Hi Satchfan, thanks for the help, then attached logs:
AdwCleaner log
# AdwCleaner v5.102 - Registro generado 17/03/2016 en 13:16:57
# Actualizado 13/03/2016 por Xplode
# Base de datos : 2016-03-16.1 [Servidor]
# Sistema operativo : Windows 10 Pro (x64)
# Nombre de usuario : nayrBAlejandro - NAYRB_ALEJANDRO
# Ejecutado desde : C:\Users\nayrBAlejandro\Desktop\adwcleaner_5.102.exe
# Opción : Limpiar
***** [ Servicios ] *****
***** [ Carpetas ] *****
***** [ Archivos ] *****
[-] Archivo Eliminar : C:\Users\ji_98\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
[-] Archivo Eliminar : C:\Users\ji_98\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal
[-] Archivo Eliminar : C:\Users\ji_98\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_hdapp1008-a.akamaihd.net_0.localstorage
[-] Archivo Eliminar : C:\Users\ji_98\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_hdapp1008-a.akamaihd.net_0.localstorage-journal
[#] Archivo Eliminar : C:\Users\ji_98\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
[#] Archivo Eliminar : C:\Users\ji_98\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal
[#] Archivo Eliminar : C:\Users\ji_98\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_hdapp1008-a.akamaihd.net_0.localstorage
[#] Archivo Eliminar : C:\Users\ji_98\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_hdapp1008-a.akamaihd.net_0.localstorage-journal
[-] Archivo Eliminar : C:\Users\nayrBAlejandro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
[-] Archivo Eliminar : C:\Users\nayrBAlejandro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal
[-] Archivo Eliminar : C:\Users\nayrBAlejandro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_hdapp1008-a.akamaihd.net_0.localstorage
[-] Archivo Eliminar : C:\Users\nayrBAlejandro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_hdapp1008-a.akamaihd.net_0.localstorage-journal
[#] Archivo Eliminar : C:\Users\nayrBAlejandro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
[#] Archivo Eliminar : C:\Users\nayrBAlejandro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal
[#] Archivo Eliminar : C:\Users\nayrBAlejandro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_hdapp1008-a.akamaihd.net_0.localstorage
[#] Archivo Eliminar : C:\Users\nayrBAlejandro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_hdapp1008-a.akamaihd.net_0.localstorage-journal
***** [ DLLs ] *****
***** [ Accesos directos ] *****
***** [ Tareas programadas ] *****
[-] Tarea Eliminar : amiupdaterExd
[-] Tarea Eliminar : amiupdaterExi
***** [ Registro ] *****
[-] Llave Eliminar : HKLM\SOFTWARE\Classes\Interface\{138F4260-66CA-4F7C-812F-C6EED99B7EC7}
[-] Llave Eliminar : HKLM\SOFTWARE\Classes\Interface\{790F2D3B-18EE-40E2-A45E-1FAC13B6AFB8}
[-] Llave Eliminar : [x64] HKLM\SOFTWARE\Classes\Interface\{138F4260-66CA-4F7C-812F-C6EED99B7EC7}
[-] Llave Eliminar : [x64] HKLM\SOFTWARE\Classes\Interface\{790F2D3B-18EE-40E2-A45E-1FAC13B6AFB8}
[-] Llave Eliminar : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\affiliate.portalsepeti.com
[-] Llave Eliminar : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\akamaihd.net
[-] Llave Eliminar : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\chatango.com
[-] Llave Eliminar : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\hdapp1008-a.akamaihd.net
[-] Llave Eliminar : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\portalsepeti.com
[-] Llave Eliminar : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\st.chatango.com
[-] Llave Eliminar : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\affiliate.portalsepeti.com
[-] Llave Eliminar : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\akamaihd.net
[-] Llave Eliminar : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\chatango.com
[-] Llave Eliminar : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\hdapp1008-a.akamaihd.net
[-] Llave Eliminar : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\portalsepeti.com
[-] Llave Eliminar : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\st.chatango.com
[-] Valor Eliminar : HKU\S-1-5-21-2405107676-2796426648-614312743-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [HCDNClient]
***** [ Navegadores Web ] *****
*************************
:: Llaves "Tracing" removidas
:: Winsock Configuración borrada
*************************
C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [6483 bytes] - [17/03/2016 13:16:57]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S1].txt - [6500 bytes] - [17/03/2016 13:14:03]
########## EOF - C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [6669 bytes] ##########
JRT.txt
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.4 (03.14.2016)
Operating System: Windows 10 Pro x64
Ran by nayrBAlejandro (Administrator) on 17/03/2016 at 13:29:24,64
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 5
Failed to delete: C:\ProgramData\system32\SafeGuard32.dll (File)
Failed to delete: C:\ProgramData\system32\SafeGuard64.dll (File)
Successfully deleted: C:\Users\nayrBAlejandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod (Folder)
Successfully deleted: C:\Users\nayrBAlejandro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bigefpfhnfcobdlfbedofhhaibnlghod_0.localstorage (File)
Successfully deleted: C:\Users\Public\qiyi (Folder)
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17/03/2016 at 13:31:41,39
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Frst.txt
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by nayrBAlejandro (administrator) on NAYRB_ALEJANDRO (17-03-2016 13:33:36)
Running from C:\Users\nayrBAlejandro\Desktop
Loaded Profiles: nayrBAlejandro (Available Profiles: nayrBAlejandro & ji_98 & Invitado)
Platform: Windows 10 Pro Version 1511 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidMonitorSvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\ProgramData\Windows Security\winsecurity.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Network\Dsq\network\sysnetwk.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [735544 2015-08-07] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8459480 2015-02-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1392496 2015-02-25] (Realtek Semiconductor)
HKLM-x32\...\Run: [YouCam Service6] => C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe [500696 2013-11-25] (CyberLink Corp.)
HKLM-x32\...\Run: [PDFPrint] => E:\Program Files (x86)\PDF24\pdf24.exe [212000 2016-01-18] (Geek Software GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKU\S-1-5-21-2405107676-2796426648-614312743-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-03-16] (Valve Corporation)
HKU\S-1-5-21-2405107676-2796426648-614312743-1001\...\Run: [Spotify Web Helper] => C:\Users\nayrBAlejandro\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524848 2016-03-07] (Spotify Ltd)
HKU\S-1-5-21-2405107676-2796426648-614312743-1001\...\Run: [Spotify] => C:\Users\nayrBAlejandro\AppData\Roaming\Spotify\Spotify.exe [6754928 2016-03-07] (Spotify Ltd)
HKU\S-1-5-21-2405107676-2796426648-614312743-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
ShellIconOverlayIdentifiers: [ExplorerEx] -> {E056AFDD-03E9-4D73-8D33-8FCCBCA73438} => No File
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: [S-1-5-21-2405107676-2796426648-614312743-1001] => Proxy is enabled.
ProxyServer: [S-1-5-21-2405107676-2796426648-614312743-1001] => http=127.0.0.1:8080;https=127.0.0.1:8080
Winsock: Catalog5 07 C:\ProgramData\System32\SafeGuard32.dll No File
Winsock: Catalog5-x64 07 C:\ProgramData\System32\SafeGuard64.dll [3587000 2015-12-30] ()
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 200.107.10.105 192.168.1.1
Tcpip\..\Interfaces\{0844a99a-3831-41bb-b695-10c1b596553f}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{133036b4-4e91-48e0-9494-55bd8e41475a}: [DhcpNameServer] 200.107.10.105 192.168.1.1
Tcpip\..\Interfaces\{C27118A9-3027-44A2-B515-D57353D0CB88}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
ManualProxies: 1http=127.0.0.1:8080;https=127.0.0.1:8080
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.atajitos.com?q={searchTerms}&uid={262415663d92468e8d206ee1d1a9c720}&r=eg
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.allinchrome.com/?bd=hp&oem=ntsvc&uid=HGSTXHTS541075A9E680_JD12021A0GAM8K0GAM8KX&version=2.3.0.10992&pid=414031160&tid=712
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://nav.brotstation.com?uid={262415663d92468e8d206ee1d1a9c720}&r=eg
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.atajitos.com?q={searchTerms}&uid={262415663d92468e8d206ee1d1a9c720}&r=eg
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2405107676-2796426648-614312743-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.atajitos.com?q={searchTerms}&uid={262415663d92468e8d206ee1d1a9c720}&r=eg
HKU\S-1-5-21-2405107676-2796426648-614312743-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2405107676-2796426648-614312743-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://nav.brotstation.com?uid={262415663d92468e8d206ee1d1a9c720}&r=eg
HKU\S-1-5-21-2405107676-2796426648-614312743-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.atajitos.com?q={searchTerms}&uid={262415663d92468e8d206ee1d1a9c720}&r=eg
SearchScopes: HKLM-x32 -> DefaultScope {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.atajitos.com?q={searchTerms}&uid={262415663d92468e8d206ee1d1a9c720}&r=eg
SearchScopes: HKLM-x32 -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.atajitos.com?q={searchTerms}&uid={262415663d92468e8d206ee1d1a9c720}&r=eg
SearchScopes: HKU\S-1-5-21-2405107676-2796426648-614312743-1001 -> DefaultScope {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.atajitos.com?q={searchTerms}&uid={262415663d92468e8d206ee1d1a9c720}&r=eg
SearchScopes: HKU\S-1-5-21-2405107676-2796426648-614312743-1001 -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.atajitos.com?q={searchTerms}&uid={262415663d92468e8d206ee1d1a9c720}&r=eg
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2016-03-01] (AO Kaspersky Lab)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-03-03] (Oracle Corporation)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2016-03-01] (AO Kaspersky Lab)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-03] (Oracle Corporation)
BHO-x32: Aplicación auxiliar de la Grabadora de prueba web de Microsoft 10.0 -> {DDA57003-0068-4ed2-9D32-4D1EC707D94D} -> D:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2010-03-19] (Microsoft Corporation)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2016-03-01] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2016-03-01] (AO Kaspersky Lab)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
Edge:
======
Edge Session Restore: HKU\S-1-5-21-2405107676-2796426648-614312743-1001 -> is enabled.
FireFox:
========
FF ProfilePath: C:\Users\nayrBAlejandro\AppData\Roaming\Mozilla\Firefox\Profiles\4lf3el4l.default
FF Session Restore: -> is enabled.
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2016-01-11] ()
FF Plugin: @iqiyi.com/npclient -> C:\IQIYI Video\LStyle\npclient.dll [No File]
FF Plugin: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2016-01-11] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-03-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-03-03] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\10.3.0.5416280\npmathplugin.dll [2015-10-09] (Wolfram Research, Inc.)
FF Extension: Adblock Plus - C:\Users\nayrBAlejandro\AppData\Roaming\Mozilla\Firefox\Profiles\4lf3el4l.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-12]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2015-04-23] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2016-03-02]
Chrome:
=======
CHR HomePage: Default -> hxxp://nav.brotstation.com?uid={262415663d92468e8d206ee1d1a9c720}&r=eg
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\nayrBAlejandro\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Diapositivas de Google) - C:\Users\nayrBAlejandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-18]
CHR Extension: (Google Docs) - C:\Users\nayrBAlejandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-18]
CHR Extension: (Google Drive) - C:\Users\nayrBAlejandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-17]
CHR Extension: (YouTube) - C:\Users\nayrBAlejandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-17]
CHR Extension: (Búsqueda de Google) - C:\Users\nayrBAlejandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-17]
CHR Extension: (Kaspersky Protection) - C:\Users\nayrBAlejandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2016-03-01]
CHR Extension: (Hojas de cálculo de Google) - C:\Users\nayrBAlejandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-18]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\nayrBAlejandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-17]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\nayrBAlejandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Gmail) - C:\Users\nayrBAlejandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [104824 2015-08-07] (Alps Electric Co., Ltd.)
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2016-03-01] (Kaspersky Lab ZAO)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-11-14] (Hewlett-Packard Company)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [69964448 2015-04-03] (Microsoft Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [293080 2014-12-23] (Realtek Semiconductor)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [441512 2015-04-03] (Microsoft Corporation)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 WindowsSecurity; C:\ProgramData\Windows Security\winsecurity.exe [7244752 2016-03-17] (Microsoft Corporation)
S4 XBox; C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\XBox\XBLive.exe [5359032 2016-02-20] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 clwvd6; C:\Windows\system32\DRIVERS\clwvd6.sys [41704 2013-10-29] (CyberLink Corporation)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
R1 ElRawDisk; C:\WINDOWS\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [77728 2016-03-02] (AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [181640 2016-03-02] (AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [227512 2016-03-01] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [927640 2016-03-02] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [39608 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2016-03-02] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87944 2016-03-02] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2016-03-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 netr28x; C:\Windows\System32\drivers\netr28x.sys [2504192 2015-10-30] (MediaTek Inc.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-29] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1219200 2015-06-03] (Ralink Technology, Corp.)
S3 VSPerfDrv100; D:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [68440 2010-03-17] (Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 WinDivert1.1; \??\C:\Program Files\KMSpico\WinDivert.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-17 13:33 - 2016-03-17 13:34 - 00021203 _____ C:\Users\nayrBAlejandro\Desktop\FRST.txt
2016-03-17 13:33 - 2016-03-17 13:33 - 00000000 ____D C:\FRST
2016-03-17 13:31 - 2016-03-17 13:31 - 00001070 _____ C:\Users\nayrBAlejandro\Desktop\JRT.txt
2016-03-17 13:27 - 2016-03-17 13:27 - 01610352 _____ (Malwarebytes) C:\Users\nayrBAlejandro\Desktop\JRT.exe
2016-03-17 13:25 - 2016-03-17 13:25 - 02374144 _____ (Farbar) C:\Users\nayrBAlejandro\Desktop\FRST64.exe
2016-03-17 13:20 - 2016-03-17 13:20 - 00006779 _____ C:\Users\nayrBAlejandro\Desktop\AdwCleaner[C1].txt
2016-03-17 13:13 - 2016-03-17 13:16 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-17 13:11 - 2016-03-17 13:11 - 01527296 _____ C:\Users\nayrBAlejandro\Desktop\adwcleaner_5.102.exe
2016-03-16 22:18 - 2016-03-16 22:29 - 00189162 _____ C:\WINDOWS\ntbtlog.txt
2016-03-16 22:18 - 2016-03-16 22:18 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-03-16 00:58 - 2016-03-16 01:43 - 00000000 ____D C:\ProgramData\HitmanPro
2016-03-16 00:55 - 2016-03-16 00:56 - 11441744 _____ (SurfRight B.V.) C:\Users\nayrBAlejandro\Downloads\hitmanpro_x64.exe
2016-03-14 19:58 - 2016-03-14 20:07 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-03-14 19:58 - 2016-03-14 19:58 - 00001171 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-03-14 19:58 - 2016-03-14 19:58 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-03-14 19:58 - 2016-03-14 19:58 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-03-14 19:58 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-03-14 19:58 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-03-14 19:58 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2016-03-14 19:55 - 2016-03-14 19:57 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\nayrBAlejandro\Downloads\mbam-setup-2.1.8.1057.exe
2016-03-08 15:54 - 2016-02-24 04:51 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-03-08 15:54 - 2016-02-24 04:48 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-03-08 15:54 - 2016-02-24 04:47 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-03-08 15:54 - 2016-02-24 04:40 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-03-08 15:54 - 2016-02-24 03:46 - 06607080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-03-08 15:54 - 2016-02-24 03:11 - 01997152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-03-08 15:54 - 2016-02-24 03:06 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-03-08 15:54 - 2016-02-24 01:11 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-03-08 15:54 - 2016-02-24 01:00 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-03-08 15:54 - 2016-02-24 00:20 - 22376960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-03-08 15:54 - 2016-02-24 00:18 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-03-08 15:54 - 2016-02-24 00:12 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-03-08 15:54 - 2016-02-24 00:10 - 24600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-03-08 15:54 - 2016-02-24 00:03 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-08 15:54 - 2016-02-23 06:25 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-03-08 15:54 - 2016-02-23 05:34 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-03-08 15:54 - 2016-02-23 05:32 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-03-08 15:54 - 2016-02-23 05:32 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-03-08 15:54 - 2016-02-23 05:31 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-03-08 15:54 - 2016-02-23 05:31 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-03-08 15:54 - 2016-02-23 05:21 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-03-08 15:54 - 2016-02-23 04:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-08 15:54 - 2016-02-23 04:27 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-03-08 15:54 - 2016-02-23 03:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-03-08 15:54 - 2016-02-23 03:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-03-08 15:54 - 2016-02-23 03:28 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-03-08 15:54 - 2016-02-23 03:09 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-03-08 15:54 - 2016-02-23 03:06 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-03-08 15:54 - 2016-02-23 03:06 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-03-08 15:54 - 2016-02-23 03:00 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-03-08 15:54 - 2016-02-23 02:58 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-03-08 15:54 - 2016-02-23 02:52 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-03-08 15:54 - 2016-02-23 02:30 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-03-08 15:54 - 2016-02-23 02:24 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-03-08 15:54 - 2016-02-23 02:22 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-03-08 15:54 - 2016-02-23 02:21 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-03-08 15:54 - 2016-02-23 01:59 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-03-08 15:54 - 2016-02-23 01:55 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-03-08 15:54 - 2016-02-23 01:55 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-03-08 15:54 - 2016-02-23 01:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-03-08 15:54 - 2016-02-23 01:50 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-03-08 15:54 - 2016-02-23 01:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-03-08 15:54 - 2016-02-23 01:36 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-03-08 15:54 - 2016-02-08 22:24 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-03-08 15:54 - 2016-02-08 22:07 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-03-08 15:54 - 2016-02-08 22:04 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-03-08 15:53 - 2016-03-01 00:31 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-03-08 15:53 - 2016-03-01 00:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-03-08 15:53 - 2016-02-24 04:52 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-03-08 15:53 - 2016-02-24 04:34 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-03-08 15:53 - 2016-02-24 04:28 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-03-08 15:53 - 2016-02-24 04:15 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-03-08 15:53 - 2016-02-24 03:58 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-03-08 15:53 - 2016-02-24 03:54 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-03-08 15:53 - 2016-02-24 03:51 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-03-08 15:53 - 2016-02-24 03:50 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-03-08 15:53 - 2016-02-24 03:43 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-03-08 15:53 - 2016-02-24 03:39 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-03-08 15:53 - 2016-02-24 03:39 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-03-08 15:53 - 2016-02-24 03:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-03-08 15:53 - 2016-02-24 03:14 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-08 15:53 - 2016-02-24 03:11 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-03-08 15:53 - 2016-02-24 03:11 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-03-08 15:53 - 2016-02-24 03:11 - 00652392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-03-08 15:53 - 2016-02-24 03:11 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-03-08 15:53 - 2016-02-24 03:11 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-03-08 15:53 - 2016-02-24 03:10 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-03-08 15:53 - 2016-02-24 03:10 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-03-08 15:53 - 2016-02-24 03:09 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-03-08 15:53 - 2016-02-24 03:09 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-03-08 15:53 - 2016-02-24 02:59 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-03-08 15:53 - 2016-02-24 02:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-03-08 15:53 - 2016-02-24 02:39 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-03-08 15:53 - 2016-02-24 02:38 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-03-08 15:53 - 2016-02-24 02:38 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-03-08 15:53 - 2016-02-24 02:37 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-03-08 15:53 - 2016-02-24 02:36 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-03-08 15:53 - 2016-02-24 02:35 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-03-08 15:53 - 2016-02-24 02:35 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-03-08 15:53 - 2016-02-24 02:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-03-08 15:53 - 2016-02-24 02:35 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-03-08 15:53 - 2016-02-24 02:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-03-08 15:53 - 2016-02-24 02:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-03-08 15:53 - 2016-02-24 02:31 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-03-08 15:53 - 2016-02-24 02:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-03-08 15:53 - 2016-02-24 02:28 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-03-08 15:53 - 2016-02-24 02:23 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-03-08 15:53 - 2016-02-24 02:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-03-08 15:53 - 2016-02-24 02:23 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-03-08 15:53 - 2016-02-24 02:22 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-03-08 15:53 - 2016-02-24 02:20 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-03-08 15:53 - 2016-02-24 02:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-03-08 15:53 - 2016-02-24 02:20 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-03-08 15:53 - 2016-02-24 02:19 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-03-08 15:53 - 2016-02-24 02:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-03-08 15:53 - 2016-02-24 02:15 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-03-08 15:53 - 2016-02-24 02:14 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-03-08 15:53 - 2016-02-24 02:13 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-03-08 15:53 - 2016-02-24 02:12 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-03-08 15:53 - 2016-02-24 02:12 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-03-08 15:53 - 2016-02-24 02:10 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-03-08 15:53 - 2016-02-24 02:09 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-03-08 15:53 - 2016-02-24 02:09 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-03-08 15:53 - 2016-02-24 02:07 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-03-08 15:53 - 2016-02-24 02:05 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-03-08 15:53 - 2016-02-24 02:03 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-03-08 15:53 - 2016-02-24 02:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-03-08 15:53 - 2016-02-24 02:01 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-03-08 15:53 - 2016-02-24 02:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-03-08 15:53 - 2016-02-24 02:01 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-03-08 15:53 - 2016-02-24 02:00 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-03-08 15:53 - 2016-02-24 01:59 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-03-08 15:53 - 2016-02-24 01:59 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-03-08 15:53 - 2016-02-24 01:59 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-03-08 15:53 - 2016-02-24 01:58 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-03-08 15:53 - 2016-02-24 01:55 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-03-08 15:53 - 2016-02-24 01:55 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-03-08 15:53 - 2016-02-24 01:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-03-08 15:53 - 2016-02-24 01:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-03-08 15:53 - 2016-02-24 01:54 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-03-08 15:53 - 2016-02-24 01:54 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-03-08 15:53 - 2016-02-24 01:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-03-08 15:53 - 2016-02-24 01:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-03-08 15:53 - 2016-02-24 01:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-03-08 15:53 - 2016-02-24 01:52 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-03-08 15:53 - 2016-02-24 01:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-03-08 15:53 - 2016-02-24 01:51 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-03-08 15:53 - 2016-02-24 01:49 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-03-08 15:53 - 2016-02-24 01:47 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-03-08 15:53 - 2016-02-24 01:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-03-08 15:53 - 2016-02-24 01:44 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-03-08 15:53 - 2016-02-24 01:44 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-03-08 15:53 - 2016-02-24 01:44 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-03-08 15:53 - 2016-02-24 01:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-03-08 15:53 - 2016-02-24 01:43 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-03-08 15:53 - 2016-02-24 01:43 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-03-08 15:53 - 2016-02-24 01:42 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-03-08 15:53 - 2016-02-24 01:42 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-03-08 15:53 - 2016-02-24 01:41 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-03-08 15:53 - 2016-02-24 01:41 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-03-08 15:53 - 2016-02-24 01:40 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-03-08 15:53 - 2016-02-24 01:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-03-08 15:53 - 2016-02-24 01:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-03-08 15:53 - 2016-02-24 01:39 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-03-08 15:53 - 2016-02-24 01:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-03-08 15:53 - 2016-02-24 01:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-03-08 15:53 - 2016-02-24 01:36 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-03-08 15:53 - 2016-02-24 01:34 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-03-08 15:53 - 2016-02-24 01:34 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-03-08 15:53 - 2016-02-24 01:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-03-08 15:53 - 2016-02-24 01:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-03-08 15:53 - 2016-02-24 01:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-03-08 15:53 - 2016-02-24 01:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-03-08 15:53 - 2016-02-24 01:28 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-03-08 15:53 - 2016-02-24 01:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-03-08 15:53 - 2016-02-24 01:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-03-08 15:53 - 2016-02-24 01:25 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-03-08 15:53 - 2016-02-24 01:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-03-08 15:53 - 2016-02-24 01:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2016-03-08 15:53 - 2016-02-24 01:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-03-08 15:53 - 2016-02-24 01:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-03-08 15:53 - 2016-02-24 01:18 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-03-08 15:53 - 2016-02-24 01:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-03-08 15:53 - 2016-02-24 01:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-03-08 15:53 - 2016-02-24 01:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-03-08 15:53 - 2016-02-24 01:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-03-08 15:53 - 2016-02-24 01:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-03-08 15:53 - 2016-02-24 01:09 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-03-08 15:53 - 2016-02-24 01:09 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-03-08 15:53 - 2016-02-24 01:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-03-08 15:53 - 2016-02-24 01:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-03-08 15:53 - 2016-02-24 01:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-03-08 15:53 - 2016-02-24 01:07 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-03-08 15:53 - 2016-02-24 01:07 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-03-08 15:53 - 2016-02-24 01:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-03-08 15:53 - 2016-02-24 01:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-03-08 15:53 - 2016-02-24 01:01 - 01831936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-08 15:53 - 2016-02-24 01:00 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-03-08 15:53 - 2016-02-24 00:57 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-08 15:53 - 2016-02-24 00:55 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-08 15:53 - 2016-02-24 00:43 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-03-08 15:53 - 2016-02-24 00:34 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-03-08 15:53 - 2016-02-24 00:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-03-08 15:53 - 2016-02-24 00:12 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-03-08 15:53 - 2016-02-24 00:09 - 06972416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-08 15:53 - 2016-02-24 00:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-03-08 15:53 - 2016-02-23 23:59 - 05661696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-03-08 15:53 - 2016-02-23 23:55 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-03-08 15:53 - 2016-02-23 06:29 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-03-08 15:53 - 2016-02-23 06:29 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-03-08 15:53 - 2016-02-23 06:27 - 02654872 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-08 15:53 - 2016-02-23 06:27 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-03-08 15:53 - 2016-02-23 06:27 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-03-08 15:53 - 2016-02-23 06:25 - 02152288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-03-08 15:53 - 2016-02-23 06:25 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-03-08 15:53 - 2016-02-23 06:15 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-03-08 15:53 - 2016-02-23 06:08 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-03-08 15:53 - 2016-02-23 05:34 - 01859960 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-03-08 15:53 - 2016-02-23 05:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-08 15:53 - 2016-02-23 05:33 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-03-08 15:53 - 2016-02-23 05:32 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-03-08 15:53 - 2016-02-23 05:32 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-03-08 15:53 - 2016-02-23 05:32 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-03-08 15:53 - 2016-02-23 05:32 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-03-08 15:53 - 2016-02-23 05:31 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-03-08 15:53 - 2016-02-23 05:31 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-03-08 15:53 - 2016-02-23 05:31 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-03-08 15:53 - 2016-02-23 05:25 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-03-08 15:53 - 2016-02-23 05:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-03-08 15:53 - 2016-02-23 05:17 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-03-08 15:53 - 2016-02-23 04:45 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-03-08 15:53 - 2016-02-23 04:40 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-03-08 15:53 - 2016-02-23 04:39 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-03-08 15:53 - 2016-02-23 04:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-03-08 15:53 - 2016-02-23 04:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-03-08 15:53 - 2016-02-23 04:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-03-08 15:53 - 2016-02-23 04:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-03-08 15:53 - 2016-02-23 04:38 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-03-08 15:53 - 2016-02-23 04:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-03-08 15:53 - 2016-02-23 04:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-03-08 15:53 - 2016-02-23 04:32 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-03-08 15:53 - 2016-02-23 04:30 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-03-08 15:53 - 2016-02-23 04:27 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-03-08 15:53 - 2016-02-23 04:25 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-03-08 15:53 - 2016-02-23 04:20 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-03-08 15:53 - 2016-02-23 04:20 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-03-08 15:53 - 2016-02-23 04:19 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-03-08 15:53 - 2016-02-23 04:17 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-03-08 15:53 - 2016-02-23 04:12 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-03-08 15:53 - 2016-02-23 04:10 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-03-08 15:53 - 2016-02-23 04:07 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-03-08 15:53 - 2016-02-23 04:07 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-03-08 15:53 - 2016-02-23 04:06 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-03-08 15:53 - 2016-02-23 04:01 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-03-08 15:53 - 2016-02-23 04:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-08 15:53 - 2016-02-23 04:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-03-08 15:53 - 2016-02-23 03:58 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-03-08 15:53 - 2016-02-23 03:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-03-08 15:53 - 2016-02-23 03:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-03-08 15:53 - 2016-02-23 03:55 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-03-08 15:53 - 2016-02-23 03:53 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-03-08 15:53 - 2016-02-23 03:53 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-03-08 15:53 - 2016-02-23 03:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-03-08 15:53 - 2016-02-23 03:51 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2016-03-08 15:53 - 2016-02-23 03:50 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-03-08 15:53 - 2016-02-23 03:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-03-08 15:53 - 2016-02-23 03:48 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-03-08 15:53 - 2016-02-23 03:40 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-03-08 15:53 - 2016-02-23 03:39 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-03-08 15:53 - 2016-02-23 03:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-03-08 15:53 - 2016-02-23 03:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-03-08 15:53 - 2016-02-23 03:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-03-08 15:53 - 2016-02-23 03:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-03-08 15:53 - 2016-02-23 03:37 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-08 15:53 - 2016-02-23 03:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-03-08 15:53 - 2016-02-23 03:34 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-03-08 15:53 - 2016-02-23 03:34 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-03-08 15:53 - 2016-02-23 03:33 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-03-08 15:53 - 2016-02-23 03:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-03-08 15:53 - 2016-02-23 03:31 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-03-08 15:53 - 2016-02-23 03:29 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-03-08 15:53 - 2016-02-23 03:27 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-03-08 15:53 - 2016-02-23 03:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-03-08 15:53 - 2016-02-23 03:23 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-03-08 15:53 - 2016-02-23 03:22 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-03-08 15:53 - 2016-02-23 03:20 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-03-08 15:53 - 2016-02-23 03:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-03-08 15:53 - 2016-02-23 03:20 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-03-08 15:53 - 2016-02-23 03:20 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-08 15:53 - 2016-02-23 03:19 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-03-08 15:53 - 2016-02-23 03:19 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-03-08 15:53 - 2016-02-23 03:18 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-03-08 15:53 - 2016-02-23 03:14 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-03-08 15:53 - 2016-02-23 03:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-03-08 15:53 - 2016-02-23 03:12 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-03-08 15:53 - 2016-02-23 03:11 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-03-08 15:53 - 2016-02-23 03:10 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-03-08 15:53 - 2016-02-23 03:10 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-03-08 15:53 - 2016-02-23 03:09 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-03-08 15:53 - 2016-02-23 03:09 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-03-08 15:53 - 2016-02-23 03:06 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-03-08 15:53 - 2016-02-23 03:05 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-03-08 15:53 - 2016-02-23 03:04 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-03-08 15:53 - 2016-02-23 03:04 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-03-08 15:53 - 2016-02-23 03:04 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-03-08 15:53 - 2016-02-23 03:02 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-03-08 15:53 - 2016-02-23 03:02 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-03-08 15:53 - 2016-02-23 03:02 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-03-08 15:53 - 2016-02-23 02:58 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-03-08 15:53 - 2016-02-23 02:58 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-03-08 15:53 - 2016-02-23 02:58 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-03-08 15:53 - 2016-02-23 02:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-03-08 15:53 - 2016-02-23 02:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-03-08 15:53 - 2016-02-23 02:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-03-08 15:53 - 2016-02-23 02:48 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-03-08 15:53 - 2016-02-23 02:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-03-08 15:53 - 2016-02-23 02:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-03-08 15:53 - 2016-02-23 02:37 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-03-08 15:53 - 2016-02-23 02:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-03-08 15:53 - 2016-02-23 02:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-03-08 15:53 - 2016-02-23 02:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-03-08 15:53 - 2016-02-23 02:36 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-08 15:53 - 2016-02-23 02:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-03-08 15:53 - 2016-02-23 02:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-03-08 15:53 - 2016-02-23 02:30 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-03-08 15:53 - 2016-02-23 02:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-03-08 15:53 - 2016-02-23 02:28 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-03-08 15:53 - 2016-02-23 02:28 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-03-08 15:53 - 2016-02-23 02:24 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-03-08 15:53 - 2016-02-23 02:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-03-08 15:53 - 2016-02-23 02:24 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-03-08 15:53 - 2016-02-23 02:21 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-03-08 15:53 - 2016-02-23 02:20 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-03-08 15:53 - 2016-02-23 02:17 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-08 15:53 - 2016-02-23 02:14 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-03-08 15:53 - 2016-02-23 02:11 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-03-08 15:53 - 2016-02-23 02:05 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-03-08 15:53 - 2016-02-23 02:01 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-03-08 15:53 - 2016-02-23 01:58 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-03-08 15:53 - 2016-02-23 01:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-03-08 15:53 - 2016-02-23 01:53 - 01799168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-03-08 15:53 - 2016-02-23 01:51 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-03-08 15:53 - 2016-02-23 01:42 - 03425792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-03-08 15:53 - 2016-02-23 01:41 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-03-08 15:53 - 2016-02-23 01:39 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-03-08 15:53 - 2016-02-23 01:36 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-03-08 15:53 - 2016-02-23 01:35 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-03-08 15:53 - 2016-02-23 01:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-03-08 15:53 - 2016-02-23 01:32 - 02793472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-03-08 15:53 - 2016-02-23 01:30 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-03-08 15:53 - 2016-02-23 01:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-03-08 15:53 - 2016-02-08 23:28 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-03-08 15:53 - 2016-02-08 23:13 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-03-08 15:53 - 2016-02-08 22:18 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-03-08 15:53 - 2016-02-08 22:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-03-08 15:53 - 2016-02-08 22:07 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-03-07 15:08 - 2016-03-07 15:08 - 00000896 _____ C:\Users\nayrBAlejandro\Desktop\Frozen Throne.lnk
2016-03-07 15:03 - 2016-03-07 15:08 - 00139264 _____ (Blizzard Entertainment) C:\WINDOWS\War3Unin.exe
2016-03-07 15:03 - 2016-03-07 15:08 - 00056805 _____ C:\WINDOWS\War3Unin.dat
2016-03-07 15:03 - 2016-03-07 15:08 - 00002829 _____ C:\WINDOWS\War3Unin.pif
2016-03-07 15:03 - 2016-03-07 15:08 - 00000000 ____D C:\Users\nayrBAlejandro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warcraft III
2016-03-07 15:03 - 2016-03-07 15:03 - 00000891 _____ C:\Users\nayrBAlejandro\Desktop\Warcraft III.lnk
2016-03-03 18:56 - 2016-03-03 18:56 - 00002467 _____ C:\Users\ji_98\Desktop\Safe Money.lnk
2016-03-01 18:43 - 2016-03-01 18:49 - 00002467 _____ C:\Users\nayrBAlejandro\Desktop\Safe Money.lnk
2016-03-01 18:42 - 2016-03-01 18:42 - 00002205 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2016-03-01 18:42 - 2016-03-01 18:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2016-03-01 18:41 - 2016-03-17 13:19 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-03-01 18:41 - 2016-03-02 03:16 - 00927640 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2016-03-01 18:41 - 2016-03-02 03:16 - 00181640 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2016-03-01 18:41 - 2016-03-01 22:03 - 00227512 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2016-03-01 18:41 - 2016-03-01 18:41 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2016-03-01 18:41 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll
2016-03-01 17:42 - 2016-03-01 17:42 - 00000000 ____D C:\Users\nayrBAlejandro\AppData\Local\ElevatedDiagnostics
2016-02-29 07:51 - 2016-03-17 13:05 - 00000000 ____D C:\WINDOWS\19
2016-02-28 15:08 - 2016-02-28 15:08 - 00026624 ___SH C:\Users\ji_98\Downloads\Thumbs.db
2016-02-27 03:37 - 2016-03-09 17:56 - 00361904 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-02-27 03:34 - 2016-03-01 14:54 - 00000000 ____D C:\AdwCleaner
2016-02-27 03:33 - 2016-02-27 03:34 - 01511936 _____ C:\Users\nayrBAlejandro\Downloads\adwcleaner_5.036.exe
2016-02-26 10:38 - 2016-02-26 10:38 - 00233574 _____ C:\Users\nayrBAlejandro\Downloads\Notas_2357.pdf
2016-02-25 20:26 - 2016-02-25 20:26 - 00000000 ____D C:\Users\nayrBAlejandro\AppData\Local\Bluestacks
2016-02-25 10:41 - 2016-02-25 10:41 - 00006144 ___SH C:\Users\ji_98\Desktop\Thumbs.db
2016-02-25 06:33 - 2016-02-25 06:33 - 02578582 _____ C:\Users\nayrBAlejandro\Documents\img011.pdf
2016-02-25 06:27 - 2016-02-25 06:27 - 03080960 _____ C:\Users\nayrBAlejandro\Documents\img010.pdf
2016-02-24 22:44 - 2016-02-24 22:44 - 00000000 ____D C:\Users\ji_98\AppData\Local\PeerDistRepub
2016-02-24 22:43 - 2016-03-17 13:05 - 00000000 ____D C:\ProgramData\Windows Security
2016-02-24 20:25 - 2016-02-24 20:25 - 00773566 _____ C:\Users\nayrBAlejandro\Documents\img009.pdf
2016-02-22 06:01 - 2016-02-22 06:01 - 04272753 _____ C:\Users\nayrBAlejandro\Downloads\Practica.pdf
2016-02-21 23:49 - 2016-02-21 23:49 - 00000000 ____D C:\Users\nayrBAlejandro\AppData\Roaming\EPSON
2016-02-21 20:42 - 2016-02-21 20:43 - 00007912 _____ C:\Users\nayrBAlejandro\Downloads\Demostracion de series.nb
2016-02-18 04:01 - 2016-02-18 04:01 - 01171736 _____ C:\Users\nayrBAlejandro\Downloads\Exposicion-Molecular (1).pptx
2016-02-18 04:00 - 2016-02-18 04:01 - 01202763 _____ C:\Users\nayrBAlejandro\Downloads\RESULTADOSmolecuarpaper.pptx
2016-02-18 03:36 - 2016-02-18 04:17 - 01451789 _____ C:\Users\nayrBAlejandro\Downloads\Exposicion-Molecular.pptx
2016-02-17 20:46 - 2016-02-17 20:46 - 00013564 _____ C:\Users\nayrBAlejandro\Downloads\Planificacin_Unidad_III_Bioqumica (2).xlsx
2016-02-16 07:27 - 2016-02-16 07:28 - 11916407 _____ C:\Users\nayrBAlejandro\Downloads\Biosíntesis-de-Aminoácidos (3).pptx
2016-02-16 07:25 - 2016-02-16 07:26 - 11916186 _____ C:\Users\nayrBAlejandro\Downloads\Biosíntesis-de-Aminoácidos (2).pptx
2016-02-16 03:41 - 2016-02-16 03:42 - 07396624 _____ C:\Users\nayrBAlejandro\Downloads\Biosíntesis-de-Aminoácidos (1).pptx
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-17 13:20 - 2016-01-17 19:56 - 00001072 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-17 13:20 - 2015-03-18 20:06 - 00000000 __SHD C:\Users\nayrBAlejandro\IntelGraphicsProfiles
2016-03-17 13:19 - 2015-03-18 20:18 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-03-17 13:18 - 2016-01-25 01:06 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-17 13:18 - 2015-10-30 01:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-03-17 13:09 - 2016-01-17 19:56 - 00001076 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-17 13:06 - 2015-03-16 09:14 - 00004236 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{121300FD-3735-4F73-ABD6-BEAFD4D5B316}
2016-03-17 00:55 - 2015-03-19 17:35 - 00000000 ____D C:\Program Files (x86)\Steam
2016-03-16 21:57 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-16 21:56 - 2015-10-30 02:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-16 21:53 - 2015-12-21 09:20 - 00000000 ____D C:\ProgramData\System32
2016-03-16 21:47 - 2016-02-06 09:41 - 00000000 ___RD C:\Users\ji_98\OneDrive
2016-03-16 17:23 - 2016-02-06 09:37 - 00000000 __SHD C:\Users\ji_98\IntelGraphicsProfiles
2016-03-14 20:12 - 2016-01-17 19:59 - 00002412 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-14 20:12 - 2016-01-17 19:59 - 00002400 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-14 01:49 - 2015-10-30 02:21 - 00000000 ____D C:\WINDOWS\INF
2016-03-14 01:48 - 2015-10-30 02:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-14 01:26 - 2015-05-04 19:10 - 00000000 ____D C:\Users\nayrBAlejandro\Documents\Visual Studio 2010
2016-03-14 01:22 - 2015-04-23 22:30 - 00000000 ____D C:\Program Files (x86)\EPSON Software
2016-03-13 20:22 - 2016-02-06 09:37 - 00000000 ____D C:\Users\ji_98
2016-03-12 14:03 - 2015-08-31 16:09 - 00000918 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-03-11 16:02 - 2015-03-18 13:04 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-11 15:25 - 2016-01-25 00:43 - 00000000 ____D C:\Users\nayrBAlejandro
2016-03-09 18:19 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-03-09 18:03 - 2016-01-25 01:06 - 02033046 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-09 18:03 - 2015-10-30 13:59 - 00887094 _____ C:\WINDOWS\system32\perfh00A.dat
2016-03-09 18:03 - 2015-10-30 13:59 - 00185776 _____ C:\WINDOWS\system32\perfc00A.dat
2016-03-09 17:54 - 2015-10-30 01:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-03-09 17:53 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-03-09 17:53 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-03-09 17:53 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-03-09 17:53 - 2015-10-30 01:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-03-09 17:51 - 2015-10-30 14:02 - 00000000 ____D C:\Program Files\Windows Journal
2016-03-09 17:51 - 2015-10-30 02:24 - 00000000 __RSD C:\WINDOWS\Media
2016-03-09 17:51 - 2015-10-30 02:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-03-09 17:51 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-03-09 17:51 - 2015-10-30 02:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-09 17:51 - 2015-10-30 02:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-09 17:51 - 2015-10-30 02:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-09 17:51 - 2015-10-30 02:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-09 16:41 - 2015-03-25 22:23 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-03-09 16:29 - 2015-03-25 22:23 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-03-08 21:20 - 2015-04-30 01:06 - 00000000 ____D C:\Users\nayrBAlejandro\AppData\Local\Spotify
2016-03-08 21:20 - 2015-04-30 00:46 - 00000000 ____D C:\Users\nayrBAlejandro\AppData\Roaming\Spotify
2016-03-08 17:36 - 2016-01-25 06:03 - 00002467 _____ C:\Users\nayrBAlejandro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-03-08 02:12 - 2015-10-30 02:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-03-08 02:12 - 2015-10-30 02:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-07 21:28 - 2015-04-17 18:20 - 01064448 ___SH C:\Users\nayrBAlejandro\Downloads\Thumbs.db
2016-03-07 17:47 - 2016-02-06 09:41 - 00002440 _____ C:\Users\ji_98\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-03-07 15:09 - 2015-03-16 09:06 - 00000000 ____D C:\Users\nayrBAlejandro\AppData\Local\VirtualStore
2016-03-03 23:14 - 2015-07-12 22:28 - 00000000 ____D C:\Users\nayrBAlejandro\AppData\Roaming\Skype
2016-03-03 21:32 - 2015-09-20 20:49 - 00000099 _____ C:\Users\nayrBAlejandro\Desktop\DOTA.txt
2016-03-03 14:48 - 2016-01-12 11:13 - 00000000 ____D C:\ProgramData\Oracle
2016-03-03 14:46 - 2016-01-12 11:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-03-03 14:44 - 2016-01-12 11:14 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-03-03 14:44 - 2016-01-12 11:14 - 00000000 ____D C:\Users\nayrBAlejandro\.oracle_jre_usage
2016-03-03 14:44 - 2016-01-12 11:13 - 00000000 ____D C:\Program Files (x86)\Java
2016-03-02 03:17 - 2015-06-26 23:58 - 00087944 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klwfp.sys
2016-03-02 03:17 - 2015-06-08 19:43 - 00041352 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klpd.sys
2016-03-02 03:16 - 2015-06-06 08:51 - 00077728 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\kldisk.sys
2016-03-01 18:42 - 2015-10-30 01:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-03-01 18:41 - 2015-10-30 02:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-03-01 18:32 - 2015-04-02 11:46 - 00000000 __SHD C:\Users\nayrBAlejandro\AppData\Local\EmieUserList
2016-03-01 18:32 - 2015-04-02 11:46 - 00000000 __SHD C:\Users\nayrBAlejandro\AppData\Local\EmieSiteList
2016-03-01 18:32 - 2015-03-16 09:06 - 00000000 ____D C:\Users\nayrBAlejandro\AppData\Local\Packages
2016-03-01 17:19 - 2015-03-18 19:29 - 00000000 ____D C:\Users\Usuario
2016-03-01 17:19 - 2013-08-22 08:36 - 00000000 ____D C:\Users\Default.migrated
2016-03-01 16:24 - 2016-01-11 22:02 - 00000000 ____D C:\WINDOWS\4941BFEB62C047A2801E998FC469CC2C.TMP
2016-02-29 18:32 - 2015-08-25 11:09 - 00000000 ____D C:\Users\nayrBAlejandro\AppData\Roaming\vlc
2016-02-27 16:16 - 2015-03-26 14:49 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-02-27 02:26 - 2015-08-21 00:42 - 00041472 ___SH C:\Users\nayrBAlejandro\Desktop\Thumbs.db
2016-02-25 20:25 - 2015-10-30 02:24 - 00000000 __RHD C:\Users\Public\Libraries
2016-02-24 22:37 - 2016-01-18 22:39 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2016-02-24 22:37 - 2015-12-20 21:20 - 00000000 ____D C:\WINDOWS\7
2016-02-21 14:03 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\rescache
==================== Files in the root of some directories =======
2015-07-05 21:40 - 2015-07-05 21:40 - 0004608 _____ () C:\Users\nayrBAlejandro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-01-26 10:25 - 2016-01-26 10:25 - 0000001 _____ () C:\Users\nayrBAlejandro\AppData\Local\llftool.4.25.agreement
2015-08-11 01:47 - 2015-08-11 09:05 - 0000173 _____ () C:\Users\nayrBAlejandro\AppData\Local\msmathematics.qat.nayrBAlejandro
Some files in TEMP:
====================
C:\Users\nayrBAlejandro\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-03-14 01:41
==================== End of FRST.txt ============================
Addition.txt
Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by nayrBAlejandro (2016-03-17 13:34:45)
Running from C:\Users\nayrBAlejandro\Desktop
Windows 10 Pro Version 1511 (X64) (2016-01-25 06:39:03)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-2405107676-2796426648-614312743-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2405107676-2796426648-614312743-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2405107676-2796426648-614312743-1011 - Limited - Enabled)
Invitado (S-1-5-21-2405107676-2796426648-614312743-501 - Limited - Disabled) => C:\Users\Invitado
ji_98 (S-1-5-21-2405107676-2796426648-614312743-1012 - Limited - Enabled) => C:\Users\ji_98
nayrBAlejandro (S-1-5-21-2405107676-2796426648-614312743-1001 - Administrator - Enabled) => C:\Users\nayrBAlejandro
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Flash Player 20 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1202.1711.103 - Alps Electric)
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine)
Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden
CyberLink YouCam 6 (HKLM-x32\...\{A9CEDD6E-4792-493e-BB35-D86D2E188A5A}) (Version: 6.0.2326.0 - CyberLink Corp.)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dotfuscator Software Services - Community Edition - ESN (HKLM-x32\...\{8C2F1F30-8F72-4A0E-A1D0-E9AED20BBAC2}) (Version: 5.0.2300.0 - PreEmptive Solutions)
Dotfuscator Software Services - Community Edition (HKLM-x32\...\{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}) (Version: 5.0.2300.0 - PreEmptive Solutions)
Eines de correcció del Microsoft Office 2013: català (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Epson E-Web Print (HKLM-x32\...\{E904F572-D7DB-43C1-929F-043F267FC77D}) (Version: 1.22.0000 - SEIKO EPSON CORPORATION)
EPSON L210 Series Printer Uninstall (HKLM\...\EPSON L210 Series) (Version: - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Ferramentas de verificación de Microsoft Office 2013 - Galego (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
GDR 5538 para SQL Server 2008 (KB3045305) (64-bit) (HKLM\...\KB3045305) (Version: 10.3.5538.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
HP Support Solutions Framework (HKLM-x32\...\{C6C8D3F5-FE93-4378-AA4E-DB8333C105DA}) (Version: 11.51.0047 - Hewlett-Packard Company)
IBM SPSS Statistics 23 (HKLM\...\{C3BA73A4-2A45-4036-8541-4F5F8146078B}) (Version: 23.0.0.0 - IBM Corp)
Infinite Crisis™ (HKLM-x32\...\Steam App 345520) (Version: - Turbine, Inc.)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Malwarebytes Anti-Malware versión 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Marco trabajo apl. capa datos de Microsoft SQL Server 2008 R2 (HKLM-x32\...\{B65527FD-47DD-4A07-9E07-64DA91B0A34A}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - ESN (HKLM-x32\...\{B0DF0057-EF87-471D-A80A-DC1F0463BA19}) (Version: 2.0.50331.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - ESN (HKLM-x32\...\{4F19E81D-168E-4E0B-A4B7-AA246FBE3FBB}) (Version: 2.0.50414.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Mathematics (64 bits) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK - Español (HKLM-x32\...\{8D8C5BD0-7FC7-4680-B527-218F63920E03}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{10E05081-646C-4130-A166-83283A3A0A45}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{0ECCC2CC-F361-4325-A0FE-FAF1AD784BBD}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{F188B6ED-4537-4CAC-A4DE-3BD30E6114C6}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{6C239446-F196-44DC-9148-8D912895D097}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{F43ADE73-2880-4A95-B995-4FE386ECF667}) (Version: 10.3.5538.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ESN (HKLM-x32\...\{2A78694E-ACFE-4D5A-9B0F-C0EBEFA3F280}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ESN (HKLM\...\{24965A31-311D-462D-BAA8-B482ABA115D8}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{46878B08-238C-4F28-9194-9D8604A7F52E}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{CD9B2BA6-F699-4700-81B9-CD28C0BC693C}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{DE63A8FE-80A6-4CA3-ACEA-F954B6370596}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) es (HKLM\...\{2D6232BE-CDB4-4EE7-AFCB-1541E12041E9}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 es (HKLM-x32\...\{EF948EA2-FA97-4312-BA36-88D76048CCE8}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) es (HKLM\...\{C69733F2-4140-440F-938E-2D47C6CB1C70}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) es (HKLM\...\{1C3998E1-8501-455C-B829-5031520EBC94}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319 (HKLM\...\{61B42D05-EBFA-3896-A267-B71CD3025BC5}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319 (HKLM-x32\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{817C2DCF-4DD7-3C32-8A8E-7CEFF137E543}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 IntelliTrace Collection (x64) (HKLM\...\{0FD01537-C14D-30DE-9B6F-9FCA85E9EA9C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010 Ultimate - ESN (HKLM-x32\...\Microsoft Visual Studio 2010 Ultimate - ESN) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools - ESN Language Pack (HKLM-x32\...\Microsoft Visual Studio Macro Tools - ESN Language Pack) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Modelo de objetos de Microsoft Team Foundation Server 2010 - ESN (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ESN) (Version: 10.0.30319 - Microsoft Corporation)
Objetos de administración de Microsoft SQL Server 2008 R2 (HKLM-x32\...\{6438BDAD-CE12-4D38-B1C4-42F94F08408F}) (Version: 10.50.1447.4 - Microsoft Corporation)
Objetos de administración de Microsoft SQL Server 2008 R2 (x64) (HKLM\...\{2040D407-91F5-48F3-9A81-B084573D0577}) (Version: 10.50.1447.4 - Microsoft Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Paquete de idioma de Microsoft Visual F# 2.0 Runtime - ESN (HKLM-x32\...\{7CCA8BD3-005C-3195-806B-501E6D3D242B}) (Version: 10.0.30319 - Microsoft Corporation)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
Paquete de idioma del Visor de Ayuda de Microsoft 3.0 - ESN (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - ESN) (Version: 1.0.30319 - Microsoft Corporation)
PDF24 Creator 7.5.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Prince of Persia T2T (HKLM-x32\...\{DFFE2B1F-07E0-45A9-8801-CD8514CAA876}) (Version: 1.00.999 - Ubisoft)
Prince of Persia The Two Thrones (x32 Version: 1.00.999 - Ubisoft) Hidden
R for Windows 3.2.0 (HKLM\...\R for Windows 3.2.0_is1) (Version: 3.2.0 - R Core Team)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7459 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
RStudio (HKLM-x32\...\RStudio) (Version: 0.98.1103 - RStudio)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Service Pack 3 para SQL Server 2008 (KB2546951) (64-bit) (HKLM\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.111 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2405107676-2796426648-614312743-1001\...\Spotify) (Version: 1.0.24.104.g92a22684 - Spotify AB)
Sql Server Customer Experience Improvement Program (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{28C1EB1A-45AC-4B12-887F-98EE0AA0D6DD}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3114502) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6F47687A-78E9-41B1-8587-ED0CC2677A2A}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3114502) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6F47687A-78E9-41B1-8587-ED0CC2677A2A}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3114502) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{6F47687A-78E9-41B1-8587-ED0CC2677A2A}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2010 Prerequisites - English (HKLM\...\{95480F46-25D7-31D1-ACD2-D8722B133A0C}) (Version: 10.0.30319 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ESN (HKLM-x32\...\{CF72A524-84BD-4AB7-B3C6-2C358672CD15}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - )
Warcraft III: All Products (HKU\S-1-5-21-2405107676-2796426648-614312743-1001\...\Warcraft III) (Version: - )
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wolfram Mathematica 10.3 (M-WIN-L 10.3.0 5416318) (HKLM\...\M-WIN-L 10.3.0 5416318_is1) (Version: 10.3.0 - Wolfram Research, Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2405107676-2796426648-614312743-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\nayrBAlejandro\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {039B6831-C22D-458E-AAAA-68C7FDC8DFEC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-17] (Google Inc.)
Task: {25DB0FEA-D12E-4D4A-8CF7-24E560E5C728} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\WINDOWS\system32\MRT.exe [2016-03-09] (Microsoft Corporation)
Task: {2FF18F09-37BF-49A0-89A4-1771ABB2FF85} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-17] (Google Inc.)
Task: {5CA40FED-7C3B-4929-A471-3B475D1CF7B8} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {7E55E758-F58B-4648-B7F5-B66DFFD8A08F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {9AB39463-6CE1-4AD4-B207-15ACAFC78C16} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {D55CBA0F-3AE9-4A2B-9CE3-3AB73C715F5B} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_228_pepper.exe
Task: {DB79095D-3ABD-4234-A14A-D839142CA023} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {E85ECB41-F35D-4BF9-AC7D-10A6F65D941D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-03-09] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_228_pepper.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://nav.brotstation.com?uid={262415663d92468e8d206ee1d1a9c720}&r=eg
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://nav.brotstation.com?uid={262415663d92468e8d206ee1d1a9c720}&r=eg
==================== Loaded Modules (Whitelisted) ==============
2015-10-30 02:18 - 2015-10-30 02:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-30 15:08 - 2015-12-30 15:08 - 03587000 _____ () C:\ProgramData\System32\SafeGuard64.dll
2016-03-08 15:53 - 2016-02-23 06:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-08 15:53 - 2016-02-23 06:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-01-25 08:49 - 2016-01-25 08:50 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-01-25 07:42 - 2015-12-06 23:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-03-08 15:53 - 2016-02-23 03:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-25 07:43 - 2016-01-04 20:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-25 07:42 - 2016-01-04 20:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-29 00:35 - 2016-01-16 00:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-29 00:35 - 2016-01-16 00:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-12-30 15:08 - 2015-12-30 15:08 - 02771896 _____ () C:\ProgramData\System32\SafeGuard32.dll
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2016-01-25 08:49 - 2016-01-25 08:50 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-25 08:49 - 2016-01-25 08:50 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:1AAB2E68 [175]
AlternateDataStreams: C:\ProgramData\Temp:A3E1F4EF [125]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 08:25 - 2016-03-01 18:48 - 00001886 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 tonec.com
127.0.0.1 www.tonec.com127.0.0.1 internetdownloadmanager.com127.0.0.1 star.tonec.com
127.0.0.1 rev.dyxnet.com
127.0.0.1 activation-v2.kaspersky.com
127.0.0.1 activation-v2.geo.kaspersky.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2405107676-2796426648-614312743-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\nayrBAlejandro\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 200.107.10.105 - 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "Apoint"
HKLM\...\StartupApproved\Run: => "cpuminer"
HKLM\...\StartupApproved\Run: => "RtHDVBg"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run32: => "YouCam Service6"
HKLM\...\StartupApproved\Run32: => "DivXMediaServer"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKU\S-1-5-21-2405107676-2796426648-614312743-1001\...\StartupApproved\StartupFolder: => "爱奇艺PPS影音.lnk"
HKU\S-1-5-21-2405107676-2796426648-614312743-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2405107676-2796426648-614312743-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2405107676-2796426648-614312743-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2405107676-2796426648-614312743-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2405107676-2796426648-614312743-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{D6F64EF4-008D-4B46-8699-0893D9DBDDCD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{43A194E3-58EA-44BD-976E-465422B8163B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{EEC60679-9DF0-4FB0-8A18-DBF6CEFBBCA5}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{FF6AE6E3-E828-4788-BB18-F48A5CB54DB9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DF016035-AAD2-4F12-9142-0D03CCAFE926}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{37D63C7B-49D8-4503-9F00-B1D4F2415309}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E8C6A331-44A1-430E-80B1-D0C947BB4117}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{9928A839-2975-45ED-887B-9BC99B1CD1DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{81A8930B-B5FB-4880-BB25-564B1C120362}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{6B79B081-C62C-495F-95A3-A072EE4C2FE9}] => (Allow) C:\Users\nayrBAlejandro\Downloads\hitmanpro_x64.exe
FirewallRules: [{47433CAB-2889-4F68-AFA4-D3EB5EF4B09E}] => (Allow) C:\Users\nayrBAlejandro\Downloads\hitmanpro_x64.exe
FirewallRules: [{3FA339BD-F9BA-4001-983F-4A981C736388}] => (Allow) C:\Users\nayrBAlejandro\Downloads\hitmanpro_x64.exe
FirewallRules: [{2B52AEA7-F9EB-42A8-BAA7-D1BF9D990AF6}] => (Allow) C:\Users\nayrBAlejandro\Downloads\hitmanpro_x64.exe
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/17/2016 01:27:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_DiagTrack, versión: 10.0.10586.0, marca de tiempo: 0x5632d7ba
Nombre del módulo con errores: SafeGuard64.dll_unloaded, versión: 2.2.0.40, marca de tiempo: 0x5683828f
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000005827b
Identificador del proceso con errores: 0x20f4
Hora de inicio de la aplicación con errores: 0xsvchost.exe_DiagTrack0
Ruta de acceso de la aplicación con errores: svchost.exe_DiagTrack1
Ruta de acceso del módulo con errores: svchost.exe_DiagTrack2
Identificador del informe: svchost.exe_DiagTrack3
Nombre completo del paquete con errores: svchost.exe_DiagTrack4
Identificador de aplicación relativa del paquete con errores: svchost.exe_DiagTrack5
Error: (03/17/2016 01:23:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_DiagTrack, versión: 10.0.10586.0, marca de tiempo: 0x5632d7ba
Nombre del módulo con errores: SafeGuard64.dll_unloaded, versión: 2.2.0.40, marca de tiempo: 0x5683828f
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000005827b
Identificador del proceso con errores: 0x1c2c
Hora de inicio de la aplicación con errores: 0xsvchost.exe_DiagTrack0
Ruta de acceso de la aplicación con errores: svchost.exe_DiagTrack1
Ruta de acceso del módulo con errores: svchost.exe_DiagTrack2
Identificador del informe: svchost.exe_DiagTrack3
Nombre completo del paquete con errores: svchost.exe_DiagTrack4
Identificador de aplicación relativa del paquete con errores: svchost.exe_DiagTrack5
Error: (03/17/2016 01:20:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: igfxHK.exe, versión: 6.15.10.4331, marca de tiempo: 0x564cc83e
Nombre del módulo con errores: igfxHK.exe, versión: 6.15.10.4331, marca de tiempo: 0x564cc83e
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x0000000000015953
Identificador del proceso con errores: 0x10e8
Hora de inicio de la aplicación con errores: 0xigfxHK.exe0
Ruta de acceso de la aplicación con errores: igfxHK.exe1
Ruta de acceso del módulo con errores: igfxHK.exe2
Identificador del informe: igfxHK.exe3
Nombre completo del paquete con errores: igfxHK.exe4
Identificador de aplicación relativa del paquete con errores: igfxHK.exe5
Error: (03/17/2016 01:20:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_DiagTrack, versión: 10.0.10586.0, marca de tiempo: 0x5632d7ba
Nombre del módulo con errores: SafeGuard64.dll_unloaded, versión: 2.2.0.40, marca de tiempo: 0x5683828f
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000005827b
Identificador del proceso con errores: 0x690
Hora de inicio de la aplicación con errores: 0xsvchost.exe_DiagTrack0
Ruta de acceso de la aplicación con errores: svchost.exe_DiagTrack1
Ruta de acceso del módulo con errores: svchost.exe_DiagTrack2
Identificador del informe: svchost.exe_DiagTrack3
Nombre completo del paquete con errores: svchost.exe_DiagTrack4
Identificador de aplicación relativa del paquete con errores: svchost.exe_DiagTrack5
Error: (03/17/2016 01:03:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: igfxHK.exe, versión: 6.15.10.4331, marca de tiempo: 0x564cc83e
Nombre del módulo con errores: igfxHK.exe, versión: 6.15.10.4331, marca de tiempo: 0x564cc83e
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x0000000000015953
Identificador del proceso con errores: 0x798
Hora de inicio de la aplicación con errores: 0xigfxHK.exe0
Ruta de acceso de la aplicación con errores: igfxHK.exe1
Ruta de acceso del módulo con errores: igfxHK.exe2
Identificador del informe: igfxHK.exe3
Nombre completo del paquete con errores: igfxHK.exe4
Identificador de aplicación relativa del paquete con errores: igfxHK.exe5
Error: (03/16/2016 10:50:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_DiagTrack, versión: 10.0.10586.0, marca de tiempo: 0x5632d7ba
Nombre del módulo con errores: SafeGuard64.dll_unloaded, versión: 2.2.0.40, marca de tiempo: 0x5683828f
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000005827b
Identificador del proceso con errores: 0x1ef0
Hora de inicio de la aplicación con errores: 0xsvchost.exe_DiagTrack0
Ruta de acceso de la aplicación con errores: svchost.exe_DiagTrack1
Ruta de acceso del módulo con errores: svchost.exe_DiagTrack2
Identificador del informe: svchost.exe_DiagTrack3
Nombre completo del paquete con errores: svchost.exe_DiagTrack4
Identificador de aplicación relativa del paquete con errores: svchost.exe_DiagTrack5
Error: (03/16/2016 10:44:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_DiagTrack, versión: 10.0.10586.0, marca de tiempo: 0x5632d7ba
Nombre del módulo con errores: SafeGuard64.dll_unloaded, versión: 2.2.0.40, marca de tiempo: 0x5683828f
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000005827b
Identificador del proceso con errores: 0x404
Hora de inicio de la aplicación con errores: 0xsvchost.exe_DiagTrack0
Ruta de acceso de la aplicación con errores: svchost.exe_DiagTrack1
Ruta de acceso del módulo con errores: svchost.exe_DiagTrack2
Identificador del informe: svchost.exe_DiagTrack3
Nombre completo del paquete con errores: svchost.exe_DiagTrack4
Identificador de aplicación relativa del paquete con errores: svchost.exe_DiagTrack5
Error: (03/16/2016 10:38:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: igfxHK.exe, versión: 6.15.10.4331, marca de tiempo: 0x564cc83e
Nombre del módulo con errores: igfxHK.exe, versión: 6.15.10.4331, marca de tiempo: 0x564cc83e
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x0000000000015953
Identificador del proceso con errores: 0x1cac
Hora de inicio de la aplicación con errores: 0xigfxHK.exe0
Ruta de acceso de la aplicación con errores: igfxHK.exe1
Ruta de acceso del módulo con errores: igfxHK.exe2
Identificador del informe: igfxHK.exe3
Nombre completo del paquete con errores: igfxHK.exe4
Identificador de aplicación relativa del paquete con errores: igfxHK.exe5
Error: (03/16/2016 10:38:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_DiagTrack, versión: 10.0.10586.0, marca de tiempo: 0x5632d7ba
Nombre del módulo con errores: SafeGuard64.dll_unloaded, versión: 2.2.0.40, marca de tiempo: 0x5683828f
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000005827b
Identificador del proceso con errores: 0x80c
Hora de inicio de la aplicación con errores: 0xsvchost.exe_DiagTrack0
Ruta de acceso de la aplicación con errores: svchost.exe_DiagTrack1
Ruta de acceso del módulo con errores: svchost.exe_DiagTrack2
Identificador del informe: svchost.exe_DiagTrack3
Nombre completo del paquete con errores: svchost.exe_DiagTrack4
Identificador de aplicación relativa del paquete con errores: svchost.exe_DiagTrack5
Error: (03/16/2016 10:30:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NAYRB_ALEJANDRO)
Description: No se pudo activar la aplicación Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe:MicrosoftEdge.AppXre20k58eaa822f0smszc2fbv5y0azn7k.mca debido al error: -2144927149. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.
System errors:
=============
Error: (03/17/2016 01:27:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Telemetría y experiencias del usuario conectado se terminó de manera inesperada. Esto ha sucedido 3 veces.
Error: (03/17/2016 01:23:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Telemetría y experiencias del usuario conectado terminó inesperadamente. Esto se ha repetido 2 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.
Error: (03/17/2016 01:21:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Telemetría y experiencias del usuario conectado terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.
Error: (03/17/2016 01:19:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Windows Presentation Foundation Font Cache 3.0.0.0 no pudo iniciarse debido al siguiente error:
%%1053
Error: (03/17/2016 01:19:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio FontCache3.0.0.0.
Error: (03/17/2016 01:19:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio HPSupportSolutionsFrameworkService no pudo iniciarse debido al siguiente error:
%%1053
Error: (03/17/2016 01:19:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio HPSupportSolutionsFrameworkService.
Error: (03/17/2016 01:17:26 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Servicio de uso compartido de red del Reproductor de Windows Media depende del servicio Windows Search, el cual no pudo iniciarse debido al siguiente error:
%%1069
Error: (03/17/2016 01:17:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Windows Search no pudo iniciarse debido al siguiente error:
%%1069
Error: (03/17/2016 01:17:26 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: El servicio WSearch no se pudo iniciarse como NT AUTHORITY\SYSTEM con la contraseña configurada actualmente debido al siguiente error:
%%50
Para asegurarse de que el servicio esté correctamente configurado, use el complemento Servicios en Microsoft Management Console (MMC).
CodeIntegrity:
===================================
Date: 2016-03-17 13:33:58.156
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\ProgramData\System32\SafeGuard64.dll that did not meet the security requirements for Shared Sections.
Date: 2016-03-17 13:33:58.156
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\ProgramData\System32\SafeGuard64.dll that did not meet the security requirements for Shared Sections.
Date: 2016-03-17 13:29:40.439
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\ProgramData\System32\SafeGuard64.dll that did not meet the security requirements for Shared Sections.
Date: 2016-03-17 13:29:40.439
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\ProgramData\System32\SafeGuard64.dll that did not meet the security requirements for Shared Sections.
Date: 2016-03-16 01:01:58.885
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\ProgramData\System32\SafeGuard64.dll that did not meet the security requirements for Shared Sections.
Date: 2016-03-16 01:01:58.885
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\ProgramData\System32\SafeGuard64.dll that did not meet the security requirements for Shared Sections.
Date: 2016-03-16 00:58:53.502
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\ProgramData\System32\SafeGuard64.dll that did not meet the security requirements for Shared Sections.
Date: 2016-03-16 00:58:53.502
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\ProgramData\System32\SafeGuard64.dll that did not meet the security requirements for Shared Sections.
Date: 2016-03-16 00:56:30.210
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\ProgramData\System32\SafeGuard64.dll that did not meet the security requirements for Shared Sections.
Date: 2016-03-16 00:56:30.210
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\ProgramData\System32\SafeGuard64.dll that did not meet the security requirements for Shared Sections.
==================== Memory info ===========================
Processor: Intel® Core i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 18%
Total physical RAM: 10176.29 MB
Available physical RAM: 8259.18 MB
Total Virtual: 11776.29 MB
Available Virtual: 9821.74 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:117.09 GB) (Free:22.49 GB) NTFS
Drive d: () (Fixed) (Total:244.14 GB) (Free:205.26 GB) NTFS
Drive e: () (Fixed) (Total:337.31 GB) (Free:271.59 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 7BBA4417)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=117.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=244.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=337.3 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
I hope new indications