Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

result of Farbar Recovery Scan Tool


  • This topic is locked This topic is locked
14 replies to this topic

#1 selohu

selohu

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:07 AM

Posted 28 January 2018 - 10:22 AM

Mod Edit:  Previous topic posted in AII, https://www.bleepingcomputer.com/forums/t/667881/rkill, that topic is now closed by me - Hamluis.
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2018
Ran by selohu (administrator) on DESKTOP-8EJOT4I (28-01-2018 16:07:01)
Running from E:\Herramientas
Loaded Profiles: selohu (Available Profiles: selohu)
Platform: Windows 10 Pro Version 1709 16299.192 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (with Networking)
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3897876760-2343832674-48544982-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [886768 2017-11-04] (Adobe Systems Incorporated)
HKU\S-1-5-21-3897876760-2343832674-48544982-1001\...\Run: [0FD00E456263BD2267B7B66A2074EE49088C8B56._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1581912 2018-01-24] (Google Inc.)
HKU\S-1-5-21-3897876760-2343832674-48544982-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10249048 2017-12-13] (Piriform Ltd)
HKU\S-1-5-21-3897876760-2343832674-48544982-1001\...\Run: [PerformanceMonitor] => C:\Users\selohu\Desktop\Tazzys Performance Monitor.exe
HKU\S-1-5-21-3897876760-2343832674-48544982-1001\...\Run: [Spotify Web Helper] => C:\Users\selohu\AppData\Roaming\Spotify\SpotifyWebHelper.exe [780688 2018-01-17] (Spotify Ltd)
HKU\S-1-5-21-3897876760-2343832674-48544982-1001\...\Run: [Spotify] => C:\Users\selohu\AppData\Roaming\Spotify\Spotify.exe [21099408 2018-01-17] (Spotify Ltd)
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction <==== ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{096fe9b8-9561-40ac-aab1-f5448174893a}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{2912377f-5a04-48b9-b74d-6371b36e164f}: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{336fa204-159c-4713-868d-d7358f95341e}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{482e7d1c-2efc-4ccb-89af-c987fb25d624}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{6089763b-a03e-46f7-a486-205ae59f94c6}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{64937937-b501-11e7-997c-806e6f6e6963}: [NameServer] 8.8.8.8
 
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
SearchScopes: HKU\S-1-5-21-3897876760-2343832674-48544982-1001 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = 
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-04] (Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-04] (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-21] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-04] (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-21] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-04] (Adobe Systems Incorporated)
Handler: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} -  No File
 
FireFox:
========
FF HKU\S-1-5-21-3897876760-2343832674-48544982-1001\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\selohu\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-21] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3897876760-2343832674-48544982-1001: @acestream.net/acestreamplugin,version=3.1.20.2 -> C:\Users\selohu\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]
FF Plugin HKU\S-1-5-21-3897876760-2343832674-48544982-1001: WebChimera.org/WebChimera -> C:\Users\selohu\AppData\Roaming\WebChimera\0.2.9\npWebChimera.dll [2015-07-01] (Sergey Radionov)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Default [2018-01-28]
CHR Extension: (Presentaciones) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Documentos) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-27]
CHR Extension: (YouTube) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-27]
CHR Extension: (Maldito Bulo) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpancimhkhejliinianojlkbbajehfdl [2018-01-25]
CHR Extension: (Adblock Plus) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-01-27]
CHR Extension: (uBlock Origin) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-01-14]
CHR Extension: (Tampermonkey) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-01-19]
CHR Extension: (minerBlock) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Default\Extensions\emikbbbebcdfohonlaifafnoanocnebl [2018-01-28]
CHR Extension: (Crypto Miner Blocker) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Default\Extensions\fekkecoifalagdiibmfnmjfmgmpblogb [2018-01-25]
CHR Extension: (Hojas de cálculo) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Skyload - Descargar música y vídeos con el 99.9% de los sitios) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnmpfimijcopbiaiobinamadmnmhckmp [2018-01-19]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-27]
CHR Extension: (Twitcher - Twitter Account Switcher) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmngpagflejjoblmmamaonmnkghjmebh [2018-01-08]
CHR Extension: (Yоutubе Video Downloader) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Default\Extensions\iomfhkacijbbgflnikmmplnjnjjkeiej [2018-01-19]
CHR Extension: (VK Music — descarga música de VK) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdnmpoggedgajbelgfgmlogehjkkfilp [2018-01-19]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-27]
CHR Extension: (Vk Videos and Music Download (VK downloader)) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmifgdgmgcgnbfkjcjohedicldjilbg [2018-01-19]
CHR Extension: (Gmail) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-27]
CHR Extension: (Chrome Media Router) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-01-26]
CHR Extension: (Get HLS from Youtbe) - C:\Users\selohu\Desktop\HLS\gethlsfromyoutube-master\gethlsfromyoutube-master [2016-12-22]
CHR Profile: C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-01-17]
CHR Extension: (No Name) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\ahggfmgiidlaceichjfemgbaggnbaloe [2017-12-07]
CHR Profile: C:\Users\selohu\AppData\Local\Google\Chrome\User Data\System Profile [2018-01-27]
CHR Extension: (No Name) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\ahggfmgiidlaceichjfemgbaggnbaloe [2017-12-07]
CHR HKU\S-1-5-21-3897876760-2343832674-48544982-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [9236912 2018-01-03] (Emsisoft Ltd)
S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
S2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135488 2017-12-20] (SurfRight B.V.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-11-26] (Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-01-21] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-01-21] (Microsoft Corporation)
S2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
S2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AmUStor; C:\WINDOWS\system32\drivers\AmUStor.SYS [90560 2018-01-01] (Alcorlink Corp.)
R0 asstahci64; C:\WINDOWS\System32\drivers\asstahci64.sys [89960 2015-11-12] (Asmedia Technology)
S3 AVerA706_x64; C:\WINDOWS\system32\DRIVERS\AVerA706_x64.sys [1414528 2008-08-18] (AVerMedia TECHNOLOGIES, Inc.)
S3 AVerAF15DMBTH64; C:\WINDOWS\System32\Drivers\AVerAF15DMBTH64.sys [592256 2009-07-27] (AVerMedia TECHNOLOGIES, Inc.)
S3 AVerEth; C:\WINDOWS\System32\drivers\AVerEth64.sys [26624 2007-04-02] (AVerMedia TECHNOLOGIES, Inc.)
S1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
S1 epp; C:\EEK\BIN64\epp.sys [124552 2018-01-28] (Emsisoft Ltd)
S1 hwinterface; C:\Windows\SysWOW64\Drivers\hwinterface.sys [3026 2017-11-27] (Logix4u) [File not signed]
S3 kmloop; C:\WINDOWS\System32\drivers\loop.sys [16896 2017-09-29] (Microsoft Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2018-01-28] (Malwarebytes)
S3 MDA_NTDRV; C:\WINDOWS\system32\MDA_NTDRV.sys [21208 2013-02-25] ()
S3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5601d21ccd639df9\nvlddmkm.sys [17486096 2018-01-05] (NVIDIA Corporation)
S3 PortTalk; C:\Windows\SysWOW64\Drivers\PortTalk.sys [3567 2002-01-12] (Beyond Logic hxxp://www.beyondlogic.org) [File not signed]
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010648 2018-01-01] (Realtek )
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2017-10-10] (The OpenVPN Project) [File not signed]
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2018-01-27] ()
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [23040 2017-09-29] (Microsoft Corporation)
S3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [200832 2017-11-22] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [211704 2017-11-22] (Oracle Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [144632 2017-11-22] (Oracle Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-01-21] (Microsoft Corporation)
S0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2018-01-21] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-01-21] (Microsoft Corporation)
S1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2017-12-20] (Zemana Ltd.)
S1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-12-20] (Zemana Ltd.)
R0 ZVDiskProt; C:\WINDOWS\system32\DRIVERS\ZVDiskProt.sys [44336 2017-12-02] (ZitoVault)
U3 kwrdyaog; C:\Users\selohu\AppData\Local\Temp\kwrdyaog.sys [56584 2018-01-28] (GMER) [File not signed] <==== ATTENTION
S3 ALSysIO; \??\C:\Users\selohu\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
S3 cpuz143; \??\C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [X]
U4 npcap_wifi; no ImagePath
S1 yempsgrp; \??\C:\WINDOWS\system32\drivers\yempsgrp.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-01-28 16:06 - 2018-01-28 16:07 - 000000000 ____D C:\FRST
2018-01-28 15:34 - 2018-01-28 15:34 - 000000547 _____ C:\Users\selohu\Desktop\JRT.txt
2018-01-28 15:26 - 2018-01-28 15:26 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-01-28 14:18 - 2018-01-28 15:33 - 000001976 _____ C:\Users\selohu\Desktop\Rkill.txt
2018-01-28 08:32 - 2018-01-28 08:32 - 000000462 _____ C:\Users\selohu\Desktop\555.txt
2018-01-26 22:36 - 2018-01-26 22:36 - 000000000 ____D C:\Users\selohu\Desktop\KMSAuto.Net.2016.v1.5.3.Portable-Ratiborus
2018-01-26 22:35 - 2018-01-26 22:35 - 003474462 _____ C:\Users\selohu\Desktop\KMSAuto.Net.2016.v1.5.3.Portable-Ratiborus.rar
2018-01-26 22:14 - 2018-01-26 22:14 - 003800071 _____ (Alexandre Coelho ) C:\Users\selohu\Desktop\Windows_Repair_Toolbox_setup.exe
2018-01-26 19:52 - 2018-01-26 19:52 - 003451005 _____ C:\Users\selohu\Desktop\Activador Windows 10 NOVA MUNDO PC.rar
2018-01-25 18:47 - 2018-01-26 20:50 - 000000000 ____D C:\Users\selohu\Desktop\INFORMATICA
2018-01-25 18:42 - 2018-01-25 18:42 - 118977242 _____ C:\Users\selohu\Desktop\Organización y Arquitectura de Computadores  7ma Edicion  William Stallings.rar
2018-01-25 15:42 - 2018-01-25 19:18 - 000000193 _____ C:\WINDOWS\WORDPAD.INI
2018-01-25 13:57 - 2018-01-25 13:57 - 000000000 ____D C:\Users\selohu\AppData\LocalLow\Temp
2018-01-25 13:12 - 2018-01-25 13:37 - 000000000 ____D C:\ESD
2018-01-25 13:11 - 2018-01-25 13:11 - 000000000 ___HD C:\$Windows.~WS
2018-01-25 13:11 - 2018-01-25 13:11 - 000000000 ____D C:\$WINDOWS.~BT
2018-01-24 16:07 - 2018-01-24 16:07 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2018-01-24 16:07 - 2018-01-24 16:07 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2018-01-24 16:05 - 2018-01-27 15:53 - 000000000 ____D C:\ProgramData\AVAST Software
2018-01-20 16:26 - 2018-01-20 16:26 - 008206624 _____ (Malwarebytes) C:\Users\selohu\Desktop\adwcleaner_7.0.7.0.exe
2018-01-20 12:42 - 2018-01-20 12:50 - 000000000 ____D C:\Users\selohu\Desktop\Móvil LG
2018-01-18 20:07 - 2018-01-18 20:07 - 026907720 _____ (Adlice Software) C:\Users\selohu\Desktop\RogueKiller_portable64 (1).exe
2018-01-18 00:44 - 2018-01-28 15:26 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-01-18 00:44 - 2018-01-18 00:44 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-01-18 00:44 - 2018-01-18 00:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-01-18 00:44 - 2018-01-18 00:44 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-01-18 00:44 - 2018-01-18 00:44 - 000000000 ____D C:\Program Files\Malwarebytes
2018-01-18 00:44 - 2017-11-29 09:11 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2018-01-18 00:39 - 2018-01-18 00:40 - 000006960 _____ C:\TDSSKiller.3.1.0.12_18.01.2018_00.39.42_log.txt
2018-01-17 12:15 - 2018-01-28 13:21 - 000000000 ____D C:\Users\selohu\AppData\Local\Spotify
2018-01-17 12:15 - 2018-01-28 13:15 - 000000000 ____D C:\Users\selohu\AppData\Roaming\Spotify
2018-01-17 12:15 - 2018-01-17 12:15 - 000001841 _____ C:\Users\selohu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2018-01-15 18:05 - 2018-01-15 18:05 - 000000000 ____D C:\Users\selohu\AppData\Roaming\NVIDIA
2018-01-15 17:20 - 2018-01-15 17:20 - 000000000 ____D C:\Users\selohu\AppData\Local\NVIDIA Corporation
2018-01-15 17:11 - 2018-01-15 17:11 - 001478648 _____ (Simple IT Solutions, LLC) C:\Users\selohu\Desktop\NoBot.exe
2018-01-15 17:11 - 2018-01-15 17:11 - 000000000 ____D C:\NoBot
2018-01-15 16:02 - 2018-01-15 16:02 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-01-15 16:02 - 2018-01-15 16:02 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-01-15 16:02 - 2018-01-15 16:02 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-01-15 16:02 - 2018-01-15 16:02 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-01-15 16:02 - 2018-01-15 16:02 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-01-15 16:02 - 2018-01-15 16:02 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2018-01-15 16:02 - 2018-01-15 16:02 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-01-15 16:02 - 2018-01-04 02:44 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2018-01-15 16:02 - 2018-01-04 00:50 - 005951336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-01-15 16:02 - 2018-01-04 00:50 - 002588232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-01-15 16:02 - 2018-01-04 00:50 - 001768480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-01-15 16:02 - 2018-01-04 00:50 - 000631880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-01-15 16:02 - 2018-01-04 00:50 - 000450352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-01-15 16:02 - 2018-01-04 00:50 - 000123704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-01-15 16:02 - 2018-01-04 00:50 - 000081992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-01-15 16:02 - 2017-12-24 20:07 - 007928821 _____ C:\WINDOWS\system32\nvcoproc.bin
2018-01-15 16:02 - 2017-11-02 21:15 - 000928568 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-01-15 16:02 - 2017-11-02 21:15 - 000798520 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-01-15 16:02 - 2017-11-02 21:15 - 000490808 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-01-15 16:02 - 2017-11-02 21:14 - 000591672 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-01-15 16:01 - 2018-01-15 16:01 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2018-01-15 16:01 - 2018-01-04 02:44 - 000532792 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2018-01-15 16:01 - 2018-01-04 02:44 - 000438768 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2018-01-15 16:01 - 2018-01-04 01:33 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-01-15 15:58 - 2018-01-04 02:44 - 040269624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 035179080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 019796520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 016449872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 013430632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 012843496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 011015584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 010900432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 004580320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 004306736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 003893792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 003707888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 001975184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439065.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 001674544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439065.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 001325384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 001134952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 001125960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 001053768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 001043128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 000988656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 000938896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 000885680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 000795928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 000740336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 000635248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 000618928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 000616248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 000599536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 000506864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 000048282 _____ C:\WINDOWS\system32\nvinfo.pb
2018-01-15 15:58 - 2018-01-04 02:44 - 000045600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2018-01-15 15:54 - 2018-01-15 15:54 - 000000000 ____D C:\NVIDIA
2018-01-15 03:13 - 2018-01-28 15:25 - 000000000 ____D C:\Program Files\Emsisoft Anti-Malware
2018-01-15 03:13 - 2018-01-15 03:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2018-01-15 02:44 - 2018-01-15 02:44 - 000000000 ____D C:\ProgramData\Emsisoft
2018-01-14 17:00 - 2018-01-14 17:00 - 000688992 ____R (Swearware) C:\Users\selohu\Desktop\dds.scr
2018-01-13 20:04 - 2018-01-13 20:05 - 000002986 _____ C:\Users\selohu\Desktop\svchost.txt
2018-01-12 15:31 - 2018-01-12 15:31 - 000000000 ____D C:\zoek_backup
2018-01-12 01:47 - 2018-01-15 17:18 - 000000000 ____D C:\Users\selohu\AppData\Roaming\Slack
2018-01-12 01:47 - 2018-01-12 01:47 - 000000000 ____D C:\Users\selohu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies
2018-01-12 01:47 - 2018-01-12 01:47 - 000000000 ____D C:\Users\selohu\AppData\Local\slack
2018-01-12 00:01 - 2018-01-12 00:01 - 000000000 ____D C:\Users\selohu\AppData\Local\PackageManagement
2018-01-12 00:01 - 2018-01-12 00:01 - 000000000 ____D C:\Program Files (x86)\PackageManagement
2018-01-11 17:34 - 2018-01-28 15:25 - 080740352 _____ C:\WINDOWS\system32\config\SOFTWARE
2018-01-11 15:07 - 2018-01-11 15:07 - 000000033 _____ C:\Users\selohu\AppData\Roaming\AdobeWLCMCache.dat
2018-01-10 16:04 - 2018-01-26 22:15 - 000000811 _____ C:\Users\Public\Desktop\Windows Repair Toolbox.lnk
2018-01-09 15:18 - 2018-01-09 15:21 - 000000000 ____D C:\Users\selohu\Desktop\Tech tool store tools
2018-01-08 16:55 - 2018-01-08 16:55 - 000000282 __RSH C:\Users\selohu\ntuser.pol
2018-01-08 03:39 - 2018-01-08 03:39 - 000000000 ____D C:\Users\selohu\AppData\LocalLow\uTorrent
2018-01-08 03:37 - 2018-01-08 03:37 - 000000218 _____ C:\Users\selohu\AppData\Local\recently-used.xbel
2018-01-08 03:27 - 2018-01-08 03:27 - 000000000 ____D C:\Users\selohu\AppData\Local\gtk-3.0
2018-01-08 02:50 - 2018-01-08 02:52 - 000000000 ____D C:\Users\selohu\Desktop\WinDFT095
2018-01-08 02:49 - 2018-01-08 02:49 - 002380866 _____ C:\Users\selohu\Desktop\WinDFT095.zip
2018-01-08 01:12 - 2018-01-08 01:12 - 000000000 ____D C:\Users\selohu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z
2018-01-08 01:12 - 2018-01-08 01:12 - 000000000 ____D C:\Program Files (x86)\GPU-Z
2018-01-08 00:51 - 2018-01-08 00:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2018-01-08 00:51 - 2018-01-08 00:51 - 000000000 ____D C:\Program Files\Core Temp
2018-01-07 23:51 - 2018-01-07 23:52 - 000000000 ____D C:\Users\selohu\Desktop\escudos tercera
2018-01-07 00:36 - 2018-01-07 00:36 - 000000000 ____D C:\Program Files (x86)\ESET
2018-01-06 21:16 - 2018-01-06 21:17 - 000000000 ____D C:\ProgramData\WRData
2018-01-06 19:45 - 2018-01-06 19:55 - 000000000 ____D C:\Users\selohu\Desktop\mbar
2018-01-06 19:45 - 2018-01-06 19:55 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2018-01-06 19:35 - 2018-01-06 19:35 - 000421545 _____ C:\Users\selohu\Downloads\windows-error-lookup-tool-3-0-7-en-win.zip
2018-01-04 13:43 - 2018-01-04 13:43 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2018-01-04 13:08 - 2018-01-01 18:15 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-01-04 13:08 - 2018-01-01 13:54 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-01-04 13:08 - 2018-01-01 13:53 - 001090984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-01-04 13:08 - 2018-01-01 13:52 - 000066712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2018-01-04 13:08 - 2018-01-01 13:51 - 001414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-01-04 13:08 - 2018-01-01 13:51 - 001209240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-01-04 13:08 - 2018-01-01 13:51 - 001055128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-01-04 13:08 - 2018-01-01 13:51 - 000191816 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-01-04 13:08 - 2018-01-01 13:51 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
2018-01-04 13:08 - 2018-01-01 13:50 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-01-04 13:08 - 2018-01-01 13:50 - 000780464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-01-04 13:08 - 2018-01-01 13:50 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-01-04 13:08 - 2018-01-01 13:50 - 000077208 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-01-04 13:08 - 2018-01-01 13:49 - 008605080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-01-04 13:08 - 2018-01-01 13:49 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-01-04 13:08 - 2018-01-01 13:49 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-01-04 13:08 - 2018-01-01 13:49 - 000292376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2018-01-04 13:08 - 2018-01-01 13:48 - 007831760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-01-04 13:08 - 2018-01-01 13:48 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-01-04 13:08 - 2018-01-01 13:48 - 000382360 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-01-04 13:08 - 2018-01-01 13:47 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-01-04 13:08 - 2018-01-01 13:47 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-01-04 13:08 - 2018-01-01 13:46 - 002709704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-01-04 13:08 - 2018-01-01 13:46 - 000898216 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-01-04 13:08 - 2018-01-01 13:46 - 000733592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2018-01-04 13:08 - 2018-01-01 13:46 - 000471960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-01-04 13:08 - 2018-01-01 13:45 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-01-04 13:08 - 2018-01-01 13:45 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-01-04 13:08 - 2018-01-01 13:45 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-01-04 13:08 - 2018-01-01 13:43 - 001173576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-01-04 13:08 - 2018-01-01 13:43 - 000367336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-01-04 13:08 - 2018-01-01 13:43 - 000062872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2018-01-04 13:08 - 2018-01-01 13:42 - 001029016 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2018-01-04 13:08 - 2018-01-01 13:42 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-01-04 13:08 - 2018-01-01 13:42 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-01-04 13:08 - 2018-01-01 13:42 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2018-01-04 13:08 - 2018-01-01 13:42 - 000109976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-01-04 13:08 - 2018-01-01 13:41 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-01-04 13:08 - 2018-01-01 13:41 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-01-04 13:08 - 2018-01-01 13:41 - 000549552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2018-01-04 13:08 - 2018-01-01 13:40 - 001206680 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-01-04 13:08 - 2018-01-01 13:39 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-01-04 13:08 - 2018-01-01 13:39 - 000677784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-01-04 13:08 - 2018-01-01 13:39 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2018-01-04 13:08 - 2018-01-01 13:39 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-01-04 13:08 - 2018-01-01 13:39 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-01-04 13:08 - 2018-01-01 13:38 - 003904808 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-01-04 13:08 - 2018-01-01 13:38 - 000727448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-01-04 13:08 - 2018-01-01 13:38 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-01-04 13:08 - 2018-01-01 13:38 - 000103320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-01-04 13:08 - 2018-01-01 13:38 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys
2018-01-04 13:08 - 2018-01-01 13:37 - 001426664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-01-04 13:08 - 2018-01-01 13:37 - 000461720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2018-01-04 13:08 - 2018-01-01 13:36 - 000413888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-01-04 13:08 - 2018-01-01 13:36 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2018-01-04 13:08 - 2018-01-01 13:36 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2018-01-04 13:08 - 2018-01-01 13:36 - 000113560 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2018-01-04 13:08 - 2018-01-01 13:36 - 000057752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys
2018-01-04 13:08 - 2018-01-01 13:35 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-01-04 13:08 - 2018-01-01 13:35 - 000075160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-01-04 13:08 - 2018-01-01 13:34 - 007385088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-01-04 13:08 - 2018-01-01 13:34 - 001336344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-01-04 13:08 - 2018-01-01 13:34 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-01-04 13:08 - 2018-01-01 13:34 - 000087384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2018-01-04 13:08 - 2018-01-01 13:33 - 002773400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-01-04 13:08 - 2018-01-01 13:33 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-01-04 13:08 - 2018-01-01 13:32 - 004481240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-01-04 13:08 - 2018-01-01 13:32 - 000981400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\lxcore.sys
2018-01-04 13:08 - 2018-01-01 13:32 - 000617304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-01-04 13:08 - 2018-01-01 13:27 - 000713624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-01-04 13:08 - 2018-01-01 13:27 - 000163736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2018-01-04 13:08 - 2018-01-01 13:26 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-01-04 13:08 - 2018-01-01 13:26 - 000081304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2018-01-04 13:08 - 2018-01-01 13:25 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2018-01-04 13:08 - 2018-01-01 13:25 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2018-01-04 13:08 - 2018-01-01 13:23 - 021352144 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-01-04 13:08 - 2018-01-01 13:21 - 001103768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-01-04 13:08 - 2018-01-01 13:21 - 000614296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2018-01-04 13:08 - 2018-01-01 13:06 - 000311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-01-04 13:08 - 2018-01-01 13:03 - 000777904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-01-04 13:08 - 2018-01-01 13:03 - 000650328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-01-04 13:08 - 2018-01-01 13:03 - 000566664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-01-04 13:08 - 2018-01-01 13:03 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2018-01-04 13:08 - 2018-01-01 12:53 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-01-04 13:08 - 2018-01-01 12:49 - 000481464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-01-04 13:08 - 2018-01-01 12:49 - 000258808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2018-01-04 13:08 - 2018-01-01 12:46 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-01-04 13:08 - 2018-01-01 12:46 - 000289816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-01-04 13:08 - 2018-01-01 12:45 - 006092152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-01-04 13:08 - 2018-01-01 12:45 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-01-04 13:08 - 2018-01-01 12:45 - 002192624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-01-04 13:08 - 2018-01-01 12:45 - 000450928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2018-01-04 13:08 - 2018-01-01 12:43 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-01-04 13:08 - 2018-01-01 12:42 - 006479552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-01-04 13:08 - 2018-01-01 12:42 - 004644912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-01-04 13:08 - 2018-01-01 12:42 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-01-04 13:08 - 2018-01-01 12:42 - 001003152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-01-04 13:08 - 2018-01-01 12:42 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-01-04 13:08 - 2018-01-01 12:42 - 000386424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2018-01-04 13:08 - 2018-01-01 12:42 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-01-04 13:08 - 2018-01-01 12:42 - 000074992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2018-01-04 13:08 - 2018-01-01 12:37 - 025247232 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-01-04 13:08 - 2018-01-01 12:34 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-01-04 13:08 - 2018-01-01 12:25 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-01-04 13:08 - 2018-01-01 12:25 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-01-04 13:08 - 2018-01-01 12:25 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2018-01-04 13:08 - 2018-01-01 12:25 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-01-04 13:08 - 2018-01-01 12:25 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2018-01-04 13:08 - 2018-01-01 12:24 - 003668480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-01-04 13:08 - 2018-01-01 12:24 - 001677824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmswitch.sys
2018-01-04 13:08 - 2018-01-01 12:24 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboutSettingsHandlers.dll
2018-01-04 13:08 - 2018-01-01 12:24 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-01-04 13:08 - 2018-01-01 12:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-01-04 13:08 - 2018-01-01 12:24 - 000038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2018-01-04 13:08 - 2018-01-01 12:23 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-01-04 13:08 - 2018-01-01 12:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2018-01-04 13:08 - 2018-01-01 12:23 - 000536576 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-01-04 13:08 - 2018-01-01 12:23 - 000385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2018-01-04 13:08 - 2018-01-01 12:23 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-01-04 13:08 - 2018-01-01 12:23 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\convertvhd.exe
2018-01-04 13:08 - 2018-01-01 12:23 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmsif.dll
2018-01-04 13:08 - 2018-01-01 12:23 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-01-04 13:08 - 2018-01-01 12:23 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2018-01-04 13:08 - 2018-01-01 12:23 - 000047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2018-01-04 13:08 - 2018-01-01 12:22 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rfxvmt.dll
2018-01-04 13:08 - 2018-01-01 12:22 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2018-01-04 13:08 - 2018-01-01 12:22 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2018-01-04 13:08 - 2018-01-01 12:22 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll
2018-01-04 13:08 - 2018-01-01 12:21 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-01-04 13:08 - 2018-01-01 12:21 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2018-01-04 13:08 - 2018-01-01 12:21 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2018-01-04 13:08 - 2018-01-01 12:21 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2018-01-04 13:08 - 2018-01-01 12:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2018-01-04 13:08 - 2018-01-01 12:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspptp.sys
2018-01-04 13:08 - 2018-01-01 12:21 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2018-01-04 13:08 - 2018-01-01 12:21 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2018-01-04 13:08 - 2018-01-01 12:21 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2018-01-04 13:08 - 2018-01-01 12:20 - 019337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-01-04 13:08 - 2018-01-01 12:20 - 018917888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-01-04 13:08 - 2018-01-01 12:20 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-01-04 13:08 - 2018-01-01 12:20 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-01-04 13:08 - 2018-01-01 12:20 - 000397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2018-01-04 13:08 - 2018-01-01 12:20 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-01-04 13:08 - 2018-01-01 12:20 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-01-04 13:08 - 2018-01-01 12:20 - 000212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2018-01-04 13:08 - 2018-01-01 12:20 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-01-04 13:08 - 2018-01-01 12:20 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2018-01-04 13:08 - 2018-01-01 12:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2018-01-04 13:08 - 2018-01-01 12:20 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2018-01-04 13:08 - 2018-01-01 12:20 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2018-01-04 13:08 - 2018-01-01 12:20 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2018-01-04 13:08 - 2018-01-01 12:20 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll
2018-01-04 13:08 - 2018-01-01 12:20 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RfxVmt.sys
2018-01-04 13:08 - 2018-01-01 12:20 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2018-01-04 13:08 - 2018-01-01 12:19 - 008014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-01-04 13:08 - 2018-01-01 12:19 - 000795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalAuth.dll
2018-01-04 13:08 - 2018-01-01 12:19 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-01-04 13:08 - 2018-01-01 12:19 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2018-01-04 13:08 - 2018-01-01 12:19 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-01-04 13:08 - 2018-01-01 12:19 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2018-01-04 13:08 - 2018-01-01 12:19 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2018-01-04 13:08 - 2018-01-01 12:19 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-01-04 13:08 - 2018-01-01 12:19 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-01-04 13:08 - 2018-01-01 12:19 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-01-04 13:08 - 2018-01-01 12:19 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2018-01-04 13:08 - 2018-01-01 12:19 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-01-04 13:08 - 2018-01-01 12:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-01-04 13:08 - 2018-01-01 12:19 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2018-01-04 13:08 - 2018-01-01 12:19 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
2018-01-04 13:08 - 2018-01-01 12:19 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2018-01-04 13:08 - 2018-01-01 12:19 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2018-01-04 13:08 - 2018-01-01 12:19 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msoert2.dll
2018-01-04 13:08 - 2018-01-01 12:19 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-01-04 13:08 - 2018-01-01 12:19 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2018-01-04 13:08 - 2018-01-01 12:19 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2018-01-04 13:08 - 2018-01-01 12:19 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2018-01-04 13:08 - 2018-01-01 12:19 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2018-01-04 13:08 - 2018-01-01 12:17 - 011923968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-01-04 13:08 - 2018-01-01 12:17 - 006564864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-01-04 13:08 - 2018-01-01 12:17 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-01-04 13:08 - 2018-01-01 12:17 - 000791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-01-04 13:08 - 2018-01-01 12:17 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-01-04 13:08 - 2018-01-01 12:17 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2018-01-04 13:08 - 2018-01-01 12:17 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-01-04 13:08 - 2018-01-01 12:17 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-01-04 13:08 - 2018-01-01 12:17 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-01-04 13:08 - 2018-01-01 12:17 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2018-01-04 13:08 - 2018-01-01 12:17 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2018-01-04 13:08 - 2018-01-01 12:17 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2018-01-04 13:08 - 2018-01-01 12:17 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2018-01-04 13:08 - 2018-01-01 12:17 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2018-01-04 13:08 - 2018-01-01 12:17 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-01-04 13:08 - 2018-01-01 12:17 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msoert2.dll
2018-01-04 13:08 - 2018-01-01 12:16 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-01-04 13:08 - 2018-01-01 12:16 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-01-04 13:08 - 2018-01-01 12:16 - 003676672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-01-04 13:08 - 2018-01-01 12:16 - 000966656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2018-01-04 13:08 - 2018-01-01 12:16 - 000956928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-01-04 13:08 - 2018-01-01 12:16 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-01-04 13:08 - 2018-01-01 12:16 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-01-04 13:08 - 2018-01-01 12:16 - 000812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-01-04 13:08 - 2018-01-01 12:16 - 000720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-01-04 13:08 - 2018-01-01 12:16 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-01-04 13:08 - 2018-01-01 12:16 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-01-04 13:08 - 2018-01-01 12:16 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2018-01-04 13:08 - 2018-01-01 12:16 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-01-04 13:08 - 2018-01-01 12:16 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-01-04 13:08 - 2018-01-01 12:16 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2018-01-04 13:08 - 2018-01-01 12:16 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2018-01-04 13:08 - 2018-01-01 12:16 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-01-04 13:08 - 2018-01-01 12:16 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-01-04 13:08 - 2018-01-01 12:15 - 012687872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-01-04 13:08 - 2018-01-01 12:15 - 006029312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-01-04 13:08 - 2018-01-01 12:15 - 002349568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-01-04 13:08 - 2018-01-01 12:15 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-01-04 13:08 - 2018-01-01 12:15 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2018-01-04 13:08 - 2018-01-01 12:15 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-01-04 13:08 - 2018-01-01 12:15 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2018-01-04 13:08 - 2018-01-01 12:15 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-01-04 13:08 - 2018-01-01 12:15 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2018-01-04 13:08 - 2018-01-01 12:15 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2018-01-04 13:08 - 2018-01-01 12:15 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2018-01-04 13:08 - 2018-01-01 12:15 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2018-01-04 13:08 - 2018-01-01 12:14 - 023655936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-01-04 13:08 - 2018-01-01 12:14 - 002465280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-01-04 13:08 - 2018-01-01 12:14 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-01-04 13:08 - 2018-01-01 12:14 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-01-04 13:08 - 2018-01-01 12:14 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-01-04 13:08 - 2018-01-01 12:14 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-01-04 13:08 - 2018-01-01 12:14 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-01-04 13:08 - 2018-01-01 12:14 - 000870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-01-04 13:08 - 2018-01-01 12:13 - 013657600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-01-04 13:08 - 2018-01-01 12:13 - 012830208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-01-04 13:08 - 2018-01-01 12:13 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-01-04 13:08 - 2018-01-01 12:13 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-01-04 13:08 - 2018-01-01 12:13 - 002013184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-01-04 13:08 - 2018-01-01 12:13 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-01-04 13:08 - 2018-01-01 12:13 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-01-04 13:08 - 2018-01-01 12:13 - 000897024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-01-04 13:08 - 2018-01-01 12:12 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-01-04 13:08 - 2018-01-01 12:12 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-01-04 13:08 - 2018-01-01 12:12 - 001573376 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2018-01-04 13:08 - 2018-01-01 12:12 - 001547776 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-01-04 13:08 - 2018-01-01 12:12 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-01-04 13:08 - 2018-01-01 12:12 - 000760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2018-01-04 13:08 - 2018-01-01 12:12 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-01-04 13:08 - 2018-01-01 12:11 - 008108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-01-04 13:08 - 2018-01-01 12:11 - 004748288 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-01-04 13:08 - 2018-01-01 12:11 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-01-04 13:08 - 2018-01-01 12:11 - 003165696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-01-04 13:08 - 2018-01-01 12:11 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-01-04 13:08 - 2018-01-01 12:11 - 002082304 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-01-04 13:08 - 2018-01-01 12:11 - 001955328 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSvc.dll
2018-01-04 13:08 - 2018-01-01 12:11 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-01-04 13:08 - 2018-01-01 12:11 - 001816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-01-04 13:08 - 2018-01-01 12:11 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-01-04 13:08 - 2018-01-01 12:11 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2018-01-04 13:08 - 2018-01-01 12:11 - 001231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-01-04 13:08 - 2018-01-01 12:11 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-01-04 13:08 - 2018-01-01 12:11 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-01-04 13:08 - 2018-01-01 12:11 - 000715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-01-04 13:08 - 2018-01-01 12:10 - 003126272 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-01-04 13:08 - 2018-01-01 12:10 - 002528256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-01-04 13:08 - 2018-01-01 12:10 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscproxystub.dll
2018-01-04 13:08 - 2018-01-01 12:09 - 001487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-01-04 13:08 - 2018-01-01 12:09 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-01-04 13:08 - 2018-01-01 12:09 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-01-04 13:08 - 2018-01-01 12:09 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-01-04 13:08 - 2018-01-01 12:08 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-01-04 13:08 - 2018-01-01 12:08 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-01-04 13:08 - 2018-01-01 12:08 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-01-04 13:08 - 2018-01-01 12:08 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2018-01-04 13:08 - 2018-01-01 12:08 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-01-04 13:08 - 2018-01-01 12:06 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscproxystub.dll
2018-01-04 13:08 - 2018-01-01 12:05 - 002510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2018-01-04 13:08 - 2018-01-01 12:05 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2018-01-04 13:08 - 2018-01-01 12:05 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-01-02 14:40 - 2018-01-23 02:23 - 011381832 _____ C:\RogueKillerCMD64.exe
2018-01-01 03:44 - 2018-01-01 03:44 - 001083424 _____ C:\WINDOWS\system32\AmRdrIco.icl
2018-01-01 03:44 - 2018-01-01 03:44 - 001010648 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2018-01-01 03:44 - 2018-01-01 03:44 - 000090560 _____ (Alcorlink Corp.) C:\WINDOWS\system32\Drivers\AmUStor.sys
2018-01-01 03:44 - 2018-01-01 03:44 - 000018464 _____ (Alcorlink Corp.) C:\WINDOWS\system32\AmUStor2.dll
2018-01-01 03:44 - 2018-01-01 03:44 - 000005115 _____ C:\WINDOWS\system32\AmUStor.ini
2018-01-01 03:44 - 2018-01-01 03:44 - 000000124 _____ C:\WINDOWS\system32\VendorCmd6485_SetSSC.bin
2018-01-01 03:44 - 2018-01-01 03:44 - 000000032 _____ C:\WINDOWS\system32\VendorCmd6485.bin
2018-01-01 03:44 - 2018-01-01 03:44 - 000000008 _____ C:\WINDOWS\system32\CardDetect6485.bin
2018-01-01 03:43 - 2018-01-01 03:43 - 000000000 ____D C:\WINDOWS\IObit
2017-12-31 19:02 - 2017-12-31 19:02 - 000000000 ____D C:\2017-12-31_0001
2017-12-31 18:58 - 2017-12-31 18:58 - 000000000 ____D C:\2017-12-31
2017-12-31 18:01 - 2017-12-31 18:01 - 000003938 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2017-12-31 18:01 - 2017-12-31 18:01 - 000002872 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-12-31 18:01 - 2017-12-31 18:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-12-31 18:01 - 2017-12-31 18:01 - 000000000 ____D C:\Program Files\CCleaner
2017-12-31 06:46 - 2017-12-31 06:46 - 027668040 _____ (Adlice Software) C:\Users\selohu\Desktop\UCheck_portable64.exe
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-01-28 16:06 - 2017-12-11 01:08 - 000000000 ____D C:\EEK
2018-01-28 15:31 - 2017-09-30 18:26 - 000000000 ____D C:\AdwCleaner
2018-01-28 15:30 - 2017-10-19 19:22 - 011305560 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-01-28 15:30 - 2017-09-30 15:40 - 005861316 _____ C:\WINDOWS\system32\perfh00A.dat
2018-01-28 15:30 - 2017-09-30 15:40 - 001688026 _____ C:\WINDOWS\system32\perfc00A.dat
2018-01-28 15:27 - 2017-11-19 08:01 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2018-01-28 15:26 - 2017-11-21 13:39 - 000000000 ____D C:\Users\selohu\AppData\Local\ESET
2018-01-28 15:25 - 2017-12-20 23:49 - 000324622 _____ C:\WINDOWS\ZAM.krnl.trace
2018-01-28 15:25 - 2017-12-20 23:49 - 000298105 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2018-01-28 15:25 - 2017-12-06 02:29 - 000000068 __RSH C:\WINDOWS\system32\Drivers\WUDFPf.winsecurity
2018-01-28 15:25 - 2017-11-19 07:59 - 000000000 ____D C:\WINDOWS\pss
2018-01-28 15:25 - 2017-09-29 09:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-01-28 15:25 - 2017-09-27 20:00 - 000000000 ____D C:\ProgramData\NVIDIA
2018-01-28 15:20 - 2017-10-19 19:12 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-01-28 14:54 - 2017-12-06 02:29 - 000000068 __RSH C:\WINDOWS\system32\Drivers\xinputhid.winsecurity
2018-01-28 14:18 - 2017-10-19 19:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-01-28 13:18 - 2017-12-18 13:24 - 000000000 ____D C:\Users\selohu\AppData\Roaming\vlc
2018-01-27 18:06 - 2017-10-07 14:52 - 000000000 ____D C:\Users\selohu\.VirtualBox
2018-01-27 16:00 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-01-27 15:59 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-01-27 15:59 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-01-27 00:24 - 2017-11-11 20:19 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2018-01-26 22:15 - 2017-12-18 16:12 - 000000000 ____D C:\Windows_Repair_Toolbox
2018-01-26 22:15 - 2017-12-18 16:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Repair Toolbox
2018-01-26 22:15 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-01-25 18:28 - 2017-09-27 20:19 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-01-25 13:37 - 2017-12-09 01:22 - 000000000 ____D C:\WINDOWS\Panther
2018-01-25 12:39 - 2017-09-27 20:08 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-24 16:23 - 2017-09-30 18:15 - 000000000 ____D C:\FSTool
2018-01-23 15:47 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-01-21 20:51 - 2017-12-18 22:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-01-21 20:51 - 2017-12-18 22:35 - 000000000 ____D C:\Program Files (x86)\Java
2018-01-21 20:51 - 2017-12-07 01:23 - 000000000 ____D C:\ProgramData\Oracle
2018-01-21 20:50 - 2017-12-18 22:36 - 000097344 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2018-01-21 06:52 - 2017-10-19 19:13 - 000000000 ____D C:\Users\selohu
2018-01-18 18:05 - 2017-11-16 17:41 - 000000000 ___RD C:\Users\selohu\Creative Cloud Files
2018-01-18 18:05 - 2017-10-16 14:35 - 000000000 ____D C:\ProgramData\Package Cache
2018-01-18 18:04 - 2017-11-02 01:32 - 000000000 ____D C:\Users\selohu\AppData\Local\Adobe
2018-01-18 17:53 - 2017-11-19 07:38 - 000000000 ____D C:\Users\selohu\AppData\Local\NVIDIA
2018-01-18 02:23 - 2017-12-01 21:08 - 000000000 ____D C:\Users\selohu\AppData\Local\ElevatedDiagnostics
2018-01-16 15:58 - 2017-12-07 12:25 - 000000000 ____D C:\Users\selohu\Desktop\HLS
2018-01-16 03:11 - 2017-11-14 01:14 - 000000000 ____D C:\Users\selohu\AppData\Local\CrashDumps
2018-01-15 17:17 - 2017-09-28 09:34 - 000000000 ____D C:\ProgramData\TEMP
2018-01-15 16:02 - 2017-12-06 18:27 - 000000000 ____D C:\Temp
2018-01-15 16:02 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Help
2018-01-15 16:02 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-01-15 16:02 - 2017-09-27 20:00 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-01-15 16:02 - 2017-09-27 20:00 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-01-15 16:02 - 2017-09-27 20:00 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-01-12 01:47 - 2017-11-11 01:07 - 000000000 ____D C:\Users\selohu\AppData\Local\SquirrelTemp
2018-01-11 17:34 - 2017-10-26 00:57 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2018-01-11 15:07 - 2017-09-27 19:58 - 000000000 ____D C:\Users\selohu\AppData\Roaming\Adobe
2018-01-10 17:44 - 2017-11-27 16:52 - 000000000 ____D C:\ProgramData\RogueKillerPE
2018-01-10 16:44 - 2017-11-24 01:52 - 000000000 ____D C:\WINDOWS\Minidump
2018-01-10 13:05 - 2017-09-27 20:16 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-01-10 13:03 - 2017-10-10 19:17 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-01-10 13:03 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-01-10 13:03 - 2017-09-27 20:16 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-01-09 15:33 - 2017-12-18 16:23 - 000000000 ____D C:\Users\selohu\AppData\Local\NPE
2018-01-09 03:59 - 2017-12-18 17:00 - 000041800 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2018-01-08 03:44 - 2017-12-02 01:41 - 000000000 ____D C:\Users\selohu\AppData\Roaming\uTorrent
2018-01-08 03:43 - 2017-11-20 17:05 - 000005386 __RSH C:\ProgramData\ntuser.pol
2018-01-08 03:43 - 2017-03-18 22:03 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-01-08 03:37 - 2017-11-23 05:17 - 000000000 ____D C:\Users\selohu\AppData\Roaming\gsmartcontrol
2018-01-08 01:34 - 2017-12-18 17:01 - 000000000 ____D C:\ProgramData\Ultra Adware Killer
2018-01-06 15:42 - 2017-11-20 02:52 - 000000000 ____D C:\Users\selohu\Desktop\Data Recovery 2017-11-20 at 02.52.56
2018-01-06 02:57 - 2017-12-14 00:17 - 000000000 ____D C:\ProgramData\IObit
2018-01-06 00:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2018-01-04 13:44 - 2017-10-19 19:24 - 000000000 ___RD C:\Users\selohu\3D Objects
2018-01-04 13:44 - 2017-10-19 19:12 - 000326488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-01-04 13:44 - 2017-09-27 19:58 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-01-04 13:43 - 2017-10-21 01:09 - 000000000 ___SD C:\WINDOWS\system32\lxss
2018-01-04 13:43 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-01-04 13:43 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-01-04 13:43 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-01-04 13:43 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-01-04 13:43 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-01-04 13:43 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\migwiz
2018-01-04 13:43 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-01-04 13:43 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Provisioning
2018-01-04 13:43 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2018-01-04 13:43 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-01-04 13:10 - 2017-09-29 14:41 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-01-04 13:09 - 2017-09-29 14:41 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-01-04 13:09 - 2017-09-29 14:41 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-01-04 02:44 - 2017-10-09 10:14 - 001682288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2018-01-04 02:44 - 2017-10-09 10:14 - 000226760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2018-01-04 00:19 - 2017-12-14 00:17 - 000000000 ____D C:\Users\selohu\AppData\LocalLow\IObit
2018-01-03 02:43 - 2017-12-27 20:00 - 000000000 ____D C:\NPE
2018-01-02 14:43 - 2017-12-14 00:17 - 000000000 ____D C:\Users\selohu\AppData\Roaming\IObit
2018-01-02 14:42 - 2017-12-14 00:17 - 000000000 ____D C:\Program Files (x86)\IObit
2018-01-01 03:43 - 2017-12-14 00:17 - 000003138 _____ C:\WINDOWS\System32\Tasks\ASC_ASCTray_Auto
2017-12-31 19:05 - 2017-11-16 17:30 - 000000000 ___RD C:\Users\selohu\Documents\Scanned Documents
2017-12-30 13:56 - 2017-12-28 19:01 - 000000000 ____D C:\Users\selohu\AppData\Local\Avg
2017-12-29 20:22 - 2017-12-28 19:01 - 000000000 ____D C:\Users\selohu\AppData\Local\AvgSetupLog
2017-12-29 20:22 - 2017-09-29 09:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
 
==================== Files in the root of some directories =======
 
2017-12-16 16:36 - 2017-12-16 16:36 - 036374057 _____ () C:\Users\selohu\geth-windows-amd64-1.7.3-4bb3c89d.exe
2018-01-11 15:07 - 2018-01-11 15:07 - 000000033 _____ () C:\Users\selohu\AppData\Roaming\AdobeWLCMCache.dat
2017-12-19 00:25 - 2017-12-19 00:25 - 000000000 _____ () C:\Users\selohu\AppData\Roaming\gdfw.log
2017-12-19 00:25 - 2017-12-19 00:50 - 000001558 _____ () C:\Users\selohu\AppData\Roaming\gdscan.log
2017-10-21 12:27 - 2017-10-21 12:27 - 000000001 _____ () C:\Users\selohu\AppData\Local\llftool.4.40.agreement
2018-01-08 03:37 - 2018-01-08 03:37 - 000000218 _____ () C:\Users\selohu\AppData\Local\recently-used.xbel
2017-11-24 10:08 - 2017-12-18 13:37 - 000007598 _____ () C:\Users\selohu\AppData\Local\Resmon.ResmonCfg
2017-12-04 13:50 - 2017-12-04 13:50 - 000000000 _____ () C:\Users\selohu\AppData\Local\zenmap.exe.log
 
Some files in TEMP:
====================
2018-01-24 16:29 - 2018-01-01 13:48 - 001954048 _____ (Microsoft Corporation) C:\Users\selohu\AppData\Local\Temp\dllnt_dump.dll
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.01.2018
Ran by selohu (28-01-2018 16:07:31)
Running from E:\Herramientas
Windows 10 Pro Version 1709 16299.192 (X64) (2017-10-19 18:24:11)
Boot Mode: Safe Mode (with Networking)
==========================================================
 
 
==================== Accounts: =============================
 
Administrador (S-1-5-21-3897876760-2343832674-48544982-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3897876760-2343832674-48544982-503 - Limited - Disabled)
Invitado (S-1-5-21-3897876760-2343832674-48544982-501 - Limited - Disabled)
selohu (S-1-5-21-3897876760-2343832674-48544982-1001 - Administrator - Enabled) => C:\Users\selohu
SophosSAUDESKTOP-aaa (S-1-5-21-3897876760-2343832674-48544982-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-3897876760-2343832674-48544982-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Illustrator CC 2018 (HKLM-x32\...\ILST_22_0_1) (Version: 22.0.1 - Adobe Systems Incorporated)
Adobe InDesign CC 2018 (HKLM-x32\...\IDSN_13_0) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_0_1) (Version: 19.0.1 - Adobe Systems Incorporated)
Alcatel PC Suite V7.0.56 (HKLM-x32\...\{93DB-0E9758B0D131_PCS_Alcatel_Union}_is1) (Version:  - Singularity Software Co., Ltd.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{DF6C3726-7E53-4772-9763-E9F147769F51}) (Version: 3.1.9.0000 - Asmedia Technology)
AVerMedia A706 PCI Pure DVB-S 3.6.64.2 (HKLM-x32\...\AVerMedia A706 PCI Pure DVB-S) (Version: 3.6.64.2 - AVerMedia TECHNOLOGIES, Inc.)
BlueJ (HKLM-x32\...\{92FD2477-5855-4863-B4C1-405C7853FD9F}) (Version: 4.1.2 - BlueJ Team)
CCleaner (HKLM\...\CCleaner) (Version: 5.38 - Piriform)
Core Temp 1.11 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.11 - ALCPU)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 390.65 - NVIDIA Corporation) Hidden
DVBViewer Pro (HKLM-x32\...\DVBViewer Pro_is1) (Version: 6.0.4 - CM&V)
Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 2017.12 - Emsisoft Ltd.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Flash Drive Tester v1.14 (HKLM-x32\...\{272C8DEE-F54F-406C-9AA6-B4DE2985A47C}) (Version: 1.14 - Virtual Console)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.119 - Google Inc.)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.20.286 - SurfRight B.V.)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
LAV Filters 0.70.2 (HKLM-x32\...\lavfilters_is1) (Version: 0.70.2 - Hendrik Leppkes)
MalvaStyle Disk Repair (HKLM-x32\...\{413953AB-0C2F-43B6-96F3-133F743193FA}) (Version: 3.0.4 - CJSecure Pty Ltd)
Malwarebytes versión 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
MaxDataGenius version r13203 (HKLM-x32\...\{142E5DCC-68B5-4E51-9396-C8D00C5C757D}_is1) (Version: r13203 - Grau GmbH Hardware & Software Solutions)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.1 - Mozilla)
NVIDIA Controlador de audio HD 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 390.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 390.65 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Oracle VM VirtualBox 5.2.2 (HKLM\...\{9F5D10F9-A372-4B1E-BEB3-001B47E0C325}) (Version: 5.2.2 - Oracle Corporation)
Panel de control de NVIDIA 390.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 390.65 - NVIDIA Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.23.1003.2017 - Realtek)
Revo Uninstaller Pro 3.1.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.8 - VS Revo Group, Ltd.)
SeaTools for Windows 1.4.0.6 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.6 - Seagate Technology)
Security Task Manager 2.1k (HKLM-x32\...\Security Task Manager) (Version: 2.1k - Neuber Software)
Slack (HKU\S-1-5-21-3897876760-2343832674-48544982-1001\...\slack) (Version: 3.0.3 - Slack Technologies)
Sophos Diagnostic Utility (HKLM-x32\...\{4627F5A1-E85A-4394-9DB3-875DF83AF6C2}) (Version: 1.15.0.7 - Sophos Limited) Hidden
Sophos Home (HKLM-x32\...\{646A3744-5295-487E-9246-47D35FA535FC}) (Version: 2.1.101 - Sophos Limited) Hidden
Sophos System Protection (HKLM\...\{934BEF80-B9D1-4A86-8B42-D8A6716A8D27}) (Version: 2.6.0.71 - Sophos Limited) Hidden
Spotify (HKU\S-1-5-21-3897876760-2343832674-48544982-1001\...\Spotify) (Version: 1.0.72.117.g6bd7cc73 - Spotify AB)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
UsbFix (HKLM-x32\...\Usbfix) (Version: 9.001 - www.SOSVirus.Net)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
WebChimera Plugin (HKLM-x32\...\{02473882-D054-471F-A513-C03D867718B9}) (Version: 0.2.9 - Sergey Radionov)
Windows Repair Toolbox version 2.0.0.9 (HKLM-x32\...\{A8D7DA31-9E70-437D-97C4-C4887752E029}_is1) (Version: 2.0.0.9 - Alexandre Coelho)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3897876760-2343832674-48544982-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-01-04] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-01-04] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-01-04] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [VirtualExpanderFile.1] -> {E4000AC4-5E5F-4956-807A-C5854405D64F} =>  -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-01-04] ()
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> [CC]{A6595CD1-BF77-430A-A452-18696685F7C7} =>  -> No File
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers1: [IObitUnstaler] -> [CC]{B19ED566-D419-470b-B111-3C89040BC027} =>  -> No File
ContextMenuHandlers1: [SophosHomeShellExt] -> [CC]{2FE0F6D6-426A-4728-B435-7CF2FE926449} =>  -> No File
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} =>  -> No File
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> No File
ContextMenuHandlers2-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU.DLL [2015-10-21] (Emsisoft Ltd)
ContextMenuHandlers2-x32: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU64.DLL [2015-10-21] (Emsisoft Ltd)
ContextMenuHandlers2-x32: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers2-x32: [SophosHomeShellExt] -> [CC]{2FE0F6D6-426A-4728-B435-7CF2FE926449} =>  -> No File
ContextMenuHandlers3-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU.DLL [2015-10-21] (Emsisoft Ltd)
ContextMenuHandlers3-x32: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU64.DLL [2015-10-21] (Emsisoft Ltd)
ContextMenuHandlers3-x32: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers4: [IObitUnstaler] -> [CC]{B19ED566-D419-470b-B111-3C89040BC027} =>  -> No File
ContextMenuHandlers4: [SophosHomeShellExt] -> [CC]{2FE0F6D6-426A-4728-B435-7CF2FE926449} =>  -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-01-04] (NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-01-04] ()
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> [CC]{A6595CD1-BF77-430A-A452-18696685F7C7} =>  -> No File
ContextMenuHandlers6-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU.DLL [2015-10-21] (Emsisoft Ltd)
ContextMenuHandlers6-x32: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU64.DLL [2015-10-21] (Emsisoft Ltd)
ContextMenuHandlers6-x32: [IObitUnstaler] -> [CC]{B19ED566-D419-470b-B111-3C89040BC027} =>  -> No File
ContextMenuHandlers6-x32: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6-x32: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2016-12-15] (VS Revo Group)
ContextMenuHandlers6-x32: [SophosHomeShellExt] -> [CC]{2FE0F6D6-426A-4728-B435-7CF2FE926449} =>  -> No File
ContextMenuHandlers6-x32: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} =>  -> No File
ContextMenuHandlers6-x32: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> No File
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {1151D801-E712-4DE4-BB3B-F32E8AF4A7A1} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-04] (NVIDIA Corporation)
Task: {2502B5B2-CE31-454F-BAD6-18FB22E75F9C} - \indexer -> No File <==== ATTENTION
Task: {2AF10A78-472D-4C18-8E30-F4317B6F31D7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {3458859E-EA8F-4B0E-B3F2-AF769F2E3E21} - \Driver Booster SkipUAC (selohu) -> No File <==== ATTENTION
Task: {3CBC5641-B80C-420F-BC55-E24A68973AEE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-21] (Microsoft Corporation)
Task: {43CF644F-32FE-44D9-A68D-B271F3ED043C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-12-13] (Piriform Ltd)
Task: {4D3D28CF-8BCF-43C2-96CC-10EA5700AF09} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-04] (NVIDIA Corporation)
Task: {589F6B00-9689-437B-B456-D69D87F4030C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-21] (Microsoft Corporation)
Task: {78A25E9A-8D31-41D3-8CCB-A7EA70D2151A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-27] (Google Inc.)
Task: {82E02226-FB84-4382-AC12-7232321A1C5E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-21] (Microsoft Corporation)
Task: {931C60E9-F03A-4F68-9693-D3DDA137FA9E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-21] (Microsoft Corporation)
Task: {A3A61661-7C56-4B02-8802-2A01B8F4619D} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-04] (NVIDIA Corporation)
Task: {B2F2D18E-06B2-4C5E-B25D-F0FAD95532FC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-27] (Google Inc.)
Task: {BF864EA1-3CA9-4FEF-B85A-7BCDB081A414} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-04] (NVIDIA Corporation)
Task: {C75A5EB5-6695-4599-9364-F84CF15DBD33} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-12-13] (Piriform Ltd)
Task: {D77598EB-D962-48CB-8C0F-C05CE97B36E6} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-01-04] (NVIDIA Corporation)
Task: {E7299710-BB0B-47B4-92A8-F794D72D2D2E} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\RadeonInstaller.exe [2017-08-09] (Advanced Micro Devices, Inc.)
Task: {F5C2418B-DCBC-4BF8-ABE5-4033D2AE3206} - System32\Tasks\ASC_ASCTray_Auto => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
ShortcutWithArgument: C:\Users\selohu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Chrome Apps & Extensions Developer Tool (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=ohmmkhmmmpcnpikjeljgnaoabkaalbgc
ShortcutWithArgument: C:\Users\selohu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Chrome Connectivity Diagnostics (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=eemlkeanncmjljgehlbplemhmdmalhdc
ShortcutWithArgument: C:\Users\selohu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Chrome Dev Editor (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=pnoffddplpippgcfjdhbmhkofpnaalpg
ShortcutWithArgument: C:\Users\selohu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio Remoto de Chrome (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\selohu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio Remoto de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  
ShortcutWithArgument: C:\Users\selohu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Reproductor H.265 _ HEVC (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=dambgipgbnhmnkdolkljibpcbocimnpd
ShortcutWithArgument: C:\Users\selohu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Responsive Website Tester for Google Chrome™! (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=eopndgnmfpbhfamlgcfcfedcabbfnkhn
 
==================== Loaded Modules (Whitelisted) ==============
 
2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-01-18 00:44 - 2017-11-29 09:11 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-01-04 09:04 - 2018-01-04 09:04 - 000649672 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2018-01-10 17:44 - 2018-01-10 17:44 - 000087040 _____ () C:\ProgramData\RogueKillerPE\RogueKillerPE.shell.dll
2017-12-02 05:26 - 2017-11-26 13:23 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-02 05:26 - 2017-11-26 13:01 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Windows:CM_36faabd924501fcd2f743302621d89eb425ec11f74fef19a5e0fe69c3f0b5201 [74]
AlternateDataStreams: C:\Windows:CM_e0501b65315a77c6cde279a3a8d62a1a6c48bf2c2e353a3654218165115f1673 [74]
AlternateDataStreams: C:\ProgramData\TEMP:1AAB2E68 [175]
AlternateDataStreams: C:\ProgramData\TEMP:960C67A0 [129]
AlternateDataStreams: C:\ProgramData\TEMP:B755D674 [134]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\04090460.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\08012019.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\21087998.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\38403584.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\57090422.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\57208340.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\57940326.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\58668800.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\73630377.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\73762694.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\80590716.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\04090460.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\08012019.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\21087998.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\38403584.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\57090422.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\57208340.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\57940326.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\58668800.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\73630377.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\73762694.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\80590716.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR501 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR501.SYS => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR520 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR520.SYS => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SntpService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VipreEdgeProtection => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WebExaminer => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2017-03-18 22:03 - 2017-12-19 16:59 - 000000855 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
127.0.0.1       localhost
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3897876760-2343832674-48544982-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 80.58.61.250 - 80.58.61.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKU\S-1-5-21-3897876760-2343832674-48544982-1001\...\StartupApproved\StartupFolder: => "VirtualExpander.lnk"
HKU\S-1-5-21-3897876760-2343832674-48544982-1001\...\StartupApproved\Run: => "eMuleAutoStart"
HKU\S-1-5-21-3897876760-2343832674-48544982-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-3897876760-2343832674-48544982-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-3897876760-2343832674-48544982-1001\...\StartupApproved\Run: => "McAfeeSafeConnect"
HKU\S-1-5-21-3897876760-2343832674-48544982-1001\...\StartupApproved\Run: => "ycAutoLaunch_881CF723623E921DE1EB79ACB2125D0A"
HKU\S-1-5-21-3897876760-2343832674-48544982-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [TCP Query User{766434D6-AB99-48D4-8828-0AA02271ED26}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{AD62E904-C27B-4E18-9371-C876AC6741AC}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{5AE68723-50C1-4A3B-899B-6183E0AB13C5}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{0C759C88-8153-4ACC-B3D7-D85EE254F536}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [TCP Query User{B014DBCC-9247-4E6E-99B3-E7378DEF7B81}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{A29AB69F-7531-4F8A-B340-10ADE0BD7B7A}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{D243C193-68B7-4661-8FA4-4F525C33BE62}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{8F794E40-3955-4178-9513-A39CFC28AAFC}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [TCP Query User{7C4160FC-91F1-4711-AE25-7334A305E697}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{23D4BD1E-C7F7-4C16-A358-109DF11EE098}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{58182362-379E-45A5-B35B-0F4E242E9FB0}C:\users\selohu\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\selohu\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{A571F3B1-BC5F-499A-9997-E2A16BFE0551}C:\users\selohu\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\selohu\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{38EFD6F2-5413-4634-A165-26ECF47544E5}] => (Allow) C:\Users\selohu\Desktop\Tech tool store tools\TechToolStore64.exe
FirewallRules: [{DB9B293A-0832-428C-86BD-7CDCF19D7549}] => (Allow) C:\Users\selohu\Desktop\Tech tool store tools\TechToolStore64.exe
FirewallRules: [{1B85D785-6260-4ED4-A8AD-39BF40481465}] => (Allow) C:\Users\selohu\Desktop\Tech tool store tools\TechToolStore64.exe
FirewallRules: [TCP Query User{AAA6C486-5492-4041-828E-4156E81FD7BF}C:\users\selohu\desktop\scanrat multi-tools\scanrat final.exe] => (Allow) C:\users\selohu\desktop\scanrat multi-tools\scanrat final.exe
FirewallRules: [UDP Query User{4D705FC1-FD58-45EE-A07B-B552238FC4E8}C:\users\selohu\desktop\scanrat multi-tools\scanrat final.exe] => (Allow) C:\users\selohu\desktop\scanrat multi-tools\scanrat final.exe
FirewallRules: [TCP Query User{4A2FC814-4F04-43E2-A844-B87A72FC79DA}C:\users\selohu\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\selohu\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{A08C35CE-2494-4002-8D01-1DC551F869C1}C:\users\selohu\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\selohu\appdata\roaming\spotify\spotify.exe
FirewallRules: [{07E238D2-5A59-4853-839F-1624D8E38432}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
20-01-2018 16:23:06 JRT Pre-Junkware Removal
23-01-2018 02:19:12 JRT Pre-Junkware Removal
25-01-2018 12:31:43 Revo Uninstaller Pro's restore point - Avast Free Antivirus
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/28/2018 03:33:48 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: No se pudo crear el punto de restauración (proceso = C:\Users\selohu\AppData\Local\Temp\jrt\CreateRestorePoint.exe  "JRT Pre-Junkware Removal"; descripción = JRT Pre-Junkware Removal; error = 0x8007043c).
 
Error: (01/25/2018 12:31:43 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.
.
A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.
 
 
Operación:
   Recopilando datos del escritor
 
Contexto:
   Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}
   Nombre del escritor: System Writer
   Id. de instancia del escritor: {b01e609b-4d03-4365-bbb0-668a7fd3256b}
 
Error: (01/24/2018 05:30:36 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files\AVAST Software\Avast\setup\iplugins\IStats.dll".
No se encontró el ensamblado dependiente Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1".
Use sxstrace.exe para obtener un diagnóstico detallado.
 
Error: (01/24/2018 04:17:50 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: No se pudo crear el punto de restauración (proceso = C:\Users\selohu\AppData\Local\Temp\jrt\CreateRestorePoint.exe  "JRT Pre-Junkware Removal"; descripción = JRT Pre-Junkware Removal; error = 0x8007043c).
 
Error: (01/24/2018 04:07:26 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files\AVAST Software\Avast\setup\iplugins\IStats.dll".
No se encontró el ensamblado dependiente Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1".
Use sxstrace.exe para obtener un diagnóstico detallado.
 
Error: (01/18/2018 08:45:32 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
 
Error: (01/18/2018 07:37:19 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: No se pudo crear el punto de restauración (proceso = C:\Users\selohu\AppData\Local\Temp\jrt\CreateRestorePoint.exe  "JRT Pre-Junkware Removal"; descripción = JRT Pre-Junkware Removal; error = 0x8007043c).
 
Error: (01/17/2018 11:33:40 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Error del procedimiento de apertura para el servicio "WmiApRpl" en el archivo DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll". Los datos de rendimiento para este servicio no estarán disponibles. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error.
 
Error: (01/17/2018 11:33:40 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.
 
Error: (01/17/2018 11:33:40 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Error del procedimiento de apertura para el servicio "MSDTC" en el archivo DLL "C:\WINDOWS\system32\msdtcuiu.DLL". Los datos de rendimiento para este servicio no estarán disponibles. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error.
 
 
System errors:
=============
Error: (01/28/2018 04:07:39 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Error de DCOM "1084" al intentar iniciar el servicio EventSystem con argumentos "No disponible" para ejecutar el servidor:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
 
Error: (01/28/2018 03:36:17 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Error de DCOM "1084" al intentar iniciar el servicio UsoSvc con argumentos "No disponible" para ejecutar el servidor:
{B91D5831-B1BD-4608-8198-D72E155020F7}
 
Error: (01/28/2018 03:33:52 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8EJOT4I)
Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor:
{E48EDA45-43C6-48E0-9323-A7B2067D9CD5}
 
Error: (01/28/2018 03:33:52 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8EJOT4I)
Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor:
{E48EDA45-43C6-48E0-9323-A7B2067D9CD5}
 
Error: (01/28/2018 03:33:52 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8EJOT4I)
Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor:
{E48EDA45-43C6-48E0-9323-A7B2067D9CD5}
 
Error: (01/28/2018 03:33:52 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8EJOT4I)
Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor:
{E48EDA45-43C6-48E0-9323-A7B2067D9CD5}
 
Error: (01/28/2018 03:33:52 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8EJOT4I)
Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor:
{E48EDA45-43C6-48E0-9323-A7B2067D9CD5}
 
Error: (01/28/2018 03:33:52 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8EJOT4I)
Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor:
{E48EDA45-43C6-48E0-9323-A7B2067D9CD5}
 
Error: (01/28/2018 03:33:52 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8EJOT4I)
Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor:
{E48EDA45-43C6-48E0-9323-A7B2067D9CD5}
 
Error: (01/28/2018 03:33:51 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8EJOT4I)
Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor:
{E48EDA45-43C6-48E0-9323-A7B2067D9CD5}
 
 
CodeIntegrity:
===================================
  Date: 2018-01-28 15:19:36.243
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-01-28 14:20:51.463
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-01-28 14:20:47.803
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-01-28 14:20:17.567
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-01-28 14:20:09.372
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-01-28 14:19:43.624
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-01-28 14:19:38.922
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-01-28 13:28:41.424
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-01-28 13:28:29.734
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-01-28 13:27:20.039
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: AMD FX™-4300 Quad-Core Processor 
Percentage of memory in use: 18%
Total physical RAM: 7927.11 MB
Available physical RAM: 6473.81 MB
Total Virtual: 8439.11 MB
Available Virtual: 7218.71 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:111.3 GB) (Free:31.42 GB) NTFS
Drive d: () (Fixed) (Total:465.76 GB) (Free:167.15 GB) NTFS
Drive e: () (Fixed) (Total:698.63 GB) (Free:452.24 GB) NTFS
Drive f: () (Fixed) (Total:149.05 GB) (Free:33.73 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 217A6D10)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 98AE06FD)
Partition 1: (Not Active) - (Size=698.6 GB) - (Type=06)
 
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: BF58B7E9)
Partition 1: (Not Active) - (Size=149 GB) - (Type=42)
 
========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 0F4252D3)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================
 
 
safeboot: Network => The system is configured to boot to Safe Mode <==== ATTENTION
 
LastRegBack: 2018-01-21 19:05
 
==================== End of FRST.txt ============================

Edited by hamluis, 28 January 2018 - 11:35 AM.


BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,617 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:07 PM

Posted 31 January 2018 - 04:31 PM

Greetings selohu and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far.

I would like to get the FRST reports in English so that it is easier for me to review. Please right click on the FRST icon, select Rename, and rename it to FRSTenglish or FRST64english depending on which version you are using. Be sure to copy and paste both documents in your reply using multiple posts if necessary.

Please describe any issues you are having with your computer.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 selohu

selohu
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:07 AM

Posted 31 January 2018 - 07:04 PM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.01.2018
Ran by selohu (01-02-2018 00:59:54)
Running from C:\Users\selohu\Desktop
Windows 10 Pro Version 1709 16299.192 (X64) (2017-10-19 18:24:11)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrador (S-1-5-21-3897876760-2343832674-48544982-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3897876760-2343832674-48544982-503 - Limited - Disabled)
Invitado (S-1-5-21-3897876760-2343832674-48544982-501 - Limited - Disabled)
selohu (S-1-5-21-3897876760-2343832674-48544982-1001 - Administrator - Enabled) => C:\Users\selohu
SophosSAUDESKTOP-aaa (S-1-5-21-3897876760-2343832674-48544982-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-3897876760-2343832674-48544982-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Illustrator CC 2018 (HKLM-x32\...\ILST_22_0_1) (Version: 22.0.1 - Adobe Systems Incorporated)
Adobe InDesign CC 2018 (HKLM-x32\...\IDSN_13_0) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_0_1) (Version: 19.0.1 - Adobe Systems Incorporated)
Alcatel PC Suite V7.0.56 (HKLM-x32\...\{93DB-0E9758B0D131_PCS_Alcatel_Union}_is1) (Version:  - Singularity Software Co., Ltd.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{DF6C3726-7E53-4772-9763-E9F147769F51}) (Version: 3.1.9.0000 - Asmedia Technology)
AVerMedia A706 PCI Pure DVB-S 3.6.64.2 (HKLM-x32\...\AVerMedia A706 PCI Pure DVB-S) (Version: 3.6.64.2 - AVerMedia TECHNOLOGIES, Inc.)
BlueJ (HKLM-x32\...\{92FD2477-5855-4863-B4C1-405C7853FD9F}) (Version: 4.1.2 - BlueJ Team)
CCleaner (HKLM\...\CCleaner) (Version: 5.39 - Piriform)
Core Temp 1.11 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.11 - ALCPU)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 390.65 - NVIDIA Corporation) Hidden
DVBViewer Pro (HKLM-x32\...\DVBViewer Pro_is1) (Version: 6.0.4 - CM&V)
Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 2017.12 - Emsisoft Ltd.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Flash Drive Tester v1.14 (HKLM-x32\...\{272C8DEE-F54F-406C-9AA6-B4DE2985A47C}) (Version: 1.14 - Virtual Console)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.119 - Google Inc.)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.20.286 - SurfRight B.V.)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
LAV Filters 0.70.2 (HKLM-x32\...\lavfilters_is1) (Version: 0.70.2 - Hendrik Leppkes)
MalvaStyle Disk Repair (HKLM-x32\...\{413953AB-0C2F-43B6-96F3-133F743193FA}) (Version: 3.0.4 - CJSecure Pty Ltd)
Malwarebytes versión 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
MaxDataGenius version r13203 (HKLM-x32\...\{142E5DCC-68B5-4E51-9396-C8D00C5C757D}_is1) (Version: r13203 - Grau GmbH Hardware & Software Solutions)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.1 - Mozilla)
NVIDIA Controlador de audio HD 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 390.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 390.65 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Oracle VM VirtualBox 5.2.6 (HKLM\...\{EA9602E3-0184-45B9-9E15-028776CD7A6E}) (Version: 5.2.6 - Oracle Corporation)
Panel de control de NVIDIA 390.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 390.65 - NVIDIA Corporation) Hidden
Plumbytes Anti-Malware 2018 (HKLM\...\Plumbytes Anti-Malware 2018) (Version:  - Plumbytes Software)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.23.1003.2017 - Realtek)
Revo Uninstaller Pro 3.1.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.8 - VS Revo Group, Ltd.)
SeaTools for Windows 1.4.0.6 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.6 - Seagate Technology)
Security Task Manager 2.1k (HKLM-x32\...\Security Task Manager) (Version: 2.1k - Neuber Software)
Sophos Diagnostic Utility (HKLM-x32\...\{4627F5A1-E85A-4394-9DB3-875DF83AF6C2}) (Version: 1.15.0.7 - Sophos Limited) Hidden
Sophos Home (HKLM-x32\...\{646A3744-5295-487E-9246-47D35FA535FC}) (Version: 2.1.101 - Sophos Limited) Hidden
Sophos System Protection (HKLM\...\{934BEF80-B9D1-4A86-8B42-D8A6716A8D27}) (Version: 2.6.0.71 - Sophos Limited) Hidden
Spotify (HKU\S-1-5-21-3897876760-2343832674-48544982-1001\...\Spotify) (Version: 1.0.72.117.g6bd7cc73 - Spotify AB)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
UsbFix (HKLM-x32\...\Usbfix) (Version: 9.001 - www.SOSVirus.Net)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
WebChimera Plugin (HKLM-x32\...\{02473882-D054-471F-A513-C03D867718B9}) (Version: 0.2.9 - Sergey Radionov)
Windows Repair Toolbox version 2.0.0.9 (HKLM-x32\...\{A8D7DA31-9E70-437D-97C4-C4887752E029}_is1) (Version: 2.0.0.9 - Alexandre Coelho)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3897876760-2343832674-48544982-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-01-04] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-01-04] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-01-04] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [VirtualExpanderFile.1] -> {E4000AC4-5E5F-4956-807A-C5854405D64F} =>  -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-01-04] ()
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> [CC]{A6595CD1-BF77-430A-A452-18696685F7C7} =>  -> No File
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers1: [IObitUnstaler] -> [CC]{B19ED566-D419-470b-B111-3C89040BC027} =>  -> No File
ContextMenuHandlers1: [SophosHomeShellExt] -> [CC]{2FE0F6D6-426A-4728-B435-7CF2FE926449} =>  -> No File
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} =>  -> No File
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> No File
ContextMenuHandlers2-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU.DLL [2015-10-21] (Emsisoft Ltd)
ContextMenuHandlers2-x32: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU64.DLL [2015-10-21] (Emsisoft Ltd)
ContextMenuHandlers2-x32: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers2-x32: [SophosHomeShellExt] -> [CC]{2FE0F6D6-426A-4728-B435-7CF2FE926449} =>  -> No File
ContextMenuHandlers3-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU.DLL [2015-10-21] (Emsisoft Ltd)
ContextMenuHandlers3-x32: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU64.DLL [2015-10-21] (Emsisoft Ltd)
ContextMenuHandlers3-x32: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers4: [IObitUnstaler] -> [CC]{B19ED566-D419-470b-B111-3C89040BC027} =>  -> No File
ContextMenuHandlers4: [SophosHomeShellExt] -> [CC]{2FE0F6D6-426A-4728-B435-7CF2FE926449} =>  -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-01-04] (NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-01-04] ()
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> [CC]{A6595CD1-BF77-430A-A452-18696685F7C7} =>  -> No File
ContextMenuHandlers6-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU.DLL [2015-10-21] (Emsisoft Ltd)
ContextMenuHandlers6-x32: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU64.DLL [2015-10-21] (Emsisoft Ltd)
ContextMenuHandlers6-x32: [IObitUnstaler] -> [CC]{B19ED566-D419-470b-B111-3C89040BC027} =>  -> No File
ContextMenuHandlers6-x32: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6-x32: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2016-12-15] (VS Revo Group)
ContextMenuHandlers6-x32: [SophosHomeShellExt] -> [CC]{2FE0F6D6-426A-4728-B435-7CF2FE926449} =>  -> No File
ContextMenuHandlers6-x32: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} =>  -> No File
ContextMenuHandlers6-x32: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> No File
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {2502B5B2-CE31-454F-BAD6-18FB22E75F9C} - \indexer -> No File <==== ATTENTION
Task: {2AF10A78-472D-4C18-8E30-F4317B6F31D7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {3458859E-EA8F-4B0E-B3F2-AF769F2E3E21} - \Driver Booster SkipUAC (selohu) -> No File <==== ATTENTION
Task: {3CBC5641-B80C-420F-BC55-E24A68973AEE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-21] (Microsoft Corporation)
Task: {43CF644F-32FE-44D9-A68D-B271F3ED043C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-01-09] (Piriform Ltd)
Task: {4D3D28CF-8BCF-43C2-96CC-10EA5700AF09} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-04] (NVIDIA Corporation)
Task: {589F6B00-9689-437B-B456-D69D87F4030C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-21] (Microsoft Corporation)
Task: {78A25E9A-8D31-41D3-8CCB-A7EA70D2151A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-27] (Google Inc.)
Task: {82E02226-FB84-4382-AC12-7232321A1C5E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-21] (Microsoft Corporation)
Task: {931C60E9-F03A-4F68-9693-D3DDA137FA9E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-21] (Microsoft Corporation)
Task: {9A993373-57FB-40CB-847E-5F26E27F2CEE} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-8EJOT4I-selohu => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-01-05] (Adobe Systems, Incorporated)
Task: {B2F2D18E-06B2-4C5E-B25D-F0FAD95532FC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-27] (Google Inc.)
Task: {B3D29D23-90E4-49E4-A94F-B588B1C9357C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-01-09] (Piriform Ltd)
Task: {BF864EA1-3CA9-4FEF-B85A-7BCDB081A414} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-04] (NVIDIA Corporation)
Task: {D77598EB-D962-48CB-8C0F-C05CE97B36E6} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-01-04] (NVIDIA Corporation)
Task: {E7299710-BB0B-47B4-92A8-F794D72D2D2E} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\RadeonInstaller.exe [2017-08-09] (Advanced Micro Devices, Inc.)
Task: {F5C2418B-DCBC-4BF8-ABE5-4033D2AE3206} - System32\Tasks\ASC_ASCTray_Auto => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\AdobeGCInvoker-1.0-DESKTOP-8EJOT4I-selohu.job => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
ShortcutWithArgument: C:\Users\selohu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Chroma.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 4" --app-id=gefgglgjdlddcpcapigheknbacbmmggp
ShortcutWithArgument: C:\Users\selohu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Chrome Apps & Extensions Developer Tool (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 4" --app-id=ohmmkhmmmpcnpikjeljgnaoabkaalbgc
ShortcutWithArgument: C:\Users\selohu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Chrome Connectivity Diagnostics (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 4" --app-id=eemlkeanncmjljgehlbplemhmdmalhdc
ShortcutWithArgument: C:\Users\selohu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Chrome Dev Editor (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 4" --app-id=pnoffddplpippgcfjdhbmhkofpnaalpg
ShortcutWithArgument: C:\Users\selohu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio Remoto de Chrome (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 4" --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\selohu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio Remoto de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  
ShortcutWithArgument: C:\Users\selohu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Reproductor H.265 _ HEVC (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 4" --app-id=dambgipgbnhmnkdolkljibpcbocimnpd
ShortcutWithArgument: C:\Users\selohu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Responsive Website Tester for Google Chrome™! (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 4" --app-id=eopndgnmfpbhfamlgcfcfedcabbfnkhn
 
==================== Loaded Modules (Whitelisted) ==============
 
2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-01-15 16:02 - 2018-01-04 02:44 - 000544056 _____ () C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\DisplayDriverAnalyzer\_DisplayDriverCrashAnalyzer64.dll
2018-01-18 00:44 - 2017-11-29 09:11 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-01-04 09:04 - 2018-01-04 09:04 - 000649672 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2018-01-10 17:44 - 2018-01-10 17:44 - 000087040 _____ () C:\ProgramData\RogueKillerPE\RogueKillerPE.shell.dll
2017-12-02 05:26 - 2017-11-26 13:23 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-02 05:26 - 2017-11-26 13:01 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-01-09 13:59 - 2018-01-09 13:59 - 004698840 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11712.1001.16.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-12-21 15:31 - 2017-12-21 15:31 - 026507776 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17112.13411.0_x64__8wekyb3d8bbwe\Video.UI.exe
2017-12-21 15:31 - 2017-12-21 15:31 - 008370176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17112.13411.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-09-27 20:33 - 2017-09-27 20:33 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17112.13411.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-01-25 12:39 - 2018-01-24 08:48 - 004433752 _____ () C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.119\libglesv2.dll
2018-01-25 12:39 - 2018-01-24 08:48 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.119\libegl.dll
2017-12-27 11:08 - 2017-12-27 11:08 - 000111104 _____ () C:\Program Files\Plumbytes Software\Plumbytes Anti-Malware\Zlib.dll
2017-09-06 18:11 - 2017-09-06 18:11 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-09-06 18:11 - 2017-09-06 18:11 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-09-06 18:11 - 2017-09-06 18:11 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2017-09-06 18:11 - 2017-09-06 18:11 - 000125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-09-20 03:04 - 2017-09-20 03:04 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-09-06 18:11 - 2017-09-06 18:11 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2017-09-12 20:11 - 2017-09-12 20:11 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-09-12 20:10 - 2017-09-12 20:10 - 000117760 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node
2017-09-12 20:11 - 2017-09-12 20:11 - 000125440 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-09-12 20:11 - 2017-09-12 20:11 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-09-20 02:59 - 2017-09-20 02:59 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-09-12 20:11 - 2017-09-12 20:11 - 000098816 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\bufferutil\build\Release\bufferutil.node
2017-09-12 20:11 - 2017-09-12 20:11 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Windows:CM_36faabd924501fcd2f743302621d89eb425ec11f74fef19a5e0fe69c3f0b5201 [74]
AlternateDataStreams: C:\Windows:CM_e0501b65315a77c6cde279a3a8d62a1a6c48bf2c2e353a3654218165115f1673 [74]
AlternateDataStreams: C:\ProgramData\TEMP:1AAB2E68 [175]
AlternateDataStreams: C:\ProgramData\TEMP:960C67A0 [129]
AlternateDataStreams: C:\ProgramData\TEMP:B755D674 [134]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\04090460.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\08012019.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\11880978.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\19624064.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\21087998.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\38403584.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\57090422.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\57208340.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\57940326.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\58668800.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\66669855.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\73630377.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\73762694.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\76ABAC8B6.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\80590716.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\04090460.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\08012019.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\11880978.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\19624064.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\21087998.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\38403584.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\57090422.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\57208340.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\57940326.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\58668800.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\66669855.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\73630377.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\73762694.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\76ABAC8B6.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\80590716.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR501 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR501.SYS => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR520 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR520.SYS => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SntpService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VipreEdgeProtection => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WebExaminer => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2017-03-18 22:03 - 2017-12-19 16:59 - 000000855 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
127.0.0.1       localhost
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3897876760-2343832674-48544982-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 80.58.61.250 - 80.58.61.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKU\S-1-5-21-3897876760-2343832674-48544982-1001\...\StartupApproved\StartupFolder: => "VirtualExpander.lnk"
HKU\S-1-5-21-3897876760-2343832674-48544982-1001\...\StartupApproved\Run: => "eMuleAutoStart"
HKU\S-1-5-21-3897876760-2343832674-48544982-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-3897876760-2343832674-48544982-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-3897876760-2343832674-48544982-1001\...\StartupApproved\Run: => "McAfeeSafeConnect"
HKU\S-1-5-21-3897876760-2343832674-48544982-1001\...\StartupApproved\Run: => "ycAutoLaunch_881CF723623E921DE1EB79ACB2125D0A"
HKU\S-1-5-21-3897876760-2343832674-48544982-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [TCP Query User{766434D6-AB99-48D4-8828-0AA02271ED26}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{AD62E904-C27B-4E18-9371-C876AC6741AC}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{5AE68723-50C1-4A3B-899B-6183E0AB13C5}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{0C759C88-8153-4ACC-B3D7-D85EE254F536}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [TCP Query User{B014DBCC-9247-4E6E-99B3-E7378DEF7B81}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{A29AB69F-7531-4F8A-B340-10ADE0BD7B7A}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{D243C193-68B7-4661-8FA4-4F525C33BE62}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{8F794E40-3955-4178-9513-A39CFC28AAFC}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [TCP Query User{7C4160FC-91F1-4711-AE25-7334A305E697}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{23D4BD1E-C7F7-4C16-A358-109DF11EE098}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{58182362-379E-45A5-B35B-0F4E242E9FB0}C:\users\selohu\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\selohu\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{A571F3B1-BC5F-499A-9997-E2A16BFE0551}C:\users\selohu\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\selohu\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{AAA6C486-5492-4041-828E-4156E81FD7BF}C:\users\selohu\desktop\scanrat multi-tools\scanrat final.exe] => (Allow) C:\users\selohu\desktop\scanrat multi-tools\scanrat final.exe
FirewallRules: [UDP Query User{4D705FC1-FD58-45EE-A07B-B552238FC4E8}C:\users\selohu\desktop\scanrat multi-tools\scanrat final.exe] => (Allow) C:\users\selohu\desktop\scanrat multi-tools\scanrat final.exe
FirewallRules: [TCP Query User{4A2FC814-4F04-43E2-A844-B87A72FC79DA}C:\users\selohu\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\selohu\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{A08C35CE-2494-4002-8D01-1DC551F869C1}C:\users\selohu\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\selohu\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{E8330FED-2E25-4CE0-A05E-7DC0EBCBAB13}C:\windows_repair_toolbox\downloads\snappy\sdio_1.4.1.675\sdio_x64_r675.exe] => (Allow) C:\windows_repair_toolbox\downloads\snappy\sdio_1.4.1.675\sdio_x64_r675.exe
FirewallRules: [UDP Query User{B4DB1740-2886-4B81-BCE8-4CCFEE650DE6}C:\windows_repair_toolbox\downloads\snappy\sdio_1.4.1.675\sdio_x64_r675.exe] => (Allow) C:\windows_repair_toolbox\downloads\snappy\sdio_1.4.1.675\sdio_x64_r675.exe
FirewallRules: [{7D68F0B8-1227-44B5-9DB7-B97E3EEB400D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
31-01-2018 03:19:29 Revo Uninstaller's restore point - Iris mini - Software for eye protection
 
==================== Faulty Device Manager Devices =============
 
Name: AVerMedia Ethernet Adapter for MPE
Description: AVerMedia Ethernet Adapter for MPE
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: AVerMedia TECHNOLOGIES, Inc.
Service: AVerEth
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: VirtualBox Host-Only Ethernet Adapter #2
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/01/2018 01:00:06 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: No se pudo programar el servicio de protección de software para reiniciarse a las 2118-01-08T00:00:06Z. Código de error: 0x80041315.
 
Error: (02/01/2018 12:59:36 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: No se pudo programar el servicio de protección de software para reiniciarse a las 2118-01-07T23:59:36Z. Código de error: 0x80041315.
 
Error: (02/01/2018 12:59:06 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: No se pudo programar el servicio de protección de software para reiniciarse a las 2118-01-07T23:59:06Z. Código de error: 0x80041315.
 
Error: (02/01/2018 12:58:36 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: No se pudo programar el servicio de protección de software para reiniciarse a las 2118-01-07T23:58:36Z. Código de error: 0x80041315.
 
Error: (02/01/2018 12:58:06 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: No se pudo programar el servicio de protección de software para reiniciarse a las 2118-01-07T23:58:06Z. Código de error: 0x80041315.
 
Error: (02/01/2018 12:57:36 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: No se pudo programar el servicio de protección de software para reiniciarse a las 2118-01-07T23:57:36Z. Código de error: 0x80041315.
 
Error: (02/01/2018 12:57:06 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: No se pudo programar el servicio de protección de software para reiniciarse a las 2118-01-07T23:57:06Z. Código de error: 0x80041315.
 
Error: (02/01/2018 12:56:36 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: No se pudo programar el servicio de protección de software para reiniciarse a las 2118-01-07T23:56:36Z. Código de error: 0x80041315.
 
Error: (02/01/2018 12:56:06 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: No se pudo programar el servicio de protección de software para reiniciarse a las 2118-01-07T23:56:06Z. Código de error: 0x80041315.
 
Error: (02/01/2018 12:55:36 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: No se pudo programar el servicio de protección de software para reiniciarse a las 2118-01-07T23:55:36Z. Código de error: 0x80041315.
 
 
System errors:
=============
Error: (01/31/2018 04:26:07 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: El servicio AMW Service ha sido marcado como servicio interactivo. Sin embargo, el sistema está configurado para no permitir servicios interactivos. Este servicio puede tener un funcionamiento incorrecto.
 
Error: (01/31/2018 01:30:53 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-8EJOT4I)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP-8EJOT4I\selohu con SID (S-1-5-21-3897876760-2343832674-48544982-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
 
Error: (01/31/2018 01:29:46 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-8EJOT4I)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP-8EJOT4I\selohu con SID (S-1-5-21-3897876760-2343832674-48544982-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
 
Error: (01/31/2018 01:26:05 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-8EJOT4I)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP-8EJOT4I\selohu con SID (S-1-5-21-3897876760-2343832674-48544982-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
 
Error: (01/31/2018 01:19:19 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-8EJOT4I)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP-8EJOT4I\selohu con SID (S-1-5-21-3897876760-2343832674-48544982-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
 
Error: (01/31/2018 01:14:06 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio Sincronizar host_57a68 se cerró con el siguiente error: 
No hay más extremos disponibles desde el asignador de extremos.
 
Error: (01/31/2018 01:13:54 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio Sincronizar host_57a68 se cerró con el siguiente error: 
No hay más extremos disponibles desde el asignador de extremos.
 
Error: (01/31/2018 01:13:52 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario NT AUTHORITY\Servicio de red con SID (S-1-5-20) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
 
Error: (01/31/2018 01:12:23 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-8EJOT4I)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP-8EJOT4I\selohu con SID (S-1-5-21-3897876760-2343832674-48544982-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
 
Error: (01/31/2018 01:11:41 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\hwinterface.sys
 
 
CodeIntegrity:
===================================
  Date: 2018-02-01 00:49:02.058
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-02-01 00:47:55.597
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-02-01 00:47:39.693
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-02-01 00:44:54.942
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-02-01 00:43:50.838
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-02-01 00:42:13.957
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-02-01 00:42:11.372
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-02-01 00:41:56.789
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-02-01 00:41:11.824
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-02-01 00:40:56.601
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: AMD FX™-4300 Quad-Core Processor 
Percentage of memory in use: 42%
Total physical RAM: 7927.11 MB
Available physical RAM: 4550 MB
Total Virtual: 8767 MB
Available Virtual: 4346.36 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:111.3 GB) (Free:37.96 GB) NTFS
Drive d: () (Fixed) (Total:465.76 GB) (Free:167.13 GB) NTFS
Drive e: () (Fixed) (Total:698.63 GB) (Free:451.88 GB) NTFS
Drive f: () (Fixed) (Total:149.05 GB) (Free:33.73 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 217A6D10)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 98AE06FD)
Partition 1: (Not Active) - (Size=698.6 GB) - (Type=06)
 
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: BF58B7E9)
Partition 1: (Not Active) - (Size=149 GB) - (Type=42)
 
========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 0F4252D3)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================


#4 selohu

selohu
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:07 AM

Posted 31 January 2018 - 07:05 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2018
Ran by selohu (administrator) on DESKTOP-8EJOT4I (01-02-2018 00:59:07)
Running from C:\Users\selohu\Desktop
Loaded Profiles: selohu (Available Profiles: selohu)
Platform: Windows 10 Pro Version 1709 16299.192 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\NisSrv.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\selohu\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11712.1001.16.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17112.13411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Plumbytes Software Lp) C:\Program Files\Plumbytes Software\Plumbytes Anti-Malware\AmwService.exe
(Plumbytes Software Lp) C:\Program Files\Plumbytes Software\Plumbytes Anti-Malware\Plumbytes.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Farbar) C:\Users\selohu\Desktop\FRST64english.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems, Incorporated)
HKLM\...\Run: [Plumbytes Anti-Malware] => C:\Program Files\Plumbytes Software\Plumbytes Anti-Malware\Plumbytes.exe [1961200 2017-12-29] (Plumbytes Software Lp)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3897876760-2343832674-48544982-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [886768 2017-11-04] (Adobe Systems Incorporated)
HKU\S-1-5-21-3897876760-2343832674-48544982-1001\...\Run: [0FD00E456263BD2267B7B66A2074EE49088C8B56._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1581912 2018-01-24] (Google Inc.)
HKU\S-1-5-21-3897876760-2343832674-48544982-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10257872 2018-01-09] (Piriform Ltd)
HKU\S-1-5-21-3897876760-2343832674-48544982-1001\...\Run: [Spotify Web Helper] => C:\Users\selohu\AppData\Roaming\Spotify\SpotifyWebHelper.exe [780688 2018-01-17] (Spotify Ltd)
HKU\S-1-5-21-3897876760-2343832674-48544982-1001\...\Run: [Spotify] => C:\Users\selohu\AppData\Roaming\Spotify\Spotify.exe [21099408 2018-01-17] (Spotify Ltd)
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction <==== ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{2912377f-5a04-48b9-b74d-6371b36e164f}: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{336fa204-159c-4713-868d-d7358f95341e}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{482e7d1c-2efc-4ccb-89af-c987fb25d624}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{6089763b-a03e-46f7-a486-205ae59f94c6}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{64937937-b501-11e7-997c-806e6f6e6963}: [NameServer] 8.8.8.8
 
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
SearchScopes: HKU\S-1-5-21-3897876760-2343832674-48544982-1001 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = 
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-04] (Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-04] (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-21] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-04] (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-21] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-04] (Adobe Systems Incorporated)
Handler: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} -  No File
 
FireFox:
========
FF HKU\S-1-5-21-3897876760-2343832674-48544982-1001\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\selohu\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-21] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3897876760-2343832674-48544982-1001: @acestream.net/acestreamplugin,version=3.1.20.2 -> C:\Users\selohu\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]
FF Plugin HKU\S-1-5-21-3897876760-2343832674-48544982-1001: WebChimera.org/WebChimera -> C:\Users\selohu\AppData\Roaming\WebChimera\0.2.9\npWebChimera.dll [2015-07-01] (Sergey Radionov)
 
Chrome: 
=======
CHR DefaultProfile: Profile 4
CHR HomePage: Profile 4 -> hxxps://www.google.es/
CHR StartupUrls: Profile 4 -> "hxxp://www.google.es/","hxxp://mail.ru/cnt/10445?gp=855141","hxxp://mail.ru/cnt/10445?gp=855155"
CHR Profile: C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-01-31]
CHR Extension: (No Name) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\ahggfmgiidlaceichjfemgbaggnbaloe [2017-12-07]
CHR Profile: C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4 [2018-02-01]
CHR Extension: (Context) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aalnjolghjkkogicompabhhbbkljnlka [2018-01-31]
CHR Extension: (Presentaciones) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-31]
CHR Extension: (Duolingo en la web) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2018-01-31]
CHR Extension: (SEOquake) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\akdgnmcogleenhbclghghlkkdndkjdjc [2018-01-31]
CHR Extension: (SP Backlink Manager) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\alljiaiaaipbklgeoajbledcjfdbppbp [2018-01-31]
CHR Extension: (Video de Social - Descargar video de Facebook) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\amjcoehkcacocffpmhnefgoeanepjfkf [2018-01-31]
CHR Extension: (Documentos) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-31]
CHR Extension: (Descarga Videos con Keepvid Video Downloader) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aoiobldpmgochmjnjopjgklejhljjbgd [2018-01-31]
CHR Extension: (Google Drive) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-31]
CHR Extension: (Spotiload (former Spotify Vk Downloader)) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\baggnalhgbpeanbhedjlbndhjgmimmhl [2018-01-31]
CHR Extension: (Audiense) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\bagknoiagpifjfbempgignagkejmkljm [2018-01-31]
CHR Extension: (Transparent) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\bdgobpipmkbpgpehafjkhnncdhgdecbd [2018-01-31]
CHR Extension: (Grupos de Google) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\bfmbadcfdhiklafcdohpfphhhakmiakk [2018-01-31]
CHR Extension: (FacturaDirecta) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\bfnolnpaocpnjlfciikkkanlkhoognpb [2018-01-31]
CHR Extension: (MEGA) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2018-01-31]
CHR Extension: (YouTube) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-31]
CHR Extension: (Firebug Lite for Google Chrome™) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\bmagokdooijbeehmkpknfglimnifench [2018-01-31]
CHR Extension: (Netcraft Extension) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\bmejphbfclcpmpohkggcjeibfilpamia [2018-01-31]
CHR Extension: (TV) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\bppbpeijolfcampacpljolaegibfhjph [2018-01-31]
CHR Extension: (MetricSpot) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\cbinkmboldcdcegndkhnbkdbljadmfjm [2018-01-31]
CHR Extension: (Business Hangouts - Webinars for G Suite) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ccbjchepdbjeemagnjpoihpkjghelnge [2018-01-31]
CHR Extension: (Adblock Plus) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-01-31]
CHR Extension: (OneTab) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2018-01-31]
CHR Extension: (uBlock Origin) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-01-31]
CHR Extension: (Play HLS M3u8) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ckblfoghkjhaclegefojbgllenffajdc [2018-01-31]
CHR Extension: (Spotify - Music for every moment) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2018-01-31]
CHR Extension: (Reproductor H.265 / HEVC) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\dambgipgbnhmnkdolkljibpcbocimnpd [2018-01-31]
CHR Extension: (BuiltWith Technology Profiler) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\dapjbgnjinbpoindlpdmhochffioedbn [2018-01-31]
CHR Extension: (jQuery Debugger) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\dbhhnnnpaeobfddmlalhnehgclcmjimi [2018-01-31]
CHR Extension: (WGT Golf Challenge) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\dcilimldmomiaihcfkmaldanopfejefg [2018-01-31]
CHR Extension: (Tampermonkey) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-01-31]
CHR Extension: (Television) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\dhldnekicgefkglimkhjnldknpmljece [2018-01-31]
CHR Extension: (Google+) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2018-01-31]
CHR Extension: (CSS Reloader) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\dnfpcpfijpdhabaoieccoclghgplmpbd [2018-01-31]
CHR Extension: (SEOrch - OnPage SEO Tool) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\dofplnfijbongplmhcpoobljlfjeaank [2018-01-31]
CHR Extension: (Kami - PDF and Document Markup) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ecnphlgnajanjnkcmbpancdjoidceilk [2018-01-31]
CHR Extension: (Chrome Connectivity Diagnostics) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\eemlkeanncmjljgehlbplemhmdmalhdc [2018-01-31]
CHR Extension: (VTchromizer) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\efbjojhplkelaegfbieplglfidafgoka [2018-01-31]
CHR Extension: (SEO SERP Workbench) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ehbgolklgacemnfnmkkpgekngaaggjjl [2018-01-31]
CHR Extension: (Responsive Website Tester for Google Chrome™!) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\eopndgnmfpbhfamlgcfcfedcabbfnkhn [2018-01-31]
CHR Extension: (Hojas de cálculo) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-31]
CHR Extension: (Metadefender for Chrome) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\fjampemfhdfmangifafmianhokmpjbcj [2018-01-31]
CHR Extension: (Full Screen Weather) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\fkkaebihfmbofclegkcfkkemepfehibg [2018-01-31]
CHR Extension: (Complemento inhabilitación Google Analytics) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2018-01-31]
CHR Extension: (uTorrent easy client) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\fmfiejlelblhoaflnjajjjjkkgbeifpn [2018-01-31]
CHR Extension: (Escritorio Remoto de Chrome) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2018-01-31]
CHR Extension: (Ripple Emulator (Beta)) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\geelfhphabnejjhdalkjhgipohgpdnoc [2018-01-31]
CHR Extension: (Chroma) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\gefgglgjdlddcpcapigheknbacbmmggp [2018-01-31]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-01-31]
CHR Extension: (El Camelizer) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghnomdcacenbmilgjigehppbamfndblo [2018-01-31]
CHR Extension: (responsive-web-design) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\gkmaomcbenajgclicfopaempggmbghka [2018-01-31]
CHR Extension: (Muzli 2 - Stay Inspired) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\glcipcfhmopcgidicgdociohdoicpdfc [2018-01-31]
CHR Extension: (Twitcher - Twitter Account Switcher) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\gmngpagflejjoblmmamaonmnkghjmebh [2018-01-31]
CHR Extension: (Canal de audio) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\hafdgamhnmiioimpcdhhbhgcjndgmphd [2018-01-31]
CHR Extension: (Open SEO Stats(Formerly: PageRank Status)) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\hbdkkfheckcdppiaiabobmennhijkknn [2018-01-31]
CHR Extension: (TweetDeck by Twitter) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2018-01-31]
CHR Extension: (PDF Mergy - Merge PDF files) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\hgecghmkcdefnknohcimkoemhaofpoha [2018-01-31]
CHR Extension: (Check Link with Virus Total) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\hhnmaajgkpabdacoaidggmkpnlfopkif [2018-01-31]
CHR Extension: (LinkedIn Sales Navigator) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\hihakjfhbmlmjdnnhegiciffjplmdhin [2018-01-31]
CHR Extension: (Prueba de velocidad de Internet) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\hlhbmnfdcklajeaeikfinieljfegamko [2018-01-31]
CHR Extension: (vGet Extension (Video Downloader, DLNA)) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\hniladkejehjfchadikcbjmgjaogciic [2018-01-31]
CHR Extension: (SimilarWeb - Traffic Rank & Website Analysis) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\hoklmmgfnpapgjgcpechhaamimifchmp [2018-01-31]
CHR Extension: (Anti Miner - No 1 Coin Minerblock) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ibhpgkhoicjhklmbhdoeikeggbeejonj [2018-01-31]
CHR Extension: (META SEO inspector) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ibkclpciafdglkjkcibmohobjkcfkaef [2018-01-31]
CHR Extension: (Google Play Music) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2018-01-31]
CHR Extension: (Deluminate) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\iebboopaeangfpceklajfohhbpkkfiaa [2018-01-31]
CHR Extension: (The Weather Channel for Chrome) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\iflpcokdamgefbghpdipcibmhlkdopop [2018-01-31]
CHR Extension: (VK Music — descarga música de VK) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\jdnmpoggedgajbelgfgmlogehjkkfilp [2018-01-31]
CHR Extension: (PinPatrol) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\jenmooahjheolakpacikdlloalfaihef [2018-01-31]
CHR Extension: (Free SEO Deal of the Week) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\jgnekndlomccgljphjjcmhgmbbbeeklm [2018-01-31]
CHR Extension: (Mgnet.me Magnet URI Shortener) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\jhegibjbleopoidcmfmfffbpkfbodnpn [2018-01-31]
CHR Extension: (PixelBlock) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\jmpmfcjnflbcoidlgapblgpgbilinlem [2018-01-31]
CHR Extension: (Tag Assistant (by Google)) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2018-01-31]
CHR Extension: (Player para ver Movistar+) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\kenfcfndncbbggmafjjeihkdclggbojn [2018-01-31]
CHR Extension: (Window Resizer) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\kkelicaakdanhinjdeammmilcgefonfh [2018-01-31]
CHR Extension: (Video Downloader professional) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\kmdldgcmokdpmacblnehppgkjphcbpnn [2018-01-31]
CHR Extension: (Hootsuite) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\kneloppijbcidgidihgdjnooihjcdbij [2018-01-31]
CHR Extension: (Google Play) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2018-01-31]
CHR Extension: (Evernote Web) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2018-01-31]
CHR Extension: (Linkclump) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lfpjkncokllnfokkgpkobnkbkmelfefj [2018-01-31]
CHR Extension: (IP Address and Domain Information) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lhgkegeccnckoiliokondpaaalbhafoa [2018-01-31]
CHR Extension: (Privacy Cleaner) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\liiikhhbkpmpomjmdofandjmdgapiahi [2018-01-31]
CHR Extension: (AudioSauna) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lkgfemnodkdnenmfkblebnkjpckkjcae [2018-01-31]
CHR Extension: (VKontakte Online) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lndpcfpegdlidkmpkdmcnminpcddkhhe [2018-01-31]
CHR Extension: (VKD | скачать музыку с ВК) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lnppoapkllmphlngblmeohbgkdagphob [2018-01-31]
CHR Extension: (Chrono Gestor de Descargas) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\mciiogijehkdemklbdcbfkefimifhecn [2018-01-31]
CHR Extension: (LinkedIn Extension) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\meajfmicibjppdgbjfkpdikfjcflabpk [2018-01-31]
CHR Extension: (Quick SEO - PageRank, Backlinks & Alexa Tool) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\mimhmidgldhoghjoehfigallmmndjkef [2018-01-31]
CHR Extension: (Cesta de aparcamiento del centro comercial) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\mjfoehokglnmbbnncflhhgapdfkhahle [2018-01-31]
CHR Extension: (SEO Webpage Analysis Tool) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\mkfhheamcohgngngnmpckfgcfmdabmno [2018-01-31]
CHR Extension: (Screencastify - Screen Video Recorder) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\mmeijimgabbpbgpdklnllpncmdofkcpn [2018-01-31]
CHR Extension: (WGT Golf Game) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\mpedbpkelbhcbkdaglillalioeeekbpb [2018-01-31]
CHR Extension: (Hangouts de Google) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2018-01-31]
CHR Extension: (Email tracking para Gmail e Inbox - Mailtrack) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ndnaehgpjlnokgebbaldlmgkapkpjkkb [2018-01-31]
CHR Extension: (MetaMask) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2018-01-31]
CHR Extension: (MyEtherWallet) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nlbmnnijcnlegkjjpcfjclmcfggfefdm [2018-01-31]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-01-31]
CHR Extension: (Oola Proxy for chrome) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nofbmmlgcejohbjpbilfpiggemkakkig [2018-01-31]
CHR Extension: (Chrome Apps & Extensions Developer Tool) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ohmmkhmmmpcnpikjeljgnaoabkaalbgc [2018-01-31]
CHR Extension: (Check My Links) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ojkcdipcgfaekbeaelaapakgnjflfglf [2018-01-31]
CHR Extension: (Alarma de Lluvia Extensión) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\olnconaknblgbkfgknkfmmfhhbebkekd [2018-01-31]
CHR Extension: (Adaptive Bitrate Manifest Viewer) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\omjpjjekjefmdkidigpkhpjnojoadbih [2018-01-31]
CHR Extension: (Video Downloader) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pbbjnobglkpbfmpabbgogbnlffkmgbii [2018-01-31]
CHR Extension: (Типичный Интернетчик) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pchdjfphepablonpcppmolebmpebgjia [2018-01-31]
CHR Extension: (Adobe HDS / HLS Video Saver) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pibndofbpkoaipoidbkephfhhnapkccn [2018-01-31]
CHR Extension: (Gmail) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-01-31]
CHR Extension: (MetricSpot Social Content) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjmkbndimahliidaeaipeiknpaaehifp [2018-01-31]
CHR Extension: (Chrome Media Router) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-01-31]
CHR Extension: (SEO serp) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pnajcbokobncmoiicnkhblbgncincoam [2018-01-31]
CHR Extension: (Chrome Dev Editor) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pnoffddplpippgcfjdhbmhkofpnaalpg [2018-01-31]
CHR Extension: (SEO Competitor Analysis) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pnpafbknegcefgoojplahellhohoklbj [2018-01-31]
CHR Profile: C:\Users\selohu\AppData\Local\Google\Chrome\User Data\System Profile [2018-02-01]
CHR Extension: (No Name) - C:\Users\selohu\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\ahggfmgiidlaceichjfemgbaggnbaloe [2017-12-07]
CHR HKU\S-1-5-21-3897876760-2343832674-48544982-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [9236912 2018-01-03] (Emsisoft Ltd)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems, Incorporated)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135488 2017-12-20] (SurfRight B.V.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 pbamw_service; C:\Program Files\Plumbytes Software\Plumbytes Anti-Malware\AmwService.exe [126192 2018-01-03] (Plumbytes Software Lp)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-11-26] (Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-01-21] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-01-21] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 76ABAC8B6; C:\WINDOWS\System32\drivers\76ABAC8B6.sys [478392 2018-01-31] (Kaspersky Lab ZAO)
R3 AmUStor; C:\WINDOWS\system32\drivers\AmUStor.SYS [90560 2018-01-01] (Alcorlink Corp.)
S0 asstahci64; C:\WINDOWS\System32\drivers\asstahci64.sys [89960 2015-11-12] (Asmedia Technology)
S3 aswMBR; C:\Users\selohu\AppData\Local\Temp\aswMBR.sys [62728 2018-01-31] () [File not signed] <==== ATTENTION
S3 aswVmm; C:\Users\selohu\AppData\Local\Temp\aswVmm.sys [224896 2018-01-31] () <==== ATTENTION
R3 AVerA706_x64; C:\WINDOWS\system32\DRIVERS\AVerA706_x64.sys [1414528 2008-08-18] (AVerMedia TECHNOLOGIES, Inc.)
R3 AVerAF15DMBTH64; C:\WINDOWS\System32\Drivers\AVerAF15DMBTH64.sys [592256 2009-07-27] (AVerMedia TECHNOLOGIES, Inc.)
S3 AVerEth; C:\WINDOWS\System32\drivers\AVerEth64.sys [26624 2007-04-02] (AVerMedia TECHNOLOGIES, Inc.)
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
R1 epp; C:\Program Files\Emsisoft Anti-Malware\epp.sys [124552 2016-11-23] (Emsisoft Ltd)
S1 hwinterface; C:\Windows\SysWOW64\Drivers\hwinterface.sys [3026 2017-11-27] (Logix4u) [File not signed]
S3 kmloop; C:\WINDOWS\System32\drivers\loop.sys [16896 2017-09-29] (Microsoft Corporation)
R3 kwrdyaog; C:\Users\selohu\AppData\Local\Temp\kwrdyaog.sys [56584 2018-01-31] (GMER) [File not signed] <==== ATTENTION
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2018-01-31] (Malwarebytes)
S3 MDA_NTDRV; C:\WINDOWS\system32\MDA_NTDRV.sys [21208 2013-02-25] ()
R1 MpKsl55368baa; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A1B77ACF-F522-4752-9602-9281F407209E}\MpKsl55368baa.sys [58120 2018-01-31] (Microsoft Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5601d21ccd639df9\nvlddmkm.sys [17486096 2018-01-05] (NVIDIA Corporation)
S3 PortTalk; C:\Windows\SysWOW64\Drivers\PortTalk.sys [3567 2002-01-12] (Beyond Logic hxxp://www.beyondlogic.org) [File not signed]
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010648 2018-01-01] (Realtek )
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2017-10-10] (The OpenVPN Project) [File not signed]
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [23040 2017-09-29] (Microsoft Corporation)
S3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [200832 2018-01-15] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [211704 2018-01-15] (Oracle Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [144632 2017-11-22] (Oracle Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-01-21] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2018-01-21] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-01-21] (Microsoft Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2017-12-20] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-12-20] (Zemana Ltd.)
R0 ZVDiskProt; C:\WINDOWS\system32\DRIVERS\ZVDiskProt.sys [44336 2017-12-02] (ZitoVault)
S3 ALSysIO; \??\C:\Users\selohu\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
S3 cpuz143; \??\C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [X]
U4 npcap_wifi; no ImagePath
S1 yempsgrp; \??\C:\WINDOWS\system32\drivers\yempsgrp.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-02-01 00:59 - 2018-02-01 00:59 - 000036591 _____ C:\Users\selohu\Desktop\FRST.txt
2018-02-01 00:58 - 2018-01-28 16:06 - 002393088 _____ (Farbar) C:\Users\selohu\Desktop\FRST64english.exe
2018-01-31 16:26 - 2018-01-31 16:50 - 000000000 ____D C:\Users\selohu\AppData\Local\{12A8CCFE-3C33-4995-BAD8-074E4C5B22FD}
2018-01-31 16:26 - 2018-01-31 16:26 - 000001161 _____ C:\Users\selohu\Desktop\Plumbytes Anti-Malware.lnk
2018-01-31 16:26 - 2018-01-31 16:26 - 000000000 ____D C:\Users\selohu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plumbytes Anti-Malware
2018-01-31 16:26 - 2018-01-31 16:26 - 000000000 ____D C:\Program Files\Plumbytes Software
2018-01-31 16:22 - 2018-01-31 16:22 - 000881904 _____ (Plumbytes Software) C:\Users\selohu\Desktop\antimalwaresetup.exe
2018-01-31 13:13 - 2018-01-31 13:13 - 000000004 ____H C:\ProgramData\cm-lock
2018-01-31 13:11 - 2018-01-31 13:11 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-01-31 03:48 - 2018-01-31 03:48 - 000478392 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\76ABAC8B6.sys
2018-01-31 03:22 - 2018-01-31 04:21 - 000000000 ____D C:\KVRT_Data
2018-01-31 03:10 - 2018-01-31 03:13 - 000000000 ____D C:\AdwCleaner
2018-01-31 03:08 - 2018-01-31 03:08 - 000000352 _____ C:\WINDOWS\Tasks\AdobeGCInvoker-1.0-DESKTOP-8EJOT4I-selohu.job
2018-01-31 02:59 - 2018-01-31 02:59 - 000000512 _____ C:\Users\selohu\Desktop\aswMBR.txt
2018-01-31 02:49 - 2018-01-31 02:49 - 000380928 _____ C:\Users\selohu\Desktop\8d2wn9is.exe
2018-01-31 02:48 - 2018-01-31 02:48 - 005198336 _____ (AVAST Software) C:\Users\selohu\Desktop\aswMBR.exe
2018-01-30 20:00 - 2018-01-30 20:00 - 000130410 _____ C:\Users\selohu\Downloads\WiFi-Miner-Detector-master.zip
2018-01-30 14:35 - 2018-01-31 13:11 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-01-30 14:35 - 2018-01-30 14:35 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-01-30 14:35 - 2018-01-30 14:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-01-30 00:46 - 2018-01-30 00:46 - 000000146 _____ C:\Users\selohu\AppData\Roaming\gamma_ramp.reg
2018-01-29 16:59 - 2018-01-29 16:59 - 000003592 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-8EJOT4I-selohu
2018-01-29 11:30 - 2018-01-29 11:30 - 000000000 ____D C:\WINDOWS\Panther
2018-01-29 03:32 - 2018-01-29 03:32 - 000000000 ____D C:\Users\selohu\Desktop\Windows_Repair_Toolbox
2018-01-29 03:30 - 2018-01-29 03:30 - 004253173 _____ C:\Users\selohu\Desktop\Windows_Repair_Toolbox.zip
2018-01-29 02:12 - 2018-01-29 02:12 - 000000000 ____H C:\Users\selohu\Documents\Default.rdp
2018-01-29 01:52 - 2018-01-29 01:54 - 000000000 ____D C:\ProgramData\SecTaskMan
2018-01-28 17:22 - 2018-01-28 17:22 - 000000000 ____D C:\ProgramData\Norton
2018-01-28 17:13 - 2018-01-28 17:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2018-01-28 16:31 - 2018-01-28 16:31 - 026916424 _____ (Adlice Software) C:\Users\selohu\Desktop\RogueKiller_portable64.exe
2018-01-28 16:06 - 2018-02-01 00:59 - 000000000 ____D C:\FRST
2018-01-28 08:32 - 2018-01-31 04:21 - 000000528 _____ C:\Users\selohu\Desktop\555.txt
2018-01-26 22:36 - 2018-01-26 22:36 - 000000000 ____D C:\Users\selohu\Desktop\KMSAuto.Net.2016.v1.5.3.Portable-Ratiborus
2018-01-26 19:52 - 2018-01-26 19:52 - 003451005 _____ C:\Users\selohu\Desktop\Activador Windows 10 NOVA MUNDO PC.rar
2018-01-25 18:47 - 2018-01-26 20:50 - 000000000 ____D C:\Users\selohu\Desktop\INFORMATICA
2018-01-25 18:42 - 2018-01-25 18:42 - 118977242 _____ C:\Users\selohu\Desktop\Organización y Arquitectura de Computadores  7ma Edicion  William Stallings.rar
2018-01-25 15:42 - 2018-01-25 19:18 - 000000193 _____ C:\WINDOWS\WORDPAD.INI
2018-01-25 13:57 - 2018-01-25 13:57 - 000000000 ____D C:\Users\selohu\AppData\LocalLow\Temp
2018-01-25 13:12 - 2018-01-25 13:37 - 000000000 ____D C:\ESD
2018-01-24 16:07 - 2018-01-24 16:07 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2018-01-24 16:07 - 2018-01-24 16:07 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2018-01-24 16:05 - 2018-01-27 15:53 - 000000000 ____D C:\ProgramData\AVAST Software
2018-01-20 16:26 - 2018-01-20 16:26 - 008206624 _____ (Malwarebytes) C:\Users\selohu\Desktop\adwcleaner_7.0.7.0.exe
2018-01-20 12:42 - 2018-01-20 12:50 - 000000000 ____D C:\Users\selohu\Desktop\Móvil LG
2018-01-18 00:44 - 2018-01-30 14:35 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-01-18 00:44 - 2018-01-18 00:44 - 000000000 ____D C:\Program Files\Malwarebytes
2018-01-18 00:44 - 2017-11-29 09:11 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2018-01-17 12:15 - 2018-01-31 13:12 - 000000000 ____D C:\Users\selohu\AppData\Roaming\Spotify
2018-01-17 12:15 - 2018-01-31 13:12 - 000000000 ____D C:\Users\selohu\AppData\Local\Spotify
2018-01-17 12:15 - 2018-01-17 12:15 - 000001841 _____ C:\Users\selohu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2018-01-15 18:05 - 2018-01-15 18:05 - 000000000 ____D C:\Users\selohu\AppData\Roaming\NVIDIA
2018-01-15 17:20 - 2018-01-15 17:20 - 000000000 ____D C:\Users\selohu\AppData\Local\NVIDIA Corporation
2018-01-15 17:11 - 2018-01-15 17:11 - 001478648 _____ (Simple IT Solutions, LLC) C:\Users\selohu\Desktop\NoBot.exe
2018-01-15 17:11 - 2018-01-15 17:11 - 000000000 ____D C:\NoBot
2018-01-15 16:02 - 2018-01-15 16:02 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-01-15 16:02 - 2018-01-15 16:02 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-01-15 16:02 - 2018-01-15 16:02 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-01-15 16:02 - 2018-01-15 16:02 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-01-15 16:02 - 2018-01-04 02:44 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2018-01-15 16:02 - 2018-01-04 00:50 - 005951336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-01-15 16:02 - 2018-01-04 00:50 - 002588232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-01-15 16:02 - 2018-01-04 00:50 - 001768480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-01-15 16:02 - 2018-01-04 00:50 - 000631880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-01-15 16:02 - 2018-01-04 00:50 - 000450352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-01-15 16:02 - 2018-01-04 00:50 - 000123704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-01-15 16:02 - 2018-01-04 00:50 - 000081992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-01-15 16:02 - 2017-12-24 20:07 - 007928821 _____ C:\WINDOWS\system32\nvcoproc.bin
2018-01-15 16:02 - 2017-11-02 21:15 - 000928568 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-01-15 16:02 - 2017-11-02 21:15 - 000798520 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-01-15 16:02 - 2017-11-02 21:15 - 000490808 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-01-15 16:02 - 2017-11-02 21:14 - 000591672 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-01-15 16:01 - 2018-01-15 16:01 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2018-01-15 16:01 - 2018-01-04 02:44 - 000532792 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2018-01-15 16:01 - 2018-01-04 02:44 - 000438768 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2018-01-15 16:01 - 2018-01-04 01:33 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-01-15 15:59 - 2018-01-15 15:59 - 000211704 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetLwf.sys
2018-01-15 15:59 - 2018-01-15 15:59 - 000200832 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetAdp6.sys
2018-01-15 15:58 - 2018-01-04 02:44 - 040269624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 035179080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 019796520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 016449872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 013430632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 012843496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 011015584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 010900432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 004580320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 004306736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 003893792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 003707888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 001975184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439065.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 001674544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439065.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 001325384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 001134952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 001125960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 001053768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 001043128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 000988656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 000938896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 000885680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 000795928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 000740336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 000635248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 000618928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 000616248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 000599536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 000506864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-01-15 15:58 - 2018-01-04 02:44 - 000048282 _____ C:\WINDOWS\system32\nvinfo.pb
2018-01-15 15:58 - 2018-01-04 02:44 - 000045600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2018-01-15 03:13 - 2018-02-01 00:16 - 000000000 ____D C:\Program Files\Emsisoft Anti-Malware
2018-01-15 03:13 - 2018-01-15 03:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2018-01-15 02:44 - 2018-01-15 02:44 - 000000000 ____D C:\ProgramData\Emsisoft
2018-01-14 17:00 - 2018-01-14 17:00 - 000688992 ____R (Swearware) C:\Users\selohu\Desktop\dds.scr
2018-01-13 20:04 - 2018-01-13 20:05 - 000002986 _____ C:\Users\selohu\Desktop\svchost.txt
2018-01-12 15:31 - 2018-01-12 15:31 - 000000000 ____D C:\zoek_backup
2018-01-12 01:47 - 2018-01-29 01:49 - 000000000 ____D C:\Users\selohu\AppData\Local\slack
2018-01-12 01:47 - 2018-01-29 01:48 - 000000000 ____D C:\Users\selohu\AppData\Roaming\Slack
2018-01-12 00:01 - 2018-01-12 00:01 - 000000000 ____D C:\Users\selohu\AppData\Local\PackageManagement
2018-01-12 00:01 - 2018-01-12 00:01 - 000000000 ____D C:\Program Files (x86)\PackageManagement
2018-01-11 17:34 - 2018-01-31 13:11 - 079691776 _____ C:\WINDOWS\system32\config\SOFTWARE
2018-01-11 15:07 - 2018-01-11 15:07 - 000000033 _____ C:\Users\selohu\AppData\Roaming\AdobeWLCMCache.dat
2018-01-08 16:55 - 2018-01-08 16:55 - 000000282 __RSH C:\Users\selohu\ntuser.pol
2018-01-08 03:39 - 2018-01-08 03:39 - 000000000 ____D C:\Users\selohu\AppData\LocalLow\uTorrent
2018-01-08 03:37 - 2018-01-08 03:37 - 000000218 _____ C:\Users\selohu\AppData\Local\recently-used.xbel
2018-01-08 03:27 - 2018-01-08 03:27 - 000000000 ____D C:\Users\selohu\AppData\Local\gtk-3.0
2018-01-08 02:50 - 2018-01-08 02:52 - 000000000 ____D C:\Users\selohu\Desktop\WinDFT095
2018-01-08 02:49 - 2018-01-08 02:49 - 002380866 _____ C:\Users\selohu\Desktop\WinDFT095.zip
2018-01-08 01:12 - 2018-01-08 01:12 - 000000000 ____D C:\Users\selohu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z
2018-01-08 01:12 - 2018-01-08 01:12 - 000000000 ____D C:\Program Files (x86)\GPU-Z
2018-01-08 00:51 - 2018-01-08 00:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2018-01-08 00:51 - 2018-01-08 00:51 - 000000000 ____D C:\Program Files\Core Temp
2018-01-07 23:51 - 2018-01-07 23:52 - 000000000 ____D C:\Users\selohu\Desktop\escudos tercera
2018-01-07 00:36 - 2018-01-07 00:36 - 000000000 ____D C:\Program Files (x86)\ESET
2018-01-06 21:16 - 2018-01-06 21:17 - 000000000 ____D C:\ProgramData\WRData
2018-01-06 19:45 - 2018-01-06 19:55 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2018-01-06 19:35 - 2018-01-06 19:35 - 000421545 _____ C:\Users\selohu\Downloads\windows-error-lookup-tool-3-0-7-en-win.zip
2018-01-04 13:43 - 2018-01-04 13:43 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2018-01-04 13:08 - 2018-01-01 18:15 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-01-04 13:08 - 2018-01-01 13:54 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-01-04 13:08 - 2018-01-01 13:53 - 001090984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-01-04 13:08 - 2018-01-01 13:52 - 000066712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2018-01-04 13:08 - 2018-01-01 13:51 - 001414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-01-04 13:08 - 2018-01-01 13:51 - 001209240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-01-04 13:08 - 2018-01-01 13:51 - 001055128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-01-04 13:08 - 2018-01-01 13:51 - 000191816 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-01-04 13:08 - 2018-01-01 13:51 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
2018-01-04 13:08 - 2018-01-01 13:50 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-01-04 13:08 - 2018-01-01 13:50 - 000780464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-01-04 13:08 - 2018-01-01 13:50 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-01-04 13:08 - 2018-01-01 13:50 - 000077208 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-01-04 13:08 - 2018-01-01 13:49 - 008605080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-01-04 13:08 - 2018-01-01 13:49 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-01-04 13:08 - 2018-01-01 13:49 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-01-04 13:08 - 2018-01-01 13:49 - 000292376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2018-01-04 13:08 - 2018-01-01 13:48 - 007831760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-01-04 13:08 - 2018-01-01 13:48 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-01-04 13:08 - 2018-01-01 13:48 - 000382360 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-01-04 13:08 - 2018-01-01 13:47 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-01-04 13:08 - 2018-01-01 13:47 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-01-04 13:08 - 2018-01-01 13:46 - 002709704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-01-04 13:08 - 2018-01-01 13:46 - 000898216 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-01-04 13:08 - 2018-01-01 13:46 - 000733592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2018-01-04 13:08 - 2018-01-01 13:46 - 000471960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-01-04 13:08 - 2018-01-01 13:45 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-01-04 13:08 - 2018-01-01 13:45 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-01-04 13:08 - 2018-01-01 13:45 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-01-04 13:08 - 2018-01-01 13:43 - 001173576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-01-04 13:08 - 2018-01-01 13:43 - 000367336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-01-04 13:08 - 2018-01-01 13:43 - 000062872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2018-01-04 13:08 - 2018-01-01 13:42 - 001029016 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2018-01-04 13:08 - 2018-01-01 13:42 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-01-04 13:08 - 2018-01-01 13:42 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-01-04 13:08 - 2018-01-01 13:42 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2018-01-04 13:08 - 2018-01-01 13:42 - 000109976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-01-04 13:08 - 2018-01-01 13:41 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-01-04 13:08 - 2018-01-01 13:41 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-01-04 13:08 - 2018-01-01 13:41 - 000549552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2018-01-04 13:08 - 2018-01-01 13:40 - 001206680 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-01-04 13:08 - 2018-01-01 13:39 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-01-04 13:08 - 2018-01-01 13:39 - 000677784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-01-04 13:08 - 2018-01-01 13:39 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2018-01-04 13:08 - 2018-01-01 13:39 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-01-04 13:08 - 2018-01-01 13:39 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-01-04 13:08 - 2018-01-01 13:38 - 003904808 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-01-04 13:08 - 2018-01-01 13:38 - 000727448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-01-04 13:08 - 2018-01-01 13:38 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-01-04 13:08 - 2018-01-01 13:38 - 000103320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-01-04 13:08 - 2018-01-01 13:38 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys
2018-01-04 13:08 - 2018-01-01 13:37 - 001426664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-01-04 13:08 - 2018-01-01 13:37 - 000461720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2018-01-04 13:08 - 2018-01-01 13:36 - 000413888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-01-04 13:08 - 2018-01-01 13:36 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2018-01-04 13:08 - 2018-01-01 13:36 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2018-01-04 13:08 - 2018-01-01 13:36 - 000113560 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2018-01-04 13:08 - 2018-01-01 13:36 - 000057752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys
2018-01-04 13:08 - 2018-01-01 13:35 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-01-04 13:08 - 2018-01-01 13:35 - 000075160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-01-04 13:08 - 2018-01-01 13:34 - 007385088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-01-04 13:08 - 2018-01-01 13:34 - 001336344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-01-04 13:08 - 2018-01-01 13:34 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-01-04 13:08 - 2018-01-01 13:34 - 000087384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2018-01-04 13:08 - 2018-01-01 13:33 - 002773400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-01-04 13:08 - 2018-01-01 13:33 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-01-04 13:08 - 2018-01-01 13:32 - 004481240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-01-04 13:08 - 2018-01-01 13:32 - 000981400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\lxcore.sys
2018-01-04 13:08 - 2018-01-01 13:32 - 000617304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-01-04 13:08 - 2018-01-01 13:27 - 000713624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-01-04 13:08 - 2018-01-01 13:27 - 000163736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2018-01-04 13:08 - 2018-01-01 13:26 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-01-04 13:08 - 2018-01-01 13:26 - 000081304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2018-01-04 13:08 - 2018-01-01 13:25 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2018-01-04 13:08 - 2018-01-01 13:25 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2018-01-04 13:08 - 2018-01-01 13:23 - 021352144 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-01-04 13:08 - 2018-01-01 13:21 - 001103768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-01-04 13:08 - 2018-01-01 13:21 - 000614296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2018-01-04 13:08 - 2018-01-01 13:06 - 000311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-01-04 13:08 - 2018-01-01 13:03 - 000777904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-01-04 13:08 - 2018-01-01 13:03 - 000650328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-01-04 13:08 - 2018-01-01 13:03 - 000566664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-01-04 13:08 - 2018-01-01 13:03 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2018-01-04 13:08 - 2018-01-01 12:53 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-01-04 13:08 - 2018-01-01 12:49 - 000481464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-01-04 13:08 - 2018-01-01 12:49 - 000258808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2018-01-04 13:08 - 2018-01-01 12:46 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-01-04 13:08 - 2018-01-01 12:46 - 000289816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-01-04 13:08 - 2018-01-01 12:45 - 006092152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-01-04 13:08 - 2018-01-01 12:45 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-01-04 13:08 - 2018-01-01 12:45 - 002192624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-01-04 13:08 - 2018-01-01 12:45 - 000450928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2018-01-04 13:08 - 2018-01-01 12:43 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-01-04 13:08 - 2018-01-01 12:42 - 006479552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-01-04 13:08 - 2018-01-01 12:42 - 004644912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-01-04 13:08 - 2018-01-01 12:42 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-01-04 13:08 - 2018-01-01 12:42 - 001003152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-01-04 13:08 - 2018-01-01 12:42 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-01-04 13:08 - 2018-01-01 12:42 - 000386424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2018-01-04 13:08 - 2018-01-01 12:42 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-01-04 13:08 - 2018-01-01 12:42 - 000074992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2018-01-04 13:08 - 2018-01-01 12:37 - 025247232 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-01-04 13:08 - 2018-01-01 12:34 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-01-04 13:08 - 2018-01-01 12:25 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-01-04 13:08 - 2018-01-01 12:25 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-01-04 13:08 - 2018-01-01 12:25 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2018-01-04 13:08 - 2018-01-01 12:25 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-01-04 13:08 - 2018-01-01 12:25 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2018-01-04 13:08 - 2018-01-01 12:24 - 003668480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-01-04 13:08 - 2018-01-01 12:24 - 001677824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmswitch.sys
2018-01-04 13:08 - 2018-01-01 12:24 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboutSettingsHandlers.dll
2018-01-04 13:08 - 2018-01-01 12:24 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-01-04 13:08 - 2018-01-01 12:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-01-04 13:08 - 2018-01-01 12:24 - 000038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2018-01-04 13:08 - 2018-01-01 12:23 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-01-04 13:08 - 2018-01-01 12:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2018-01-04 13:08 - 2018-01-01 12:23 - 000536576 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-01-04 13:08 - 2018-01-01 12:23 - 000385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2018-01-04 13:08 - 2018-01-01 12:23 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-01-04 13:08 - 2018-01-01 12:23 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\convertvhd.exe
2018-01-04 13:08 - 2018-01-01 12:23 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmsif.dll
2018-01-04 13:08 - 2018-01-01 12:23 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-01-04 13:08 - 2018-01-01 12:23 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2018-01-04 13:08 - 2018-01-01 12:23 - 000047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2018-01-04 13:08 - 2018-01-01 12:22 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rfxvmt.dll
2018-01-04 13:08 - 2018-01-01 12:22 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2018-01-04 13:08 - 2018-01-01 12:22 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2018-01-04 13:08 - 2018-01-01 12:22 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll
2018-01-04 13:08 - 2018-01-01 12:21 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-01-04 13:08 - 2018-01-01 12:21 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2018-01-04 13:08 - 2018-01-01 12:21 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2018-01-04 13:08 - 2018-01-01 12:21 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2018-01-04 13:08 - 2018-01-01 12:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2018-01-04 13:08 - 2018-01-01 12:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspptp.sys
2018-01-04 13:08 - 2018-01-01 12:21 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2018-01-04 13:08 - 2018-01-01 12:21 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2018-01-04 13:08 - 2018-01-01 12:21 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2018-01-04 13:08 - 2018-01-01 12:20 - 019337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-01-04 13:08 - 2018-01-01 12:20 - 018917888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-01-04 13:08 - 2018-01-01 12:20 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-01-04 13:08 - 2018-01-01 12:20 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-01-04 13:08 - 2018-01-01 12:20 - 000397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2018-01-04 13:08 - 2018-01-01 12:20 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-01-04 13:08 - 2018-01-01 12:20 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-01-04 13:08 - 2018-01-01 12:20 - 000212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2018-01-04 13:08 - 2018-01-01 12:20 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-01-04 13:08 - 2018-01-01 12:20 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2018-01-04 13:08 - 2018-01-01 12:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2018-01-04 13:08 - 2018-01-01 12:20 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2018-01-04 13:08 - 2018-01-01 12:20 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2018-01-04 13:08 - 2018-01-01 12:20 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2018-01-04 13:08 - 2018-01-01 12:20 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll
2018-01-04 13:08 - 2018-01-01 12:20 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RfxVmt.sys
2018-01-04 13:08 - 2018-01-01 12:20 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2018-01-04 13:08 - 2018-01-01 12:19 - 008014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-01-04 13:08 - 2018-01-01 12:19 - 000795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalAuth.dll
2018-01-04 13:08 - 2018-01-01 12:19 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-01-04 13:08 - 2018-01-01 12:19 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2018-01-04 13:08 - 2018-01-01 12:19 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-01-04 13:08 - 2018-01-01 12:19 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2018-01-04 13:08 - 2018-01-01 12:19 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2018-01-04 13:08 - 2018-01-01 12:19 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-01-04 13:08 - 2018-01-01 12:19 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-01-04 13:08 - 2018-01-01 12:19 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-01-04 13:08 - 2018-01-01 12:19 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2018-01-04 13:08 - 2018-01-01 12:19 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-01-04 13:08 - 2018-01-01 12:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-01-04 13:08 - 2018-01-01 12:19 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2018-01-04 13:08 - 2018-01-01 12:19 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
2018-01-04 13:08 - 2018-01-01 12:19 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2018-01-04 13:08 - 2018-01-01 12:19 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2018-01-04 13:08 - 2018-01-01 12:19 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msoert2.dll
2018-01-04 13:08 - 2018-01-01 12:19 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-01-04 13:08 - 2018-01-01 12:19 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2018-01-04 13:08 - 2018-01-01 12:19 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2018-01-04 13:08 - 2018-01-01 12:19 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2018-01-04 13:08 - 2018-01-01 12:19 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2018-01-04 13:08 - 2018-01-01 12:18 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2018-01-04 13:08 - 2018-01-01 12:17 - 011923968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-01-04 13:08 - 2018-01-01 12:17 - 006564864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-01-04 13:08 - 2018-01-01 12:17 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-01-04 13:08 - 2018-01-01 12:17 - 000791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-01-04 13:08 - 2018-01-01 12:17 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-01-04 13:08 - 2018-01-01 12:17 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2018-01-04 13:08 - 2018-01-01 12:17 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-01-04 13:08 - 2018-01-01 12:17 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-01-04 13:08 - 2018-01-01 12:17 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-01-04 13:08 - 2018-01-01 12:17 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2018-01-04 13:08 - 2018-01-01 12:17 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2018-01-04 13:08 - 2018-01-01 12:17 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2018-01-04 13:08 - 2018-01-01 12:17 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2018-01-04 13:08 - 2018-01-01 12:17 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2018-01-04 13:08 - 2018-01-01 12:17 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-01-04 13:08 - 2018-01-01 12:17 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msoert2.dll
2018-01-04 13:08 - 2018-01-01 12:16 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-01-04 13:08 - 2018-01-01 12:16 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-01-04 13:08 - 2018-01-01 12:16 - 003676672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-01-04 13:08 - 2018-01-01 12:16 - 000966656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2018-01-04 13:08 - 2018-01-01 12:16 - 000956928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-01-04 13:08 - 2018-01-01 12:16 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-01-04 13:08 - 2018-01-01 12:16 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-01-04 13:08 - 2018-01-01 12:16 - 000812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-01-04 13:08 - 2018-01-01 12:16 - 000720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-01-04 13:08 - 2018-01-01 12:16 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-01-04 13:08 - 2018-01-01 12:16 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-01-04 13:08 - 2018-01-01 12:16 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2018-01-04 13:08 - 2018-01-01 12:16 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-01-04 13:08 - 2018-01-01 12:16 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-01-04 13:08 - 2018-01-01 12:16 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2018-01-04 13:08 - 2018-01-01 12:16 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2018-01-04 13:08 - 2018-01-01 12:16 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-01-04 13:08 - 2018-01-01 12:16 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-01-04 13:08 - 2018-01-01 12:15 - 012687872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-01-04 13:08 - 2018-01-01 12:15 - 006029312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-01-04 13:08 - 2018-01-01 12:15 - 002349568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-01-04 13:08 - 2018-01-01 12:15 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-01-04 13:08 - 2018-01-01 12:15 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2018-01-04 13:08 - 2018-01-01 12:15 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-01-04 13:08 - 2018-01-01 12:15 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2018-01-04 13:08 - 2018-01-01 12:15 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-01-04 13:08 - 2018-01-01 12:15 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2018-01-04 13:08 - 2018-01-01 12:15 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2018-01-04 13:08 - 2018-01-01 12:15 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2018-01-04 13:08 - 2018-01-01 12:15 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2018-01-04 13:08 - 2018-01-01 12:14 - 023655936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-01-04 13:08 - 2018-01-01 12:14 - 002465280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-01-04 13:08 - 2018-01-01 12:14 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-01-04 13:08 - 2018-01-01 12:14 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-01-04 13:08 - 2018-01-01 12:14 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-01-04 13:08 - 2018-01-01 12:14 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-01-04 13:08 - 2018-01-01 12:14 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-01-04 13:08 - 2018-01-01 12:14 - 000870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-01-04 13:08 - 2018-01-01 12:13 - 013657600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-01-04 13:08 - 2018-01-01 12:13 - 012830208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-01-04 13:08 - 2018-01-01 12:13 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-01-04 13:08 - 2018-01-01 12:13 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-01-04 13:08 - 2018-01-01 12:13 - 002013184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-01-04 13:08 - 2018-01-01 12:13 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-01-04 13:08 - 2018-01-01 12:13 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-01-04 13:08 - 2018-01-01 12:13 - 000897024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-01-04 13:08 - 2018-01-01 12:12 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-01-04 13:08 - 2018-01-01 12:12 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-01-04 13:08 - 2018-01-01 12:12 - 001573376 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2018-01-04 13:08 - 2018-01-01 12:12 - 001547776 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-01-04 13:08 - 2018-01-01 12:12 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-01-04 13:08 - 2018-01-01 12:12 - 000760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2018-01-04 13:08 - 2018-01-01 12:12 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-01-04 13:08 - 2018-01-01 12:11 - 008108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-01-04 13:08 - 2018-01-01 12:11 - 004748288 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-01-04 13:08 - 2018-01-01 12:11 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-01-04 13:08 - 2018-01-01 12:11 - 003165696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-01-04 13:08 - 2018-01-01 12:11 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-01-04 13:08 - 2018-01-01 12:11 - 002082304 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-01-04 13:08 - 2018-01-01 12:11 - 001955328 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSvc.dll
2018-01-04 13:08 - 2018-01-01 12:11 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-01-04 13:08 - 2018-01-01 12:11 - 001816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-01-04 13:08 - 2018-01-01 12:11 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-01-04 13:08 - 2018-01-01 12:11 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2018-01-04 13:08 - 2018-01-01 12:11 - 001231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-01-04 13:08 - 2018-01-01 12:11 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-01-04 13:08 - 2018-01-01 12:11 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-01-04 13:08 - 2018-01-01 12:11 - 000715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-01-04 13:08 - 2018-01-01 12:10 - 003126272 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-01-04 13:08 - 2018-01-01 12:10 - 002528256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-01-04 13:08 - 2018-01-01 12:10 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscproxystub.dll
2018-01-04 13:08 - 2018-01-01 12:09 - 001487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-01-04 13:08 - 2018-01-01 12:09 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-01-04 13:08 - 2018-01-01 12:09 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-01-04 13:08 - 2018-01-01 12:09 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-01-04 13:08 - 2018-01-01 12:08 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-01-04 13:08 - 2018-01-01 12:08 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-01-04 13:08 - 2018-01-01 12:08 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-01-04 13:08 - 2018-01-01 12:08 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2018-01-04 13:08 - 2018-01-01 12:08 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-01-04 13:08 - 2018-01-01 12:06 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscproxystub.dll
2018-01-04 13:08 - 2018-01-01 12:05 - 002510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2018-01-04 13:08 - 2018-01-01 12:05 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2018-01-04 13:08 - 2018-01-01 12:05 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-01-02 14:40 - 2018-01-30 16:04 - 011383368 _____ C:\RogueKillerCMD64.exe
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-02-01 00:59 - 2017-12-20 23:49 - 000240460 _____ C:\WINDOWS\ZAM.krnl.trace
2018-02-01 00:59 - 2017-12-20 23:49 - 000206223 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2018-02-01 00:55 - 2017-12-06 02:29 - 000000068 __RSH C:\WINDOWS\system32\Drivers\xinputhid.winsecurity
2018-02-01 00:20 - 2017-12-06 02:29 - 000000068 __RSH C:\WINDOWS\system32\Drivers\WUDFPf.winsecurity
2018-01-31 23:32 - 2017-12-18 13:24 - 000000000 ____D C:\Users\selohu\AppData\Roaming\vlc
2018-01-31 23:30 - 2017-10-19 19:12 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-01-31 13:45 - 2017-09-27 20:10 - 000000000 ____D C:\Users\selohu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome
2018-01-31 13:23 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-01-31 13:17 - 2017-10-19 19:22 - 011717524 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-01-31 13:17 - 2017-09-30 15:40 - 006080948 _____ C:\WINDOWS\system32\perfh00A.dat
2018-01-31 13:17 - 2017-09-30 15:40 - 001754582 _____ C:\WINDOWS\system32\perfc00A.dat
2018-01-31 13:12 - 2017-10-19 19:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-01-31 13:11 - 2017-11-19 07:59 - 000000000 ____D C:\WINDOWS\pss
2018-01-31 13:11 - 2017-09-29 09:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-01-31 13:11 - 2017-09-27 20:00 - 000000000 ____D C:\ProgramData\NVIDIA
2018-01-31 13:09 - 2017-10-19 19:13 - 000000000 ____D C:\Users\selohu
2018-01-31 12:36 - 2017-11-19 08:01 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2018-01-31 04:32 - 2017-12-15 11:05 - 000000000 ____D C:\TDSSKiller_Quarantine
2018-01-31 04:21 - 2017-12-02 01:41 - 000000000 ____D C:\Users\selohu\AppData\Roaming\uTorrent
2018-01-31 03:09 - 2017-11-24 01:52 - 000000000 ____D C:\WINDOWS\Minidump
2018-01-31 03:09 - 2017-11-14 01:14 - 000000000 ____D C:\Users\selohu\AppData\Local\CrashDumps
2018-01-31 03:09 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-01-30 16:04 - 2017-11-11 20:19 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2018-01-30 11:48 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-01-30 11:48 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-01-30 00:53 - 2017-09-27 20:08 - 000002371 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-29 03:18 - 2017-12-18 17:00 - 000041800 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2018-01-29 02:04 - 2017-09-30 18:15 - 000000000 ____D C:\FSTool
2018-01-29 01:45 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-01-28 17:34 - 2017-12-18 16:23 - 000000000 ____D C:\Users\selohu\AppData\Local\NPE
2018-01-28 17:31 - 2017-12-27 20:00 - 000000000 ____D C:\NPE
2018-01-28 17:18 - 2017-09-27 20:07 - 000000000 ____D C:\Users\selohu\AppData\Local\Google
2018-01-28 17:12 - 2017-12-31 18:01 - 000003938 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-01-28 17:10 - 2017-12-18 17:01 - 000000000 ____D C:\ProgramData\Ultra Adware Killer
2018-01-28 16:06 - 2017-12-11 01:08 - 000000000 ____D C:\EEK
2018-01-28 15:26 - 2017-11-21 13:39 - 000000000 ____D C:\Users\selohu\AppData\Local\ESET
2018-01-27 18:06 - 2017-10-07 14:52 - 000000000 ____D C:\Users\selohu\.VirtualBox
2018-01-26 22:15 - 2017-12-18 16:12 - 000000000 ____D C:\Windows_Repair_Toolbox
2018-01-26 22:15 - 2017-12-18 16:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Repair Toolbox
2018-01-25 18:28 - 2017-09-27 20:19 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-01-23 15:47 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-01-21 20:51 - 2017-12-18 22:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-01-21 20:51 - 2017-12-18 22:35 - 000000000 ____D C:\Program Files (x86)\Java
2018-01-21 20:51 - 2017-12-07 01:23 - 000000000 ____D C:\ProgramData\Oracle
2018-01-21 20:50 - 2017-12-18 22:36 - 000097344 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2018-01-18 18:05 - 2017-11-16 17:41 - 000000000 ___RD C:\Users\selohu\Creative Cloud Files
2018-01-18 18:05 - 2017-10-16 14:35 - 000000000 ____D C:\ProgramData\Package Cache
2018-01-18 18:04 - 2017-11-02 01:32 - 000000000 ____D C:\Users\selohu\AppData\Local\Adobe
2018-01-18 17:53 - 2017-11-19 07:38 - 000000000 ____D C:\Users\selohu\AppData\Local\NVIDIA
2018-01-18 02:23 - 2017-12-01 21:08 - 000000000 ____D C:\Users\selohu\AppData\Local\ElevatedDiagnostics
2018-01-16 15:58 - 2017-12-07 12:25 - 000000000 ____D C:\Users\selohu\Desktop\HLS
2018-01-15 17:17 - 2017-09-28 09:34 - 000000000 ____D C:\ProgramData\TEMP
2018-01-15 16:02 - 2017-12-06 18:27 - 000000000 ____D C:\Temp
2018-01-15 16:02 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Help
2018-01-15 16:02 - 2017-09-27 20:00 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-01-15 16:02 - 2017-09-27 20:00 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-01-15 16:02 - 2017-09-27 20:00 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-01-15 15:59 - 2017-11-07 01:29 - 000972192 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys
2018-01-15 15:59 - 2017-11-07 01:29 - 000157672 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys
2018-01-12 01:47 - 2017-11-11 01:07 - 000000000 ____D C:\Users\selohu\AppData\Local\SquirrelTemp
2018-01-11 17:34 - 2017-10-26 00:57 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2018-01-11 15:07 - 2017-09-27 19:58 - 000000000 ____D C:\Users\selohu\AppData\Roaming\Adobe
2018-01-10 17:44 - 2017-11-27 16:52 - 000000000 ____D C:\ProgramData\RogueKillerPE
2018-01-10 13:05 - 2017-09-27 20:16 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-01-10 13:03 - 2017-10-10 19:17 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-01-10 13:03 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-01-10 13:03 - 2017-09-27 20:16 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-01-08 03:43 - 2017-11-20 17:05 - 000005386 __RSH C:\ProgramData\ntuser.pol
2018-01-08 03:43 - 2017-03-18 22:03 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-01-08 03:37 - 2017-11-23 05:17 - 000000000 ____D C:\Users\selohu\AppData\Roaming\gsmartcontrol
2018-01-06 15:42 - 2017-11-20 02:52 - 000000000 ____D C:\Users\selohu\Desktop\Data Recovery 2017-11-20 at 02.52.56
2018-01-06 02:57 - 2017-12-14 00:17 - 000000000 ____D C:\ProgramData\IObit
2018-01-06 00:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2018-01-04 13:44 - 2017-10-19 19:24 - 000000000 ___RD C:\Users\selohu\3D Objects
2018-01-04 13:44 - 2017-10-19 19:12 - 000326488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-01-04 13:44 - 2017-09-27 19:58 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-01-04 13:43 - 2017-10-21 01:09 - 000000000 ___SD C:\WINDOWS\system32\lxss
2018-01-04 13:43 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-01-04 13:43 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-01-04 13:43 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-01-04 13:43 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-01-04 13:43 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-01-04 13:43 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\migwiz
2018-01-04 13:43 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-01-04 13:43 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Provisioning
2018-01-04 13:43 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2018-01-04 13:43 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-01-04 13:10 - 2017-09-29 14:41 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-01-04 13:09 - 2017-09-29 14:41 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-01-04 13:09 - 2017-09-29 14:41 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-01-04 02:44 - 2017-10-09 10:14 - 001682288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2018-01-04 02:44 - 2017-10-09 10:14 - 000226760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2018-01-04 00:19 - 2017-12-14 00:17 - 000000000 ____D C:\Users\selohu\AppData\LocalLow\IObit
2018-01-02 14:43 - 2017-12-14 00:17 - 000000000 ____D C:\Users\selohu\AppData\Roaming\IObit
2018-01-02 14:42 - 2017-12-14 00:17 - 000000000 ____D C:\Program Files (x86)\IObit
 
==================== Files in the root of some directories =======
 
2018-01-11 15:07 - 2018-01-11 15:07 - 000000033 _____ () C:\Users\selohu\AppData\Roaming\AdobeWLCMCache.dat
2018-01-30 00:46 - 2018-01-30 00:46 - 000000146 _____ () C:\Users\selohu\AppData\Roaming\gamma_ramp.reg
2017-12-19 00:25 - 2017-12-19 00:25 - 000000000 _____ () C:\Users\selohu\AppData\Roaming\gdfw.log
2017-12-19 00:25 - 2017-12-19 00:50 - 000001558 _____ () C:\Users\selohu\AppData\Roaming\gdscan.log
2017-10-21 12:27 - 2017-10-21 12:27 - 000000001 _____ () C:\Users\selohu\AppData\Local\llftool.4.40.agreement
2018-01-08 03:37 - 2018-01-08 03:37 - 000000218 _____ () C:\Users\selohu\AppData\Local\recently-used.xbel
2017-11-24 10:08 - 2017-12-18 13:37 - 000007598 _____ () C:\Users\selohu\AppData\Local\Resmon.ResmonCfg
2017-12-04 13:50 - 2017-12-04 13:50 - 000000000 _____ () C:\Users\selohu\AppData\Local\zenmap.exe.log
 
Some files in TEMP:
====================
2018-01-30 16:00 - 2018-01-01 13:48 - 001954048 _____ (Microsoft Corporation) C:\Users\selohu\AppData\Local\Temp\dllnt_dump.dll
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-01-21 19:05
 
==================== End of FRST.txt ============================


#5 selohu

selohu
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:07 AM

Posted 31 January 2018 - 07:11 PM

Hi, Gary. I'm Sergio. These are the two files you have left after analyzing the whole team.



I also wanted to send the shipment on this topic. Well, I happen to be looking for a forum where I can learn to interpret and use the FRT. My problem is that I do not speak English, his partner Dc3 told me that he had found someone who spoke Spanish one of the professors. He told Me to send a new topic and indicated that he wanted to learn FRT, but he sure didn't speak English. So I did, I sent this new topic indicating that your partner told me. The answer I had was that there was no one to speak Spanish. I'm still waiting for that topic to find out if it was a mix-up or what. About my problem with the computer that when analyzing with RKILL I appeared the following, service [PUP/GEN] 1 stopped, if you scan with other software does not appear to me, I understand that I am not much, but I would prefer not to appear.

Thank you Gary
 
Microsoft Bing Translation

Edited by selohu, 31 January 2018 - 07:41 PM.


#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,617 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:07 PM

Posted 31 January 2018 - 08:59 PM

Please post the RKill report.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 selohu

selohu
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:07 AM

Posted 01 February 2018 - 06:35 AM

Rkill 2.9.1 by Lawrence Abrams (Grinler)

Copyright 2008-2018 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 02/01/2018 12:29:26 PM in x64 mode.
Windows Version: Windows 10 Pro 
 
Checking for Windows services to stop:
 
 * Schedule Stopped. [PUP/GEN]
 
1 service stopped!
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * HOSTS file entries found: 
 
  127.0.0.1       localhost
 
Program finished at: 02/01/2018 12:29:46 PM
Execution time: 0 hours(s), 0 minute(s), and 19 seconds(s)


#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,617 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:07 PM

Posted 01 February 2018 - 03:50 PM

Greetings.

Part of RKill's purpose is to stop things from running, whether malicious or not, if it might possbily interfere with the running of tools. That RKill entry does not mean there is anything malicious on your computer. A PUP (Potentially Unwanted Program) is not malware but rather refers to a program installed on your computer that you may not have intentionally installed. You have installed so many antivirus and security type programs on your computer RKill may simply be referring to one of those.

Unless there are specific symptoms of possible malware on computer I don't believe there is anything that needs to be done.
 

Parte del propósito de RKill es evitar que las cosas se ejecuten, ya sean maliciosas o no, si es posible que interfieran con la ejecución de las herramientas. Esa entrada de RKill no significa que haya algo malicioso en su computadora. Un PUP (Potentially Unwanted Program) no es un programa malicioso, sino que se refiere a un programa instalado en su computadora que quizás no haya instalado intencionalmente. Ha instalado tantos programas antivirus y de seguridad en su computadora que RKill simplemente se puede estar refiriendo a uno de ellos.

A menos que haya síntomas específicos de posible malware en la computadora, no creo que haya que hacer nada.


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 selohu

selohu
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:07 AM

Posted 01 February 2018 - 05:12 PM

Hello, Thank you, regarding the learning of FRT?.



#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,617 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:07 PM

Posted 01 February 2018 - 06:50 PM

Si está buscando un programa de capacitación, no conozco ningún programa en español. Si simplemente está tratando de aprender sobre la herramienta de escaneo de recuperación de Farbar (FRST), puede revisar el Tutorial aquí.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 selohu

selohu
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:07 AM

Posted 02 February 2018 - 12:17 PM

Thanks, and to analyze the results scanned in FRT ?.



#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,617 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:07 PM

Posted 02 February 2018 - 09:42 PM

Requiere capacitación para que pueda entender lo que dice el informe.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 selohu

selohu
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:07 AM

Posted 04 February 2018 - 12:23 AM

Hello, and what can I do for it?
 
Thank you


#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,617 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:07 PM

Posted 04 February 2018 - 09:26 AM

I don't know of anything like BleepingComputer's training program for Spanish speakers. Sorry I can't help.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#15 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,617 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:07 PM

Posted 05 February 2018 - 10:21 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users