Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016 Ran by samuel (administrator) on DESKTOP-REU8NRJ (02-09-2016 23:54:52) Running from C:\Users\samuel\Desktop Loaded Profiles: samuel (Available Profiles: samuel) Platform: Windows 10 Education Version 1607 (X64) Language: Español (México) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe (Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\GROOVE.EXE () C:\Program Files (x86)\DFX\DFX.exe (Microsoft Corporation) C:\Windows\System32\InstallAgent.exe () C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe () C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe (Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe () C:\Program Files\RogueKiller\RogueKiller64.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\MSOSYNC.EXE (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13622512 2016-08-30] (Zemana Ltd.) HKLM-x32\...\Run: [DFX] => C:\Program Files (x86)\DFX\DFX.exe [1595384 2016-06-22] () HKU\S-1-5-21-3690298984-718693576-1200642337-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation) HKU\S-1-5-21-3690298984-718693576-1200642337-1001\...\Run: [Spotify Web Helper] => C:\Users\samuel\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1523312 2016-08-27] (Spotify Ltd) HKU\S-1-5-21-3690298984-718693576-1200642337-1001\...\Run: [Spotify] => C:\Users\samuel\AppData\Roaming\Spotify\Spotify.exe [6930544 2016-08-27] (Spotify Ltd) HKU\S-1-5-21-3690298984-718693576-1200642337-1001\...\RunOnce: [Uninstall C:\Users\samuel\AppData\Local\Microsoft\OneDrive\17.3.6381.0405_3\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\samuel\AppData\Local\Microsoft\OneDrive\17.3.6381.0405_3\amd64" Startup: C:\Users\samuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneDrive para la Empresa.lnk [2016-08-29] ShortcutTarget: OneDrive para la Empresa.lnk -> C:\Program Files\Microsoft Office\root\Office16\GROOVE.EXE (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 200.94.160.248 Tcpip\..\Interfaces\{ab27a25a-0d1e-4ab6-b50f-1c7153f65f2a}: [DhcpNameServer] 200.94.160.248 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-3690298984-718693576-1200642337-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-08-27] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-08-27] (Microsoft Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-08-27] (Microsoft Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-08-27] (Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-27] (Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-08-27] (Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-27] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-08-27] (Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-27] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-08-27] (Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-27] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-08-27] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\samuel\AppData\Roaming\Mozilla\Firefox\Profiles\g0d4ssbn.default FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-08-27] () FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-08-27] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-08-27] () FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-08-27] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-08-27] (Microsoft Corporation) FF Extension: (LastPass) - C:\Users\samuel\AppData\Roaming\Mozilla\Firefox\Profiles\g0d4ssbn.default\extensions\support@lastpass.com [2016-08-27] FF Extension: (HTTPS Everywhere) - C:\Users\samuel\AppData\Roaming\Mozilla\Firefox\Profiles\g0d4ssbn.default\extensions\https-everywhere@eff.org.xpi [2016-08-27] FF Extension: (Avira Browser Safety) - C:\Users\samuel\AppData\Roaming\Mozilla\Firefox\Profiles\g0d4ssbn.default\Extensions\abs@avira.com [2016-08-31] FF Extension: (Privacy Badger) - C:\Users\samuel\AppData\Roaming\Mozilla\Firefox\Profiles\g0d4ssbn.default\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2016-08-27] FF Extension: (uBlock Origin) - C:\Users\samuel\AppData\Roaming\Mozilla\Firefox\Profiles\g0d4ssbn.default\Extensions\uBlock0@raymondhill.net.xpi [2016-08-29] FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext [2016-06-27] [not signed] FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext Chrome: ======= CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 ChromodoUpdater; C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe [2001592 2016-06-14] (Comodo) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2981056 2016-08-11] (Microsoft Corporation) R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2016-09-02] (SurfRight B.V.) R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [374360 2016-06-09] (Intel Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-06-12] () R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [991248 2016-06-22] (Bitdefender) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-07-16] (Microsoft Corporation) R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe [156016 2016-06-16] (Bitdefender) R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe [1693104 2016-06-24] (Bitdefender) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) S2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13622512 2016-08-30] (Zemana Ltd.) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831200 2015-06-12] (Intel® Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [101368 2016-07-31] (ASUS Corporation) R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1603264 2016-09-01] (BitDefender) R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [850464 2016-09-01] (BitDefender) S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender) R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [128400 2016-06-24] (BitDefender LLC) S4 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender) S3 DFX11_1; C:\Windows\system32\drivers\dfx11_1x64.sys [28008 2015-08-31] (Windows (R) Win 7 DDK provider) R3 DFX12; C:\Windows\system32\drivers\dfx12x64.sys [39048 2015-11-14] (Windows (R) Win 7 DDK provider) R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [182936 2015-12-16] (BitDefender LLC) S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [46960 2016-09-02] () S3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [35832 2014-06-03] (Intel Corporation) S3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-03] (Intel Corporation) R0 ignis; C:\Windows\system32\DRIVERS\ignis.sys [299816 2016-06-16] (Bitdefender) S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [20232 2016-08-14] (HandSet Incorporated) S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [140672 2016-09-01] (Malwarebytes) R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation) S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 netr28x; C:\Windows\System32\drivers\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.) R3 SensorsAlsDriver; C:\Windows\System32\drivers\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation) U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2016-09-02] () R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [520032 2016-03-10] (BitDefender S.R.L.) S3 viahsets; C:\Windows\System32\drivers\viahsets.sys [32136 2016-08-14] (Via Telecom, Inc.) S3 viahsser; C:\Windows\System32\drivers\viahsser.sys [62728 2016-08-14] (VIA Telecom) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2016-09-01] (Zemana Ltd.) R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2016-09-01] (Zemana Ltd.) S3 zghsser; C:\Windows\System32\drivers\zghsser.sys [133960 2016-08-14] (ZTE Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-09-02 23:54 - 2016-09-02 23:55 - 00014238 _____ C:\Users\samuel\Desktop\FRST.txt 2016-09-02 23:53 - 2016-09-02 23:54 - 02397696 _____ (Farbar) C:\Users\samuel\Desktop\FRST64.exe 2016-09-02 22:35 - 2016-09-02 22:45 - 00046960 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys 2016-09-02 22:30 - 2016-09-02 22:35 - 00002004 _____ C:\Users\Public\Desktop\HitmanPro.lnk 2016-09-02 22:30 - 2016-09-02 22:30 - 00000000 ____D C:\Program Files\HitmanPro 2016-09-02 22:13 - 2016-09-02 23:27 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys 2016-09-02 22:12 - 2016-09-02 22:12 - 31930936 _____ (Adlice Software ) C:\Users\samuel\Downloads\setup.exe 2016-09-02 22:12 - 2016-09-02 22:12 - 00000901 _____ C:\Users\Public\Desktop\RogueKiller.lnk 2016-09-02 22:12 - 2016-09-02 22:12 - 00000000 ____D C:\Program Files\RogueKiller 2016-09-02 16:22 - 2016-09-02 16:29 - 141596664 _____ C:\Users\samuel\Desktop\8d1kby20.exe 2016-09-01 23:30 - 2016-09-01 23:31 - 00265534 _____ C:\TDSSKiller.3.1.0.11_01.09.2016_23.30.26_log.txt 2016-09-01 21:45 - 2016-09-02 22:50 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-09-01 21:45 - 2016-09-01 21:45 - 00001173 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2016-09-01 21:45 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2016-09-01 21:45 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2016-09-01 21:36 - 2016-09-01 21:37 - 00912452 _____ C:\Users\samuel\Downloads\rkill.zip 2016-09-01 21:29 - 2016-09-02 23:54 - 00064744 _____ C:\WINDOWS\ZAM.krnl.trace 2016-09-01 21:29 - 2016-09-02 23:54 - 00036313 _____ C:\WINDOWS\ZAM_Guard.krnl.trace 2016-09-01 21:28 - 2016-09-01 21:28 - 00203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys 2016-09-01 21:28 - 2016-09-01 21:28 - 00203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys 2016-09-01 21:28 - 2016-09-01 21:28 - 00001219 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk 2016-09-01 21:28 - 2016-09-01 21:28 - 00000000 ____D C:\Users\samuel\AppData\Local\Zemana 2016-09-01 21:28 - 2016-09-01 21:28 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware 2016-09-01 21:27 - 2016-09-01 21:28 - 05295424 _____ ( ) C:\Users\samuel\Downloads\Zemana.AntiMalware.Setup.exe 2016-09-01 21:25 - 2016-09-01 21:45 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2016-09-01 21:24 - 2016-09-01 23:22 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-09-01 21:21 - 2016-09-01 21:21 - 00000000 ____D C:\Users\samuel\Desktop\mbam-chameleon-3.1.33.0 2016-09-01 13:42 - 2016-09-01 13:42 - 00000000 ____D C:\Users\samuel\AppData\Temp 2016-09-01 08:42 - 2016-09-01 08:42 - 00000385 _____ C:\Users\samuel\AppData\Roaminguser_gensett.xml 2016-09-01 08:31 - 2016-09-01 21:41 - 00002947 _____ C:\bdlog.txt 2016-09-01 00:33 - 2016-09-01 00:33 - 00000385 _____ C:\WINDOWS\system32\user_gensett.xml 2016-09-01 00:29 - 2016-09-01 00:29 - 00002272 _____ C:\Users\Public\Desktop\Bitdefender 2016.lnk 2016-09-01 00:29 - 2013-09-08 20:04 - 00023568 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys 2016-09-01 00:29 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\capicom.dll 2016-09-01 00:28 - 2016-09-01 00:45 - 01603264 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys 2016-09-01 00:28 - 2016-09-01 00:45 - 00850464 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys 2016-09-01 00:28 - 2016-06-16 16:45 - 00299816 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\ignis.sys 2016-09-01 00:28 - 2015-12-04 19:27 - 00087912 _____ (BitDefender) C:\WINDOWS\system32\Drivers\bdvedisk.sys 2016-09-01 00:04 - 2016-09-01 00:39 - 00000000 ____D C:\Users\samuel\AppData\Roaming\Bitdefender 2016-08-31 23:59 - 2016-08-31 23:59 - 00000000 ____D C:\Program Files\Bitdefender 2016-08-31 23:59 - 2016-03-10 07:41 - 00520032 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys 2016-08-31 23:59 - 2015-12-16 05:53 - 00182936 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys 2016-08-31 23:58 - 2016-08-31 23:59 - 00000000 ____D C:\Program Files\Common Files\Bitdefender 2016-08-31 23:58 - 2016-08-31 23:58 - 00000000 ____D C:\Users\samuel\AppData\Roaming\QuickScan 2016-08-31 22:32 - 2016-08-31 22:32 - 00003794 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 2016-08-31 22:29 - 2016-09-02 23:49 - 00000000 ____D C:\Program Files\Bitdefender Agent 2016-08-31 21:22 - 2016-08-31 21:27 - 173597920 _____ (COMODO) C:\Users\samuel\Downloads\cispremium_installer.exe 2016-08-31 21:06 - 2016-08-31 21:37 - 00000000 ____D C:\Program Files (x86)\Avira 2016-08-31 21:06 - 2016-08-31 21:06 - 04439864 _____ (Avira Operations GmbH & Co. KG) C:\Users\samuel\Downloads\avira_es_av_57c79b08afc63__ws.exe 2016-08-31 20:19 - 2016-08-27 20:36 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2016-08-31 20:01 - 2016-08-31 20:17 - 10747424 _____ C:\Users\samuel\Desktop\bitdefender_isecurity.exe 2016-08-31 17:21 - 2016-08-27 03:37 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll 2016-08-31 17:21 - 2016-08-26 22:58 - 03893376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2016-08-31 17:21 - 2016-08-26 22:58 - 00121368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2016-08-31 17:21 - 2016-08-26 22:43 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\encapi.dll 2016-08-31 17:21 - 2016-08-26 22:38 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll 2016-08-31 17:21 - 2016-08-26 22:37 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll 2016-08-31 17:21 - 2016-08-20 00:26 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2016-08-31 17:21 - 2016-08-19 23:46 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-08-31 17:21 - 2016-08-19 23:34 - 01430200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2016-08-31 17:21 - 2016-08-19 23:34 - 00782176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2016-08-31 17:21 - 2016-08-19 23:34 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll 2016-08-31 17:21 - 2016-08-19 23:33 - 05722312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2016-08-31 17:21 - 2016-08-19 23:33 - 00852824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2016-08-31 17:21 - 2016-08-19 23:32 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2016-08-31 17:21 - 2016-08-19 23:32 - 00846552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2016-08-31 17:21 - 2016-08-19 23:29 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-08-31 17:21 - 2016-08-19 23:29 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2016-08-31 17:21 - 2016-08-19 23:29 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2016-08-31 17:21 - 2016-08-19 23:25 - 01264912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2016-08-31 17:21 - 2016-08-19 23:16 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2016-08-31 17:21 - 2016-08-19 23:14 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_G18030.DLL 2016-08-31 17:21 - 2016-08-19 23:14 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll 2016-08-31 17:21 - 2016-08-19 23:14 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll 2016-08-31 17:21 - 2016-08-19 23:14 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_IS2022.DLL 2016-08-31 17:21 - 2016-08-19 23:14 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\c_GSM7.DLL 2016-08-31 17:21 - 2016-08-19 23:13 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll 2016-08-31 17:21 - 2016-08-19 23:11 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll 2016-08-31 17:21 - 2016-08-19 23:09 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe 2016-08-31 17:21 - 2016-08-19 23:08 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2016-08-31 17:21 - 2016-08-19 23:08 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll 2016-08-31 17:21 - 2016-08-19 23:07 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2016-08-31 17:21 - 2016-08-19 23:07 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2016-08-31 17:21 - 2016-08-19 23:07 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll 2016-08-31 17:21 - 2016-08-19 23:06 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2016-08-31 17:21 - 2016-08-19 23:06 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe 2016-08-31 17:21 - 2016-08-19 23:05 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2016-08-31 17:21 - 2016-08-19 23:04 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe 2016-08-31 17:21 - 2016-08-19 23:04 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2016-08-31 17:21 - 2016-08-19 23:04 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll 2016-08-31 17:21 - 2016-08-19 23:04 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2016-08-31 17:21 - 2016-08-19 23:03 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll 2016-08-31 17:21 - 2016-08-19 23:01 - 04612096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2016-08-31 17:21 - 2016-08-19 23:01 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll 2016-08-31 17:21 - 2016-08-19 23:00 - 19423232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-08-31 17:21 - 2016-08-19 23:00 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll 2016-08-31 17:21 - 2016-08-19 23:00 - 00141824 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DscCoreConfProv.dll 2016-08-31 17:21 - 2016-08-19 22:59 - 07624192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-08-31 17:21 - 2016-08-19 22:59 - 01106944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll 2016-08-31 17:21 - 2016-08-19 22:59 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll 2016-08-31 17:21 - 2016-08-19 22:59 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll 2016-08-31 17:21 - 2016-08-19 22:58 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi_passthru.dll 2016-08-31 17:21 - 2016-08-19 22:57 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll 2016-08-31 17:21 - 2016-08-19 22:56 - 02711040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll 2016-08-31 17:21 - 2016-08-19 22:56 - 02143232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll 2016-08-31 17:21 - 2016-08-19 22:56 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\delegatorprovider.dll 2016-08-31 17:21 - 2016-08-19 22:55 - 19418624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-08-31 17:21 - 2016-08-19 22:54 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll 2016-08-31 17:21 - 2016-08-19 22:53 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll 2016-08-31 17:21 - 2016-08-19 22:52 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll 2016-08-31 17:21 - 2016-08-19 22:51 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-08-31 17:21 - 2016-08-19 22:51 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2016-08-31 17:21 - 2016-08-19 22:51 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll 2016-08-31 17:21 - 2016-08-19 22:50 - 01875456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2016-08-31 17:21 - 2016-08-19 22:49 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2016-08-31 17:21 - 2016-08-19 22:46 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe 2016-08-31 17:19 - 2016-08-19 23:21 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll 2016-08-31 17:19 - 2016-08-19 23:16 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll 2016-08-31 17:19 - 2016-08-19 23:08 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll 2016-08-31 17:19 - 2016-08-19 23:08 - 00204288 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll 2016-08-31 17:19 - 2016-08-19 22:58 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll 2016-08-31 17:18 - 2016-08-26 23:12 - 04130944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2016-08-31 17:18 - 2016-08-26 23:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2016-08-31 17:18 - 2016-08-26 22:39 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll 2016-08-31 17:18 - 2016-08-26 22:38 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll 2016-08-31 17:18 - 2016-08-26 22:25 - 00804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll 2016-08-31 17:18 - 2016-08-20 00:06 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2016-08-31 17:18 - 2016-08-20 00:04 - 07814488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-08-31 17:18 - 2016-08-20 00:03 - 02257248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2016-08-31 17:18 - 2016-08-20 00:03 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-08-31 17:18 - 2016-08-19 23:52 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2016-08-31 17:18 - 2016-08-19 23:52 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-08-31 17:18 - 2016-08-19 23:52 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2016-08-31 17:18 - 2016-08-19 23:52 - 01279328 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2016-08-31 17:18 - 2016-08-19 23:52 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2016-08-31 17:18 - 2016-08-19 23:52 - 00658776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-08-31 17:18 - 2016-08-19 23:52 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2016-08-31 17:18 - 2016-08-19 23:51 - 00681312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys 2016-08-31 17:18 - 2016-08-19 23:50 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2016-08-31 17:18 - 2016-08-19 23:47 - 22218808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-08-31 17:18 - 2016-08-19 23:47 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll 2016-08-31 17:18 - 2016-08-19 23:47 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2016-08-31 17:18 - 2016-08-19 23:43 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2016-08-31 17:18 - 2016-08-19 23:42 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2016-08-31 17:18 - 2016-08-19 23:22 - 22571008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-08-31 17:18 - 2016-08-19 23:22 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll 2016-08-31 17:18 - 2016-08-19 23:21 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2016-08-31 17:18 - 2016-08-19 23:21 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_G18030.DLL 2016-08-31 17:18 - 2016-08-19 23:21 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll 2016-08-31 17:18 - 2016-08-19 23:21 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll 2016-08-31 17:18 - 2016-08-19 23:21 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2016-08-31 17:18 - 2016-08-19 23:21 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\c_GSM7.DLL 2016-08-31 17:18 - 2016-08-19 23:20 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll 2016-08-31 17:18 - 2016-08-19 23:20 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll 2016-08-31 17:18 - 2016-08-19 23:20 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll 2016-08-31 17:18 - 2016-08-19 23:20 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL 2016-08-31 17:18 - 2016-08-19 23:19 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll 2016-08-31 17:18 - 2016-08-19 23:19 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll 2016-08-31 17:18 - 2016-08-19 23:18 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll 2016-08-31 17:18 - 2016-08-19 23:18 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2016-08-31 17:18 - 2016-08-19 23:18 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe 2016-08-31 17:18 - 2016-08-19 23:17 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll 2016-08-31 17:18 - 2016-08-19 23:17 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2016-08-31 17:18 - 2016-08-19 23:17 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll 2016-08-31 17:18 - 2016-08-19 23:15 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2016-08-31 17:18 - 2016-08-19 23:15 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll 2016-08-31 17:18 - 2016-08-19 23:15 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll 2016-08-31 17:18 - 2016-08-19 23:15 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2016-08-31 17:18 - 2016-08-19 23:14 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll 2016-08-31 17:18 - 2016-08-19 23:14 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll 2016-08-31 17:18 - 2016-08-19 23:13 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-08-31 17:18 - 2016-08-19 23:13 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2016-08-31 17:18 - 2016-08-19 23:13 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe 2016-08-31 17:18 - 2016-08-19 23:12 - 01014784 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll 2016-08-31 17:18 - 2016-08-19 23:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2016-08-31 17:18 - 2016-08-19 23:12 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2016-08-31 17:18 - 2016-08-19 23:12 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2016-08-31 17:18 - 2016-08-19 23:12 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll 2016-08-31 17:18 - 2016-08-19 23:11 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2016-08-31 17:18 - 2016-08-19 23:11 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2016-08-31 17:18 - 2016-08-19 23:10 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2016-08-31 17:18 - 2016-08-19 23:10 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2016-08-31 17:18 - 2016-08-19 23:09 - 09128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-08-31 17:18 - 2016-08-19 23:09 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2016-08-31 17:18 - 2016-08-19 23:09 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll 2016-08-31 17:18 - 2016-08-19 23:08 - 01906176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll 2016-08-31 17:18 - 2016-08-19 23:08 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll 2016-08-31 17:18 - 2016-08-19 23:07 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll 2016-08-31 17:18 - 2016-08-19 23:07 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll 2016-08-31 17:18 - 2016-08-19 23:06 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll 2016-08-31 17:18 - 2016-08-19 23:04 - 23682560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-08-31 17:18 - 2016-08-19 23:04 - 03245056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll 2016-08-31 17:18 - 2016-08-19 23:04 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll 2016-08-31 17:18 - 2016-08-19 23:03 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2016-08-31 17:18 - 2016-08-19 23:03 - 02846208 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll 2016-08-31 17:18 - 2016-08-19 23:02 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll 2016-08-31 17:18 - 2016-08-19 23:01 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll 2016-08-31 17:18 - 2016-08-19 23:00 - 08124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-08-31 17:18 - 2016-08-19 22:59 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2016-08-31 17:18 - 2016-08-19 22:57 - 02680832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2016-08-31 17:18 - 2016-08-19 22:57 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2016-08-31 17:18 - 2016-08-19 22:56 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-08-31 17:18 - 2016-08-19 22:56 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2016-08-31 17:18 - 2016-08-19 22:56 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2016-08-31 17:18 - 2016-08-19 22:55 - 00726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2016-08-31 17:18 - 2016-08-19 22:53 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-08-31 17:18 - 2016-08-19 22:53 - 03299328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe 2016-08-31 17:18 - 2016-08-18 19:33 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS 2016-08-31 17:17 - 2016-08-27 06:45 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll 2016-08-31 17:17 - 2016-08-26 22:44 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll 2016-08-31 17:17 - 2016-08-20 00:13 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2016-08-31 17:17 - 2016-08-20 00:06 - 01046976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2016-08-31 17:17 - 2016-08-20 00:06 - 00885832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2016-08-31 17:17 - 2016-08-20 00:05 - 01377008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe 2016-08-31 17:17 - 2016-08-20 00:04 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-08-31 17:17 - 2016-08-20 00:04 - 01163696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-08-31 17:17 - 2016-08-19 23:52 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll 2016-08-31 17:17 - 2016-08-19 23:50 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2016-08-31 17:17 - 2016-08-19 23:50 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2016-08-31 17:17 - 2016-08-19 23:50 - 01099608 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2016-08-31 17:17 - 2016-08-19 23:50 - 00987992 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2016-08-31 17:17 - 2016-08-19 23:50 - 00942424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi 2016-08-31 17:17 - 2016-08-19 23:50 - 00807776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe 2016-08-31 17:17 - 2016-08-19 23:50 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys 2016-08-31 17:17 - 2016-08-19 23:50 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll 2016-08-31 17:17 - 2016-08-19 23:20 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys 2016-08-31 17:17 - 2016-08-19 23:16 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll 2016-08-31 17:17 - 2016-08-19 23:12 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2016-08-31 17:17 - 2016-08-19 23:12 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll 2016-08-31 17:17 - 2016-08-19 23:11 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll 2016-08-31 17:17 - 2016-08-19 23:10 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2016-08-31 17:17 - 2016-08-19 23:07 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll 2016-08-31 17:17 - 2016-08-19 23:07 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll 2016-08-31 17:17 - 2016-08-19 23:05 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll 2016-08-31 17:17 - 2016-08-19 23:03 - 00944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2016-08-31 17:17 - 2016-08-19 22:59 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll 2016-08-31 17:17 - 2016-08-19 22:59 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2016-08-31 17:17 - 2016-08-19 22:57 - 02264064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-08-31 17:17 - 2016-08-19 22:56 - 02289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2016-08-31 17:17 - 2016-08-19 22:56 - 01006080 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll 2016-08-31 00:23 - 2016-08-31 00:23 - 00000350 _____ C:\WINDOWS\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}.job 2016-08-30 23:51 - 2016-09-01 21:38 - 00003556 _____ C:\Users\samuel\Desktop\Rkill.txt 2016-08-30 23:51 - 2016-08-30 23:51 - 01106888 _____ (Bleeping Computer, LLC) C:\Users\samuel\Desktop\rkill64.com 2016-08-30 23:36 - 2016-08-30 23:37 - 00267976 _____ C:\TDSSKiller.3.1.0.11_30.08.2016_23.36.28_log.txt 2016-08-30 23:03 - 2016-08-30 23:03 - 00000000 ____D C:\Program Files (x86)\Comodo 2016-08-29 20:45 - 2016-09-02 23:26 - 00000000 ___RD C:\Users\samuel\OD 2 2016-08-28 22:10 - 2016-08-28 22:10 - 00000000 ____D C:\Program Files\CMAK 2016-08-28 22:10 - 2016-08-28 22:10 - 00000000 ____D C:\Program Files (x86)\CMAK 2016-08-28 22:08 - 2016-08-28 22:08 - 00000000 ____D C:\Users\samuel\AppData\Local\DFX 2016-08-28 22:03 - 2016-08-31 20:03 - 00000000 ____D C:\Users\SophosSAUDESKTOP-RE0 2016-08-28 22:03 - 2016-08-31 20:03 - 00000000 ____D C:\Users\Invitado 2016-08-28 22:03 - 2016-08-31 20:03 - 00000000 ____D C:\Users\DefaultAccount 2016-08-28 22:03 - 2016-08-31 20:03 - 00000000 ____D C:\Users\Administrador 2016-08-28 22:03 - 2016-08-28 22:03 - 00001682 _____ C:\Users\Public\Desktop\DFX.lnk 2016-08-28 22:03 - 2016-08-28 22:03 - 00000000 ____D C:\Users\SophosSAUDESKTOP-RE0\AppData\Roaming\vlc 2016-08-28 22:03 - 2016-08-28 22:03 - 00000000 ____D C:\Users\samuel\AppData\Roaming\vlc 2016-08-28 22:03 - 2016-08-28 22:03 - 00000000 ____D C:\Users\Invitado\AppData\Roaming\vlc 2016-08-28 22:03 - 2016-08-28 22:03 - 00000000 ____D C:\Users\DefaultAccount\AppData\Roaming\vlc 2016-08-28 22:03 - 2016-08-28 22:03 - 00000000 ____D C:\Users\Administrador\AppData\Roaming\vlc 2016-08-28 22:03 - 2016-08-28 22:03 - 00000000 ____D C:\Program Files (x86)\DFX 2016-08-28 22:01 - 2016-08-28 22:02 - 05122840 _____ (Power Technology) C:\Users\samuel\Downloads\dfx12Setup.exe 2016-08-28 21:54 - 2016-08-28 22:01 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-08-28 21:53 - 2016-08-28 21:53 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-08-28 21:50 - 2016-08-28 21:50 - 00000000 ____D C:\Users\samuel\AppData\Local\PeerDistRepub 2016-08-28 21:28 - 2016-08-28 21:28 - 00000000 ____D C:\Program Files (x86)\ESET 2016-08-27 23:03 - 2016-09-01 15:47 - 00000000 ____D C:\Users\samuel\AppData\Local\Spotify 2016-08-27 23:03 - 2016-08-31 22:44 - 00000000 ____D C:\Users\samuel\AppData\Roaming\Telegram Desktop 2016-08-27 23:03 - 2016-08-27 23:03 - 00001843 _____ C:\Users\samuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2016-08-27 23:03 - 2016-08-27 23:03 - 00000000 ____D C:\Users\samuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop 2016-08-27 23:02 - 2016-08-27 23:03 - 16264744 _____ (Telegram Messenger LLP ) C:\Users\samuel\Downloads\tsetup.0.10.1.exe 2016-08-27 23:01 - 2016-09-01 15:42 - 00000000 ____D C:\Users\samuel\AppData\Roaming\Spotify 2016-08-27 23:01 - 2016-08-27 23:01 - 00356056 _____ (Spotify Ltd) C:\Users\samuel\Downloads\SpotifySetup.exe 2016-08-27 22:59 - 2016-08-27 22:59 - 00002872 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2016-08-27 22:59 - 2016-08-27 22:59 - 00000865 _____ C:\Users\Public\Desktop\CCleaner.lnk 2016-08-27 22:59 - 2016-08-27 22:59 - 00000000 ____D C:\Users\samuel\AppData\Local\Steam 2016-08-27 22:59 - 2016-08-27 22:59 - 00000000 ____D C:\Users\samuel\AppData\Local\CEF 2016-08-27 22:59 - 2016-08-27 22:59 - 00000000 ____D C:\Program Files\CCleaner 2016-08-27 22:57 - 2016-08-27 22:57 - 08227032 _____ (Piriform Ltd) C:\Users\samuel\Downloads\ccsetup521.exe 2016-08-27 22:54 - 2016-08-28 19:10 - 00000000 ____D C:\Program Files (x86)\Steam 2016-08-27 22:54 - 2016-08-27 22:54 - 00001034 _____ C:\Users\Public\Desktop\Steam.lnk 2016-08-27 22:53 - 2016-08-27 22:53 - 01446792 _____ C:\Users\samuel\Downloads\SteamSetup.exe 2016-08-27 22:41 - 2016-08-27 22:41 - 00000000 ____D C:\Program Files\Common Files\DESIGNER 2016-08-27 21:40 - 2016-08-28 22:14 - 00000838 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-08-27 21:40 - 2016-08-27 21:40 - 00003814 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2016-08-27 21:40 - 2016-08-27 21:40 - 00000000 ____D C:\Users\samuel\AppData\Roaming\Macromedia 2016-08-27 21:40 - 2016-08-27 21:40 - 00000000 ____D C:\Users\samuel\AppData\Local\Macromedia 2016-08-27 21:38 - 2016-08-27 21:40 - 00000000 ____D C:\Users\samuel\AppData\Local\Adobe 2016-08-27 21:04 - 2016-08-31 20:04 - 00000000 ____D C:\Program Files\Common Files\AV 2016-08-27 20:54 - 2016-08-27 20:55 - 02307616 _____ (Kaspersky Lab) C:\Users\samuel\Downloads\kts17.0.0.611en_10781.exe 2016-08-27 19:44 - 2016-08-27 19:44 - 00000000 ____D C:\WINDOWS\system32\appmgmt 2016-08-27 19:42 - 2016-08-27 19:42 - 00000000 _____ C:\WINDOWS\System32\Tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82} 2016-08-27 19:40 - 2016-08-27 19:40 - 00000000 _____ C:\WINDOWS\System32\Tasks\CIS_{15198508-521A-4D69-8E5B-B94A6CCFF805} 2016-08-27 19:33 - 2016-08-27 19:33 - 00000000 ____D C:\WINDOWS\Options 2016-08-27 19:33 - 2016-08-27 19:33 - 00000000 ____D C:\Program Files (x86)\Qualcomm Atheros 2016-08-27 19:33 - 2015-07-22 02:59 - 00094864 ____N C:\WINDOWS\system32\athw10x.cat 2016-08-27 19:33 - 2015-07-14 18:04 - 04317808 ____N (Qualcomm Atheros Communications, Inc.) C:\WINDOWS\system32\athw10x.sys 2016-08-27 19:32 - 2016-08-27 19:33 - 00000000 ____D C:\Users\samuel\Desktop\WLAN_QualcommAtheros_Win10_64_VER1000324 2016-08-27 19:32 - 2016-08-27 19:32 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles 2016-08-27 19:32 - 2016-08-27 19:32 - 00000000 ____D C:\Users\samuel\AppData\Roaming\Intel 2016-08-27 19:31 - 2016-08-27 19:31 - 00000000 ____D C:\Users\samuel\Intel.sav 2016-08-27 19:31 - 2016-08-27 19:31 - 00000000 ____D C:\Program Files\Common Files\Intel 2016-08-27 19:31 - 2016-08-27 19:31 - 00000000 ____D C:\Program Files (x86)\Intel 2016-08-27 19:31 - 2016-08-27 19:31 - 00000000 ____D C:\Program Files (x86)\Cisco 2016-08-27 19:29 - 2016-08-27 19:33 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-08-27 19:29 - 2016-08-27 19:30 - 00000000 ____D C:\Users\samuel\Desktop\WLAN_Intel_Win10_64_VER181212 2016-08-27 19:29 - 2015-06-12 13:03 - 00343712 _____ (Mediatek Inc.) C:\WINDOWS\system32\RaCoInstx.dll 2016-08-27 19:29 - 2015-06-12 12:59 - 02554528 _____ (MediaTek Inc.) C:\WINDOWS\system32\Drivers\netr28x.sys 2016-08-27 19:29 - 2015-06-12 12:57 - 00016103 _____ C:\WINDOWS\system32\RaCoInst.dat 2016-08-27 19:28 - 2016-08-27 19:28 - 00000000 ____D C:\Users\samuel\Desktop\WLAN_Ralink_Win10_64_VER50570 2016-08-27 19:26 - 2016-09-01 21:45 - 00000000 ____D C:\Users\samuel\AppData\Local\ElevatedDiagnostics 2016-08-27 19:19 - 2016-08-27 19:19 - 00000000 ____D C:\WINDOWS\System32\Tasks\COMODO 2016-08-27 19:17 - 2016-08-27 19:17 - 00000000 ____D C:\Users\samuel\AppData\Local\Comodo 2016-08-27 19:11 - 2016-08-27 19:14 - 173597920 _____ (COMODO) C:\Users\samuel\Downloads\cispremium_installer_6100_08.exe 2016-08-27 19:04 - 2016-09-02 23:36 - 00000000 ____D C:\Program Files\Microsoft Office 2016-08-27 19:04 - 2016-08-27 19:04 - 00000000 ____D C:\Program Files\Microsoft Office 15 2016-08-27 19:03 - 2016-08-27 19:03 - 05334720 _____ (Microsoft Corporation) C:\Users\samuel\Downloads\Setup.X64.es-es_O365ProPlusRetail_02da1f93-8fed-4250-bd7b-dc8c1f6161f6_TX_PR_b_32_.exe 2016-08-27 18:53 - 2016-08-27 18:59 - 00000000 ____D C:\Users\samuel\AppData\Local\Mozilla 2016-08-27 18:53 - 2016-08-27 18:53 - 00000000 ____D C:\Users\samuel\AppData\Roaming\Mozilla 2016-08-27 18:52 - 2016-08-27 18:52 - 00001218 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2016-08-27 18:52 - 2016-08-27 18:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-08-27 18:52 - 2016-08-27 18:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-08-27 18:51 - 2016-08-27 22:46 - 00002368 _____ C:\Users\samuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-08-27 18:50 - 2016-08-27 18:51 - 00242288 _____ C:\Users\samuel\Downloads\Firefox Setup Stub 48.0.2.exe 2016-08-27 18:50 - 2016-08-27 18:50 - 00000000 ____D C:\Users\samuel\AppData\Local\MicrosoftEdge 2016-08-27 18:40 - 2016-08-27 18:42 - 00248124 _____ C:\TDSSKiller.3.1.0.11_27.08.2016_18.40.30_log.txt 2016-08-27 18:32 - 2016-09-02 22:48 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2016-08-27 18:30 - 2016-08-27 18:30 - 00000000 ____D C:\WINDOWS\pss 2016-08-27 18:27 - 2016-08-27 21:10 - 00000000 ____D C:\WINDOWS\Minidump 2016-08-27 18:25 - 2016-08-27 18:25 - 00000000 ____D C:\Users\samuel\AppData\Local\Comms 2016-08-27 18:24 - 2016-08-27 18:24 - 00000000 ____D C:\Users\samuel\AppData\Local\Publishers 2016-08-27 18:23 - 2016-08-30 14:09 - 00000000 ____D C:\Users\samuel\AppData\Local\Packages 2016-08-27 18:23 - 2016-08-27 18:23 - 00000000 ____D C:\Users\samuel\AppData\Roaming\Adobe 2016-08-27 18:23 - 2016-08-27 18:23 - 00000000 ____D C:\Users\samuel\AppData\Local\VirtualStore 2016-08-27 18:23 - 2016-08-27 18:23 - 00000000 ____D C:\Users\samuel\AppData\Local\TileDataLayer 2016-08-27 18:22 - 2016-08-27 18:30 - 00000000 ____D C:\Users\samuel\AppData\Local\ConnectedDevicesPlatform 2016-08-27 18:22 - 2016-08-27 18:22 - 00000020 ___SH C:\Users\samuel\ntuser.ini 2016-08-27 18:05 - 2016-09-02 23:52 - 02633154 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-08-27 18:05 - 2016-08-27 18:05 - 00012024 _____ C:\Users\samuel\Desktop\Aplicaciones quitadas.html 2016-08-27 17:58 - 2016-09-02 21:32 - 00000000 ____D C:\Users\samuel 2016-08-27 17:52 - 2016-09-02 23:25 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-08-27 17:52 - 2016-08-27 19:31 - 00000000 ____D C:\Program Files\Intel 2016-08-27 17:52 - 2016-08-27 17:52 - 00319056 _____ C:\WINDOWS\system32\Drivers\RTWAVES40.dat 2016-08-27 17:52 - 2016-08-27 17:52 - 00006786 _____ C:\WINDOWS\system32\Drivers\rtwavesEFX.dat 2016-08-27 17:52 - 2016-08-27 17:52 - 00003260 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_ListenToDevice 2016-08-27 17:52 - 2016-08-27 17:52 - 00003202 _____ C:\WINDOWS\System32\Tasks\RtHDVBg 2016-08-27 17:52 - 2016-08-27 17:52 - 00003194 _____ C:\WINDOWS\System32\Tasks\RTKCPL 2016-08-27 17:52 - 2016-08-27 17:52 - 00002626 _____ C:\WINDOWS\system32\Drivers\rtwavesMFX.dat 2016-08-27 17:52 - 2016-08-27 17:52 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat 2016-08-27 17:52 - 2016-08-27 17:52 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf 2016-08-27 17:52 - 2016-08-27 17:52 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2016-08-27 17:52 - 2016-08-27 17:52 - 00000000 ____D C:\Program Files\Realtek 2016-08-27 17:52 - 2016-08-27 17:52 - 00000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin 2016-08-27 17:52 - 2016-05-27 15:50 - 00100488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL 2016-08-27 17:49 - 2016-07-16 05:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2016-08-27 17:46 - 2016-09-02 23:46 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2016-08-27 17:46 - 2016-09-02 23:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-08-27 17:46 - 2016-08-31 21:38 - 00340760 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-08-27 17:44 - 2016-08-27 18:07 - 00000000 ___DC C:\WINDOWS\Panther 2016-08-27 17:44 - 2016-08-27 17:44 - 00000000 ____D C:\WINDOWS\InfusedApps 2016-08-27 17:43 - 2016-09-01 14:10 - 00000000 ____D C:\Windows.old 2016-08-27 17:43 - 2016-08-27 17:46 - 00000000 ____D C:\WINDOWS\ServiceProfiles 2016-08-27 17:43 - 2016-08-27 17:43 - 00008192 _____ C:\WINDOWS\system32\config\userdiff 2016-08-27 17:41 - 2016-08-27 17:41 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2016-08-27 17:41 - 2016-08-27 17:41 - 00000000 ____D C:\WINDOWS\Setup 2016-08-27 17:41 - 2016-08-27 17:41 - 00000000 ____D C:\WINDOWS\OCR 2016-08-27 17:41 - 2016-08-27 17:41 - 00000000 ____D C:\Program Files\Reference Assemblies 2016-08-27 17:41 - 2016-08-27 17:41 - 00000000 ____D C:\Program Files\MSBuild 2016-08-27 17:41 - 2016-08-27 17:41 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2016-08-27 17:41 - 2016-08-27 17:41 - 00000000 ____D C:\Program Files (x86)\MSBuild 2016-08-27 17:40 - 2016-09-02 23:52 - 01222884 _____ C:\WINDOWS\system32\perfh00A.dat 2016-08-27 17:40 - 2016-09-02 23:52 - 00280360 _____ C:\WINDOWS\system32\perfc00A.dat 2016-08-27 17:40 - 2016-08-27 17:39 - 00346498 _____ C:\WINDOWS\system32\perfi00A.dat 2016-08-27 17:40 - 2016-08-27 17:39 - 00043804 _____ C:\WINDOWS\system32\perfd00A.dat 2016-08-27 17:39 - 2016-08-27 17:39 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm 2016-08-27 17:39 - 2016-08-27 17:39 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN 2016-08-27 17:39 - 2016-08-27 17:39 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep 2016-08-27 17:39 - 2016-08-27 17:39 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr 2016-08-27 17:39 - 2016-08-27 17:39 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts 2016-08-27 17:39 - 2016-08-27 17:39 - 00000000 ____D C:\WINDOWS\SysWOW64\es 2016-08-27 17:39 - 2016-08-27 17:39 - 00000000 ____D C:\WINDOWS\SysWOW64\0409 2016-08-27 17:39 - 2016-08-27 17:39 - 00000000 ____D C:\WINDOWS\system32\winrm 2016-08-27 17:39 - 2016-08-27 17:39 - 00000000 ____D C:\WINDOWS\system32\WCN 2016-08-27 17:39 - 2016-08-27 17:39 - 00000000 ____D C:\WINDOWS\system32\slmgr 2016-08-27 17:39 - 2016-08-27 17:39 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts 2016-08-27 17:39 - 2016-08-27 17:39 - 00000000 ____D C:\WINDOWS\system32\es 2016-08-27 17:39 - 2016-08-27 17:39 - 00000000 ____D C:\WINDOWS\system32\0409 2016-08-27 17:39 - 2016-08-27 17:39 - 00000000 ____D C:\WINDOWS\DigitalLocker 2016-08-27 17:36 - 2016-08-25 23:43 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-08-27 17:36 - 2016-08-25 23:43 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-08-27 17:34 - 2016-09-02 23:49 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-08-27 17:34 - 2016-09-02 23:43 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-08-27 17:34 - 2016-09-02 23:41 - 00000000 ___HD C:\Program Files\WindowsApps 2016-08-27 17:34 - 2016-08-31 21:56 - 00000000 ____D C:\WINDOWS\rescache 2016-08-27 17:34 - 2016-08-31 21:34 - 00000000 ___SD C:\WINDOWS\system32\dsc 2016-08-27 17:34 - 2016-08-31 21:34 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-08-27 17:34 - 2016-08-31 21:34 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2016-08-27 17:34 - 2016-08-31 21:34 - 00000000 ____D C:\WINDOWS\ShellExperiences 2016-08-27 17:34 - 2016-08-31 21:34 - 00000000 ____D C:\WINDOWS\Provisioning 2016-08-27 17:34 - 2016-08-31 21:34 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2016-08-27 17:34 - 2016-08-31 21:34 - 00000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2016-08-27 17:34 - 2016-08-28 22:11 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-08-27 17:34 - 2016-08-28 19:08 - 00000000 ____D C:\WINDOWS\appcompat 2016-08-27 17:34 - 2016-08-27 22:41 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-08-27 17:34 - 2016-08-27 21:40 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2016-08-27 17:34 - 2016-08-27 21:40 - 00000000 ____D C:\WINDOWS\system32\Macromed 2016-08-27 17:34 - 2016-08-27 18:05 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase 2016-08-27 17:34 - 2016-08-27 18:04 - 00000000 __RHD C:\Users\Public\Libraries 2016-08-27 17:34 - 2016-08-27 17:59 - 00000000 ____D C:\WINDOWS\system32\spool 2016-08-27 17:34 - 2016-08-27 17:59 - 00000000 ____D C:\WINDOWS\system32\FxsTmp 2016-08-27 17:34 - 2016-08-27 17:59 - 00000000 ____D C:\WINDOWS\CSC 2016-08-27 17:34 - 2016-08-27 17:57 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2016-08-27 17:34 - 2016-08-27 17:54 - 00000000 ___RD C:\WINDOWS\PrintDialog 2016-08-27 17:34 - 2016-08-27 17:54 - 00000000 ___RD C:\WINDOWS\MiracastView 2016-08-27 17:34 - 2016-08-27 17:44 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template 2016-08-27 17:34 - 2016-08-27 17:41 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI 2016-08-27 17:34 - 2016-08-27 17:41 - 00000000 ____D C:\WINDOWS\SystemApps 2016-08-27 17:34 - 2016-08-27 17:41 - 00000000 ____D C:\WINDOWS\system32\MUI 2016-08-27 17:34 - 2016-08-27 17:39 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12 2016-08-27 17:34 - 2016-08-27 17:39 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2016-08-27 17:34 - 2016-08-27 17:39 - 00000000 ___SD C:\WINDOWS\system32\F12 2016-08-27 17:34 - 2016-08-27 17:39 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs 2016-08-27 17:34 - 2016-08-27 17:39 - 00000000 ___RD C:\Program Files\Windows Defender 2016-08-27 17:34 - 2016-08-27 17:39 - 00000000 ____D C:\WINDOWS\SysWOW64\setup 2016-08-27 17:34 - 2016-08-27 17:39 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe 2016-08-27 17:34 - 2016-08-27 17:39 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2016-08-27 17:34 - 2016-08-27 17:39 - 00000000 ____D C:\WINDOWS\SysWOW64\Com 2016-08-27 17:34 - 2016-08-27 17:39 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2016-08-27 17:34 - 2016-08-27 17:39 - 00000000 ____D C:\WINDOWS\system32\setup 2016-08-27 17:34 - 2016-08-27 17:39 - 00000000 ____D C:\WINDOWS\system32\oobe 2016-08-27 17:34 - 2016-08-27 17:39 - 00000000 ____D C:\WINDOWS\system32\migwiz 2016-08-27 17:34 - 2016-08-27 17:39 - 00000000 ____D C:\WINDOWS\system32\Dism 2016-08-27 17:34 - 2016-08-27 17:39 - 00000000 ____D C:\WINDOWS\system32\Com 2016-08-27 17:34 - 2016-08-27 17:39 - 00000000 ____D C:\WINDOWS\IME 2016-08-27 17:34 - 2016-08-27 17:39 - 00000000 ____D C:\WINDOWS\Help 2016-08-27 17:34 - 2016-08-27 17:39 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2016-08-27 17:34 - 2016-08-27 17:39 - 00000000 ____D C:\Program Files\Common Files\System 2016-08-27 17:34 - 2016-08-27 17:39 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2016-08-27 17:34 - 2016-08-27 17:39 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 __SHD C:\Program Files\Windows Sidebar 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 __RSD C:\WINDOWS\Media 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ___SD C:\WINDOWS\SysWOW64\Nui 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ___SD C:\WINDOWS\SysWOW64\Configuration 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ___SD C:\WINDOWS\system32\Nui 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ___SD C:\WINDOWS\system32\Configuration 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ___RD C:\WINDOWS\Offline Web Pages 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\Web 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\Vss 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\tracing 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\TAPI 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\SysWOW64\ras 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\SysWOW64\NDF 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\SysWOW64\MsDtc 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\SysWOW64\Ipmi 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\SysWOW64\InputMethod 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\SysWOW64\IME 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\SysWOW64\icsxml 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\SysWOW64\FxsTmp 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\SysWOW64\downlevel 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\SysWOW64\Bthprops 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\SysWOW64\AppLocker 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\SystemResources 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\system32\WinMetadata 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\system32\winevt 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\system32\ras 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\system32\ProximityToast 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\system32\PointOfService 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\system32\MsDtc 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\system32\Ipmi 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\system32\InputMethod 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\system32\inetsrv 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\system32\IME 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\system32\icsxml 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\system32\ias 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\system32\GroupPolicyUsers 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\system32\downlevel 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\system32\DDFs 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\system32\config\Journal 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\system32\Bthprops 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\system32\AppLocker 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\System 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\SKB 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\security 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\schemas 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\SchCache 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\Resources 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\RemotePackages 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\Registration 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\PLA 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\Performance 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\ModemLogs 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\L2Schemas 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\InputMethod 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\Globalization 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\GameBarPresenceWriter 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\Cursors 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\Branding 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\bcastdvr 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\addins 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\Program Files\Windows Portable Devices 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\Program Files\Windows NT 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\Program Files\Windows Multimedia Platform 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\Program Files\Common Files\Services 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\Program Files (x86)\Windows NT 2016-08-27 17:34 - 2016-08-27 17:34 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform 2016-08-27 17:34 - 2016-08-27 17:31 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll 2016-08-27 17:34 - 2016-08-27 17:31 - 00215943 _____ C:\WINDOWS\SysWOW64\dssec.dat 2016-08-27 17:34 - 2016-08-27 17:31 - 00215943 _____ C:\WINDOWS\system32\dssec.dat 2016-08-27 17:34 - 2016-08-27 17:31 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll 2016-08-27 17:34 - 2016-08-27 17:31 - 00017463 _____ C:\WINDOWS\system32\Drivers\etc\services 2016-08-27 17:34 - 2016-08-27 17:31 - 00015462 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml 2016-08-27 17:34 - 2016-08-27 17:31 - 00004096 _____ C:\WINDOWS\system32\config\VSMIDK 2016-08-27 17:34 - 2016-08-27 17:31 - 00003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam 2016-08-27 17:34 - 2016-08-27 17:31 - 00001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol 2016-08-27 17:34 - 2016-08-27 17:31 - 00000858 _____ C:\WINDOWS\system32\DefaultQuestions.json 2016-08-27 17:34 - 2016-08-27 17:31 - 00000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT 2016-08-27 17:34 - 2016-08-27 17:31 - 00000741 _____ C:\WINDOWS\system32\NOISE.DAT 2016-08-27 17:34 - 2016-08-27 17:31 - 00000407 _____ C:\WINDOWS\system32\Drivers\etc\networks 2016-08-27 17:34 - 2016-08-27 17:31 - 00000219 _____ C:\WINDOWS\system.ini 2016-08-27 17:34 - 2016-08-27 17:31 - 00000092 _____ C:\WINDOWS\win.ini 2016-08-27 17:34 - 2016-06-27 19:44 - 00000000 ____D C:\WINDOWS\ELAMBKUP 2016-08-27 17:34 - 2016-05-27 15:50 - 00104584 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll 2016-08-27 17:32 - 2016-09-02 23:32 - 00000000 ____D C:\WINDOWS\INF 2016-08-27 17:24 - 2016-09-01 13:43 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-08-27 17:20 - 2016-09-02 23:27 - 00032768 _____ C:\WINDOWS\system32\config\ELAM 2016-08-27 17:20 - 2016-09-02 23:22 - 00524288 _____ C:\WINDOWS\system32\config\BBI 2016-08-27 17:20 - 2016-08-27 17:39 - 00000000 ____D C:\WINDOWS\servicing 2016-08-27 17:20 - 2016-08-27 17:34 - 00000000 ____D C:\WINDOWS\system32\SMI 2016-08-27 14:35 - 2016-08-27 14:38 - 00259570 _____ C:\TDSSKiller.3.1.0.11_27.08.2016_14.35.53_log.txt 2016-08-27 14:31 - 2016-09-01 21:18 - 00001356 _____ C:\Users\samuel\Desktop\JRT.txt 2016-08-27 14:20 - 2016-08-27 14:38 - 05200384 _____ (AVAST Software) C:\Users\samuel\Desktop\aswmbr.exe 2016-08-27 14:18 - 2016-08-27 14:20 - 03826240 _____ C:\Users\samuel\Desktop\AdwCleaner.exe 2016-08-27 14:16 - 2016-08-27 14:35 - 04747704 _____ (AO Kaspersky Lab) C:\Users\samuel\Desktop\bkjhk.exe 2016-08-26 23:33 - 2016-08-26 23:33 - 01199328 _____ (Adobe Systems Incorporated) C:\Users\samuel\Downloads\readerdc_es_xa_install.exe 2016-08-26 23:31 - 2016-08-26 23:31 - 00000000 ____D C:\Users\samuel\Downloads\Telegram Desktop 2016-08-26 17:10 - 2016-08-26 17:10 - 00000000 ____D C:\Users\samuel\Desktop\Fortress 2016-08-26 17:10 - 2016-08-26 17:10 - 00000000 ____D C:\Users\samuel\Desktop\Bon Jovi 2016-08-26 17:10 - 2016-08-26 17:10 - 00000000 ____D C:\Users\samuel\Desktop\2004 - One Day Remains 2016-08-25 00:25 - 2016-08-25 00:25 - 12276845 _____ C:\Users\samuel\Downloads\u3l3.pdf 2016-08-25 00:22 - 2016-08-25 00:22 - 00402586 _____ C:\Users\samuel\Downloads\El economista camuflado.pdf 2016-08-24 18:42 - 2016-08-24 18:41 - 17255631 _____ C:\Users\samuel\Desktop\WLAN_Ralink_Win10_64_VER50570.zip 2016-08-24 18:41 - 2016-08-24 18:40 - 196285356 _____ C:\Users\samuel\Desktop\WLAN_Intel_Win10_64_VER181212.zip 2016-08-24 18:36 - 2016-08-24 18:31 - 45834415 _____ C:\Users\samuel\Desktop\WLAN_QualcommAtheros_Win10_64_VER1000324.zip 2016-08-24 18:22 - 2016-05-11 07:00 - 203358795 _____ C:\Users\samuel\Desktop\WLAN_Intel_Win10_64_VER182102.zip 2016-08-23 20:15 - 2016-08-23 20:15 - 05622600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2016-08-23 20:15 - 2016-08-23 20:15 - 01812480 ____N (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll 2016-08-23 20:15 - 2016-08-23 20:15 - 01066328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll 2016-08-23 20:15 - 2016-08-23 20:15 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll 2016-08-23 20:15 - 2016-08-23 20:15 - 00665768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe 2016-08-23 20:15 - 2016-08-23 20:15 - 00450400 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2016-08-23 20:15 - 2016-08-23 20:15 - 00435040 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2016-08-23 20:15 - 2016-08-23 20:15 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe 2016-08-23 20:15 - 2016-08-23 20:15 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll 2016-08-23 20:15 - 2016-08-23 20:15 - 00224096 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2016-08-23 20:15 - 2016-08-23 20:15 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys 2016-08-23 20:15 - 2016-08-23 20:15 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll 2016-08-23 20:15 - 2016-08-23 20:15 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe 2016-08-23 20:14 - 2016-08-23 20:14 - 17187328 ____N (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 13080576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 12174336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 03116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 02422784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 02370048 ____N (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 02251432 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-08-23 20:14 - 2016-08-23 20:14 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-08-23 20:14 - 2016-08-23 20:14 - 01631232 ____N (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 01231872 ____N (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 01176664 ____N (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 01066096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 01062400 ____N (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00955008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00884224 ____N (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00790760 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00584032 ____N (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2016-08-23 20:14 - 2016-08-23 20:14 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00526848 ____N (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00509784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2016-08-23 20:14 - 2016-08-23 20:14 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00462336 ____N (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00412160 ____N (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00396800 ____N (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00396168 ____N (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00381760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe 2016-08-23 20:14 - 2016-08-23 20:14 - 00361096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00327680 ____N (Microsoft Corporation) C:\WINDOWS\system32\container.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-08-23 20:14 - 2016-08-23 20:14 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00151224 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00138240 ____N (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00135168 ____N (Microsoft Corporation) C:\WINDOWS\system32\slc.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00123904 ____N (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00049664 ____N (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe 2016-08-23 20:14 - 2016-08-23 20:14 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe 2016-08-23 20:14 - 2016-08-23 20:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00026112 ____N (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe 2016-08-23 20:14 - 2016-08-23 20:14 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00015872 ____N (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll 2016-08-23 20:14 - 2016-08-23 20:14 - 00011264 ____N (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe 2016-08-23 20:13 - 2016-08-23 20:13 - 13433856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2016-08-23 20:13 - 2016-08-23 20:13 - 12345344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2016-08-23 20:13 - 2016-08-23 20:13 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL 2016-08-23 20:13 - 2016-08-23 20:13 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL 2016-08-23 20:13 - 2016-08-23 20:13 - 02745224 ____N (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-08-23 20:13 - 2016-08-23 20:13 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2016-08-23 20:13 - 2016-08-23 20:13 - 01847048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll 2016-08-23 20:13 - 2016-08-23 20:13 - 01780736 ____N (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-08-23 20:13 - 2016-08-23 20:13 - 01694200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2016-08-23 20:13 - 2016-08-23 20:13 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2016-08-23 20:13 - 2016-08-23 20:13 - 01595904 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-08-23 20:13 - 2016-08-23 20:13 - 01508864 ____N (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-08-23 20:13 - 2016-08-23 20:13 - 01491456 ____N (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-08-23 20:13 - 2016-08-23 20:13 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-08-23 20:13 - 2016-08-23 20:13 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2016-08-23 20:13 - 2016-08-23 20:13 - 01052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll 2016-08-23 20:13 - 2016-08-23 20:13 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll 2016-08-23 20:13 - 2016-08-23 20:13 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-08-23 20:13 - 2016-08-23 20:13 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2016-08-23 20:13 - 2016-08-23 20:13 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-08-23 20:13 - 2016-08-23 20:13 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll 2016-08-23 20:13 - 2016-08-23 20:13 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll 2016-08-23 20:13 - 2016-08-23 20:13 - 00447488 ____N (Microsoft Corporation) C:\WINDOWS\system32\das.dll 2016-08-23 20:13 - 2016-08-23 20:13 - 00321280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe 2016-08-23 20:13 - 2016-08-23 20:13 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll 2016-08-23 20:13 - 2016-08-23 20:13 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll 2016-08-23 20:13 - 2016-08-23 20:13 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2016-08-23 20:13 - 2016-08-23 20:13 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll 2016-08-23 20:13 - 2016-08-23 20:13 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll 2016-08-23 20:13 - 2016-08-23 20:13 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll 2016-08-23 20:13 - 2016-08-23 20:13 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll 2016-08-23 20:13 - 2016-08-23 20:13 - 00199008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys 2016-08-23 20:13 - 2016-08-23 20:13 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2016-08-23 20:13 - 2016-08-23 20:13 - 00156672 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys 2016-08-23 20:13 - 2016-08-23 20:13 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll 2016-08-23 20:13 - 2016-08-23 20:13 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll 2016-08-23 20:13 - 2016-08-23 20:13 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll 2016-08-23 20:13 - 2016-08-23 20:13 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe 2016-08-23 20:13 - 2016-08-23 20:13 - 00083968 ____N (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll 2016-08-23 20:13 - 2016-08-23 20:13 - 00077664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys 2016-08-23 20:13 - 2016-08-23 20:13 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe 2016-08-23 20:13 - 2016-08-23 20:13 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2016-08-23 20:13 - 2016-08-23 20:13 - 00047616 ____N (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll 2016-08-23 20:13 - 2016-08-23 20:13 - 00044472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe 2016-08-23 20:13 - 2016-08-23 20:13 - 00040960 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys 2016-08-23 20:13 - 2016-08-23 20:13 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll 2016-08-23 20:13 - 2016-08-23 20:13 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys 2016-08-23 20:13 - 2016-08-23 20:13 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll 2016-08-23 20:13 - 2016-08-23 20:13 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll 2016-08-23 20:13 - 2016-08-23 20:13 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll 2016-08-23 20:13 - 2016-08-23 20:13 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx 2016-08-23 20:13 - 2016-08-23 20:13 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll 2016-08-23 20:13 - 2016-08-23 20:13 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx 2016-08-23 20:13 - 2016-08-23 20:13 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll 2016-08-22 20:39 - 2016-08-22 20:39 - 00002640 _____ C:\Users\Public\Desktop\Skype.lnk 2016-08-21 21:40 - 2016-08-21 21:40 - 01610560 _____ (Malwarebytes) C:\Users\samuel\Desktop\JRT.exe 2016-08-21 16:31 - 2016-08-21 18:26 - 140864104 _____ C:\Users\samuel\Desktop\v1xua0j0.exe 2016-08-20 14:53 - 2016-08-20 14:53 - 00000000 ___RD C:\Users\samuel\ODB0 2016-08-18 15:26 - 2016-08-18 15:26 - 01708544 ____N (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2016-08-18 15:26 - 2016-08-18 15:26 - 01656320 ____N (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2016-08-18 15:26 - 2016-08-18 15:26 - 01461200 ____N (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2016-08-18 15:26 - 2016-08-18 15:26 - 01456640 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2016-08-18 15:26 - 2016-08-18 15:26 - 01435896 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2016-08-18 15:26 - 2016-08-18 15:26 - 00770048 ____N (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2016-08-18 15:26 - 2016-08-18 15:26 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll 2016-08-18 15:26 - 2016-08-18 15:26 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll 2016-08-18 15:26 - 2016-08-18 15:26 - 00389000 ____N (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll 2016-08-18 15:26 - 2016-08-18 15:26 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll 2016-08-18 15:26 - 2016-08-18 15:26 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys 2016-08-18 15:25 - 2016-07-15 19:29 - 05739008 ____N (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll 2016-08-18 15:25 - 2016-07-15 19:29 - 02629120 ____N (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll 2016-08-18 15:25 - 2016-07-15 19:14 - 06354944 ____N (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll 2016-08-18 15:25 - 2016-07-15 18:45 - 02629120 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll 2016-08-18 15:25 - 2016-07-15 18:29 - 05489664 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll 2016-08-18 15:21 - 2016-05-25 14:31 - 01166520 ____N (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2016-08-18 15:21 - 2016-05-25 14:31 - 00124624 ____N (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2016-08-18 15:21 - 2016-05-25 14:31 - 00035480 ____N (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2016-08-18 15:21 - 2016-05-25 11:03 - 00778936 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2016-08-18 15:21 - 2016-05-25 11:03 - 00103120 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2016-08-18 15:21 - 2016-05-25 11:03 - 00035480 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2016-08-15 20:40 - 2016-08-15 20:40 - 73335305 _____ C:\Users\samuel\Desktop\Vldaurri Aguirre Hector M - Matematicas Financieras.pdf 2016-08-15 13:58 - 2016-08-27 09:42 - 00000000 ___RD C:\Users\samuel\OD 1 2016-08-15 13:58 - 2016-08-15 13:58 - 00000000 ___RD C:\Users\samuel\OneDrive - Universidad Autonoma de Ciudad Juarez (UACJ) 1 2016-08-14 18:32 - 2016-08-14 18:32 - 01721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdfcoinstaller01009.dll 2016-08-14 18:32 - 2016-08-14 18:32 - 00133960 _____ (ZTE Corporation) C:\WINDOWS\system32\Drivers\zghsser.sys 2016-08-14 18:32 - 2016-08-14 18:32 - 00062728 _____ (VIA Telecom) C:\WINDOWS\system32\Drivers\viahsser.sys 2016-08-14 18:32 - 2016-08-14 18:32 - 00032136 _____ (Via Telecom, Inc.) C:\WINDOWS\system32\Drivers\viahsets.sys 2016-08-14 18:32 - 2016-08-14 18:32 - 00020232 _____ (HandSet Incorporated) C:\WINDOWS\system32\Drivers\massfilter_hs.sys 2016-08-11 15:48 - 2016-08-11 15:48 - 00267016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vccorlib140.dll 2016-08-11 15:39 - 2016-08-11 15:39 - 00635120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140.dll 2016-08-11 15:39 - 2016-08-11 15:39 - 00439536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140.dll 2016-08-11 15:39 - 2016-08-11 15:39 - 00390400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vccorlib140.dll 2016-08-11 15:39 - 2016-08-11 15:39 - 00243480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\concrt140.dll 2016-08-11 15:37 - 2016-08-11 15:37 - 00333080 _____ (Microsoft Corporation) C:\WINDOWS\system32\concrt140.dll 2016-08-11 15:37 - 2016-08-11 15:37 - 00088816 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140.dll 2016-08-11 15:37 - 2016-08-11 15:37 - 00085232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140.dll 2016-08-10 21:16 - 2016-08-10 21:16 - 00000000 ____D C:\Users\samuel\Documents\Splendid_Win10_64_VER3110001 ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-09-02 23:54 - 2016-05-31 11:11 - 00000000 ____D C:\FRST 2016-09-02 23:25 - 2015-07-29 19:42 - 00000000 __SHD C:\Users\samuel\IntelGraphicsProfiles 2016-09-02 22:34 - 2016-06-09 23:35 - 00000000 ____D C:\Users\samuel\AppData\LocalLow\LastPass 2016-09-01 23:32 - 2015-09-10 13:57 - 00000000 ____D C:\Users\samuel\Doctor Web 2016-09-01 21:24 - 2016-05-28 13:08 - 00000000 ____D C:\AdwCleaner 2016-08-31 21:57 - 2016-04-26 23:49 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-08-27 23:03 - 2016-07-20 15:34 - 00001037 _____ C:\Users\samuel\Desktop\Telegram.lnk 2016-08-27 23:03 - 2016-07-20 15:32 - 00001857 _____ C:\Users\samuel\Desktop\Spotify.lnk 2016-08-27 22:46 - 2015-07-29 19:45 - 00000000 ___RD C:\Users\samuel\OneDrive 2016-08-27 17:30 - 2016-07-16 05:43 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll 2016-08-27 17:30 - 2016-07-16 05:43 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll 2016-08-27 17:30 - 2016-07-16 05:42 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2016-08-27 17:30 - 2016-07-16 05:42 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2016-08-27 17:30 - 2016-07-16 05:42 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll 2016-08-27 17:30 - 2016-07-16 05:42 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll 2016-08-27 17:30 - 2016-07-16 05:42 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2016-08-27 17:29 - 2016-07-16 05:43 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe 2016-08-27 17:29 - 2016-07-16 05:43 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll 2016-08-27 17:29 - 2016-07-16 05:43 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2016-08-27 17:29 - 2016-07-16 05:42 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2016-08-27 17:29 - 2016-07-16 05:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2016-08-27 17:29 - 2016-07-16 05:42 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll 2016-08-27 17:28 - 2016-07-16 05:43 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll 2016-08-27 17:28 - 2016-07-16 05:43 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2016-08-27 17:28 - 2016-07-16 05:42 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe 2016-08-27 17:28 - 2016-07-16 05:42 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2016-08-27 17:28 - 2016-07-16 05:42 - 00079544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll 2016-08-16 14:23 - 2016-06-19 10:21 - 00000000 ____D C:\Users\samuel\Desktop\Escritorio 2016-08-14 18:32 - 2015-11-01 09:59 - 00000000 ____D C:\Users\samuel\.android 2016-08-08 17:59 - 2016-07-30 22:28 - 00000000 ____D C:\Users\samuel\Documents\Sound recordings ==================== Files in the root of some directories ======= 2016-08-27 19:40 - 2016-07-10 07:20 - 3604152 _____ (COMODO) C:\ProgramData\cis458.exe 2016-08-31 21:58 - 2016-07-10 07:20 - 3604152 _____ (COMODO) C:\ProgramData\cis86D2.exe 2016-08-27 20:45 - 2016-07-10 07:20 - 3604152 _____ (COMODO) C:\ProgramData\cisCF4C.exe 2016-08-27 17:52 - 2016-08-27 17:52 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Some files in TEMP: ==================== C:\Users\samuel\AppData\Local\Temp\avgnt.exe C:\Users\samuel\AppData\Local\Temp\dllnt_dump.dll ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-08-27 17:45 ==================== End of FRST.txt ============================