Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Ip blacklisted


  • Please log in to reply
6 replies to this topic

#1 leonardotorres

leonardotorres

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:06 AM

Posted 17 August 2016 - 11:24 AM

Today I found out that my ip is blacklisted in 4 different sites, I noticed because I cant access any Psn service because of this, please guys Im in panic mode I dont know what to do
 
Mxtoolbox reports that Im listed on the following:
 
    On CBL
    On Spamhaus ZEN
    On ivmSIP
    On Protected Sky
 
Is it serious, should I panic??
 
will I be ever be able to use my ps4? because my isp wont change my ip no matter what
 
 
here i the log
 
 
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Leonardo on 17/08/2016 at 11:30:31,27.
Microsoft Windows 10 Pro 10.0.10586  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Leonardo\Desktop\zoek.exe [Scan all users]   [Deep Scan] 
 
==== Older Logs ======================
 
C:\zoek-results2016-08-17-061048.log 37017 bytes
C:\zoek-results2016-08-17-063128.log 36968 bytes
C:\zoek-results2016-08-17-162919.log 78954 bytes
 
==== Running Processes ======================
 
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Popcorn Time\Updater.exe
C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\PixArt\PAP7501\GUCI_AVS.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Leonardo\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\Leonardo\AppData\Local\Discord\app-0.0.295\Discord.exe
C:\Users\Leonardo\AppData\Local\Discord\app-0.0.295\Discord.exe
C:\Users\Leonardo\AppData\Local\MEGAsync\MEGAsync.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Leonardo\AppData\Local\Discord\app-0.0.295\Discord.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Users\Leonardo\Desktop\zoek.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe
 
==== System Specs ======================
 
Windows: Windows Version 6.2 (Build 9200)
Memory (RAM): 16260 MB
CPU Info: Intel® Core™ i3-4160 CPU @ 3.60GHz
CPU Speed: 3598,0 MHz
Sound Card: LG TV-8 (NVIDIA High Definition | 
Altavoces (Realtek High Definit | 
Display Adapters: NVIDIA GeForce GTX 950 | NVIDIA GeForce GTX 950 | NVIDIA GeForce GTX 950 | NVIDIA GeForce GTX 950 | Intel® HD Graphics 4400 | Intel® HD Graphics 4400
Monitors: 2x; Generic PnP Monitor | Generic PnP Monitor | 
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: Realtek PCIe GBE Family Controller
CD / DVD Drives: 3x (E: | F: | G: | ) E: ATAPI   iHAS424   B      | F: ATAPI   iHBS312   2      | G:
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 16 Button Wheel Mouse Present
Hard Disks: C:  223,1GB | D:  149,0GB
Hard Disks - Free: C:  110,8GB | D:  82,1GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 07/04/14 | ALASKA - 1072009
Time Zone: Hora est. Pacífico, Sudamérica
Motherboard *: Gigabyte Technology Co., Ltd. H81M-H
Country: Espa¤a 
Language: ESN 
 
==== System Specs (Software) ======================
 
Internet Explorer Version: 11.545.10586.0 
Google Chrome version: 52.0.2743.116
Sun Java version: 1.8.0_101 (32-bit) 
Sun Java version: 1.8.0_101 (64-bit) 
Flash Player version: 22.0.0.209
 
==== Files Recently Created / Modified ======================
 
====== C:\WINDOWS ====
====== C:\Users\Leonardo\AppData\Local\Temp ====
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
2016-08-10 03:15:55 6A85D494B213A6D0DD225D1E4A5575CB 2180096 ----a-w- C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-08-10 03:15:55 5E6CDE8BF64ED54240C56C7D79749835 48128 ----a-w- C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-08-10 03:15:55 2DF357BB5F7F38511A061DCD5249AFBF 48640 ----a-w- C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-08-10 03:15:54 A37F57E7D0C221456DB827B06B7AFC10 12585984 ----a-w- C:\WINDOWS\SysWOW64\wmp.dll
2016-08-10 03:15:52 F4B7E20FF3CB74AE9D980FA3F0B8B210 84832 ----a-w- C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-08-10 03:15:52 393B5F91D15E12837F8B64E626691444 4078080 ----a-w- C:\WINDOWS\SysWOW64\dbgeng.dll
2016-08-10 03:15:52 1AF2375F21C2CBE38BC63CB482D2006C 501592 ----a-w- C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-08-10 03:15:52 0043DC9E479AADB7581A0C214C12981C 34088 ----a-w- C:\WINDOWS\SysWOW64\wldp.dll
2016-08-10 03:15:50 4A660D57D0607569460DD0D38DF6BECC 51128 ----a-w- C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-08-10 03:15:47 D9BEB680598B0F91D2F8160616534555 2921368 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-10 03:15:47 8C751452AED953068107928102CF0DB3 6743040 ----a-w- C:\WINDOWS\SysWOW64\mstscax.dll
2016-08-10 03:15:47 34FAB1BF0E226F861C7CE31EED76CF2E 703840 ----a-w- C:\WINDOWS\SysWOW64\WWAHost.exe
2016-08-10 03:15:46 5BCC73C347DBE5DCDF12F6968742CD48 219136 ----a-w- C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-08-10 03:15:46 5B3F9B063B6C2BCBC787DE648E03A2F9 91648 ----a-w- C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-08-10 03:15:46 58721A724ACF9EB64FFC73CEA2E5AD18 434688 ----a-w- C:\WINDOWS\SysWOW64\LogonController.dll
2016-08-10 03:15:45 4F4D63356F15B14FB4B7DBDD380C7EAD 792064 ----a-w- C:\WINDOWS\SysWOW64\kerberos.dll
2016-08-10 03:15:44 DF671DD017F4CA34A6132C4A4F51478B 705536 ----a-w- C:\WINDOWS\SysWOW64\wuapi.dll
2016-08-10 03:15:44 810EEE24B05B19F8688AE1A63E4C763B 80896 ----a-w- C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-08-10 03:15:44 64686775DDFEB380810D7EAF65B091BD 51712 ----a-w- C:\WINDOWS\SysWOW64\wshbth.dll
2016-08-10 03:15:44 56C9D34DEA76A89175F7088354949612 957608 ----a-w- C:\WINDOWS\SysWOW64\ole32.dll
2016-08-10 03:15:43 CB84F62C5267E1D8D5754787B984DB36 13018112 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-10 03:15:42 E648A70AAFA36321ABF93038831E06D7 178688 ----a-w- C:\WINDOWS\SysWOW64\wevtutil.exe
2016-08-10 03:15:40 C1272B9E6A81130CED8A35435F40B114 21123320 ----a-w- C:\WINDOWS\SysWOW64\shell32.dll
2016-08-10 03:15:37 9091FD746F787DD88BC6984C4B3AC538 1467392 ----a-w- C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-10 03:15:36 E7424977748B9CDCFE6C0BDDA5651292 400896 ----a-w- C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-10 03:15:36 AE17FADA552633E0C42EB0AD2DAEB5CA 255168 ----a-w- C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-10 03:15:36 AA551F342B77497149EA7E6C42836084 2501120 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll
2016-08-10 03:15:35 B2A55F01906660ADD91299A2584B8473 18677760 ----a-w- C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-10 03:15:35 A75E17C4E41705FDAACB8BEB4EA8C57E 5323776 ----a-w- C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-10 03:15:35 9D6A4CDEC72C48E8D4A2F4A107C0C152 465760 ----a-w- C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-10 03:15:35 9754A48B3C6C24F458B8745FD474B718 1708032 ----a-w- C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-08-10 03:15:34 B46AD783A5B6323D98CDCF1CB4B3ECB4 1502208 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-10 03:15:34 7AE957004F39BCFC36C3F1F9D359A414 687616 ----a-w- C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-10 03:15:34 39FE6CAF16ED024603401AF9A0C468EB 3663360 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-10 03:15:34 1350A4FFEB34D501E2D029A17D24D5DE 19351040 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-10 03:15:33 CB52438601FC0C3781C82D17891B8FD0 5660672 ----a-w- C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-10 03:15:33 C70AB2A6F3194C11A4EC5E626764AF3A 2050048 ----a-w- C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-10 03:15:33 58A1678722856F13021A1A0A77FB8604 92160 ----a-w- C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-08-10 03:15:33 278C808F4A7CCAD30D64CAA85AB3DFEF 12133376 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-10 03:15:30 1962CE5B946E523D218B1C9BDE927147 1526272 ----a-w- C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-10 03:15:26 624C59AA9DD73DED86A2A23FE25C7A1B 286208 ----a-w- C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-08-10 03:15:25 17AF53CC930792A791A48B2AA8E17EBB 335872 ----a-w- C:\WINDOWS\SysWOW64\iedkcs32.dll
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2016-08-15 22:34:24 5B1D7C1E6698AFDC3BC95AD37DA697A4 143816 ----a-w- C:\WINDOWS\Sysnative\vpncmd.exe
2016-08-10 03:15:55 F7EB9C110D64DD627AEA36C055132ED7 515072 ----a-w- C:\WINDOWS\Sysnative\OneDriveSettingSyncProvider.dll
2016-08-10 03:15:55 CA9636181E7AB74A2482D22145CA2D65 84480 ----a-w- C:\WINDOWS\Sysnative\rdpudd.dll
2016-08-10 03:15:55 B31C35FD2F5FD7EC6C59679593B91216 189952 ----a-w- C:\WINDOWS\Sysnative\MusNotification.exe
2016-08-10 03:15:55 5A54AE9F1538CC766725EC9778B643A5 58880 ----a-w- C:\WINDOWS\Sysnative\MusNotificationUx.exe
2016-08-10 03:15:55 5777F39D6C7442A856CDDC40E3A53727 566112 ----a-w- C:\WINDOWS\Sysnative\SettingSyncHost.exe
2016-08-10 03:15:54 9508F06AC3C00680F0C76EEBDA42260D 808288 ----a-w- C:\WINDOWS\Sysnative\WWAHost.exe
2016-08-10 03:15:54 9419D31C232C0BB3EAA8CD11519A96E3 4171264 ----a-w- C:\WINDOWS\Sysnative\rdpcorets.dll
2016-08-10 03:15:54 011E683E228B1A6B9F6C4A1CD96FB95E 6974464 ----a-w- C:\WINDOWS\Sysnative\Windows.Data.Pdf.dll
2016-08-10 03:15:53 EFC92FC5E9CEA5E3C21A00C1E6B37976 14252544 ----a-w- C:\WINDOWS\Sysnative\wmp.dll
2016-08-10 03:15:52 4E4D0693092F72EF41872A785B6ABD87 5123072 ----a-w- C:\WINDOWS\Sysnative\dbgeng.dll
2016-08-10 03:15:51 C0B52E87C74E9C9F6BDF678987DF6835 1388032 ----a-w- C:\WINDOWS\Sysnative\lsasrv.dll
2016-08-10 03:15:51 5252AE36A3175861E1DAC322BF9A8DC9 247296 ----a-w- C:\WINDOWS\Sysnative\wevtutil.exe
2016-08-10 03:15:49 D8CAB1807EA429C2C647FBC33C30CC88 211456 ----a-w- C:\WINDOWS\Sysnative\NetSetupSvc.dll
2016-08-10 03:15:49 6AD9CFA5567F79AD3508FA48065F0117 44544 ----a-w- C:\WINDOWS\Sysnative\musdialoghandlers.dll
2016-08-10 03:15:49 643A3DBB11ECF3169922BF628BEC3B98 115040 ----a-w- C:\WINDOWS\Sysnative\NetSetupApi.dll
2016-08-10 03:15:49 5F5F86A3B85785A51DD37E26A0D87B41 1997824 ----a-w- C:\WINDOWS\Sysnative\ActiveSyncProvider.dll
2016-08-10 03:15:49 5C7C3479B1AC8C059B81DD0A28FA6DA4 1387520 ----a-w- C:\WINDOWS\Sysnative\win32kbase.sys
2016-08-10 03:15:49 0932BEEE3B37E0CDE94E39D3F90B00F0 693600 ----a-w- C:\WINDOWS\Sysnative\NetSetupEngine.dll
2016-08-10 03:15:48 DE8218E572F2E1B62C2806D3E19C60BF 16985088 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Xaml.dll
2016-08-10 03:15:48 BF6C588423B2F856015AE8F61D93D01F 379392 ----a-w- C:\WINDOWS\Sysnative\usocore.dll
2016-08-10 03:15:48 9A4FA67BAC171581BC3A8B397F17A6B2 47616 ----a-w- C:\WINDOWS\Sysnative\TpmTasks.dll
2016-08-10 03:15:48 92F7552D4189CAA297D94CB3999B3309 3589120 ----a-w- C:\WINDOWS\Sysnative\win32kfull.sys
2016-08-10 03:15:47 5D7E0F09F1763FDC1E8B1F0F806C993F 7536640 ----a-w- C:\WINDOWS\Sysnative\mstscax.dll
2016-08-10 03:15:45 F72B2B6066DDA315E94DCF9C3DF027A7 200192 ----a-w- C:\WINDOWS\Sysnative\WUDFPlatform.dll
2016-08-10 03:15:45 C0A74EF101625756989F90162A6665D1 218624 ----a-w- C:\WINDOWS\Sysnative\cdd.dll
2016-08-10 03:15:45 A17D939E89831694963802A729191D1F 1213440 ----a-w- C:\WINDOWS\Sysnative\wwansvc.dll
2016-08-10 03:15:45 81AF2D59BCD0F784748D0D85E23B2ADC 1500160 ----a-w- C:\WINDOWS\Sysnative\RecoveryDrive.exe
2016-08-10 03:15:45 602060E8FD837EC184B10B32795D62AB 198144 ----a-w- C:\WINDOWS\Sysnative\winsrv.dll
2016-08-10 03:15:44 CEB4C80F53DD880ED626A66E67EF6464 1717760 ----a-w- C:\WINDOWS\Sysnative\GdiPlus.dll
2016-08-10 03:15:43 ED99282EABDAE41696B42E3BC9581026 1540224 ----a-w- C:\WINDOWS\Sysnative\sppobjs.dll
2016-08-10 03:15:43 BFB3F9076F9B6CBC540012842177DD63 2280960 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll
2016-08-10 03:15:43 496F741F5EA0A938742C60441288AB62 26408 ----a-w- C:\WINDOWS\Sysnative\wuauclt.exe
2016-08-10 03:15:43 312C36630E019D8D0E8BF9D314291C7E 3025920 ----a-w- C:\WINDOWS\Sysnative\wininet.dll
2016-08-10 03:15:43 12D19C047E87E2951F29D9B0688CF2A8 692136 ----a-w- C:\WINDOWS\Sysnative\sppwinob.dll
2016-08-10 03:15:42 518492A1B8E10E7D544F9E83120DF61D 1732096 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll
2016-08-10 03:15:42 42FE5F8652308F9982130292A8CC2700 3675512 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll
2016-08-10 03:15:41 D3938A0F10D2A4123F3C2AF61E27ABD5 848896 ----a-w- C:\WINDOWS\Sysnative\wuapi.dll
2016-08-10 03:15:41 0D33A5A89A72736F540E96C8F0412377 63488 ----a-w- C:\WINDOWS\Sysnative\wshbth.dll
2016-08-10 03:15:41 0C62C32702621557AB2B97CEDB02CD8E 104448 ----a-w- C:\WINDOWS\Sysnative\BluetoothApis.dll
2016-08-10 03:15:41 0914E0B3AFF87F80605F097B675D6782 7469408 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe
2016-08-10 03:15:39 DB98838EA2799AA094D7693A016B1633 2067968 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentExtensions.dll
2016-08-10 03:15:39 C277E33EA329821F6BCA443812B4E8D6 64000 ----a-w- C:\WINDOWS\Sysnative\Windows.StateRepositoryClient.dll
2016-08-10 03:15:39 B3A0F11506D6CE8C7D1B346AABE617B8 59904 ----a-w- C:\WINDOWS\Sysnative\Windows.StateRepositoryBroker.dll
2016-08-10 03:15:39 99435AD1BC9E7E7CEA528868E5B1F9B2 2746368 ----a-w- C:\WINDOWS\Sysnative\Windows.StateRepository.dll
2016-08-10 03:15:39 736BC0930DF22D535C9667D78F8DEB71 2175488 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentServer.dll
2016-08-10 03:15:38 FF048B3BA431DCEBB79CDE396D7FCB86 50368 ----a-w- C:\WINDOWS\Sysnative\CompatTelRunner.exe
2016-08-10 03:15:38 EAB476E252CE866727624B5224A054E4 506880 ----a-w- C:\WINDOWS\Sysnative\tileobjserver.dll
2016-08-10 03:15:38 DB8AF29D208C6496147BEA36D1B4CC27 285184 ----a-w- C:\WINDOWS\Sysnative\VEEventDispatcher.dll
2016-08-10 03:15:38 C65CA4C573AAE28CE068BBCE978860BB 92352 ----a-w- C:\WINDOWS\Sysnative\acmigration.dll
2016-08-10 03:15:38 C114604250CDC68E99F2F8A1AE3BEC4D 303216 ----a-w- C:\WINDOWS\Sysnative\LockAppHost.exe
2016-08-10 03:15:38 9017B26672F5BD70501A9BA37990453F 1505984 ----a-w- C:\WINDOWS\Sysnative\appraiser.dll
2016-08-10 03:15:37 E9375CFB103F4D4A54EAB185F67E379B 123392 ----a-w- C:\WINDOWS\Sysnative\tdlrecover.exe
2016-08-10 03:15:37 5AB0796C22D7DBAF629A08C22494C5CE 127488 ----a-w- C:\WINDOWS\Sysnative\VEDataLayerHelpers.dll
2016-08-10 03:15:37 30C17CDD5108ED26EC983883348C7965 37744 ----a-w- C:\WINDOWS\Sysnative\wldp.dll
2016-08-10 03:15:37 28898A890CEE2BFD763A12FB54E8E618 110080 ----a-w- C:\WINDOWS\Sysnative\IdCtrls.dll
2016-08-10 03:15:33 A5A462B5948BC9BAF6C1CA6C2BB35D79 4895232 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll
2016-08-10 03:15:33 5FE44212DD34A190819E49591AD142BE 784384 ----a-w- C:\WINDOWS\Sysnative\msfeeds.dll
2016-08-10 03:15:32 7C86F530A60EB5F70691124A7231172A 764928 ----a-w- C:\WINDOWS\Sysnative\Chakradiag.dll
2016-08-10 03:15:32 757357D0D97DCBB68FDF8F8C9EA41E51 7833088 ----a-w- C:\WINDOWS\Sysnative\Chakra.dll
2016-08-10 03:15:32 4056766C783514E2786F13CCA59A8787 2127360 ----a-w- C:\WINDOWS\Sysnative\inetcpl.cpl
2016-08-10 03:15:31 FD9C5FB457450D925E08454927CD9219 22384128 ----a-w- C:\WINDOWS\Sysnative\edgehtml.dll
2016-08-10 03:15:31 EB68DCC48742D6DDAF1B6DAA808B2BEF 13390336 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll
2016-08-10 03:15:30 DFD15944C2D56FF462EE33BC9AF71BE0 1752576 ----a-w- C:\WINDOWS\Sysnative\ieapfltr.dll
2016-08-10 03:15:30 B0ADC6DEDD9EC1EEC686926484D8DD1B 381952 ----a-w- C:\WINDOWS\Sysnative\wuuhext.dll
2016-08-10 03:15:30 0CCC61F60F7B447F9F77CE55FD9F4690 24613888 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll
2016-08-10 03:15:29 EEF099B4F1DA73009565C1E70E76C587 529920 ----a-w- C:\WINDOWS\Sysnative\LogonController.dll
2016-08-10 03:15:29 C034C41CAD5A0C805CE8BDCB4E75231A 1322760 ----a-w- C:\WINDOWS\Sysnative\ole32.dll
2016-08-10 03:15:29 9789FF6230BBE2D57F460E87E922D613 22561256 ----a-w- C:\WINDOWS\Sysnative\shell32.dll
2016-08-10 03:15:29 7BEA06396A13383998CD09E38C1AC53B 412160 ----a-w- C:\WINDOWS\Sysnative\MusUpdateHandlers.dll
2016-08-10 03:15:26 B687CA2B2FB902BF00B1127D61A84C00 359936 ----a-w- C:\WINDOWS\Sysnative\SensorsApi.dll
2016-08-10 03:15:26 89A9AA26EDF4CC2DA3820208CEA61CBB 58408 ----a-w- C:\WINDOWS\Sysnative\SensorsNativeApi.dll
2016-08-10 03:15:26 0A66FDBDE5FECC0BDF22D0CF59C66C78 970752 ----a-w- C:\WINDOWS\Sysnative\kerberos.dll
2016-08-10 03:15:25 CEEC73833A4C6B31E2F376A3FD4DA73E 91136 ----a-w- C:\WINDOWS\Sysnative\bthserv.dll
2016-08-10 03:15:25 CA6F4D06FC3931775FA1F726CE01704E 383488 ----a-w- C:\WINDOWS\Sysnative\iedkcs32.dll
2016-08-10 03:15:25 693C7B05D9E1D5B3BBC242A5569639AB 221696 ----a-w- C:\WINDOWS\Sysnative\ie4uinit.exe
2016-08-10 03:15:25 3A96F324681545F135320A9E91793972 339968 ----a-w- C:\WINDOWS\Sysnative\SensorService.dll
====== C:\WINDOWS\Sysnative\drivers =====
2016-08-17 05:02:25 78488AF2AB2111D67B3C4044707A519B 192216 ----a-w- C:\WINDOWS\Sysnative\drivers\MBAMSwissArmy.sys
2016-08-17 05:02:12 898415AC0B5F1D2A9A48ABCB68A6DC4B 65408 ----a-w- C:\WINDOWS\Sysnative\drivers\mwac.sys
2016-08-17 05:02:12 78BFF5425E044086E74E78650A359FBB 27008 ----a-w- C:\WINDOWS\Sysnative\drivers\mbam.sys
2016-08-17 05:02:12 1239597BAB7EED2BB16D035AF87E65D9 140672 ----a-w- C:\WINDOWS\Sysnative\drivers\mbamchameleon.sys
2016-08-15 23:04:42 21F2B0CECC4E6A82E1C366903407C110 38224 ----a-w- C:\WINDOWS\Sysnative\drivers\Neo6_x64_VPN2.sys
2016-08-15 22:50:58 CB40F8B4DEB52C26EF005C1F94BFDC7B 51024 ----a-w- C:\WINDOWS\Sysnative\drivers\SeLow_x64.sys.old1
2016-08-15 22:50:58 CB40F8B4DEB52C26EF005C1F94BFDC7B 51024 ----a-w- C:\WINDOWS\Sysnative\drivers\SeLow_x64.sys
2016-08-15 22:35:36 E686C162145E6DDCA2B3B644004351FD 38216 ----a-w- C:\WINDOWS\Sysnative\drivers\Neo6_x64_VPN.sys
2016-08-10 03:15:54 FA7EE4E3DCF4C1159D4E78147D8F1A7B 84992 ----a-w- C:\WINDOWS\Sysnative\drivers\BTHUSB.SYS
2016-08-10 03:15:53 2442F8CED09E5E4A8F1AA04C5DB22771 954368 ----a-w- C:\WINDOWS\Sysnative\drivers\bthport.sys
2016-08-10 03:15:52 C2138FE291C8235C3A26CD04EE629163 161632 ----a-w- C:\WINDOWS\Sysnative\drivers\ksecpkg.sys
2016-08-10 03:15:52 570BA8E8E1E3064A7D92F862B7F59B60 604928 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys
2016-08-10 03:15:51 72CC1F3397B4438C8B8830F004075038 112640 ----a-w- C:\WINDOWS\Sysnative\drivers\bthenum.sys
2016-08-10 03:15:50 5DCB6746E9880DED87EC2A239ED64EB4 181248 ----a-w- C:\WINDOWS\Sysnative\drivers\rfcomm.sys
2016-08-10 03:15:50 0A23A12396CE5AE78E13F8E2ADF9AE35 128512 ----a-w- C:\WINDOWS\Sysnative\drivers\bthpan.sys
2016-08-10 03:15:49 E61E8025B3FC30906B9BFF0E1602B1E8 576864 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms2.sys
2016-08-10 03:15:49 E5EF652F8C880EC48A4E827698416338 1988448 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys
2016-08-10 03:15:49 97269D0CF0C275A7DF5BFCA6692CC8B8 393056 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms1.sys
2016-08-10 03:15:44 34DDBE73E42A4EDED7BEFF66F270C1A4 99680 ----a-w- C:\WINDOWS\Sysnative\drivers\pdc.sys
2016-08-10 03:15:42 FAEBE339AB36831B77DC8F3B81DEDF75 465248 ----a-w- C:\WINDOWS\Sysnative\drivers\storport.sys
2016-08-10 03:15:42 3F89E96BDA0A24A3D2DBB7CE1E625589 331616 ----a-w- C:\WINDOWS\Sysnative\drivers\pci.sys
2016-08-10 03:15:26 1BB74617AE07539EC7C31C93F98644C7 422744 ----a-w- C:\WINDOWS\Sysnative\drivers\rdbss.sys
2016-07-20 13:46:16 B6F34BE914F7CF7D8B7203AB6241AC8B 313088 ----a-w- C:\WINDOWS\Sysnative\drivers\avgwfpa.sys
2016-07-19 17:27:12 A1E22774E01EDB88EC9620EF017B3ABE 261888 ----a-w- C:\WINDOWS\Sysnative\drivers\avgmfx64.sys
====== C:\WINDOWS\Tasks ======
2016-08-16 17:23:29 024AB14DF3277160E03C320B59CEADA2 3346 ----a-w- C:\WINDOWS\Sysnative\Tasks\OneDrive Standalone Update Task
2016-07-18 20:37:24 E0568BD0946A73F5A5E3E71109D3900A 3808 ----a-w- C:\WINDOWS\Sysnative\Tasks\AutoKMS
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2016-08-16 22:47:26 -------- d-----w- C:\Program Files\SoftEther VPN Client
2016-08-05 03:37:05 -------- d---a-w- C:\Program Files\Common Files\DESIGNER
2016-07-20 18:55:45 -------- d---a-w- C:\Program Files\Microsoft Office
2016-07-20 18:55:44 -------- d-----w- C:\Program Files\Microsoft Office 15
======= C:\PROGRA~2 =====
2016-08-15 23:22:07 -------- d-----w- C:\PROGRA~2\COMMON~1\IObit
2016-08-15 23:21:35 -------- d-----w- C:\PROGRA~2\IObit
2016-07-25 00:21:08 -------- d-----w- C:\PROGRA~2\COMMON~1\Java
2016-07-18 21:19:08 -------- d---a-w- C:\PROGRA~2\COMMON~1\DESIGNER
======= C: =====
====== C:\Users\Leonardo\AppData\Roaming ======
2016-08-15 23:21:41 -------- d-----w- C:\Users\Leonardo\AppData\IObit
2016-08-15 22:48:03 -------- d-----w- C:\Users\Leonardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Smartflix
2016-08-15 22:48:00 -------- d-----w- C:\Users\Leonardo\AppData\Local\smartflix
2016-08-08 01:53:43 -------- d-----w- C:\Users\Leonardo\AppData\Local\Mega Limited
2016-08-08 01:53:38 -------- d-----w- C:\Users\Leonardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2016-08-08 01:53:37 -------- d-----w- C:\Users\Leonardo\AppData\Local\MEGAsync
2016-07-30 16:48:54 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\dumps
2016-07-26 07:35:55 -------- d-----w- C:\Users\Leonardo\AppData\Local\Downloaded Installations
2016-07-18 21:07:36 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\PeerDistRepub
====== C:\Users\Leonardo ======
2016-08-15 23:22:09 -------- d-----w- C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-08-15 23:21:40 -------- d-----w- C:\ProgramData\ProductData
2016-08-15 23:21:39 -------- d-----w- C:\ProgramData\IObit
2016-08-08 01:56:16 -------- d-----r- C:\Users\Leonardo\MEGA
2016-08-08 01:52:44 8332FDCB2DF9D6788E926FED7F036C56 13007376 ----a-w- C:\Users\Leonardo\Downloads\MEGAsyncSetup.exe
2016-08-06 17:47:41 085DBD13027D88AAE907CDADB46AA41C 205 ----a-w- C:\Users\Leonardo\.swfinfo
2016-07-28 21:03:15 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mighty No 9
2016-07-20 18:57:57 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office 2016
 
====== C: exe-files ==
2016-08-16 22:47:26 C3BFF9BDE14B1006F2AA58BD58B2242A 6190024 ----a-w- C:\Program Files\SoftEther VPN Client\vpnsetup_x64.exe
2016-08-16 22:47:26 351EF6D61CAE5AB670AC6EF5A2E77E5B 4898248 ----a-w- C:\Program Files\SoftEther VPN Client\vpnsetup.exe
2016-08-16 17:22:59 50DB5E0E5DBDDC9ED662FC6B61444D9D 20738752 ----a-w- C:\Users\Leonardo\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe
2016-08-16 17:22:59 50DB5E0E5DBDDC9ED662FC6B61444D9D 20738752 ----a-w- C:\Users\Leonardo\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveSetup.exe
2016-08-16 17:22:43 318FF5AFDD3CF2FE366118CDF8DCC59D 481984 ----a-w- C:\Users\Leonardo\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
2016-08-16 17:22:42 B8A65258FFB70C037195CFBDAD9AF01D 175296 ----a-w- C:\Users\Leonardo\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncConfig.exe
2016-08-16 17:22:41 ED59204D9A071DED6AEC000050422F73 181448 ----a-w- C:\Users\Leonardo\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe
2016-08-15 23:21:41 DEA4A43AAAA2E2C6B32467C6982388DF 33708424 ----a-w- C:\ProgramData\IObit\ASCDownloader\IU5\Advanced SystemCare 9.exe
2016-08-15 23:21:40 ED6923BF4D8D4383893825E2F74E2543 2945312 ----a-w- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
2016-08-15 22:48:00 ED33C8712CF3FE2E7CFDA1C207C7D876 1526016 ------w- C:\Users\Leonardo\AppData\Local\smartflix\Update.exe
2016-08-15 22:34:24 5B1D7C1E6698AFDC3BC95AD37DA697A4 143816 ----a-w- C:\Windows\System32\vpncmd.exe
2016-08-11 04:49:23 D023A7DA00A3F63E79C8F16E509CEA20 387072 ----a-w- C:\Users\Leonardo\AppData\Roaming\uTorrent\updates\3.4.8_42449\utorrentie.exe
2016-08-11 03:20:19 6F8F01C2279F49BD3103599B53EE2A57 1972224 ----a-w- C:\Users\Leonardo\AppData\Roaming\uTorrent\updates\3.4.8_42449.exe
2016-08-10 18:15:21 EF34026F201FD972EF87BC206698D365 57816 ----a-w- C:\Users\Leonardo\.AndroidStudio2.1\restart\restarter.exe
2016-08-10 17:32:19 F104C53556BC4C7DD886C340F2E80541 802304 ----a-w- C:\Users\Leonardo\AppData\Local\Android\sdk\platform-tools\fastboot.exe
2016-08-10 17:32:19 C65EC484EF292EDBAE8426463F5DFC26 329216 ----a-w- C:\Users\Leonardo\AppData\Local\Android\sdk\platform-tools\etc1tool.exe
2016-08-10 17:32:19 C07EE2F3926B783A1BE9055A5EA3B25C 43008 ----a-w- C:\Users\Leonardo\AppData\Local\Android\sdk\platform-tools\hprof-conv.exe
2016-08-10 17:32:19 9BC0F5BCB8B366668C607AE97BAF6D3F 1479680 ----a-w- C:\Users\Leonardo\AppData\Local\Android\sdk\platform-tools\adb.exe
2016-08-10 17:32:19 95AC87431854F5A13AF95309D2D19D4F 726528 ----a-w- C:\Users\Leonardo\AppData\Local\Android\sdk\platform-tools\sqlite3.exe
2016-08-10 17:32:19 6B4FAE8768A4FBB49415F593BE4AA8EF 147456 ----a-w- C:\Users\Leonardo\AppData\Local\Android\sdk\platform-tools\dmtracedump.exe
=== C: other files ==
2016-08-17 05:02:25 78488AF2AB2111D67B3C4044707A519B 192216 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2016-08-17 05:02:12 898415AC0B5F1D2A9A48ABCB68A6DC4B 65408 ----a-w- C:\Windows\System32\drivers\mwac.sys
2016-08-17 05:02:12 78BFF5425E044086E74E78650A359FBB 27008 ----a-w- C:\Windows\System32\drivers\mbam.sys
2016-08-17 05:02:12 1239597BAB7EED2BB16D035AF87E65D9 140672 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2016-08-16 20:45:22 C66456E5094BE7420DC6AFE97AD7E85E 1304 ----a-w- C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apghicjnekejhfancbkahkhdckhdagna\3.9.0_0\vendor\zip.js\WebContent\tests\lorem_store.zip
2016-08-16 20:45:22 0FE5B8129EFB80AADED8F154B095B99E 1553 ----a-w- C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apghicjnekejhfancbkahkhdckhdagna\3.9.0_0\vendor\zip.js\WebContent\tests\lorem2.zip
2016-08-16 20:45:22 0A2F065D97313D8C092F8BE35208B381 1269 ----a-w- C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apghicjnekejhfancbkahkhdckhdagna\3.9.0_0\vendor\zip.js\WebContent\tests\lorem.zip
2016-08-16 17:22:41 8CF4163521FDB8E53482003C7EFA7121 5850 ----a-w- C:\Users\Leonardo\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\CollectOneDriveLogs.bat
2016-08-15 23:04:42 21F2B0CECC4E6A82E1C366903407C110 38224 ----a-w- C:\Windows\System32\drivers\Neo6_x64_VPN2.sys
2016-08-15 22:50:58 CB40F8B4DEB52C26EF005C1F94BFDC7B 51024 ----a-w- C:\Windows\System32\drivers\SeLow_x64.sys
2016-08-15 22:35:36 E686C162145E6DDCA2B3B644004351FD 38216 ----a-w- C:\Windows\System32\drivers\Neo6_x64_VPN.sys
2016-08-15 08:02:00 D76A5AFD1FE0842DE391E799763D1AA3 198190 ----a-w- C:\Users\Leonardo\AppData\Local\JDownloader v2.0\cfg\downloadList673.zip
2016-08-15 08:02:00 0AF1AC9D417E8D8F3EEAC70F7165AB7C 140710 ----a-w- C:\Users\Leonardo\AppData\Local\JDownloader v2.0\cfg\linkcollector379.zip
2016-08-15 07:58:21 77592BB73C77AD3DB4425DFC7DA2A850 198190 ----a-w- C:\Users\Leonardo\AppData\Local\JDownloader v2.0\cfg\downloadList672.zip
2016-08-15 07:56:49 916C193D0D7D638B12FB554FBE8D240D 198190 ----a-w- C:\Users\Leonardo\AppData\Local\JDownloader v2.0\cfg\downloadList671.zip
2016-08-15 07:56:26 D42A23106D96ABA9102673C3825FCC44 198153 ----a-w- C:\Users\Leonardo\AppData\Local\JDownloader v2.0\cfg\downloadList670.zip
2016-08-15 07:56:20 88E7FAD873C5E0F42FCE2DE1B770562C 198154 ----a-w- C:\Users\Leonardo\AppData\Local\JDownloader v2.0\cfg\downloadList669.zip
2016-08-15 07:55:24 0802807136376D4AB376391405020381 198119 ----a-w- C:\Users\Leonardo\AppData\Local\JDownloader v2.0\cfg\downloadList668.zip
2016-08-15 07:41:19 16584A12CB1BE058C571B30AB27EA9E2 140710 ----a-w- C:\Users\Leonardo\AppData\Local\JDownloader v2.0\cfg\linkcollector378.zip
2016-08-15 07:36:14 9E221F7D353C3480FBC25FCC1580E857 147087 ----a-w- C:\Users\Leonardo\AppData\Local\JDownloader v2.0\cfg\linkcollector377.zip
2016-08-15 07:35:14 2E0E0522DD839EA61D72DCC4885415E0 142525 ----a-w- C:\Users\Leonardo\AppData\Local\JDownloader v2.0\cfg\linkcollector376.zip
2016-08-15 07:34:55 4E0B3190142C79C7E06035A3793BD878 141612 ----a-w- C:\Users\Leonardo\AppData\Local\JDownloader v2.0\cfg\linkcollector375.zip
2016-08-14 19:54:44 BE184EBC328156903D3631B7424A08F9 142163 ----a-w- C:\Users\Leonardo\AppData\Local\JDownloader v2.0\cfg\linkcollector374.zip
2016-08-10 18:37:10 3B0D7796875F82A72555EDD623FDE1C1 667528 ----a-w- C:\Users\Leonardo\AndroidStudioProjects\DonBolon\app\build\intermediates\instant-run-support\debug\classes.zip
2016-08-10 18:37:10 249AE1365D68FD0C6D87ED07D40CF818 248183 ----a-w- C:\Users\Leonardo\AndroidStudioProjects\DonBolon\app\build\intermediates\instant-run-support\debug\resources.zip
2016-08-10 17:55:50 91239168FCD916B7E9E0008B4CF8046C 144 ----a-w- C:\Users\Leonardo\.gradle\wrapper\dists\gradle-2.2-all\1vevkra640w3rb9hkuw50q5we\gradle-2.2\samples\maven\pomGeneration\lib\providedRuntime-1.0.zip
2016-08-10 17:55:50 7A3C18FD9006F79B4B445D302834ED14 332 ----a-w- C:\Users\Leonardo\.gradle\wrapper\dists\gradle-2.2-all\1vevkra640w3rb9hkuw50q5we\gradle-2.2\samples\userguide\files\copy\src\main\assets.zip
2016-08-10 17:55:46 260A48144BC3A09A7422FCAF9C904AD2 2394 ----a-w- C:\Users\Leonardo\.gradle\wrapper\dists\gradle-2.2-all\1vevkra640w3rb9hkuw50q5we\gradle-2.2\bin\gradle.bat
2016-08-10 17:55:19 143830AEA6BBED4EE77BAA3DD191745F 58568174 ----a-w- C:\Users\Leonardo\.gradle\wrapper\dists\gradle-2.2-all\1vevkra640w3rb9hkuw50q5we\gradle-2.2-all.zip
2016-08-10 17:41:57 99ED8E419B351873B13D9102E3BBAB37 139 ----a-w- C:\Users\Leonardo\.AndroidStudio2.1\config\tasks\DonBolon.tasks.zip
2016-08-10 17:41:57 99ED8E419B351873B13D9102E3BBAB37 139 ----a-w- C:\Users\Leonardo\.AndroidStudio2.1\config\tasks\DonBolon.contexts.zip
2016-08-10 17:40:29 375DDEA382B6C56A7BE2A967A20E0AB5 2404 ----a-w- C:\Users\Leonardo\AndroidStudioProjects\DonBolon\gradlew.bat
2016-08-10 17:33:35 3ADD0194E0CAA0441A8E15F523F13239 12348698 ----a-w- C:\Users\Leonardo\Downloads\DonBolon.zip
2016-08-10 17:32:19 91853155DC925CDFDA918272A0B55B13 930488 ----a-w- C:\Users\Leonardo\AppData\Local\Android\sdk\platform-tools\api\annotations.zip
 
==== Startup Registry Enabled ======================
 
[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"
 
[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"
 
[HKEY_USERS\S-1-5-21-3335889776-2522453919-3663238340-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"OneDrive"="C:\Users\Leonardo\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe"
"Discord"="C:\Users\Leonardo\AppData\Local\Discord\app-0.0.295\Discord.exe"
 
[HKEY_USERS\S-1-5-21-3335889776-2522453919-3663238340-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Leonardo\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Leonardo\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
"Uninstall C:\Users\Leonardo\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Leonardo\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
"Uninstall C:\Users\Leonardo\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Leonardo\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
"Uninstall C:\Users\Leonardo\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Leonardo\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"AvgUi"="C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe /lps=fmw"
"AVG_UI"="C:\Program Files (x86)\AVG\Av\avuirunnerx.exe C:\Program Files (x86)\AVG\Av\avgui.exe"
"Adobe Creative Cloud"="C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true"
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE -startup"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"OneDrive"="C:\Users\Leonardo\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe"
"Discord"="C:\Users\Leonardo\AppData\Local\Discord\app-0.0.295\Discord.exe"
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Leonardo\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Leonardo\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
"Uninstall C:\Users\Leonardo\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Leonardo\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
"Uninstall C:\Users\Leonardo\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Leonardo\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
"Uninstall C:\Users\Leonardo\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Leonardo\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
 
==== Startup Registry Enabled x64 ======================
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch"
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"PAP7501_Monitor"="C:\WINDOWS\PixArt\PAP7501\GUCI_AVS.exe"
"IAStorIcon"="C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe 60"
"XboxStat"="C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe silentrun"
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
 
==== Task Scheduler Jobs ======================
 
C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12/07/2016 13:16]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [03/04/2016 05:51]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [03/04/2016 05:51]
 
==== Other Scheduled Tasks ======================
 
"C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\WINDOWS\SysNative\tasks\AutoKMS" [C:\WINDOWS\AutoKMS\AutoKMS.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\klcp_update" ["C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe"]
"C:\WINDOWS\SysNative\tasks\OneDrive Standalone Update Task" [C:\Users\Leonardo\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{674E0D0D-9A9D-46B0-B38B-46DBCFF2EBCA}" [C:\WINDOWS\system32\msfeedssync.exe]
"C:\WINDOWS\SysNative\tasks\HardDiskSentinel\Hard Disk Sentinel_Leonardo" [C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe]
"C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]
 
==== Firefox Extensions ======================
 
ProfilePath: C:\Users\Leonardo\AppData\Roaming\Mozilla\Firefox\Profiles\ykck47h8.default-1459788651018
- EPUBReader - %ProfilePath%\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}
- FT DeepDark - %ProfilePath%\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66}
- OmniSidebar - %ProfilePath%\extensions\osb@quicksaver.xpi
- Tree Style Tab - %ProfilePath%\extensions\treestyletab@piro.sakura.ne.jp.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
 
==== Firefox Plugins ======================
 
Profilepath: C:\Users\Leonardo\AppData\Roaming\Mozilla\Firefox\Profiles\ykck47h8.default-1459788651018
A63E5CB8C5424020CC170E2308DD36CE - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL - Microsoft Office 2016
D7C58215347321D835019C6115BDF3C3 - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll - Microsoft Office 2016
62D98B286C805E193568037B70D936D2 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll - Shockwave Flash
 
 
==== Chromium Look ======================
 
Google Slides - Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
DIM - Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apghicjnekejhfancbkahkhdckhdagna
YouTube - Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
selector is not a valid CSS selector - Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Logitech Smooth Scrolling - Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk
Google Sheets - Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Google Docs Offline - Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
Unlimited Free VPN - Hola - Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio
Arcane Legends - Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibmlkgieigeddcedpbijnpojheoddido
UltraSurf Security Privacy & Unblock VPN - Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjnbclmflcpookeapghfhapeffmpodij
Chrome Web Store Payments - Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Mass Effect 3 1920x1080 - Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbajkfcoapbkccklekmjkhikfdcciojo
Gmail - Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Chrome Media Router - Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Are you sure you want to delete folderName folder and subFolderCount sub-folders in it? - Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnbmhmngmdppipkoognikjonljicbhnl
 
==== IE Start and Search Settings ======================
 
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
 
==== All HKLM and HKCU SearchScopes ======================
 
HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
 
==== HijackThis Entries ======================
 
F2 - REG:system.ini: UserInit=
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avuirunnerx.exe" C:\Program Files (x86)\AVG\Av\avgui.exe
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Leonardo\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [Discord] C:\Users\Leonardo\AppData\Local\Discord\app-0.0.295\Discord.exe
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Leonardo\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Leonardo\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Leonardo\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Leonardo\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Leonardo\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Leonardo\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Leonardo\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Leonardo\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'Servicio de red')
O4 - Startup: MEGAsync.lnk = Leonardo\AppData\Local\MEGAsync\MEGAsync.exe
O4 - Startup: Sidebar234.lnk = C:\Program Files\Windows Sidebar\sidebar.exe
O8 - Extra context menu item: &Enviar a OneNote - res://C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\Program Files\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{b00efe5e-bbb4-4d56-99ff-3b7b3ef551ce}: NameServer = 192.168.100.1
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\AJRouter.dll,-2 (AJRouter) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30011 (AppHostSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\AppReadiness.dll,-1000 (AppReadiness) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\appxdeploymentserver.dll,-1 (AppXSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\AudioEndpointBuilder.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%windir%\system32\bisrv.dll,-100 (BrokerInfrastructure) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\BthHFSrv.dll,-103 (BthHFSrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ClipSVC.dll,-103 (ClipSVC) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\coremessaging.dll,-1 (CoreMessagingRegistrar) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @combase.dll,-5012 (DcomLaunch) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dcpsvc.dll,-3001 (DcpSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\das.dll,-100 (DeviceAssociationService) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (DeviceInstall) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\DevQueryBroker.dll,-100 (DevQueryBroker) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\diagtrack.dll,-3001 (DiagTrack) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%systemroot%\system32\Windows.Internal.Management.dll,-100 (DmEnrollmentSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dmwappushsvc.dll,-200 (dmwappushservice) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dosvc.dll,-100 (DoSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\DeviceSetupManager.dll,-1000 (DsmSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dssvc.dll,-10003 (DsSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (Eaphost) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\embeddedmodesvc.dll,-200 (embeddedmode) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @EnterpriseAppMgmtSvc.dll,-1 (EntAppSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (EventLog) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fhsvc.dll,-101 (fhsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Servicio de Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\System32\tetheringservice.dll,-4097 (icssvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel® HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® Capability Licensing Service TCP IP Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\lfsvc.dll,-1 (lfsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\licensemanagersvc.dll,-200 (LicenseManager) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: @%windir%\system32\lsm.dll,-1001 (LSM) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\moshost.dll,-100 (MapsBroker) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @%SystemRoot%\system32\MessagingService.dll,-100 (MessagingService) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: MessagingService_110548 - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: MessagingService_636d9 - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: MessagingService_645a9 - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: MessagingService_6576a - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: MessagingService_667ce - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: MessagingService_6c2ab - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: MessagingService_fc605 - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\WINDOWS\system32\msiexec.exe
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ncasvc.dll,-3009 (NcaSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ncbservice.dll,-500 (NcbService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\NcdAutoSetup.dll,-100 (NcdAutoSetup) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofmsvc.dll,-202 (netprofm) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\NetSetupSvc.dll,-3 (NetSetupSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\NgcCtnrSvc.dll,-1 (NgcCtnrSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: NitroPDFDriverCreatorReadSpool10 (NitroDriverReadSpool10) - Nitro PDF Software - C:\Program Files\Nitro\Pro 10\NitroPDFDriverService10x64.exe
O23 - Service: NitroUpdateService - Unknown owner - C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\APHostRes.dll,-10002 (OneSyncSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Sincronizar host_110548 (OneSyncSvc_110548) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Sincronizar host_4fb86 (OneSyncSvc_4fb86) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Sincronizar host_636d9 (OneSyncSvc_636d9) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Sincronizar host_645a9 (OneSyncSvc_645a9) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Sincronizar host_6576a (OneSyncSvc_6576a) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Sincronizar host_667ce (OneSyncSvc_667ce) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Sincronizar host_6c2ab (OneSyncSvc_6c2ab) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Sincronizar host_f16ef (OneSyncSvc_f16ef) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Sincronizar host_fc605 (OneSyncSvc_fc605) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\WINDOWS\SysWow64\perfhost.exe
O23 - Service: @%SystemRoot%\system32\PhoneserviceRes.dll,-10000 (PhoneSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\UserDataAccessRes.dll,-15001 (PimIndexMaintenanceSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Datos de contactos_110548 (PimIndexMaintenanceSvc_110548) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Datos de contactos_636d9 (PimIndexMaintenanceSvc_636d9) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Datos de contactos_645a9 (PimIndexMaintenanceSvc_645a9) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Datos de contactos_6576a (PimIndexMaintenanceSvc_6576a) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Datos de contactos_667ce (PimIndexMaintenanceSvc_667ce) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Datos de contactos_6c2ab (PimIndexMaintenanceSvc_6c2ab) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Datos de contactos_fc605 (PimIndexMaintenanceSvc_fc605) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-200 (PlugPlay) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll,-1 (PrintNotify) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\RDXService.dll,-256 (RetailDemo) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @combase.dll,-5010 (RpcSs) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ScDeviceEnum.dll,-100 (ScDeviceEnum) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\sensorservice.dll,-1000 (SensorService) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\System32\smphost.dll,-102 (smphost) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SmsRouterSvc.dll,-10001 (SmsRouter) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\windows.staterepository.dll,-1 (StateRepository) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\svsvc.dll,-101 (svsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%windir%\system32\SystemEventsBrokerServer.dll,-1001 (SystemEventsBroker) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\tileobjserver.dll,-1 (tiledatamodelsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%windir%\system32\TimeBrokerServer.dll,-1001 (TimeBroker) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\WINDOWS\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\UserDataAccessRes.dll,-10003 (UnistoreSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Almacenamiento de datos de usuarios_110548 (UnistoreSvc_110548) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Almacenamiento de datos de usuarios_636d9 (UnistoreSvc_636d9) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Almacenamiento de datos de usuarios_645a9 (UnistoreSvc_645a9) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Almacenamiento de datos de usuarios_6576a (UnistoreSvc_6576a) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Almacenamiento de datos de usuarios_667ce (UnistoreSvc_667ce) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Almacenamiento de datos de usuarios_6c2ab (UnistoreSvc_6c2ab) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Almacenamiento de datos de usuarios_fc605 (UnistoreSvc_fc605) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Update service - Popcorn Time - C:\Program Files (x86)\Popcorn Time\Updater.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\UserDataAccessRes.dll,-14001 (UserDataSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Acceso a datos de usuarios_110548 (UserDataSvc_110548) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Acceso a datos de usuarios_636d9 (UserDataSvc_636d9) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Acceso a datos de usuarios_645a9 (UserDataSvc_645a9) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Acceso a datos de usuarios_6576a (UserDataSvc_6576a) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Acceso a datos de usuarios_667ce (UserDataSvc_667ce) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Acceso a datos de usuarios_6c2ab (UserDataSvc_6c2ab) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Acceso a datos de usuarios_fc605 (UserDataSvc_fc605) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\usermgr.dll,-100 (UserManager) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\usocore.dll,-102 (UsoSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\icsvc.dll,-801 (vmicguestinterface) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\icsvc.dll,-101 (vmicheartbeat) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\icsvc.dll,-201 (vmickvpexchange) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\icsvc.dll,-601 (vmicrdv) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\icsvc.dll,-301 (vmicshutdown) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\icsvc.dll,-401 (vmictimesync) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\icsvc.dll,-901 (vmicvmsession) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\icsvc.dll,-501 (vmicvss) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30014 (w3logsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30003 (W3SVC) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\WalletService.dll,-1000 (WalletService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30001 (WAS) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wcmsvc.dll,-4097 (Wcmsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wephostsvc.dll,-100 (WEPHOSTSVC) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiarpc.dll,-2 (WiaRpc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (WlanSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wlidsvc.dll,-100 (wlidsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\workfolderssvc.dll,-102 (workfolderssvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpnservice.dll,-1 (WpnService) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\WINDOWS\system32\SearchIndexer.exe
O23 - Service: @%SystemRoot%\system32\WSService.dll,-103 (WSService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\XblAuthManager.dll,-100 (XblAuthManager) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\XblGameSave.dll,-100 (XblGameSave) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\XboxNetApiSvc.dll,-100 (XboxNetApiSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
 
==== C:\zoek_backup content ======================
 
C:\zoek_backup (files=0 folders=0 0 bytes)
 
==== EOF on 17/08/2016 at 11:32:17,32 ======================
 

Edited by leonardotorres, 17 August 2016 - 11:33 AM.


BC AdBot (Login to Remove)

 


#2 Jintan

Jintan

  • Malware Response Team
  • 531 posts
  • OFFLINE
  •  
  • Local time:11:06 AM

Posted 21 August 2016 - 03:52 PM

Hello leonardtorres,

 

Welcome to Bleeping Computer.

 

The log you posted doesn't show much. Do you have any idea of why these sites have blacklisted you? I see Popcorn, and VPN there. I would like to check your IP myself. Click on my name, then click "Send me a message", so it won't be posted.


Ad eundum quo no duck ante iit

#3 Jintan

Jintan

  • Malware Response Team
  • 531 posts
  • OFFLINE
  •  
  • Local time:11:06 AM

Posted 21 August 2016 - 06:48 PM

I received your message. Your IP is on a blocklist.de list for sending spam emails multiple times.

 

Disable your antivirus.

 

 

Download RogueKiller from here to your desktop.

    Close all open programs
    Remember to right click -> run as administrator, and click the downloaded file.

Agree to the language prompt, and place a check next to:

Install 32 and 64 bits versions (Recommended for Technicians).

Then click Next until you get to the Finish button, and click it. RogueKiller will then open.

Click the Start Scan button, then again the Start Scan button.

When the scan finishes click the Open Report button. Then click the Open TXT button. Save that report to your desktop, and post it back here please. For now just close RogueKiller.


Ad eundum quo no duck ante iit

#4 leonardotorres

leonardotorres
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:06 AM

Posted 21 August 2016 - 07:24 PM

RogueKiller 0 detections

 

ISP kinda admited an attack on their end and they also did something to unlock my IP with Sony but still I want to be sure my Pc isnt infected

 

RogueKiller V12.4.4.0 (x64) [Aug 16 2016] (Free) by Adlice Software
correo : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Sitio web : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Sistema Operativo : Windows 10 (10.0.10586) 64 bits version
Iniciado en : Modo Normal
Usuario : leott [Administrador]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Modo : Escanear -- Fecha : 08/21/2016 19:05:13

¤¤¤ Procesos : 0 ¤¤¤

¤¤¤ Registro : 0 ¤¤¤

¤¤¤ Tareas : 0 ¤¤¤

¤¤¤ Archivos : 0 ¤¤¤

¤¤¤ Archivo de hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Cargado) ¤¤¤

¤¤¤ Navegadores Web : 0 ¤¤¤

¤¤¤ Chequeo MBR : ¤¤¤
+++++ PhysicalDrive0: KINGSTON SV300S37A240G +++++
--- User ---
[MBR] f0e71a72ce1a6e0dafd659e65f355c7a
[BSP] 6786b20cd160be26045b8b97f8bea13b : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 228484 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 467937280 | Size: 450 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: SAMSUNG HD161HJ +++++
--- User ---
[MBR] 92a9e9d267faa4358611b62f84718c97
[BSP] bab4547b876012272964fe6b3ab399cd : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 152625 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK
 



#5 Jintan

Jintan

  • Malware Response Team
  • 531 posts
  • OFFLINE
  •  
  • Local time:11:06 AM

Posted 23 August 2016 - 05:27 PM

Wow - have no idea why I am not notified when a post happens. And good news your ISP admitted their involvement.

 

I suspect RogueKiller would have picked up on any bad activity, which it didn't. We can check more if you want, but it sounds like the situation is being resolved.


Ad eundum quo no duck ante iit

#6 leonardotorres

leonardotorres
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:06 AM

Posted 23 August 2016 - 06:38 PM

Ip keeps getting listed, on different sites, Im worried if this continues sony wil block me again 2 days ago Ip was listed on 8 diffenrent sites! and I have constantly remove it manually, and even if ISP admitted I dont think they are doing something to clean the IP.

Is there any way to be sure its their fault and not mine??, something I can use as proof to contact them and demand the issue to be solved.

 

Here is Mxtoolbox history log, and as you can see I just cant clean the IP and I would apreciate it if you guys could check more

https://someimage.com/uXYB655

Edited by leonardotorres, 23 August 2016 - 06:40 PM.


#7 Jintan

Jintan

  • Malware Response Team
  • 531 posts
  • OFFLINE
  •  
  • Local time:11:06 AM

Posted 24 August 2016 - 05:33 PM

No problem - let's check. But we need to step back, and check the opening scan we usually ask for. Checks different areas.

 

Download Farbar Recovery Scan Tool and save it to your desktop.

Note: Your system is 64bit.
 

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Edited by Jintan, 24 August 2016 - 05:33 PM.

Ad eundum quo no duck ante iit




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users