Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-12-2015 Ran by margarito (administrator) on MARGARITO (06-12-2015 08:47:03) Running from C:\Users\margarito\Desktop Loaded Profiles: margarito & rocio_000 (Available Profiles: margarito & rocio_000) Platform: Windows 8.1 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Opera) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (ASUS) C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGiftBoxDesktop.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe (Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe (Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtWatchDog.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe (ASUS) C:\Program Files\ASUS\ASUS FlipLock\TransformService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe () C:\Program Files\Trend Micro\TMIDS\tower\PwmTower.exe (STMicroelectronics) C:\Program Files (x86)\ST Microelectronics\ST_ACCEL\FFP_Manager.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe () C:\Program Files\Trend Micro\TMIDS\tower\PwmTower.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe () C:\Program Files\Trend Micro\TMIDS\tower\PwmTower.exe (MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe (Joyent, Inc) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera_crashreporter.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Win8Cpnt\TmToastNotificationCaller.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [ASUS HDD Protection Tray Application] => C:\Program Files (x86)\ST Microelectronics\ST_ACCEL\FFP_Manager.exe [54272 2014-02-12] (STMicroelectronics) HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [114048 2013-10-17] (Intel Corporation) HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [246264 2015-07-16] (Trend Micro Inc.) HKLM\...\Run: [Platinum] => C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe [1258496 2015-07-16] (Trend Micro Inc.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-10-30] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2304688 2015-11-23] (Adobe Systems Incorporated) HKU\S-1-5-21-3706478320-2513481521-3289856772-1001\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity) HKU\S-1-5-21-3706478320-2513481521-3289856772-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd) HKU\S-1-5-21-3706478320-2513481521-3289856772-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] () ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 200.94.160.248 200.94.160.246 Tcpip\..\Interfaces\{FB643AE5-B5C6-4917-A7B2-45FF35F3CEC4}: [DhcpNameServer] 200.94.160.248 200.94.160.246 Internet Explorer: ================== HKU\S-1-5-21-3706478320-2513481521-3289856772-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB HKU\S-1-5-21-3706478320-2513481521-3289856772-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://prodigy.msn.com/es-mx/?ocid=iehp HKU\S-1-5-21-3706478320-2513481521-3289856772-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB HKU\S-1-5-21-3706478320-2513481521-3289856772-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB SearchScopes: HKU\S-1-5-21-3706478320-2513481521-3289856772-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3706478320-2513481521-3289856772-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-10-13] (Microsoft Corporation) BHO: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2015-11-13] (Trend Micro Inc.) BHO: Trend Micro Network Filter Plugin -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg.dll [2015-07-16] (Trend Micro Inc.) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation) BHO: Trend Micro IE Protection -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe64.dll [2015-08-16] (Trend Micro Inc.) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-10-13] (Microsoft Corporation) BHO-x32: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2015-11-13] (Trend Micro Inc.) BHO-x32: Trend Micro Network Filter Plugin -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg32.dll [2015-07-16] (Trend Micro Inc.) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation) BHO-x32: Trend Micro IE Protection -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe32.dll [2015-08-16] (Trend Micro Inc.) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation) Toolbar: HKLM - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2015-11-13] (Trend Micro Inc.) Toolbar: HKLM-x32 - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2015-11-13] (Trend Micro Inc.) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-08-25] (Microsoft Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation) Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe64.dll [2015-08-16] (Trend Micro Inc.) Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe32.dll [2015-08-16] (Trend Micro Inc.) Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg.dll [2015-07-16] (Trend Micro Inc.) Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg32.dll [2015-07-16] (Trend Micro Inc.) Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2015-11-13] (Trend Micro Inc.) Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2015-11-13] (Trend Micro Inc.) Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll [2015-07-16] (Trend Micro Inc.) Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll [2015-07-16] (Trend Micro Inc.) Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\Windows\System32\urlmon.dll [2015-10-30] (Microsoft Corporation) Filter-x32: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\Windows\SysWOW64\urlmon.dll [2015-10-30] (Microsoft Corporation) FireFox: ======== FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-11-23] (Adobe Systems) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] () FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-08-25] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-08-25] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-11-23] (Adobe Systems) FF HKLM\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\firefoxextension FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\firefoxextension [2015-11-13] FF HKLM-x32\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\firefoxextension FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension FF Extension: Trend Micro Toolbar - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2015-12-03] FF HKLM-x32\...\Firefox\Extensions: [{BBB77B49-9FF4-4d5c-8FE2-92B1D6CD696C}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension FF Extension: Trend Micro Osprey Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension [2015-11-13] Opera: ======= OPR Extension: (HTTPS Everywhere) - C:\Users\margarito\AppData\Roaming\Opera Software\Opera Stable\Extensions\edaplhobcmdaneconioghljnnopmkhgm [2015-11-25] OPR Extension: (WOT) - C:\Users\margarito\AppData\Roaming\Opera Software\Opera Stable\Extensions\eeokceolphhfjdfcibaiiopmekmcbedp [2015-12-01] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [683696 2015-11-16] (Adobe Systems Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016448 2015-11-25] (Adobe Systems, Incorporated) R2 ASUSGiftBoxDekstop; C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe [315704 2015-07-20] (ASUS) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2797752 2015-10-13] (Microsoft Corporation) R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [117704 2013-10-17] (Intel Corporation) R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116680 2013-10-17] (Intel Corporation) R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [126952 2013-10-17] (Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282072 2014-03-17] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel(R) Corporation) [File not signed] R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation) R2 Platinum Host Service; C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [1137664 2015-07-16] (Trend Micro Inc.) R2 PwmSvc; C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe [1436936 2015-10-27] (Trend Micro Inc.) R2 TransformService; C:\Program Files\ASUS\ASUS FlipLock\TransformService.exe [73528 2014-07-08] (ASUS) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [X] S2 ZAMSvc; "C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /service [X] ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [73512 2014-07-29] (ASUS Corporation) S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (ASIX Electronics Corp.) S3 BrSerIf; C:\Windows\system32\DRIVERS\BrSerIf.sys [97280 2006-12-12] (Brother Industries Ltd.) S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-29] (Microsoft Corporation) S3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [32768 2014-10-08] (Microsoft Corporation) R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [289744 2013-10-17] (Intel Corporation) R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [494296 2013-10-17] (Intel Corporation) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [41080 2015-11-25] () R3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [24568 2013-08-08] (Intel Corporation) R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-08-08] (Intel Corporation) R3 INVN_MotionApps; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-28] (Microsoft Corporation) R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-05] ( ) R3 m76usb; C:\Windows\System32\drivers\m76usb.sys [539336 2014-04-28] (Ralink Technology Corp.) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-23] (Intel Corporation) R3 SensorsAlsDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-28] (Microsoft Corporation) R3 SensorsServiceDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-28] (Microsoft Corporation) R3 ST_ACCEL; C:\Windows\system32\DRIVERS\ST_Accel.sys [125104 2014-06-06] (STMicroelectronics) R1 tmactmon; C:\Windows\system32\DRIVERS\tmactmon.sys [134280 2015-07-21] (Trend Micro Inc.) R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [326896 2015-07-21] (Trend Micro Inc.) R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [59712 2015-06-11] (Trend Micro Inc.) R3 tmeevw; C:\Windows\system32\DRIVERS\tmeevw.sys [116576 2015-06-07] (Trend Micro Inc.) S0 tmel; C:\Windows\System32\DRIVERS\tmel.sys [39056 2015-06-22] (Trend Micro Inc.) R1 tmevtmgr; C:\Windows\system32\DRIVERS\tmevtmgr.sys [100320 2015-07-21] (Trend Micro Inc.) R3 tmnciesc; C:\Windows\system32\DRIVERS\tmnciesc.sys [416608 2015-05-28] (Trend Micro Inc.) R1 tmumh; C:\Windows\system32\DRIVERS\TMUMH.sys [91536 2015-06-28] (Trend Micro Inc.) R2 tmusa; C:\Windows\system32\DRIVERS\tmusa.sys [116528 2015-06-26] (Trend Micro Inc.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) U0 msahci; system32\drivers\msahci.sys [X] U2 TMAgent; no ImagePath S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X] S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-12-06 08:47 - 2015-12-06 08:47 - 00024402 _____ C:\Users\margarito\Desktop\FRST.txt 2015-12-04 20:18 - 2015-12-04 20:18 - 00019812 _____ C:\Users\rocio_000\Downloads\Calificaciones.xlsx 2015-12-03 20:38 - 2015-12-03 20:38 - 02483908 _____ C:\Users\margarito\Downloads\EstadodeCuenta (7).pdf 2015-12-03 20:33 - 2015-12-03 20:33 - 01537898 _____ C:\Users\margarito\Downloads\EstadodeCuenta (6).pdf 2015-11-29 16:13 - 2015-11-29 16:13 - 00298049 _____ C:\Users\rocio_000\Downloads\Semiótica.pptx 2015-11-29 16:09 - 2015-11-29 16:09 - 02363754 _____ C:\Users\rocio_000\Downloads\Fenómeno de la comunicación gráfica.pptx 2015-11-29 15:51 - 2015-11-29 15:51 - 01064317 _____ C:\Users\rocio_000\Downloads\Diseño.pptx 2015-11-29 13:29 - 2015-11-29 13:38 - 00000000 ____D C:\Users\rocio_000\Desktop\proceso 2015-11-25 20:18 - 2015-11-25 20:18 - 00041080 _____ C:\Windows\system32\Drivers\hitmanpro37.sys 2015-11-25 17:19 - 2015-11-25 20:24 - 00000000 ____D C:\ProgramData\HitmanPro.Alert 2015-11-25 17:19 - 2015-11-25 20:20 - 00000000 ____D C:\Windows\CryptoGuard 2015-11-25 17:15 - 2015-11-25 17:18 - 04275464 _____ (SurfRight B.V.) C:\Users\margarito\Downloads\hmpalert3.exe 2015-11-24 23:05 - 2015-11-26 12:54 - 00000000 ____D C:\Users\rocio_000\Desktop\cortometraje1 2015-11-24 23:02 - 2015-11-24 23:02 - 00001392 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk 2015-11-24 23:02 - 2015-11-24 23:02 - 00001323 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk 2015-11-24 23:02 - 2015-11-24 23:02 - 00000000 ____D C:\Windows\en 2015-11-24 23:01 - 2015-11-24 23:01 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2015-11-24 23:00 - 2015-11-24 23:01 - 00000000 ____D C:\Program Files (x86)\Windows Live 2015-11-24 23:00 - 2015-11-24 23:00 - 00000000 ____D C:\Windows\PCHEALTH 2015-11-24 23:00 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll 2015-11-24 23:00 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2015-11-24 23:00 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2015-11-24 23:00 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll 2015-11-24 23:00 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll 2015-11-24 23:00 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll 2015-11-24 23:00 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2015-11-24 23:00 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll 2015-11-24 22:59 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll 2015-11-24 22:59 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll 2015-11-24 22:59 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll 2015-11-24 22:59 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll 2015-11-24 22:57 - 2015-12-06 07:57 - 00000000 ____D C:\Users\margarito\AppData\Local\Windows Live 2015-11-24 22:55 - 2015-11-24 22:55 - 01239752 _____ (Microsoft Corporation) C:\Users\rocio_000\Downloads\wlsetup-web.exe 2015-11-24 13:20 - 2015-11-24 13:20 - 01514549 _____ C:\Users\rocio_000\Downloads\Actividad D-4 Suprema.pptx 2015-11-24 13:08 - 2015-11-24 13:08 - 00149833 _____ C:\Users\rocio_000\Downloads\Representación Artística .pptx 2015-11-22 15:04 - 2015-11-22 15:04 - 00003512 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-rocio2295@hotmail.com 2015-11-22 15:04 - 2015-11-22 15:04 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2015-11-22 15:03 - 2015-11-22 15:03 - 00000000 ____D C:\Users\rocio_000\Documents\Adobe 2015-11-22 13:30 - 2015-11-22 14:40 - 00001124 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2015.lnk 2015-11-22 13:29 - 2015-12-01 16:53 - 00000000 ____D C:\Program Files\Adobe 2015-11-22 13:25 - 2015-12-01 16:53 - 00000000 ____D C:\Program Files\Common Files\Adobe 2015-11-22 13:08 - 2015-11-25 11:56 - 00000000 ___RD C:\Users\rocio_000\Creative Cloud Files 2015-11-22 13:06 - 2015-11-25 11:56 - 00000000 ____D C:\ProgramData\boost_interprocess 2015-11-22 13:05 - 2015-11-24 07:54 - 00001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk 2015-11-22 13:05 - 2015-11-24 07:54 - 00001159 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk 2015-11-22 13:03 - 2015-11-24 07:54 - 00000000 ____D C:\Program Files (x86)\Adobe 2015-11-22 13:03 - 2015-11-22 13:08 - 00000000 ____D C:\ProgramData\Adobe 2015-11-22 12:58 - 2015-11-22 12:58 - 00688816 _____ (Adobe Systems Incorporated) C:\Users\rocio_000\Downloads\CreativeCloudSet-Up.exe 2015-11-21 11:16 - 2015-11-22 14:52 - 05152720 _____ C:\Windows\system32\FNTCACHE.DAT 2015-11-20 22:40 - 2015-12-06 08:11 - 00184552 _____ C:\Windows\ntbtlog.txt 2015-11-15 20:53 - 2015-11-15 20:53 - 00008612 _____ C:\Users\margarito\Documents\lista del super.xlsx 2015-11-14 17:59 - 2015-11-14 18:01 - 91931728 _____ (The GIMP Team ) C:\Users\rocio_000\Downloads\gimp-2.8.14-setup-1.exe 2015-11-14 15:45 - 2015-11-14 15:45 - 00001391 _____ C:\Users\rocio_000\Desktop\Trend Micro Internet Security.lnk 2015-11-14 15:45 - 2015-11-14 15:45 - 00000000 ____D C:\Users\rocio_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Internet Security 2015-11-14 14:49 - 2015-11-14 14:49 - 00000000 ____D C:\Users\margarito\AppData\Roaming\WildTangent 2015-11-14 07:05 - 2015-07-05 03:08 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2015-11-13 21:40 - 2015-11-13 21:40 - 00000000 ___HD C:\TMRescueDisk 2015-11-13 21:38 - 2015-11-13 21:39 - 01729536 _____ C:\Users\margarito\Desktop\AdwCleaner.exe 2015-11-13 21:37 - 2015-11-13 21:37 - 00001467 _____ C:\Users\margarito\Desktop\Trend Micro Internet Security.lnk 2015-11-13 21:37 - 2015-11-13 21:37 - 00000000 ____D C:\Users\margarito\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Internet Security 2015-11-13 21:36 - 2015-11-13 21:36 - 00000000 ____D C:\Windows\SysWOW64\tmumh 2015-11-13 21:36 - 2015-11-13 21:36 - 00000000 ____D C:\Windows\system32\tmumh 2015-11-13 21:36 - 2015-07-21 18:32 - 00100320 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmevtmgr.sys 2015-11-13 21:36 - 2015-07-21 18:28 - 00326896 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys 2015-11-13 21:36 - 2015-07-21 18:28 - 00134280 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmactmon.sys 2015-11-13 21:36 - 2015-06-28 19:38 - 00091536 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\TMUMH.sys 2015-11-13 21:36 - 2015-06-26 03:20 - 00116528 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmusa.sys 2015-11-13 21:36 - 2015-06-22 19:49 - 00039056 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmel.sys 2015-11-13 21:36 - 2015-06-11 01:54 - 00059712 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\TMEBC64.sys 2015-11-13 21:36 - 2015-06-07 22:54 - 00116576 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmeevw.sys 2015-11-13 21:36 - 2015-05-28 03:26 - 00416608 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmnciesc.sys 2015-11-13 21:34 - 2015-11-13 21:34 - 00000059 _____ C:\Windows\system32\SupportTool.exe.bat 2015-11-13 21:22 - 2015-11-13 21:25 - 220418400 _____ (Trend Micro Inc.) C:\Users\margarito\Downloads\TTi_10.0_MR_Full.exe 2015-11-11 16:22 - 2015-09-29 05:24 - 00155480 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys 2015-11-11 16:22 - 2015-08-20 13:45 - 01380048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2015-11-11 16:22 - 2015-08-20 10:48 - 01096704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2015-11-11 16:21 - 2015-09-04 12:24 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys 2015-11-11 16:21 - 2015-08-28 15:20 - 00183368 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe 2015-11-11 16:21 - 2014-11-04 18:41 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll 2015-11-11 16:21 - 2014-11-04 18:18 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll 2015-11-11 15:39 - 2015-10-13 08:59 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll 2015-11-11 15:39 - 2015-10-13 08:59 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll 2015-11-11 15:39 - 2015-10-13 08:59 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-11-11 15:39 - 2015-10-13 08:59 - 00120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-11-11 15:39 - 2015-10-13 08:59 - 00106952 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll 2015-11-11 15:39 - 2015-10-13 08:59 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll 2015-11-11 15:39 - 2015-10-10 23:36 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-11-11 15:39 - 2015-10-10 23:36 - 00177496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-11-11 15:39 - 2015-10-10 11:40 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2015-11-11 15:39 - 2015-10-10 11:39 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2015-11-11 15:39 - 2015-10-10 11:07 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2015-11-11 15:39 - 2015-10-10 10:33 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-11-11 15:39 - 2015-10-10 10:27 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-11-11 15:39 - 2015-10-10 10:11 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2015-11-11 15:39 - 2015-10-10 09:45 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-11-11 15:38 - 2015-10-30 16:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-11-11 15:38 - 2015-10-30 16:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-11-11 15:38 - 2015-10-30 16:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-11-11 15:38 - 2015-10-30 16:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-11-11 15:38 - 2015-10-30 16:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-11-11 15:38 - 2015-10-30 15:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-11-11 15:38 - 2015-10-30 15:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-11-11 15:38 - 2015-10-30 15:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-11-11 15:38 - 2015-10-30 15:39 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2015-11-11 15:38 - 2015-10-30 15:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-11-11 15:38 - 2015-10-30 15:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-11-11 15:38 - 2015-10-30 15:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-11-11 15:38 - 2015-10-30 15:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-11-11 15:38 - 2015-10-30 15:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-11-11 15:38 - 2015-10-30 15:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-11-11 15:38 - 2015-10-30 15:14 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2015-11-11 15:38 - 2015-10-30 15:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-11-11 15:38 - 2015-10-30 15:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-11-11 15:38 - 2015-10-30 15:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-11-11 15:38 - 2015-10-30 14:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-11-11 15:38 - 2015-10-30 14:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-11-11 15:38 - 2015-10-30 14:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-11-11 15:38 - 2015-10-30 14:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-11-11 15:38 - 2015-10-20 14:54 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-11-11 15:38 - 2015-10-20 07:53 - 03705856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-11-11 15:38 - 2015-10-20 07:36 - 02243072 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-11-11 15:38 - 2015-10-20 07:35 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-11-11 15:38 - 2015-10-20 07:34 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2015-11-11 15:38 - 2015-10-20 07:34 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-11-11 15:38 - 2015-10-20 07:34 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-11-11 15:38 - 2015-10-20 07:33 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-11-11 15:38 - 2015-10-20 07:14 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-11-11 15:38 - 2015-10-20 07:13 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-11-11 15:38 - 2015-10-20 07:13 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-11-11 15:38 - 2015-10-20 07:13 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-11-11 15:38 - 2015-10-17 07:19 - 04176384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-11-11 15:38 - 2015-10-15 09:08 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-11-11 15:38 - 2015-10-15 08:46 - 00803328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-11-11 15:38 - 2015-10-14 16:02 - 07455064 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-11-11 15:38 - 2015-10-14 16:02 - 01659560 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2015-11-11 15:38 - 2015-10-14 16:02 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2015-11-11 15:38 - 2015-10-14 16:02 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2015-11-11 15:38 - 2015-10-14 16:02 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2015-11-11 15:38 - 2015-10-13 10:10 - 00559616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2015-11-11 15:38 - 2015-10-13 10:10 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2015-11-11 15:38 - 2015-10-08 09:08 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2015-11-11 15:38 - 2015-09-12 06:47 - 00414559 _____ C:\Windows\system32\ApnDatabase.xml 2015-11-11 15:38 - 2015-09-07 09:22 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll 2015-11-11 15:38 - 2015-09-07 08:54 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll 2015-11-11 15:38 - 2015-09-07 08:30 - 01091584 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2015-11-11 15:38 - 2015-08-10 11:15 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL 2015-11-11 15:38 - 2015-08-10 11:06 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2015-11-11 15:38 - 2015-08-10 10:49 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2015-11-11 15:38 - 2015-08-10 09:56 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2015-11-11 15:38 - 2015-08-10 09:46 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2015-11-11 15:38 - 2014-11-10 11:06 - 00136512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys 2015-11-08 16:20 - 2015-12-06 08:46 - 00000000 ____D C:\Users\margarito\Desktop\FRST-OlderVersion ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-12-06 08:47 - 2015-10-23 20:23 - 00000000 ____D C:\FRST 2015-12-06 08:47 - 2015-07-26 19:02 - 00000000 ____D C:\Users\margarito\AppData\Roaming\Skype 2015-12-06 08:46 - 2015-10-23 20:22 - 02369024 _____ (Farbar) C:\Users\margarito\Desktop\FRST64.exe 2015-12-06 08:34 - 2015-10-17 11:08 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-12-06 07:55 - 2014-03-18 03:03 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI 2015-12-06 07:55 - 2013-08-22 06:36 - 00000000 ____D C:\Windows\Inf 2015-12-06 07:53 - 2015-07-26 21:42 - 00000000 ____D C:\ProgramData\MCShield 2015-12-06 07:01 - 2015-08-03 08:59 - 00000010 _____ C:\Users\margarito\AppData\Local\sponge.last.runtime.cache 2015-12-06 06:52 - 2015-07-26 18:33 - 00003946 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{1A0360D2-2CFD-4D6D-A402-1998279E83B0} 2015-12-06 06:50 - 2015-09-06 15:02 - 00000093 _____ C:\Users\margarito\AppData\Roaming\sp_data.sys 2015-12-06 06:49 - 2015-07-26 18:24 - 00000000 ___DO C:\Users\margarito\OneDrive 2015-12-06 06:48 - 2015-07-26 18:52 - 00000000 ____D C:\Users\margarito\AppData\Local\DP_Tower 2015-12-05 21:05 - 2015-08-10 14:45 - 00000000 ____D C:\Users\rocio_000\AppData\Local\DP_Tower 2015-12-05 20:56 - 2015-08-10 15:14 - 00003946 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{75E20C1A-0DA7-4784-8306-AA92FA6F082F} 2015-12-05 20:55 - 2015-08-10 14:58 - 00000000 ___RD C:\Users\rocio_000\OneDrive 2015-12-05 20:55 - 2015-08-10 14:45 - 00000093 _____ C:\Users\rocio_000\AppData\Roaming\sp_data.sys 2015-12-05 20:54 - 2015-10-17 11:07 - 00000000 ____D C:\Users\rocio_000\AppData\Local\Adobe 2015-12-05 08:43 - 2015-10-17 11:08 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job 2015-12-04 20:19 - 2015-08-10 14:45 - 00000000 ____D C:\Users\rocio_000\AppData\Local\Packages 2015-12-04 19:10 - 2015-08-24 13:20 - 00003464 _____ C:\Windows\System32\Tasks\ASUS Live Update2 2015-12-04 19:10 - 2015-08-23 16:29 - 00003474 _____ C:\Windows\System32\Tasks\ASUS Live Update1 2015-12-03 20:27 - 2015-07-26 18:16 - 00000000 ____D C:\Users\margarito 2015-12-03 10:25 - 2013-08-22 06:25 - 00262144 ___SH C:\Windows\system32\config\ELAM 2015-12-03 10:23 - 2015-08-10 14:44 - 00000000 ____D C:\Users\rocio_000 2015-12-03 10:22 - 2013-08-22 07:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-12-01 22:10 - 2015-07-26 18:26 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3706478320-2513481521-3289856772-1001 2015-12-01 20:45 - 2013-08-22 08:36 - 00000000 ___HD C:\Program Files\WindowsApps 2015-12-01 20:45 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\AppReadiness 2015-12-01 17:32 - 2015-08-10 14:59 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3706478320-2513481521-3289856772-1002 2015-12-01 16:53 - 2015-07-26 18:20 - 00000000 ____D C:\Users\margarito\AppData\Roaming\Adobe 2015-12-01 16:45 - 2013-08-22 06:25 - 00524288 ___SH C:\Windows\system32\config\BBI 2015-11-29 15:16 - 2015-09-01 08:13 - 00000000 ____D C:\Users\rocio_000\Desktop\introduccion a la teoria del diseno 2015-11-27 10:20 - 2015-09-01 08:12 - 00000000 ____D C:\Users\rocio_000\Desktop\competencias comunicativas 2015-11-26 12:01 - 2015-09-01 08:14 - 00000000 ____D C:\Users\rocio_000\Desktop\analiis de cultura y el arte 2015-11-25 21:06 - 2015-08-30 15:00 - 00000000 ____D C:\Users\rocio_000\AppData\Roaming\Skype 2015-11-25 20:22 - 2015-09-06 08:05 - 00000000 ____D C:\Program Files (x86)\Opera 2015-11-25 19:36 - 2013-08-22 08:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2015-11-25 17:19 - 2015-09-06 08:07 - 00000000 ____D C:\ProgramData\HitmanPro 2015-11-25 17:19 - 2013-08-22 06:36 - 00000000 ____D C:\Windows 2015-11-25 17:15 - 2015-10-17 11:08 - 00000000 ____D C:\Users\margarito\AppData\Local\Adobe 2015-11-24 22:13 - 2013-08-22 08:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2015-11-24 22:12 - 2015-08-25 06:56 - 00000000 ____D C:\Program Files\Microsoft Office 15 2015-11-24 07:54 - 2015-08-10 14:45 - 00000000 ____D C:\Users\rocio_000\AppData\Roaming\Adobe 2015-11-22 22:01 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\LiveKernelReports 2015-11-22 13:04 - 2014-09-24 08:40 - 00000000 ____D C:\ProgramData\Package Cache 2015-11-20 22:39 - 2015-10-10 21:32 - 00000000 ____D C:\Users\margarito\Desktop\Seguridad 2015-11-19 18:00 - 2015-09-01 08:15 - 00000000 ____D C:\Users\rocio_000\Desktop\teorias de la comunicacion 2015-11-19 10:04 - 2015-09-06 08:05 - 00003832 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1441551916 2015-11-19 10:04 - 2015-09-06 08:05 - 00001065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2015-11-18 20:33 - 2015-07-26 18:51 - 00000000 ____D C:\ProgramData\TMDP_Log 2015-11-18 20:32 - 2013-08-22 06:25 - 00000215 _____ C:\Windows\win.ini 2015-11-18 16:39 - 2015-08-16 09:50 - 00004076 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1439743809 2015-11-18 16:39 - 2015-08-16 09:50 - 00001373 _____ C:\Users\rocio_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2015-11-16 20:13 - 2015-09-06 08:25 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware 2015-11-15 13:15 - 2015-07-26 19:33 - 00000000 ____D C:\Users\margarito\Documents\e-Sword 2015-11-14 15:49 - 2015-07-30 22:25 - 00000000 ____D C:\Windows\system32\MRT 2015-11-14 15:46 - 2015-07-30 22:24 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-11-14 14:49 - 2014-09-24 08:41 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-11-14 14:49 - 2014-09-24 08:41 - 00000000 ____D C:\ProgramData\WildTangent 2015-11-13 22:07 - 2014-09-24 08:40 - 00000000 ____D C:\ProgramData\Skype 2015-11-13 21:54 - 2015-07-26 18:53 - 00000000 ____D C:\Users\margarito\AppData\Local\Trend Micro 2015-11-13 21:49 - 2015-09-06 08:22 - 00000000 ____D C:\AdwCleaner 2015-11-13 21:37 - 2015-07-26 18:51 - 00000000 ____D C:\ProgramData\Trend Micro 2015-11-13 21:36 - 2013-08-22 08:36 - 00000000 ___HD C:\Windows\ELAMBKUP 2015-11-13 21:34 - 2015-07-26 18:51 - 00000000 ____D C:\Program Files\Trend Micro 2015-11-12 16:27 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\rescache 2015-11-12 10:22 - 2013-08-22 08:36 - 00000000 ___RD C:\Windows\ToastData 2015-11-12 09:42 - 2013-08-22 08:20 - 00000000 ____D C:\Windows\CbsTemp 2015-11-10 19:34 - 2015-10-17 11:08 - 00003866 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier 2015-11-10 19:34 - 2015-10-17 11:08 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-11-08 07:31 - 2015-07-26 18:19 - 00000000 ____D C:\Users\margarito\AppData\Local\Packages ==================== Files in the root of some directories ======= 2015-09-06 15:02 - 2015-12-06 06:50 - 0000093 _____ () C:\Users\margarito\AppData\Roaming\sp_data.sys 2015-07-26 18:47 - 2015-07-26 18:47 - 0000036 _____ () C:\Users\margarito\AppData\Local\housecall.guid.cache 2015-08-03 08:59 - 2015-12-06 07:01 - 0000010 _____ () C:\Users\margarito\AppData\Local\sponge.last.runtime.cache 2014-11-07 18:36 - 2014-11-07 18:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Some files in TEMP: ==================== C:\Users\margarito\AppData\Local\Temp\HitmanPro_x64.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-12-01 12:20 ==================== End of FRST.txt ============================