54:47 | 000,000,923 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2016/03/21 14:54:10 | 000,001,156 | ---- | M] () -- C:\Users\Public\Desktop\Glary Utilities 5.lnk
[2016/03/16 10:23:10 | 000,341,368 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2016/03/14 05:03:34 | 000,001,821 | ---- | M] () -- C:\Users\emanu\AppData\Local\recently-used.xbel
[2016/03/14 04:58:59 | 000,000,934 | ---- | M] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2016/03/10 03:17:54 | 000,002,691 | ---- | M] () -- C:\Users\emanu\Desktop\µTorrent.lnk
[2016/03/09 13:19:19 | 000,000,255 | ---- | M] () -- C:\WINDOWS\SysWow64\drivers\vwifikerneldrv.sys
[2016/03/08 16:55:52 | 000,002,513 | ---- | M] () -- C:\Users\Public\Desktop\O&O Defrag.lnk
[2016/03/08 16:55:52 | 000,002,457 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\O&O Defrag Tray.lnk
[2016/03/07 15:56:24 | 000,020,160 | ---- | M] (Glarysoft Ltd) -- C:\WINDOWS\SysNative\drivers\GUBootStartup.sys
[2016/03/06 17:59:38 | 000,056,704 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\farflt.sys
[2016/03/03 08:51:40 | 000,002,131 | ---- | M] () -- C:\Users\Public\Desktop\Acrobat Reader DC.lnk
[1 C:\WINDOWS\SysNative\drivers\*.tmp files -> C:\WINDOWS\SysNative\drivers\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2016/04/02 07:10:51 | 000,003,120 | ---- | C] () -- C:\WINDOWS\ULYP5O85.ocx
[2016/04/02 07:10:51 | 000,003,120 | ---- | C] () -- C:\WINDOWS\SysNative\JE9I4EW5.ocx
[2016/04/02 07:06:37 | 000,002,310 | ---- | C] () -- C:\Users\Public\Desktop\AppGuard.lnk
[2016/03/31 11:33:21 | 000,001,254 | ---- | C] () -- C:\Users\Public\Desktop\VideoPad, software para edición de vídeo.lnk
[2016/03/30 20:14:11 | 000,000,500 | ---- | C] () -- C:\WINDOWS\SysNative\.crusader
[2016/03/30 05:20:33 | 000,016,384 | ---- | C] () -- C:\WINDOWS\SysWow64\0
[2016/03/27 10:47:06 | 000,001,266 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad, software para edición de vídeo.lnk
[2016/03/25 16:15:39 | 000,001,248 | ---- | C] () -- C:\Users\Public\Desktop\Camtasia Studio 8.lnk
[2016/03/24 07:35:52 | 000,000,214 | ---- | C] () -- C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job
[2016/03/23 04:11:05 | 000,001,006 | ---- | C] () -- C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
[2016/03/14 05:03:34 | 000,001,821 | ---- | C] () -- C:\Users\emanu\AppData\Local\recently-used.xbel
[2016/03/14 04:58:59 | 000,000,934 | ---- | C] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2016/03/14 04:58:53 | 000,000,946 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2016/03/12 10:53:54 | 000,002,729 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
[2016/03/12 10:53:54 | 000,002,662 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive para la Empresa.lnk
[2016/03/12 10:53:54 | 000,002,656 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
[2016/03/12 10:53:54 | 000,002,656 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype Empresarial 2016.lnk
[2016/03/12 10:53:54 | 000,002,656 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
[2016/03/12 10:53:54 | 000,002,648 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
[2016/03/12 10:53:54 | 000,002,642 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
[2016/03/12 10:53:54 | 000,002,628 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
[2016/03/12 10:53:53 | 000,002,648 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
[2016/03/10 03:17:54 | 000,002,691 | ---- | C] () -- C:\Users\emanu\Desktop\µTorrent.lnk
[2016/03/09 13:41:34 | 000,060,016 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\adgnetworkwfpdrv.sys
[2016/03/09 13:19:25 | 000,064,112 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\adgnetworktdidrv.sys
[2016/03/09 13:19:19 | 000,000,255 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\vwifikerneldrv.sys
[2016/03/08 16:55:52 | 000,002,513 | ---- | C] () -- C:\Users\Public\Desktop\O&O Defrag.lnk
[2016/03/08 16:55:52 | 000,002,457 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\O&O Defrag Tray.lnk
[2016/03/07 15:56:31 | 000,001,168 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
[2016/03/07 15:56:31 | 000,001,156 | ---- | C] () -- C:\Users\Public\Desktop\Glary Utilities 5.lnk
[2016/03/03 08:51:40 | 000,002,457 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
[2016/03/03 08:51:40 | 000,002,131 | ---- | C] () -- C:\Users\Public\Desktop\Acrobat Reader DC.lnk
[2016/03/03 08:44:58 | 001,695,232 | ---- | C] () -- C:\WINDOWS\SysNative\HP1100SM.EXE
[2016/03/03 08:44:58 | 000,289,280 | ---- | C] () -- C:\WINDOWS\SysNative\HP1100LM.DLL
[2016/03/03 08:44:43 | 000,350,720 | ---- | C] () -- C:\WINDOWS\SysNative\mvhlewsi.dll
[2016/03/03 08:43:32 | 000,055,296 | ---- | C] () -- C:\WINDOWS\SysNative\HP1100SMs.dll
[2016/03/02 07:59:07 | 001,859,960 | ---- | C] () -- C:\WINDOWS\SysWow64\CoreUIComponents.dll
[2016/02/22 10:11:44 | 000,162,816 | ---- | C] () -- C:\WINDOWS\SysWow64\MTF.dll
[2016/02/22 07:23:45 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2016/02/22 04:59:14 | 001,771,088 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2015/10/30 04:24:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2015/10/30 04:24:43 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2015/10/30 04:18:39 | 000,164,224 | ---- | C] () -- C:\WINDOWS\SysWow64\weretw.dll
[2015/10/30 04:18:36 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2015/10/30 04:18:36 | 000,047,104 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2015/10/30 04:18:34 | 000,019,968 | ---- | C] () -- C:\WINDOWS\SysWow64\GamePanelExternalHook.dll
[2015/10/30 04:18:31 | 000,252,928 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Perception.Stub.dll
[2015/10/30 04:18:31 | 000,029,184 | ---- | C] () -- C:\WINDOWS\SysWow64\dtdump.exe
[2015/10/30 04:18:29 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2015/10/30 04:18:29 | 000,293,376 | ---- | C] () -- C:\WINDOWS\SysWow64\HrtfApo.dll
[2015/10/30 04:18:26 | 000,022,528 | ---- | C] () -- C:\WINDOWS\SysWow64\efsext.dll
[2015/10/30 04:18:25 | 000,002,269 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2015/10/30 04:18:23 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2015/10/30 04:17:40 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2015/10/23 11:31:26 | 000,000,024 | ---- | C] () -- C:\WINDOWS\SetupTemp.ini
 
========== ZeroAccess Check ==========
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2016/02/24 05:46:25 | 006,607,080 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2016/02/24 05:06:39 | 005,242,496 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2015/10/30 04:17:43 | 000,987,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2015/10/30 04:18:21 | 000,765,440 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2015/10/30 04:17:45 | 000,518,656 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2016/04/02 07:10:55 | 000,000,000 | ---D | M] -- C:\Users\emanu\AppData\Roaming\blue ridge networks
[2016/03/23 04:13:45 | 000,000,000 | ---D | M] -- C:\Users\emanu\AppData\Roaming\calibre
[2016/03/07 15:56:21 | 000,000,000 | ---D | M] -- C:\Users\emanu\AppData\Roaming\DiskDefrag
[2016/03/07 11:42:20 | 000,000,000 | ---D | M] -- C:\Users\emanu\AppData\Roaming\DMCache
[2016/03/30 05:32:04 | 000,000,000 | ---D | M] -- C:\Users\emanu\AppData\Roaming\GlarySoft
[2016/03/22 18:01:56 | 000,000,000 | ---D | M] -- C:\Users\emanu\AppData\Roaming\ProcessLasso
[2016/03/16 10:30:42 | 000,000,000 | ---D | M] -- C:\Users\emanu\AppData\Roaming\QuickScan
[2016/03/16 06:52:10 | 000,000,000 | ---D | M] -- C:\Users\emanu\AppData\Roaming\SMRecorder
[2016/03/25 16:17:41 | 000,000,000 | ---D | M] -- C:\Users\emanu\AppData\Roaming\TechSmith
[2016/02/22 09:52:09 | 000,000,000 | ---D | M] -- C:\Users\emanu\AppData\Roaming\Thunderbird
[2016/04/02 07:01:10 | 000,000,000 | ---D | M] -- C:\Users\emanu\AppData\Roaming\uTorrent
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*.* >
[2015/10/23 15:58:30 | 000,000,003 | ---- | M] () -- C:\5576W10HSL4
[2015/07/10 08:00:31 | 000,395,268 | RHS- | M] () -- C:\bootmgr
[2015/10/30 04:18:34 | 000,000,001 | -HS- | M] () -- C:\BOOTNXT
[2007/11/07 08:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2016/04/02 07:58:36 | 1663,422,464 | -HS- | M] () -- C:\hiberfil.sys
[2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[2007/11/07 08:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2007/11/07 08:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007/11/07 08:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007/11/07 08:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007/11/07 08:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007/11/07 08:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007/11/07 08:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007/11/07 08:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2015/11/18 08:27:22 | 000,029,842 | ---- | M] () -- C:\License.rtf
[2006/12/01 23:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll
[2016/04/02 07:58:37 | 603,979,776 | -HS- | M] () -- C:\pagefile.sys
[2016/02/22 04:58:10 | 000,000,189 | ---- | M] () -- C:\RTL8168.log
[2016/04/02 07:58:37 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2007/11/07 08:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007/11/07 08:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007/11/07 08:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI
 
========== Files - Unicode (All) ==========
[2016/03/30 05:17:45 | 000,016,384 | ---- | M] ()(C:\WINDOWS\SysWow64\??a) -- C:\WINDOWS\SysWow64\��a
[2016/03/30 05:17:44 | 000,016,384 | ---- | C] ()(C:\WINDOWS\SysWow64\??a) -- C:\WINDOWS\SysWow64\��a
[2016/03/27 05:55:17 | 000,016,384 | ---- | M] ()(C:\WINDOWS\SysWow64\???) -- C:\WINDOWS\SysWow64\���
[2016/03/27 05:55:16 | 000,016,384 | ---- | C] ()(C:\WINDOWS\SysWow64\???) -- C:\WINDOWS\SysWow64\���
[2016/03/26 04:53:10 | 000,016,384 | ---- | M] ()(C:\WINDOWS\SysWow64\(??) -- C:\WINDOWS\SysWow64\(��
[2016/03/26 04:53:09 | 000,016,384 | ---- | C] ()(C:\WINDOWS\SysWow64\(??) -- C:\WINDOWS\SysWow64\(��
[2016/03/25 11:12:44 | 000,016,384 | ---- | M] ()(C:\WINDOWS\SysWow64\H?S) -- C:\WINDOWS\SysWow64\H�S
[2016/03/25 11:12:43 | 000,016,384 | ---- | C] ()(C:\WINDOWS\SysWow64\H?S) -- C:\WINDOWS\SysWow64\H�S
 
< End of report >

Edited by xXToffeeXx, 02 April 2016 - 06:46 AM.


#3 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,086 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:02:09 AM

Posted 02 April 2016 - 06:48 AM

Hi ika,
 

I got rid of my operating system to virut virus. I wanted to know if I have to perform some other action to make it all ok.

Do you mean that you reinstalled windows?
 
This scan can take a long time, so it is best done overnight or when you do not need the computer
 
I'd like us to scan your machine with ESET OnlineScan

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives".
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#4 ika

ika
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:10:09 PM

Posted 02 April 2016 - 10:13 AM

Hello xXToffeeXx. Thank you very much for the reply. Here the log.

 

C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application    cleaned by deleting
C:\Program Files (x86)\NCH Software\VideoPad\videopadsetup_v3.88.exe    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application    deleted
C:\Users\emanu\Downloads\MSActBackUp Portable v1.0.8\MSActBackup.exe    a variant of Win32/HackTool.KMSAuto.E potentially unsafe application    cleaned by deleting
 



#5 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,086 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:02:09 AM

Posted 02 April 2016 - 02:39 PM

Hi ika,
 
That scan looked good.
 

I got rid of my operating system to virut virus. I wanted to know if I have to perform some other action to make it all ok.

Do you mean that you reinstalled windows?
 
xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#6 ika

ika
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:10:09 PM

Posted 02 April 2016 - 02:45 PM

Hello. The computer is running right. I don't think that you reinstalling windows. Thanks a lot. Best regards.


#7 ika

ika
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:10:09 PM

Posted 02 April 2016 - 03:39 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by emanu (administrator) on DESKTOP-158NLDR (02-04-2016 17:33:38)
Running from C:\Users\emanu\Desktop
Loaded Profiles: emanu (Available Profiles: emanu)
Platform: Windows 10 Education Version 1511 (X64) Language: Español (México)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Blue Ridge Networks) C:\Program Files (x86)\Blue Ridge Networks\AppGuard\AppGuardAgent.exe
(HP) C:\Windows\System32\HPSIsvc.exe
() C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe
(Raxco Software, Inc.) C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Bitsum LLC) C:\Program Files\Process Lasso\ProcessGovernor.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Bitsum LLC) C:\Program Files\Process Lasso\ProcessLasso.exe
(Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk\PDAgentS1.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Murray Hurps Software Pty Ltd) C:\Program Files (x86)\Ad Muncher\AdMunch.exe
(Murray Hurps Software Pty Ltd) C:\Program Files (x86)\Ad Muncher\AdMunch64.exe
(Blue Ridge Networks) C:\Program Files (x86)\Blue Ridge Networks\AppGuard\AppGuardGUI.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [OutpostMonitor] => C:\Program Files\Agnitum\Outpost Firewall Pro\op_mon.exe [4544208 2015-11-30] (Agnitum Ltd.)
HKLM-x32\...\Run: [Ad Muncher] => C:\Program Files (x86)\Ad Muncher\AdMunch.exe [560760 2016-03-31] (Murray Hurps Software Pty Ltd)
HKLM-x32\...\Run: [AppGuardGUI] => C:\Program Files (x86)\Blue Ridge Networks\AppGuard\AppGuardGUI.exe [1123040 2015-12-06] (Blue Ridge Networks)
HKU\S-1-5-21-902784678-1999700244-2965566074-1002\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [43984 2016-03-20] (Glarysoft Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\O&O Defrag Tray.lnk [2016-03-08]
ShortcutTarget: O&O Defrag Tray.lnk -> C:\Windows\Installer\{A4190743-74A9-430C-99D4-4EEFC762132F}\app_icon.ico ()
BootExecute: autocheck autochk *  PDBoot.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 186.12.238.16 186.12.238.15 192.168.0.1
Tcpip\..\Interfaces\{b0beaa19-6818-48d5-be3b-ea07ea66dfdc}: [DhcpNameServer] 186.12.238.16 186.12.238.15 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-902784678-1999700244-2965566074-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-902784678-1999700244-2965566074-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.oem15.msn.com/?pc=NMTE
HKU\S-1-5-21-902784678-1999700244-2965566074-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.exo.com.ar/bienvenida
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-01-13] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-01-13] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-01-13] (Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-01-13] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-01-13] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-01-13] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-01-13] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\emanu\AppData\Roaming\Mozilla\Firefox\Profiles\pekeoj4h.default
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-22] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Extension: WOT - C:\Users\emanu\AppData\Roaming\Mozilla\Firefox\Profiles\pekeoj4h.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2016-02-22]
FF Extension: NoScript - C:\Users\emanu\AppData\Roaming\Mozilla\Firefox\Profiles\pekeoj4h.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-03-23]
FF Extension: United States English Spellchecker - C:\Users\emanu\AppData\Roaming\Mozilla\Firefox\Profiles\pekeoj4h.default\Extensions\en-US@dictionaries.addons.mozilla.org [2016-03-18]
FF Extension: Diccionario Español Argentina - C:\Users\emanu\AppData\Roaming\Mozilla\Firefox\Profiles\pekeoj4h.default\Extensions\es-AR@dictionaries.addons.mozilla.org [2016-02-22] [not signed]
FF Extension: MEGA - C:\Users\emanu\AppData\Roaming\Mozilla\Firefox\Profiles\pekeoj4h.default\Extensions\firefox@mega.co.nz.xpi [2016-03-22]
FF Extension: Adblock Plus - C:\Users\emanu\AppData\Roaming\Mozilla\Firefox\Profiles\pekeoj4h.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24]
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-19] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [WebProtection@360safe.com] - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox => not found
FF HKU\S-1-5-21-902784678-1999700244-2965566074-1002\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => not found

Chrome:
=======
CHR Profile: C:\Users\emanu\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\emanu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-01]
CHR Extension: (YouTube) - C:\Users\emanu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-01]
CHR Extension: (Búsqueda de Google) - C:\Users\emanu\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-04-01]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\emanu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (Gmail) - C:\Users\emanu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-01]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 acssrv; C:\Program Files\Agnitum\Outpost Firewall Pro\acs.exe [3421008 2015-11-30] (Agnitum Ltd.)
R2 BRN_APPGUARD_SERVICE; C:\Program Files (x86)\Blue Ridge Networks\AppGuard\AppGuardAgent.exe [285920 2015-12-06] (Blue Ridge Networks) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2016-02-22] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Corporation)
S3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [223520 2015-07-10] (Intel Corporation)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1666296 2015-07-30] (O&O Software GmbH)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2016-02-22] (VIA Technologies, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 adgnetworkwfpdrv; C:\Windows\System32\drivers\adgnetworkwfpdrv.sys [60016 2016-02-28] ()
R1 afw; C:\Windows\system32\DRIVERS\afw.sys [52904 2015-07-21] (Agnitum Ltd.)
R3 afwcore; C:\Windows\System32\drivers\afwcore.sys [465072 2015-07-21] (Agnitum Ltd.)
R1 BrnFileLock; c:\windows\system32\drivers\brnfilelock.sys [80272 2016-01-08] (Blue Ridge Networks)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-04-01] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-04-01] (Disc Soft Ltd)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [20160 2016-03-07] (Glarysoft Ltd)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [184608 2015-07-07] (Intel Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2010-03-05] (Marvell Semiconductor, Inc.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [935168 2015-10-09] (Realtek                                            )
R1 SandBox; C:\WINDOWS\system32\drivers\SandBox64.sys [1712168 2015-11-18] (Agnitum Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 pmem; \??\C:\Users\emanu\AppData\Local\Temp\_MEI27402\drivers\winpmem64.sys [X]
U2 QHActiveDefense; "C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe" [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-02 17:26 - 2016-04-02 17:28 - 00000000 ____D C:\AdwCleaner
2016-04-02 17:25 - 2016-04-02 17:26 - 03102720 _____ C:\Users\emanu\Desktop\AdwCleaner.exe
2016-04-02 17:12 - 2016-04-02 17:12 - 04868632 _____ (NCH Software) C:\Users\emanu\Downloads\vppsetup.exe
2016-04-02 12:06 - 2016-04-02 12:06 - 00000934 _____ C:\Users\emanu\Desktop\ESETScan.txt
2016-04-02 10:50 - 2016-04-02 10:51 - 02870984 _____ (ESET) C:\Users\emanu\Desktop\esetsmartinstaller_enu.exe
2016-04-02 08:33 - 2016-04-02 17:23 - 00388608 _____ (Trend Micro Inc.) C:\Users\emanu\Desktop\HijackThis.exe
2016-04-02 08:33 - 2016-04-02 08:34 - 00018494 _____ C:\Users\emanu\Desktop\Addition.txt
2016-04-02 08:32 - 2016-04-02 17:33 - 00014269 _____ C:\Users\emanu\Desktop\FRST.txt
2016-04-02 08:32 - 2016-04-02 17:33 - 00000000 ____D C:\FRST
2016-04-02 08:15 - 2016-04-02 08:15 - 00142650 _____ C:\Users\emanu\Desktop\OTL.Txt
2016-04-02 08:15 - 2016-04-02 08:15 - 00070436 _____ C:\Users\emanu\Desktop\Extras.Txt
2016-04-02 08:03 - 2016-04-02 08:04 - 00602112 _____ (OldTimer Tools) C:\Users\emanu\Desktop\OTL.exe
2016-04-02 07:43 - 2016-04-02 07:44 - 02374144 _____ (Farbar) C:\Users\emanu\Desktop\FRST64.exe
2016-04-02 07:10 - 2016-04-02 07:10 - 00003120 _____ C:\WINDOWS\ULYP5O85.ocx
2016-04-02 07:10 - 2016-04-02 07:10 - 00003120 _____ C:\WINDOWS\system32\JE9I4EW5.ocx
2016-04-02 07:10 - 2016-04-02 07:10 - 00000000 ____D C:\Users\emanu\AppData\Roaming\blue ridge networks
2016-04-02 07:06 - 2016-04-02 07:06 - 00002310 _____ C:\Users\Public\Desktop\AppGuard.lnk
2016-04-02 07:06 - 2016-04-02 07:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Ridge Networks
2016-04-02 07:06 - 2016-04-02 07:06 - 00000000 ____D C:\ProgramData\Blue Ridge Networks
2016-04-02 07:06 - 2016-04-02 07:06 - 00000000 ____D C:\Program Files (x86)\Blue Ridge Networks
2016-04-02 05:02 - 2016-04-02 06:48 - 00000000 ____D C:\ProgramData\HitmanPro.Alert
2016-04-01 05:47 - 2016-04-01 05:47 - 00000000 ____D C:\Users\emanu\AppData\Local\Apps\2.0
2016-04-01 05:38 - 2016-04-01 05:38 - 00000000 ____D C:\Users\emanu\AppData\Local\Disc_Soft_Ltd
2016-04-01 04:20 - 2015-10-30 04:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mobsync.exe
2016-04-01 04:20 - 2015-10-30 04:18 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2016-04-01 04:20 - 2015-10-30 04:18 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2016-04-01 04:20 - 2015-10-30 04:18 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2016-04-01 04:20 - 2015-10-30 04:18 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\runonce.exe
2016-04-01 03:20 - 2016-04-01 03:20 - 00047672 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtliteusbbus.sys
2016-04-01 03:20 - 2016-04-01 03:20 - 00030264 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys
2016-04-01 02:44 - 2016-04-01 02:44 - 00000000 ___HD C:\$Windows.~WS
2016-04-01 02:31 - 2016-04-01 02:31 - 00000000 ____D C:\$WINDOWS.~BT
2016-03-31 15:38 - 2016-02-23 05:05 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-03-31 15:38 - 2015-10-29 23:34 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2016-03-31 14:26 - 2016-03-31 14:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad Muncher
2016-03-31 14:26 - 2016-03-31 14:26 - 00000000 ____D C:\ProgramData\Ad Muncher
2016-03-31 14:26 - 2016-03-31 14:26 - 00000000 ____D C:\Program Files (x86)\Ad Muncher
2016-03-31 04:04 - 2016-03-31 04:42 - 00000000 ____D C:\Users\emanu\AppData\Local\NPE
2016-03-31 03:52 - 2016-03-31 04:03 - 00000000 ____D C:\Users\emanu\AppData\LocalLow\360WD
2016-03-30 20:14 - 2016-03-30 20:14 - 00000500 _____ C:\WINDOWS\system32\.crusader
2016-03-30 05:20 - 2016-03-30 05:20 - 00016384 _____ C:\WINDOWS\SysWOW64\0
2016-03-30 05:17 - 2016-03-30 05:17 - 00016384 _____ C:\WINDOWS\SysWOW64\��a
2016-03-27 11:08 - 2016-03-27 11:08 - 00000000 ____D C:\Users\emanu\AppData\Local\Macromedia
2016-03-27 10:49 - 2016-03-27 10:49 - 00000000 ____D C:\Users\emanu\OneDrive\Documentos\Proyectos VideoPad
2016-03-27 10:47 - 2016-03-31 11:33 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad, software para edición de vídeo.lnk
2016-03-27 10:47 - 2016-03-27 10:55 - 00000000 ____D C:\Users\emanu\AppData\Roaming\NCH Software
2016-03-27 10:47 - 2016-03-27 10:47 - 00000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2016-03-27 10:47 - 2016-03-27 10:47 - 00000000 ____D C:\ProgramData\NCH Software
2016-03-27 10:47 - 2016-03-27 10:47 - 00000000 ____D C:\Program Files (x86)\NCH Software
2016-03-27 05:55 - 2016-03-27 05:55 - 00016384 _____ C:\WINDOWS\SysWOW64\���
2016-03-26 05:04 - 2016-03-26 05:04 - 07187863 _____ C:\Users\emanu\Downloads\HitmanPro.Alert.3.1.8.Build.360.rar
2016-03-26 04:53 - 2016-03-26 04:53 - 00016384 _____ C:\WINDOWS\SysWOW64\(��
2016-03-25 19:57 - 2016-04-02 17:30 - 00000000 ____D C:\Users\emanu\AppData\Local\CrashDumps
2016-03-25 16:17 - 2016-03-25 16:17 - 00000000 ____D C:\Users\emanu\OneDrive\Documentos\Camtasia Studio
2016-03-25 16:17 - 2016-03-25 16:17 - 00000000 ____D C:\Users\emanu\AppData\Roaming\TechSmith
2016-03-25 16:17 - 2016-03-25 16:17 - 00000000 ____D C:\Users\emanu\AppData\Local\TechSmith
2016-03-25 16:15 - 2016-03-25 16:17 - 00000000 ____D C:\ProgramData\TechSmith
2016-03-25 16:15 - 2016-03-25 16:15 - 00001248 _____ C:\Users\Public\Desktop\Camtasia Studio 8.lnk
2016-03-25 16:15 - 2016-03-25 16:15 - 00000000 ____D C:\ProgramData\regid.1995-08.com.techsmith
2016-03-25 16:15 - 2016-03-25 16:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2016-03-25 16:15 - 2016-03-25 16:15 - 00000000 ____D C:\Program Files (x86)\TechSmith
2016-03-25 16:15 - 2016-03-25 16:15 - 00000000 ____D C:\Program Files (x86)\QuickTime
2016-03-25 14:50 - 2016-03-25 14:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-03-25 11:12 - 2016-03-25 11:12 - 00016384 _____ C:\WINDOWS\SysWOW64\H�S
2016-03-24 07:38 - 2016-03-24 07:38 - 00000000 ____D C:\Users\emanu\AppData\Local\ElevatedDiagnostics
2016-03-24 07:35 - 2016-04-02 07:54 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-03-24 07:34 - 2016-03-24 07:34 - 00000000 ____D C:\WINDOWS\pss
2016-03-23 04:12 - 2016-03-23 04:12 - 00000000 ____D C:\Users\emanu\AppData\Local\calibre-cache
2016-03-23 04:11 - 2016-03-23 04:13 - 00000000 ____D C:\Users\emanu\AppData\Roaming\calibre
2016-03-23 04:11 - 2016-03-23 04:11 - 00001006 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2016-03-23 04:10 - 2016-03-23 04:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2016-03-23 04:10 - 2016-03-23 04:11 - 00000000 ____D C:\Program Files\Calibre2
2016-03-22 15:35 - 2016-03-22 15:35 - 00000000 ____D C:\Users\emanu\OneDrive\Documentos\Plantillas personalizadas de Office
2016-03-19 04:25 - 2016-03-19 11:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-03-18 13:55 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\is-EIE21.tmp
2016-03-17 14:51 - 2016-03-17 14:51 - 00000000 ____D C:\ProgramData\GZ
2016-03-16 10:30 - 2016-03-16 10:30 - 00000000 ____D C:\Users\emanu\AppData\Roaming\QuickScan
2016-03-16 06:51 - 2016-03-16 06:52 - 00000000 ____D C:\Users\emanu\AppData\Roaming\SMRecorder
2016-03-16 06:51 - 2016-03-16 06:51 - 00000000 ____D C:\Users\emanu\OneDrive\Documentos\SMRecorder
2016-03-14 05:03 - 2016-03-14 05:03 - 00001821 _____ C:\Users\emanu\AppData\Local\recently-used.xbel
2016-03-14 05:03 - 2016-03-14 05:03 - 00000000 ____D C:\Users\emanu\AppData\Local\gtk-2.0
2016-03-14 05:03 - 2016-03-14 05:03 - 00000000 ____D C:\Users\emanu\.thumbnails
2016-03-14 05:00 - 2016-03-14 05:08 - 00000000 ____D C:\Users\emanu\.gimp-2.8
2016-03-14 05:00 - 2016-03-14 05:00 - 00000000 ____D C:\Users\emanu\AppData\Local\gegl-0.2
2016-03-14 05:00 - 2016-03-14 05:00 - 00000000 ____D C:\Users\emanu\AppData\Local\fontconfig
2016-03-14 04:58 - 2016-03-14 04:58 - 00000946 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2016-03-14 04:58 - 2016-03-14 04:58 - 00000934 _____ C:\Users\Public\Desktop\GIMP 2.lnk
2016-03-14 04:58 - 2016-03-14 04:58 - 00000000 ____D C:\Program Files\GIMP 2
2016-03-12 11:53 - 2016-03-12 11:53 - 00432175 _____ C:\Users\emanu\Downloads\Office_2016.rar
2016-03-12 11:53 - 2015-10-27 22:01 - 00000000 ____D C:\Users\emanu\Downloads\Office 2016 VL to Retail
2016-03-12 10:53 - 2016-03-12 10:53 - 00002729 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-03-12 10:53 - 2016-03-12 10:53 - 00002662 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive para la Empresa.lnk
2016-03-12 10:53 - 2016-03-12 10:53 - 00002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-03-12 10:53 - 2016-03-12 10:53 - 00002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype Empresarial 2016.lnk
2016-03-12 10:53 - 2016-03-12 10:53 - 00002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-03-12 10:53 - 2016-03-12 10:53 - 00002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-03-12 10:53 - 2016-03-12 10:53 - 00002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-03-12 10:53 - 2016-03-12 10:53 - 00002642 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-03-12 10:53 - 2016-03-12 10:53 - 00002628 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-03-12 10:53 - 2016-03-12 10:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office 2016
2016-03-12 10:52 - 2016-03-12 10:52 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-03-12 10:51 - 2016-03-12 10:51 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-03-12 10:51 - 2016-03-12 10:51 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2016-03-12 10:51 - 2016-03-12 10:51 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2016-03-12 10:49 - 2016-03-12 10:49 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2016-03-12 10:49 - 2016-03-12 10:49 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2016-03-12 10:48 - 2016-03-12 10:48 - 00000000 __RHD C:\MSOCache
2016-03-11 14:07 - 2016-03-11 14:09 - 00000000 ____D C:\Users\emanu\Downloads\BluescreenView
2016-03-11 13:28 - 2016-03-30 07:29 - 00000000 ____D C:\WINDOWS\CryptoGuard
2016-03-11 13:05 - 2016-04-01 18:02 - 00000000 ____D C:\WINDOWS\Minidump
2016-03-11 13:04 - 2016-03-11 13:04 - 00000000 ___HD C:\OneDriveTemp
2016-03-10 03:17 - 2016-04-02 07:01 - 00000000 ____D C:\Users\emanu\AppData\Roaming\uTorrent
2016-03-10 03:17 - 2016-03-10 03:17 - 00002691 _____ C:\Users\emanu\Desktop\µTorrent.lnk
2016-03-10 03:17 - 2016-03-10 03:17 - 00002691 _____ C:\Users\emanu\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-03-09 14:04 - 2016-03-09 14:04 - 00000000 ____D C:\Users\emanu\AppData\Roaming\tor
2016-03-09 13:41 - 2016-02-28 00:44 - 00060016 _____ () C:\WINDOWS\system32\Drivers\adgnetworkwfpdrv.sys
2016-03-09 13:19 - 2016-03-09 13:19 - 00000255 _____ C:\WINDOWS\SysWOW64\Drivers\vwifikerneldrv.sys
2016-03-09 13:19 - 2016-02-29 13:26 - 00064112 _____ () C:\WINDOWS\system32\Drivers\adgnetworktdidrv.sys
2016-03-09 13:06 - 2016-03-01 02:31 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-03-09 13:06 - 2016-03-01 02:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-03-09 13:06 - 2016-02-24 06:52 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-03-09 13:06 - 2016-02-24 06:51 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-03-09 13:06 - 2016-02-24 06:48 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-03-09 13:06 - 2016-02-24 06:47 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-03-09 13:06 - 2016-02-24 06:40 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-03-09 13:06 - 2016-02-24 06:34 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-03-09 13:06 - 2016-02-24 06:28 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-03-09 13:06 - 2016-02-24 06:15 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-03-09 13:06 - 2016-02-24 05:58 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-03-09 13:06 - 2016-02-24 05:54 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-03-09 13:06 - 2016-02-24 05:51 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-03-09 13:06 - 2016-02-24 05:50 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-03-09 13:06 - 2016-02-24 05:46 - 06607080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-03-09 13:06 - 2016-02-24 05:43 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-03-09 13:06 - 2016-02-24 05:39 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-03-09 13:06 - 2016-02-24 05:39 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-03-09 13:06 - 2016-02-24 05:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-03-09 13:06 - 2016-02-24 05:14 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-09 13:06 - 2016-02-24 05:11 - 01997152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-03-09 13:06 - 2016-02-24 05:11 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-03-09 13:06 - 2016-02-24 05:11 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-03-09 13:06 - 2016-02-24 05:11 - 00652392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-03-09 13:06 - 2016-02-24 05:11 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-03-09 13:06 - 2016-02-24 05:11 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-03-09 13:06 - 2016-02-24 05:10 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-03-09 13:06 - 2016-02-24 05:10 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-03-09 13:06 - 2016-02-24 05:09 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-03-09 13:06 - 2016-02-24 05:09 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-03-09 13:06 - 2016-02-24 05:06 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-03-09 13:06 - 2016-02-24 04:59 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-03-09 13:06 - 2016-02-24 04:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-03-09 13:06 - 2016-02-24 04:39 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-03-09 13:06 - 2016-02-24 04:38 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-03-09 13:06 - 2016-02-24 04:38 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-03-09 13:06 - 2016-02-24 04:37 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-03-09 13:06 - 2016-02-24 04:36 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-03-09 13:06 - 2016-02-24 04:35 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-03-09 13:06 - 2016-02-24 04:35 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-03-09 13:06 - 2016-02-24 04:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-03-09 13:06 - 2016-02-24 04:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-03-09 13:06 - 2016-02-24 04:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-03-09 13:06 - 2016-02-24 04:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-03-09 13:06 - 2016-02-24 04:28 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-03-09 13:06 - 2016-02-24 04:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-03-09 13:06 - 2016-02-24 04:23 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-03-09 13:06 - 2016-02-24 04:22 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-03-09 13:06 - 2016-02-24 04:20 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-03-09 13:06 - 2016-02-24 04:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-03-09 13:06 - 2016-02-24 04:20 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-03-09 13:06 - 2016-02-24 04:19 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-03-09 13:06 - 2016-02-24 04:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-03-09 13:06 - 2016-02-24 04:15 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-03-09 13:06 - 2016-02-24 04:14 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-03-09 13:06 - 2016-02-24 04:13 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-03-09 13:06 - 2016-02-24 04:12 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-03-09 13:06 - 2016-02-24 04:12 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-03-09 13:06 - 2016-02-24 04:10 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-03-09 13:06 - 2016-02-24 04:09 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-03-09 13:06 - 2016-02-24 04:09 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-03-09 13:06 - 2016-02-24 04:07 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-03-09 13:06 - 2016-02-24 04:05 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-03-09 13:06 - 2016-02-24 04:03 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-03-09 13:06 - 2016-02-24 04:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-03-09 13:06 - 2016-02-24 04:01 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-03-09 13:06 - 2016-02-24 04:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-03-09 13:06 - 2016-02-24 04:01 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-03-09 13:06 - 2016-02-24 04:00 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-03-09 13:06 - 2016-02-24 03:59 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-03-09 13:06 - 2016-02-24 03:59 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-03-09 13:06 - 2016-02-24 03:55 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-03-09 13:06 - 2016-02-24 03:55 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-03-09 13:06 - 2016-02-24 03:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-03-09 13:06 - 2016-02-24 03:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-03-09 13:06 - 2016-02-24 03:54 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-03-09 13:06 - 2016-02-24 03:54 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-03-09 13:06 - 2016-02-24 03:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-03-09 13:06 - 2016-02-24 03:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-03-09 13:06 - 2016-02-24 03:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-03-09 13:06 - 2016-02-24 03:52 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-03-09 13:06 - 2016-02-24 03:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-03-09 13:06 - 2016-02-24 03:49 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-03-09 13:06 - 2016-02-24 03:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-03-09 13:06 - 2016-02-24 03:44 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-03-09 13:06 - 2016-02-24 03:44 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-03-09 13:06 - 2016-02-24 03:44 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-03-09 13:06 - 2016-02-24 03:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-03-09 13:06 - 2016-02-24 03:43 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-03-09 13:06 - 2016-02-24 03:43 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-03-09 13:06 - 2016-02-24 03:41 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-03-09 13:06 - 2016-02-24 03:41 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-03-09 13:06 - 2016-02-24 03:40 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-03-09 13:06 - 2016-02-24 03:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-03-09 13:06 - 2016-02-24 03:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-03-09 13:06 - 2016-02-24 03:39 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-03-09 13:06 - 2016-02-24 03:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-03-09 13:06 - 2016-02-24 03:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-03-09 13:06 - 2016-02-24 03:36 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-03-09 13:06 - 2016-02-24 03:34 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-03-09 13:06 - 2016-02-24 03:34 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-03-09 13:06 - 2016-02-24 03:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-03-09 13:06 - 2016-02-24 03:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-03-09 13:06 - 2016-02-24 03:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-03-09 13:06 - 2016-02-24 03:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-03-09 13:06 - 2016-02-24 03:28 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-03-09 13:06 - 2016-02-24 03:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-03-09 13:06 - 2016-02-24 03:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-03-09 13:06 - 2016-02-24 03:25 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-03-09 13:06 - 2016-02-24 03:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-03-09 13:06 - 2016-02-24 03:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2016-03-09 13:06 - 2016-02-24 03:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-03-09 13:06 - 2016-02-24 03:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-03-09 13:06 - 2016-02-24 03:18 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-03-09 13:06 - 2016-02-24 03:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-03-09 13:06 - 2016-02-24 03:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-03-09 13:06 - 2016-02-24 03:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-03-09 13:06 - 2016-02-24 03:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-03-09 13:06 - 2016-02-24 03:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-03-09 13:06 - 2016-02-24 03:11 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-03-09 13:06 - 2016-02-24 03:09 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-03-09 13:06 - 2016-02-24 03:09 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-03-09 13:06 - 2016-02-24 03:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-03-09 13:06 - 2016-02-24 03:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-03-09 13:06 - 2016-02-24 03:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-03-09 13:06 - 2016-02-24 03:07 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-03-09 13:06 - 2016-02-24 03:07 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-03-09 13:06 - 2016-02-24 03:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-03-09 13:06 - 2016-02-24 03:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-03-09 13:06 - 2016-02-24 03:01 - 01831936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-09 13:06 - 2016-02-24 03:00 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-03-09 13:06 - 2016-02-24 03:00 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-03-09 13:06 - 2016-02-24 02:57 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-09 13:06 - 2016-02-24 02:55 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-09 13:06 - 2016-02-24 02:43 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-03-09 13:06 - 2016-02-24 02:34 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-03-09 13:06 - 2016-02-24 02:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-03-09 13:06 - 2016-02-24 02:20 - 22376960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-03-09 13:06 - 2016-02-24 02:18 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-03-09 13:06 - 2016-02-24 02:12 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-03-09 13:06 - 2016-02-24 02:12 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-03-09 13:06 - 2016-02-24 02:10 - 24600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-03-09 13:06 - 2016-02-24 02:09 - 06972416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-09 13:06 - 2016-02-24 02:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-03-09 13:06 - 2016-02-24 02:03 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-09 13:06 - 2016-02-24 01:59 - 05661696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-03-09 13:06 - 2016-02-24 01:59 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tsusbhub.sys
2016-03-09 13:06 - 2016-02-24 01:55 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-03-09 13:05 - 2016-02-24 04:35 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-03-09 13:05 - 2016-02-24 04:31 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-03-09 13:05 - 2016-02-24 03:59 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-03-09 13:05 - 2016-02-24 03:58 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-03-09 13:05 - 2016-02-24 03:51 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-03-09 13:05 - 2016-02-24 03:47 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-03-08 16:56 - 2016-03-08 16:56 - 00000000 ____D C:\Users\emanu\AppData\Local\O&O
2016-03-08 16:55 - 2016-03-08 18:05 - 00000000 ____D C:\WINDOWS\system32\oodag
2016-03-08 16:55 - 2016-03-08 16:55 - 00002513 _____ C:\Users\Public\Desktop\O&O Defrag.lnk
2016-03-08 16:55 - 2016-03-08 16:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software
2016-03-08 16:55 - 2016-03-08 16:55 - 00000000 ____D C:\Program Files\OO Software
2016-03-08 16:53 - 2016-03-08 16:54 - 28904184 _____ (O&O Software GmbH) C:\Users\emanu\Downloads\OODefrag18Professional64Enu.exe
2016-03-08 16:51 - 2016-03-08 16:51 - 00000000 ____D C:\ProgramData\OO Software
2016-03-07 15:56 - 2016-04-01 17:55 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5
2016-03-07 15:56 - 2016-03-30 05:32 - 00000000 ____D C:\Users\emanu\AppData\Roaming\GlarySoft
2016-03-07 15:56 - 2016-03-21 14:54 - 00003396 _____ C:\WINDOWS\System32\Tasks\GlaryInitialize 5
2016-03-07 15:56 - 2016-03-21 14:54 - 00003042 _____ C:\WINDOWS\System32\Tasks\GU5SkipUAC
2016-03-07 15:56 - 2016-03-21 14:54 - 00001168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2016-03-07 15:56 - 2016-03-21 14:54 - 00001156 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2016-03-07 15:56 - 2016-03-07 15:56 - 00020160 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys
2016-03-07 15:56 - 2016-03-07 15:56 - 00000000 ____D C:\Users\emanu\AppData\Roaming\DiskDefrag
2016-03-07 15:56 - 2016-03-07 15:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2016-03-07 06:48 - 2016-04-02 07:12 - 00000000 ____D C:\Users\emanu\Downloads\Compressed
2016-03-07 06:48 - 2016-03-07 11:41 - 00000000 ____D C:\Users\emanu\Downloads\Video
2016-03-07 06:47 - 2016-03-07 11:42 - 00000000 ____D C:\Users\emanu\AppData\Roaming\DMCache
2016-03-07 06:44 - 2016-03-07 06:44 - 09107294 _____ C:\Users\emanu\Downloads\6.25.12.rar
2016-03-06 18:03 - 2015-12-09 00:39 - 00301728 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-03-06 17:38 - 2016-03-06 17:38 - 00000000 ____D C:\ProgramData\ESET
2016-03-06 17:38 - 2016-03-06 17:38 - 00000000 ____D C:\Program Files\ESET
2016-03-05 09:51 - 2016-03-05 09:51 - 00000000 ____D C:\ProgramData\LGE
2016-03-05 09:51 - 2016-03-05 09:51 - 00000000 ____D C:\ProgramData\HTC
2016-03-05 07:08 - 2016-03-05 07:08 - 00154245 _____ C:\Users\emanu\Downloads\vcREG_1_2_W10.xap
2016-03-05 06:53 - 2016-03-05 06:53 - 00075066 _____ C:\Users\emanu\Downloads\WPSystem_Folder_Unlocker_Release_ARM.zip
2016-03-05 06:53 - 2016-03-05 06:53 - 00000000 ____D C:\Users\emanu\Downloads\Assets
2016-03-05 06:53 - 2014-11-17 08:29 - 00001007 _____ C:\Users\emanu\Downloads\MDILProjectFiles.xml
2016-03-05 06:53 - 2014-11-17 08:21 - 00003328 _____ C:\Users\emanu\Downloads\resources.pri
2016-03-05 06:53 - 2014-11-17 08:21 - 00003149 _____ C:\Users\emanu\Downloads\AppxManifest.xml
2016-03-05 06:53 - 2014-11-16 21:57 - 00002026 _____ C:\Users\emanu\Downloads\WMAppManifest.xml
2016-03-05 06:53 - 2014-11-16 21:57 - 00000405 _____ C:\Users\emanu\Downloads\AppManifest.xaml
2016-03-05 06:30 - 2016-03-05 06:30 - 00518040 _____ C:\Users\emanu\Downloads\CustomWPSystem_0700.xap
2016-03-05 06:20 - 2015-01-02 21:54 - 00446702 _____ C:\Users\emanu\Downloads\CustomWPSystem_0500.xap
2016-03-05 06:20 - 2015-01-02 21:43 - 00318549 _____ C:\Users\emanu\Downloads\CustomPFD_0003.xap
2016-03-05 06:05 - 2016-03-05 06:05 - 00538257 _____ C:\Users\emanu\Downloads\CustomPFD_0600(1).xap
2016-03-05 06:04 - 2016-03-05 06:05 - 00141991 _____ C:\Users\emanu\Downloads\vcREG_1_5_W10M(1).xap
2016-03-05 05:33 - 2016-03-06 20:48 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-03-05 05:33 - 2016-03-05 05:33 - 00000000 ____D C:\Program Files (x86)\Windows Phone Silverlight Kits
2016-03-05 05:32 - 2016-03-05 07:48 - 00000000 ____D C:\Program Files (x86)\Windows Phone Kits
2016-03-05 05:32 - 2016-03-05 05:34 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2016-03-05 05:32 - 2016-03-05 05:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2016-03-05 05:32 - 2016-03-05 05:32 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-03-05 05:32 - 2016-03-05 05:32 - 00000000 ____D C:\Program Files (x86)\Microsoft XDE
2016-03-05 05:30 - 2016-03-05 05:30 - 00448787 _____ C:\Users\emanu\Downloads\CustomWPSystem_0601.xap
2016-03-05 05:30 - 2016-03-05 05:30 - 00099868 _____ C:\Users\emanu\Downloads\vcREG_MIX_RADIO_bootstrap.xap
2016-03-05 05:27 - 2016-03-05 05:28 - 98721222 _____ C:\Users\emanu\Downloads\WP8.1 SDK Tools Lite Setup Av1.00.zip
2016-03-04 06:26 - 2016-04-02 17:10 - 00000000 ____D C:\Users\emanu\AppData\Roaming\vlc
2016-03-03 08:52 - 2016-03-03 08:52 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-03-03 08:52 - 2016-03-03 08:52 - 00000000 ____D C:\Users\emanu\AppData\Local\CEF
2016-03-03 08:51 - 2016-03-09 19:57 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-03-03 08:51 - 2016-03-03 08:51 - 00002131 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-03-03 08:51 - 2016-03-03 08:51 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-03-03 08:50 - 2016-03-03 08:53 - 00000000 ____D C:\ProgramData\Adobe
2016-03-03 08:49 - 2016-03-27 11:08 - 00000000 ____D C:\Users\emanu\AppData\Local\Adobe
2016-03-03 08:48 - 2016-03-03 08:48 - 00000000 __SHD C:\WINDOWS\ftpcache
2016-03-03 08:48 - 2016-03-03 08:48 - 00000000 ____D C:\Users\emanu\AppData\Roaming\Macromedia
2016-03-03 08:47 - 2016-03-03 08:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-03-03 08:47 - 2010-04-07 10:04 - 00127800 _____ (HP) C:\WINDOWS\system32\HPSIsvc.exe
2016-03-03 08:44 - 2016-03-03 08:44 - 00000000 ____D C:\Program Files\HP
2016-03-03 08:44 - 2010-03-04 20:03 - 00350720 _____ C:\WINDOWS\system32\mvhlewsi.dll
2016-03-03 08:44 - 2010-03-04 16:56 - 01695232 _____ C:\WINDOWS\system32\HP1100SM.EXE
2016-03-03 08:44 - 2010-03-04 16:56 - 00289280 _____ C:\WINDOWS\system32\HP1100LM.DLL
2016-03-03 08:43 - 2010-03-05 20:40 - 00055296 _____ C:\WINDOWS\system32\HP1100SMs.dll
2016-03-03 06:40 - 2016-03-03 06:40 - 00299520 _____ C:\Users\emanu\Downloads\WPV XAP Deployer 2.0.7z
2016-03-03 05:52 - 2016-03-03 05:52 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-03-03 05:43 - 2016-03-03 05:43 - 00538257 _____ C:\Users\emanu\Downloads\CustomPFD_0600.xap
2016-03-03 05:42 - 2016-03-03 05:42 - 00141991 _____ C:\Users\emanu\Downloads\vcREG_1_5_W10M.xap

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-02 17:33 - 2016-02-22 15:28 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-02 17:33 - 2016-02-22 10:10 - 00000708 _____ C:\WINDOWS\system32\config\afw_hm.conf
2016-04-02 17:33 - 2016-02-22 10:10 - 00000004 _____ C:\WINDOWS\system32\config\afw_db.conf
2016-04-02 17:33 - 2016-02-22 10:06 - 00021652 _____ C:\WINDOWS\system32\config\rules.rdb
2016-04-02 17:31 - 2016-02-22 15:28 - 00001126 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-02 17:30 - 2016-02-22 07:26 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-04-02 17:30 - 2016-01-19 18:22 - 00000000 __SHD C:\Users\emanu\IntelGraphicsProfiles
2016-04-02 17:29 - 2016-02-22 07:38 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-02 17:29 - 2015-10-30 03:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-04-02 16:17 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-02 12:03 - 2015-02-15 12:04 - 00000000 ____D C:\Users\emanu\Downloads\MSActBackUp Portable v1.0.8
2016-04-01 17:04 - 2016-02-22 12:56 - 00000000 ____D C:\Program Files\CCleaner
2016-04-01 16:06 - 2016-02-22 07:30 - 00000000 ____D C:\Users\emanu
2016-04-01 15:37 - 2015-10-23 11:32 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-01 15:36 - 2016-02-29 09:49 - 00025663 _____ C:\WINDOWS\ZAM.krnl.trace
2016-04-01 15:34 - 2016-02-29 09:49 - 00000119 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2016-04-01 14:42 - 2015-10-30 04:21 - 00000000 ____D C:\WINDOWS\INF
2016-04-01 13:24 - 2015-10-30 04:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-01 09:17 - 2016-02-12 05:17 - 00000000 ____D C:\Users\emanu\Downloads\image
2016-04-01 05:20 - 2015-10-30 04:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-01 03:47 - 2016-02-22 10:20 - 00000000 ___DC C:\WINDOWS\Panther
2016-04-01 02:33 - 2015-10-23 11:48 - 00013906 _____ C:\WINDOWS\diagwrn.xml
2016-04-01 02:33 - 2015-10-23 11:48 - 00012044 _____ C:\WINDOWS\diagerr.xml
2016-03-31 08:56 - 2016-02-22 11:25 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-03-31 08:38 - 2016-02-22 11:25 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-03-31 07:47 - 2016-01-19 18:54 - 00000000 ____D C:\Users\emanu\Downloads\MSAct Plus v1.0.5
2016-03-31 03:02 - 2015-07-10 08:04 - 00000219 _____ C:\WINDOWS\system.ini
2016-03-30 19:21 - 2016-02-22 18:40 - 00000000 ____D C:\Program Files (x86)\Hard Disk Sentinel
2016-03-30 17:34 - 2016-02-22 15:29 - 00002277 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-30 17:34 - 2016-02-22 15:29 - 00002265 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-30 15:35 - 2015-10-30 15:49 - 00780224 _____ C:\WINDOWS\system32\perfh00A.dat
2016-03-30 15:35 - 2015-10-30 15:49 - 00150820 _____ C:\WINDOWS\system32\perfc00A.dat
2016-03-30 15:35 - 2015-10-20 18:51 - 01758276 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-29 15:08 - 2016-02-22 04:41 - 00000000 ____D C:\Users\emanu\AppData\Local\Packages
2016-03-25 19:55 - 2016-02-22 05:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-25 11:14 - 2016-02-29 09:49 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2016-03-25 11:09 - 2015-10-30 04:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-03-25 11:09 - 2015-10-30 03:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-03-25 11:07 - 2016-02-22 11:24 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2016-03-25 08:06 - 2016-02-22 10:17 - 00000000 ____D C:\Windows.old
2016-03-25 07:14 - 2016-02-22 08:50 - 00000000 ____D C:\Users\Default.migrated
2016-03-24 18:12 - 2016-02-22 09:17 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-03-24 18:12 - 2016-02-22 09:17 - 00000000 ____D C:\Users\emanu\AppData\Roaming\Skype
2016-03-24 18:12 - 2016-02-22 09:17 - 00000000 ____D C:\ProgramData\Skype
2016-03-22 18:01 - 2016-02-23 08:41 - 00000000 ____D C:\Users\emanu\AppData\Roaming\ProcessLasso
2016-03-22 18:01 - 2016-02-23 08:40 - 00000000 ____D C:\Program Files\Process Lasso
2016-03-22 11:10 - 2016-02-22 12:57 - 00000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-03-21 14:54 - 2015-10-23 11:30 - 00000923 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-03-21 02:52 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-03-16 10:23 - 2016-02-22 07:22 - 00341368 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-16 10:20 - 2016-02-22 09:57 - 00000000 ____D C:\ProgramData\Panda Security
2016-03-12 10:53 - 2015-10-30 15:56 - 00000000 ____D C:\WINDOWS\ShellNew
2016-03-12 10:53 - 2015-10-30 04:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-03-12 10:52 - 2015-10-30 04:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-03-12 10:51 - 2016-02-22 09:32 - 00000000 ____D C:\Program Files\Microsoft Office
2016-03-12 10:49 - 2015-10-30 04:24 - 00000000 ____D C:\Program Files\Common Files\System
2016-03-12 10:49 - 2015-07-10 08:04 - 00000167 _____ C:\WINDOWS\win.ini
2016-03-12 10:48 - 2015-10-20 19:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-03-11 18:03 - 2016-02-22 04:43 - 00002370 _____ C:\Users\emanu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-03-11 18:03 - 2016-01-19 18:25 - 00000000 ___RD C:\Users\emanu\OneDrive
2016-03-10 12:07 - 2015-10-30 04:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-10 12:07 - 2015-10-30 04:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-10 12:07 - 2015-10-30 04:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-10 12:07 - 2015-10-30 04:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-09 13:23 - 2016-02-22 13:14 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-03-09 13:20 - 2016-02-22 13:14 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-03-09 04:46 - 2016-02-27 14:37 - 00000000 ____D C:\Users\emanu\Desktop\Tor Browser
2016-03-08 04:12 - 2016-02-22 08:04 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-03-08 04:12 - 2016-02-22 08:04 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-06 20:43 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\registration
2016-03-06 17:59 - 2016-02-29 14:37 - 00056704 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2016-03-03 08:52 - 2016-02-22 04:41 - 00000000 ____D C:\Users\emanu\AppData\Roaming\Adobe

==================== Files in the root of some directories =======

2016-03-14 05:03 - 2016-03-14 05:03 - 0001821 _____ () C:\Users\emanu\AppData\Local\recently-used.xbel

Some files in TEMP:
====================
C:\Users\emanu\AppData\Local\Temp\avgnt.exe
C:\Users\emanu\AppData\Local\Temp\libeay32.dll
C:\Users\emanu\AppData\Local\Temp\msvcr120.dll
C:\Users\emanu\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-04-02 08:16

==================== End of FRST.txt ============================



#8 ika

ika
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:10:09 PM

Posted 02 April 2016 - 03:47 PM

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 5:46:24 p. m., on 2/4/2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)

FIREFOX: 45.0.1 (x86 es-AR)
Boot mode: Normal

Running processes:
C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files (x86)\Ad Muncher\AdMunch.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\emanu\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.oem15.msn.com/?pc=NMTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL
O4 - HKLM\..\Run: [Ad Muncher] "C:\Program Files (x86)\Ad Muncher\AdMunch.exe" /bt
O4 - HKLM\..\Run: [AppGuardGUI] C:\Program Files (x86)\Blue Ridge Networks\AppGuard\AppGuardGUI.exe
O4 - HKCU\..\Run: [GUDelayStartup] "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: O&O Defrag Tray.lnk = ?
O8 - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~1\MICROS~1\Office16\ONBttnIE.dll/105
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office16\EXCEL.EXE/3000
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: @%CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: @%CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\AJRouter.dll,-2 (AJRouter) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\AppReadiness.dll,-1000 (AppReadiness) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\appxdeploymentserver.dll,-1 (AppXSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\AudioEndpointBuilder.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Blue Ridge AppGuard Service (BRN_APPGUARD_SERVICE) - Blue Ridge Networks - C:\Program Files (x86)\Blue Ridge Networks\AppGuard\AppGuardAgent.exe
O23 - Service: @%windir%\system32\bisrv.dll,-100 (BrokerInfrastructure) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\BthHFSrv.dll,-103 (BthHFSrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ClipSVC.dll,-103 (ClipSVC) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\coremessaging.dll,-1 (CoreMessagingRegistrar) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @combase.dll,-5012 (DcomLaunch) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dcpsvc.dll,-3001 (DcpSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\das.dll,-100 (DeviceAssociationService) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (DeviceInstall) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\DevQueryBroker.dll,-100 (DevQueryBroker) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\diagtrack.dll,-3001 (DiagTrack) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%systemroot%\system32\Windows.Internal.Management.dll,-100 (DmEnrollmentSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dmwappushsvc.dll,-200 (dmwappushservice) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dosvc.dll,-100 (DoSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\DeviceSetupManager.dll,-1000 (DsmSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dssvc.dll,-10003 (DsSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (Eaphost) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\embeddedmodesvc.dll,-200 (embeddedmode) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @EnterpriseAppMgmtSvc.dll,-1 (EntAppSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (EventLog) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fhsvc.dll,-101 (fhsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Google Update Servicio (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Servicio (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\WINDOWS\system32\HPSIsvc.exe (file missing)
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\System32\tetheringservice.dll,-4097 (icssvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel® HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Intel® Capability Licensing Service TCP IP Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel® Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Intel® Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\lfsvc.dll,-1 (lfsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\licensemanagersvc.dll,-200 (LicenseManager) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: @%windir%\system32\lsm.dll,-1001 (LSM) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\moshost.dll,-100 (MapsBroker) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\MessagingService.dll,-100 (MessagingService) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: MessagingService_12835a - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: MessagingService_1e877d - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: MessagingService_34e42 - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: MessagingService_3a320 - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: MessagingService_4d686 - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: MessagingService_52a14 - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: MessagingService_62cde - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: MessagingService_6c737 - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: MessagingService_721a0 - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: MessagingService_78ade - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: MessagingService_da470 - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: MessagingService_dcc12 - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\WINDOWS\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\ncasvc.dll,-3009 (NcaSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ncbservice.dll,-500 (NcbService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\NcdAutoSetup.dll,-100 (NcdAutoSetup) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofmsvc.dll,-202 (netprofm) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\NetSetupSvc.dll,-3 (NetSetupSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\NgcCtnrSvc.dll,-1 (NgcCtnrSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\APHostRes.dll,-10002 (OneSyncSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Sincronizar host_12835a (OneSyncSvc_12835a) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Sincronizar host_1e877d (OneSyncSvc_1e877d) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Sincronizar host_34e42 (OneSyncSvc_34e42) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Sincronizar host_3a320 (OneSyncSvc_3a320) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Sincronizar host_4d686 (OneSyncSvc_4d686) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Sincronizar host_52a14 (OneSyncSvc_52a14) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Sincronizar host_62cde (OneSyncSvc_62cde) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Sincronizar host_6c737 (OneSyncSvc_6c737) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Sincronizar host_721a0 (OneSyncSvc_721a0) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Sincronizar host_78ade (OneSyncSvc_78ade) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Sincronizar host_da470 (OneSyncSvc_da470) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: O&O Defrag (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe
O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\WINDOWS\SysWow64\perfhost.exe
O23 - Service: @%SystemRoot%\system32\PhoneserviceRes.dll,-10000 (PhoneSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\UserDataAccessRes.dll,-15001 (PimIndexMaintenanceSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Datos de los contactos_12835a (PimIndexMaintenanceSvc_12835a) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Datos de los contactos_1e877d (PimIndexMaintenanceSvc_1e877d) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Datos de los contactos_34e42 (PimIndexMaintenanceSvc_34e42) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Datos de los contactos_3a320 (PimIndexMaintenanceSvc_3a320) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Datos de los contactos_4d686 (PimIndexMaintenanceSvc_4d686) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Datos de los contactos_52a14 (PimIndexMaintenanceSvc_52a14) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Datos de los contactos_62cde (PimIndexMaintenanceSvc_62cde) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Datos de los contactos_6c737 (PimIndexMaintenanceSvc_6c737) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Datos de los contactos_721a0 (PimIndexMaintenanceSvc_721a0) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Datos de los contactos_78ade (PimIndexMaintenanceSvc_78ade) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Datos de los contactos_da470 (PimIndexMaintenanceSvc_da470) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-200 (PlugPlay) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll,-1 (PrintNotify) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\RDXService.dll,-256 (RetailDemo) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @combase.dll,-5010 (RpcSs) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ScDeviceEnum.dll,-100 (ScDeviceEnum) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\sensorservice.dll,-1000 (SensorService) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\System32\smphost.dll,-102 (smphost) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SmsRouterSvc.dll,-10001 (SmsRouter) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\windows.staterepository.dll,-1 (StateRepository) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\svsvc.dll,-101 (svsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%windir%\system32\SystemEventsBrokerServer.dll,-1001 (SystemEventsBroker) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\tileobjserver.dll,-1 (tiledatamodelsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%windir%\system32\TimeBrokerServer.dll,-1001 (TimeBroker) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\WINDOWS\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\UserDataAccessRes.dll,-10003 (UnistoreSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Almacenamiento de datos de usuarios_12835a (UnistoreSvc_12835a) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Almacenamiento de datos de usuarios_1e877d (UnistoreSvc_1e877d) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Almacenamiento de datos de usuarios_34e42 (UnistoreSvc_34e42) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Almacenamiento de datos de usuarios_3a320 (UnistoreSvc_3a320) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Almacenamiento de datos de usuarios_4d686 (UnistoreSvc_4d686) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Almacenamiento de datos de usuarios_52a14 (UnistoreSvc_52a14) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Almacenamiento de datos de usuarios_62cde (UnistoreSvc_62cde) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Almacenamiento de datos de usuarios_6c737 (UnistoreSvc_6c737) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Almacenamiento de datos de usuarios_721a0 (UnistoreSvc_721a0) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Almacenamiento de datos de usuarios_78ade (UnistoreSvc_78ade) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Almacenamiento de datos de usuarios_da470 (UnistoreSvc_da470) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\UserDataAccessRes.dll,-14001 (UserDataSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Acceso a datos de usuarios_12835a (UserDataSvc_12835a) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Acceso a datos de usuarios_1e877d (UserDataSvc_1e877d) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Acceso a datos de usuarios_34e42 (UserDataSvc_34e42) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Acceso a datos de usuarios_3a320 (UserDataSvc_3a320) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Acceso a datos de usuarios_4d686 (UserDataSvc_4d686) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Acceso a datos de usuarios_52a14 (UserDataSvc_52a14) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Acceso a datos de usuarios_62cde (UserDataSvc_62cde) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Acceso a datos de usuarios_6c737 (UserDataSvc_6c737) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Acceso a datos de usuarios_721a0 (UserDataSvc_721a0) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Acceso a datos de usuarios_78ade (UserDataSvc_78ade) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Acceso a datos de usuarios_da470 (UserDataSvc_da470) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\usermgr.dll,-100 (UserManager) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\usocore.dll,-102 (UsoSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @oem9.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\WINDOWS\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\icsvc.dll,-801 (vmicguestinterface) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\icsvc.dll,-101 (vmicheartbeat) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\icsvc.dll,-201 (vmickvpexchange) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\icsvc.dll,-601 (vmicrdv) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\icsvc.dll,-301 (vmicshutdown) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\icsvc.dll,-401 (vmictimesync) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\icsvc.dll,-901 (vmicvmsession) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\icsvc.dll,-501 (vmicvss) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\WalletService.dll,-1000 (WalletService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wcmsvc.dll,-4097 (Wcmsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wephostsvc.dll,-100 (WEPHOSTSVC) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiarpc.dll,-2 (WiaRpc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (WlanSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wlidsvc.dll,-100 (wlidsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\workfolderssvc.dll,-102 (workfolderssvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpnservice.dll,-1 (WpnService) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\WINDOWS\system32\SearchIndexer.exe
O23 - Service: @%SystemRoot%\system32\WSService.dll,-103 (WSService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Windows Update (wuauserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\XblAuthManager.dll,-100 (XblAuthManager) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\XblGameSave.dll,-100 (XblGameSave) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\XboxNetApiSvc.dll,-100 (XboxNetApiSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

--
End of file - 37774 bytes
 



#9 ika

ika
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:10:09 PM

Posted 03 April 2016 - 12:36 AM

I already reinstalled the operating system. Issue solved.
Thanks a lot.
Best regards.


#10 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,086 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:02:09 AM

Posted 04 April 2016 - 09:36 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users