cell512

I sure will Kevin!! Thank you very much for all!!! You too take care!!

Kevin good morning, It seems that you have solved my problem. Thank you very much for your help! I made a small donation, the economic situation here in Mexico is not very good! One more question, do you recommend and good antivirus or set of tools for protection that I should use? Thank you for all!!!

Kevin I just did what you told me. I will continue continue to browse and see it this solved the problem! Thank you for you assistance and I contribute to your cause! Thank you Kevin! I will keep you posted tomorrow or on Monday!!! Have a good rest and thank you again!

Ok Kevin, I will do that!!! Just before I proceed with that I will post 2 images. I was browsing some site in Mexico similar to ebay and when I tried to select some text, it was like an invisible wall that I clicked on, becase another webpage tried to open and Malwarebytes blocked the web page. I will now complete your instructions!!! Thank you!!!

More than one... in my case I am using IE and Chrome. I don´t know if this is helpful or not, but I have a cellphone (android) with more or less the same issues. In the case of the cellphone, if I navigate or click on a link after some seconds it will display that I got a virus and that I should buy an antivirus, but you can tell it is a fake webpage.

I was trying to capture some screenshots of the popups, but now they don´t show again.... I dont know why, just a few minutes ago 2 of them showed, but not now... When they show up is when I navigate the web. And also I can see that content in pages display much, much faster!!!

Kevin I made the reset of my router and there was no need for Internet configuration. After a minute I got Internet back! I changed the DNS using your software and rebooted my latop. pop ups came back, still not clean. I will post the logs now. Thank you!!! Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-01-2015 01 Ran by Ivan.Moreno (administrator) on RMG_LP_PBHFE23 (16-01-2016 18:13:33)Running from C:\Users\Ivan Moreno\DesktopLoaded Profiles: Ivan.Moreno (Available Profiles: fcfs & Ivan.Moreno & backdoor)Platform: Windows 7 Enterprise Service Pack 1 (X64) Language: English (United States)Internet Explorer Version 11 (Default browser: Chrome)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Lenovo.) C:\Windows\System32\ibmpmsvc.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe(Microsoft Corporation) C:\Windows\System32\wlanext.exe(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe(Microsoft Corporation) C:\Windows\System32\rundll32.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe(Microsoft Corporation) C:\Windows\System32\rundll32.exe(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe(Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe(Intel Corporation) C:\Windows\System32\hkcmd.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe(Microsoft Corporation) C:\Windows\System32\rundll32.exe(Google Inc.) C:\Users\Ivan Moreno\AppData\Local\Google\Update\1.3.29.1\GoogleCrashHandler.exe(Google Inc.) C:\Users\Ivan Moreno\AppData\Local\Google\Update\1.3.29.1\GoogleCrashHandler64.exe(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE(Google Inc.) C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\Application\chrome.exe(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe(Google Inc.) C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\Application\chrome.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(Lenovo) C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [tvncontrol] => C:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC.)HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63728 2015-06-08] (Lenovo)HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [60920 2013-05-29] (Lenovo Group Limited)HKLM\...\Run: [ALCKRESI.EXE] => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [388600 2013-04-15] (Lenovo Group Limited)HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitorHKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2621240 2015-11-18] (Malwarebytes Corporation)HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-17] (Adobe Systems Incorporated)Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)HKU\S-1-5-21-431013118-809749992-1248859224-1001\...\Run: [Google Update] => C:\Users\Ivan Moreno\AppData\Local\Google\Update\GoogleUpdate.exe [107848 2015-06-01] (Google Inc.)HKU\S-1-5-21-431013118-809749992-1248859224-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-20] (Microsoft Corporation)HKU\S-1-5-18\...\RunOnce: [ ISSetupPrerequisistes] => "C:\ProgramData\Lenovo\SystemUpdate\session\Repository\lscsetup_x64_28004_7\securedfolder\lscsetup_x64_28004.exe" /s /v"/qn /norestart REBOOT=ReallySuppress"Lsa: [Notification Packages] scecli ACGinaStartup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk [2015-02-21]ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 10.213.1.11 10.213.5.15Tcpip\..\Interfaces\{09D2DC1F-A686-447C-AD31-33D0CBCCEE79}: [NameServer] 8.8.8.8,8.8.4.4,192.168.0.1Tcpip\..\Interfaces\{09D2DC1F-A686-447C-AD31-33D0CBCCEE79}: [DhcpNameServer] 10.213.1.11 10.213.5.15Tcpip\..\Interfaces\{5D3BA6DD-1A47-4D3D-B40B-F7AB60135A7B}: [NameServer] 8.8.8.8,8.8.4.4,10.103.67.254 Internet Explorer:==================HKU\S-1-5-21-431013118-809749992-1248859224-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://login.microsoftonline.com/SearchScopes: HKU\S-1-5-21-431013118-809749992-1248859224-1001 -> {FB0F028C-29CC-4C9A-8029-54EE22AAF8A4} URL = hxxps://www.google.com/search?q={searchTerms}BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-27] (Oracle Corporation)BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-27] (Oracle Corporation)BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-27] (Oracle Corporation)BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-27] (Oracle Corporation) FireFox:========FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-27] (Oracle Corporation)FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-27] (Oracle Corporation)FF Plugin: @microsoft.com/GENUINE -> disabled [No File]FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll [2014-07-09] (Intel Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll [2014-07-09] (Intel Corporation)FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-27] (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-27] (Oracle Corporation)FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-12-17] (Adobe Systems Inc.)FF Plugin HKU\S-1-5-21-431013118-809749992-1248859224-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Ivan Moreno\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-07] (Google Inc.)FF Plugin HKU\S-1-5-21-431013118-809749992-1248859224-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Ivan Moreno\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-07] (Google Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation) Chrome: =======CHR Profile: C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (BIODIGITAL HUMAN) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2015-06-01]CHR Extension: (Duolingo on the Web) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2015-06-01]CHR Extension: (Google Drive) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-20]CHR Extension: (YouTube) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-01]CHR Extension: (Spotify - Music for every moment) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2015-06-01]CHR Extension: (Google Search) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-01]CHR Extension: (Gun Blood) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpbkahmbgcfjocgliikbkfiieemcjkoj [2015-06-01]CHR Extension: (Box) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl [2015-06-01]CHR Extension: (EWC Presenter) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdginhbdpekijhadlcniofmnmpbgdkjd [2015-06-01]CHR Extension: (Pixlr Express) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Default\Extensions\hojmjpdlmjopaeginhldhiokeidchjid [2015-06-01]CHR Extension: (Pixlr Editor) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmaknaampgiegkcjlimdiidlhopknpk [2015-06-01]CHR Extension: (Build with Chrome) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbbbhbjeecagnlfgggogfclkdjamoapf [2015-06-01]CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-01]CHR Extension: (Sketchpad) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkllajgbhondgjjnhmmgbjndmogapinp [2015-06-01]CHR Extension: (Google Classroom) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhehppjhmmnlfbbopchdfldgimhfhfk [2015-06-01]CHR Extension: (Moqups · Mockups, Wireframes & Prototyping) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlfbhphohgafllkjnakmdppmmkjfbnke [2015-06-01]CHR Extension: (Chrome Web Store Payments) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-27]CHR Extension: (Deezer) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Default\Extensions\npfkoakaabdallkcdbpkkhfilkkngakh [2015-06-01]CHR Extension: (Gmail) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-01]CHR Extension: (Canvas Rider) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk [2015-06-01]CHR Profile: C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 1CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2015-09-02]CHR Extension: (Duolingo on the Web) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2015-09-02]CHR Extension: (Google Drive) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-24]CHR Extension: (YouTube) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-24]CHR Extension: (Spotify - Music for every moment) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2015-09-02]CHR Extension: (Google Search) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-24]CHR Extension: (Gun Blood) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cpbkahmbgcfjocgliikbkfiieemcjkoj [2015-09-02]CHR Extension: (Box) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl [2015-09-02]CHR Extension: (EWC Presenter) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hdginhbdpekijhadlcniofmnmpbgdkjd [2015-09-02]CHR Extension: (Pixlr Editor) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\icmaknaampgiegkcjlimdiidlhopknpk [2015-09-02]CHR Extension: (Build with Chrome) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbbbhbjeecagnlfgggogfclkdjamoapf [2015-09-02]CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-24]CHR Extension: (Sketchpad) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lkllajgbhondgjjnhmmgbjndmogapinp [2015-09-02]CHR Extension: (Google Classroom) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mfhehppjhmmnlfbbopchdfldgimhfhfk [2015-09-02]CHR Extension: (Moqups · Mockups, Wireframes & Prototyping) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nlfbhphohgafllkjnakmdppmmkjfbnke [2015-09-02]CHR Extension: (Chrome Web Store Payments) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-24]CHR Extension: (Deezer) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\npfkoakaabdallkcdbpkkhfilkkngakh [2015-09-02]CHR Extension: (Gmail) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-24]CHR Extension: (Canvas Rider) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\poknhlcknimnnbfcombaooklofipaibk [2015-09-02]CHR Profile: C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 2CHR Extension: (Google Slides) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-02]CHR Extension: (Google Docs) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-03]CHR Extension: (Google Drive) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-26]CHR Extension: (YouTube) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-02]CHR Extension: (Google Search) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]CHR Extension: (Google Sheets) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-02]CHR Extension: (Google Docs Offline) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-03]CHR Extension: (Chrome Web Store Payments) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-02]CHR Extension: (Gmail) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-03]CHR Profile: C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2015-11-12]CHR Extension: (Duolingo on the Web) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2015-11-12]CHR Extension: (Google Drive) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-12]CHR Extension: (YouTube) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-12]CHR Extension: (Spotify - Music for every moment) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2015-11-12]CHR Extension: (Google Search) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-12]CHR Extension: (Gun Blood) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\cpbkahmbgcfjocgliikbkfiieemcjkoj [2015-11-12]CHR Extension: (Box) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl [2015-11-12]CHR Extension: (Google Docs Offline) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-12]CHR Extension: (EWC Presenter) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\hdginhbdpekijhadlcniofmnmpbgdkjd [2015-11-12]CHR Extension: (Pixlr Editor) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\icmaknaampgiegkcjlimdiidlhopknpk [2015-11-12]CHR Extension: (Build with Chrome) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lbbbhbjeecagnlfgggogfclkdjamoapf [2015-11-12]CHR Extension: (Sketchpad) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lkllajgbhondgjjnhmmgbjndmogapinp [2015-11-12]CHR Extension: (Google Classroom) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\mfhehppjhmmnlfbbopchdfldgimhfhfk [2015-11-12]CHR Extension: (Moqups · Mockups, Wireframes & Prototyping) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nlfbhphohgafllkjnakmdppmmkjfbnke [2015-11-12]CHR Extension: (Chrome Web Store Payments) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-12]CHR Extension: (Deezer) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\npfkoakaabdallkcdbpkkhfilkkngakh [2015-11-12]CHR Extension: (Gmail) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-12]CHR Extension: (Privacy Badger) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2015-11-12]CHR Extension: (Canvas Rider) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\poknhlcknimnnbfcombaooklofipaibk [2015-11-12]CHR Profile: C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 5CHR Profile: C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 6CHR Extension: (Google Slides) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-17]CHR Extension: (Google Docs) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-17]CHR Extension: (Google Drive) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-17]CHR Extension: (YouTube) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-17]CHR Extension: (Google Search) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-17]CHR Extension: (Session Buddy) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2015-12-31]CHR Extension: (Google Sheets) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-17]CHR Extension: (Google Docs Offline) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]CHR Extension: (Cisco WebEx Extension) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2016-01-15]CHR Extension: (Chrome Web Store Payments) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-17]CHR Extension: (Gmail) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-17]StartMenuInternet: Google Chrome.PF7CAFPGK2LBCHDWMDMKWYWIKI - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [319536 2014-11-14] (Lenovo.)S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272864 2015-12-10] (Lenovo)R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [739640 2015-11-18] (Malwarebytes Corporation)R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [21536 2015-11-11] ()R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)R2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC.)S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3342640 2012-08-23] (Intel® Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 Alpham1; C:\Windows\System32\DRIVERS\Alpham164.sys [52992 2007-07-23] (Ideazon Corporation)R3 Alpham2; C:\Windows\System32\DRIVERS\Alpham264.sys [21760 2007-03-20] (Ideazon Corporation)R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-11-18] ()S3 jakstaVA; C:\Windows\System32\DRIVERS\jaksta_va.sys [103816 2014-12-08] (e2eSoft)R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-16] (Malwarebytes)R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45296 2014-07-28] (Synaptics Incorporated)S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-01-16 18:13 - 2016-01-16 18:14 - 00029271 _____ C:\Users\Ivan Moreno\Desktop\FRST.txt2016-01-16 18:12 - 2016-01-16 16:42 - 02370560 _____ (Farbar) C:\Users\Ivan Moreno\Desktop\FRST64.exe2016-01-16 17:29 - 2016-01-16 17:29 - 00647111 _____ C:\Users\Ivan Moreno\Downloads\DnsJumper.zip2016-01-16 17:29 - 2016-01-16 17:29 - 00647111 _____ C:\Users\Ivan Moreno\Desktop\DnsJumper.zip2016-01-16 17:29 - 2016-01-16 17:29 - 00000000 ____D C:\Users\Ivan Moreno\Desktop\DnsJumper2016-01-16 16:44 - 2016-01-16 16:45 - 00030670 _____ C:\Users\Ivan Moreno\Downloads\Addition.txt2016-01-16 16:43 - 2016-01-16 18:13 - 00000000 ____D C:\FRST2016-01-16 16:43 - 2016-01-16 16:45 - 00070276 _____ C:\Users\Ivan Moreno\Downloads\FRST.txt2016-01-16 16:42 - 2016-01-16 16:42 - 02370560 _____ (Farbar) C:\Users\Ivan Moreno\Downloads\FRST64.exe2016-01-16 16:31 - 2016-01-16 16:35 - 00000000 ____D C:\AdwCleaner2016-01-16 16:30 - 2016-01-16 16:30 - 01754112 _____ C:\Users\Ivan Moreno\Downloads\AdwCleaner.exe2016-01-15 13:58 - 2016-01-15 13:58 - 00000000 ____D C:\Users\Ivan Moreno\AppData\Roaming\webex2016-01-15 13:57 - 2016-01-15 15:05 - 00000000 ____D C:\Users\Ivan Moreno\AppData\LocalLow\WebEx2016-01-15 13:57 - 2016-01-15 13:58 - 00000000 ____D C:\ProgramData\WebEx2016-01-15 13:57 - 2016-01-15 13:57 - 00708280 _____ (Cisco WebEx LLC) C:\Users\Ivan Moreno\Downloads\Cisco_WebEx_Add-On.exe2016-01-15 13:57 - 2016-01-15 13:57 - 00000000 ____D C:\Users\Ivan Moreno\AppData\Roaming\Mozilla2016-01-15 13:57 - 2016-01-15 13:57 - 00000000 ____D C:\Users\Ivan Moreno\AppData\Local\WebEx2016-01-14 17:17 - 2016-01-14 17:19 - 22908888 _____ (Malwarebytes ) C:\Users\Ivan Moreno\Downloads\mbam-setup-web.NT-2.2.0.1024.exe2016-01-14 12:00 - 2016-01-14 12:00 - 02017853 _____ C:\Users\Ivan Moreno\Downloads\QUICK TEAM-BUILDING ACTIVITIES FOR BUSY MANAGERS.pdf2016-01-13 07:52 - 2015-12-11 12:57 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll2016-01-13 07:52 - 2015-12-08 15:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll2016-01-13 07:52 - 2015-12-08 15:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL2016-01-13 07:52 - 2015-12-08 15:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL2016-01-13 07:52 - 2015-12-08 15:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL2016-01-13 07:52 - 2015-12-08 15:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL2016-01-13 07:52 - 2015-12-08 15:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL2016-01-13 07:52 - 2015-12-08 15:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll2016-01-13 07:52 - 2015-12-08 15:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL2016-01-13 07:52 - 2015-12-08 15:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL2016-01-13 07:52 - 2015-12-08 15:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL2016-01-13 07:52 - 2015-12-08 15:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL2016-01-13 07:52 - 2015-12-08 15:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL2016-01-13 07:52 - 2015-12-08 15:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll2016-01-13 07:52 - 2015-12-08 15:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll2016-01-13 07:52 - 2015-12-08 15:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll2016-01-13 07:52 - 2015-12-08 15:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL2016-01-13 07:52 - 2015-12-08 15:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL2016-01-13 07:52 - 2015-12-08 15:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll2016-01-13 07:52 - 2015-12-08 15:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll2016-01-13 07:52 - 2015-12-08 15:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll2016-01-13 07:52 - 2015-12-08 15:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL2016-01-13 07:52 - 2015-12-08 15:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll2016-01-13 07:52 - 2015-12-08 15:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL2016-01-13 07:52 - 2015-12-08 15:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL2016-01-13 07:52 - 2015-12-08 15:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL2016-01-13 07:52 - 2015-12-08 15:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll2016-01-13 07:52 - 2015-12-08 15:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax2016-01-13 07:52 - 2015-12-08 15:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL2016-01-13 07:52 - 2015-12-08 15:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll2016-01-13 07:52 - 2015-12-08 15:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL2016-01-13 07:52 - 2015-12-08 15:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll2016-01-13 07:52 - 2015-12-08 15:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll2016-01-13 07:52 - 2015-12-08 15:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe2016-01-13 07:52 - 2015-12-08 15:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe2016-01-13 07:52 - 2015-12-08 15:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll2016-01-13 07:52 - 2015-12-08 15:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll2016-01-13 07:52 - 2015-12-08 13:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll2016-01-13 07:52 - 2015-12-08 13:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll2016-01-13 07:52 - 2015-12-08 13:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL2016-01-13 07:52 - 2015-12-08 13:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL2016-01-13 07:52 - 2015-12-08 13:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL2016-01-13 07:52 - 2015-12-08 13:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll2016-01-13 07:52 - 2015-12-08 13:07 - 01393152 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll2016-01-13 07:52 - 2015-12-08 13:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll2016-01-13 07:52 - 2015-12-08 13:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL2016-01-13 07:52 - 2015-12-08 13:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL2016-01-13 07:52 - 2015-12-08 13:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL2016-01-13 07:52 - 2015-12-08 13:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll2016-01-13 07:52 - 2015-12-08 13:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll2016-01-13 07:52 - 2015-12-08 13:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL2016-01-13 07:52 - 2015-12-08 13:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL2016-01-13 07:52 - 2015-12-08 13:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL2016-01-13 07:52 - 2015-12-08 13:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL2016-01-13 07:52 - 2015-12-08 13:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll2016-01-13 07:52 - 2015-12-08 13:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll2016-01-13 07:52 - 2015-12-08 13:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL2016-01-13 07:52 - 2015-12-08 13:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL2016-01-13 07:52 - 2015-12-08 13:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll2016-01-13 07:52 - 2015-12-08 13:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll2016-01-13 07:52 - 2015-12-08 13:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll2016-01-13 07:52 - 2015-12-08 13:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL2016-01-13 07:52 - 2015-12-08 13:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll2016-01-13 07:52 - 2015-12-08 13:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL2016-01-13 07:52 - 2015-12-08 13:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL2016-01-13 07:52 - 2015-12-08 13:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL2016-01-13 07:52 - 2015-12-08 13:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll2016-01-13 07:52 - 2015-12-08 13:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL2016-01-13 07:52 - 2015-12-08 13:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL2016-01-13 07:52 - 2015-12-08 13:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll2016-01-13 07:52 - 2015-12-08 13:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll2016-01-13 07:52 - 2015-12-08 13:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe2016-01-13 07:52 - 2015-12-08 13:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll2016-01-13 07:52 - 2015-12-08 13:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax2016-01-13 07:52 - 2015-12-08 13:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe2016-01-13 07:52 - 2015-12-08 13:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll2016-01-13 07:52 - 2015-12-08 12:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys2016-01-13 07:52 - 2015-12-08 12:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys2016-01-13 07:52 - 2015-12-08 12:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys2016-01-13 07:52 - 2015-12-08 11:58 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2016-01-13 07:52 - 2015-11-13 17:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll2016-01-13 07:52 - 2015-11-13 17:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll2016-01-13 07:52 - 2015-11-13 17:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe2016-01-13 07:52 - 2015-11-13 16:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll2016-01-13 07:52 - 2015-11-13 16:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll2016-01-13 07:52 - 2015-11-13 16:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe2016-01-13 07:51 - 2015-12-23 17:13 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2016-01-13 07:51 - 2015-12-23 16:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2016-01-13 07:51 - 2015-12-12 12:54 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2016-01-13 07:51 - 2015-12-12 12:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2016-01-13 07:51 - 2015-12-12 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2016-01-13 07:51 - 2015-12-12 12:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2016-01-13 07:51 - 2015-12-12 12:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2016-01-13 07:51 - 2015-12-12 12:15 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2016-01-13 07:51 - 2015-12-12 12:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec2016-01-13 07:51 - 2015-12-12 12:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2016-01-13 07:51 - 2015-12-12 12:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll2016-01-13 07:51 - 2015-12-12 12:07 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2016-01-13 07:51 - 2015-12-12 12:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2016-01-13 07:51 - 2015-12-12 12:07 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2016-01-13 07:51 - 2015-12-12 12:03 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2016-01-13 07:51 - 2015-12-12 12:02 - 20367360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2016-01-13 07:51 - 2015-12-12 12:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2016-01-13 07:51 - 2015-12-12 12:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2016-01-13 07:51 - 2015-12-12 12:02 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2016-01-13 07:51 - 2015-12-12 12:02 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2016-01-13 07:51 - 2015-12-12 11:55 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2016-01-13 07:51 - 2015-12-12 11:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2016-01-13 07:51 - 2015-12-12 11:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2016-01-13 07:51 - 2015-12-12 11:44 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2016-01-13 07:51 - 2015-12-12 11:40 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2016-01-13 07:51 - 2015-12-12 11:39 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2016-01-13 07:51 - 2015-12-12 11:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2016-01-13 07:51 - 2015-12-12 11:37 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2016-01-13 07:51 - 2015-12-12 11:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2016-01-13 07:51 - 2015-12-12 11:37 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2016-01-13 07:51 - 2015-12-12 11:36 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec2016-01-13 07:51 - 2015-12-12 11:36 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll2016-01-13 07:51 - 2015-12-12 11:35 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll2016-01-13 07:51 - 2015-12-12 11:33 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2016-01-13 07:51 - 2015-12-12 11:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2016-01-13 07:51 - 2015-12-12 11:30 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2016-01-13 07:51 - 2015-12-12 11:28 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2016-01-13 07:51 - 2015-12-12 11:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2016-01-13 07:51 - 2015-12-12 11:27 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2016-01-13 07:51 - 2015-12-12 11:27 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2016-01-13 07:51 - 2015-12-12 11:25 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll2016-01-13 07:51 - 2015-12-12 11:23 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2016-01-13 07:51 - 2015-12-12 11:22 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2016-01-13 07:51 - 2015-12-12 11:21 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2016-01-13 07:51 - 2015-12-12 11:20 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2016-01-13 07:51 - 2015-12-12 11:19 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2016-01-13 07:51 - 2015-12-12 11:18 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2016-01-13 07:51 - 2015-12-12 11:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2016-01-13 07:51 - 2015-12-12 11:12 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2016-01-13 07:51 - 2015-12-12 11:10 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2016-01-13 07:51 - 2015-12-12 11:10 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2016-01-13 07:51 - 2015-12-12 11:09 - 04610560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2016-01-13 07:51 - 2015-12-12 11:08 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll2016-01-13 07:51 - 2015-12-12 11:06 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2016-01-13 07:51 - 2015-12-12 11:02 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll2016-01-13 07:51 - 2015-12-12 11:00 - 12856320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2016-01-13 07:51 - 2015-12-12 11:00 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2016-01-13 07:51 - 2015-12-12 11:00 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2016-01-13 07:51 - 2015-12-12 11:00 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2016-01-13 07:51 - 2015-12-12 10:54 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2016-01-13 07:51 - 2015-12-12 10:42 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2016-01-13 07:51 - 2015-12-12 10:41 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2016-01-13 07:51 - 2015-12-12 10:38 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2016-01-13 07:51 - 2015-12-12 10:36 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2016-01-13 07:47 - 2015-12-30 13:08 - 05572544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe2016-01-13 07:47 - 2015-12-30 13:08 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys2016-01-13 07:47 - 2015-12-30 13:08 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys2016-01-13 07:47 - 2015-12-30 13:05 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll2016-01-13 07:47 - 2015-12-30 13:02 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll2016-01-13 07:47 - 2015-12-30 13:02 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll2016-01-13 07:47 - 2015-12-30 13:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll2016-01-13 07:47 - 2015-12-30 13:02 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll2016-01-13 07:47 - 2015-12-30 13:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll2016-01-13 07:47 - 2015-12-30 13:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll2016-01-13 07:47 - 2015-12-30 13:01 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll2016-01-13 07:47 - 2015-12-30 13:01 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll2016-01-13 07:47 - 2015-12-30 13:01 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll2016-01-13 07:47 - 2015-12-30 13:01 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll2016-01-13 07:47 - 2015-12-30 13:01 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll2016-01-13 07:47 - 2015-12-30 13:01 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll2016-01-13 07:47 - 2015-12-30 13:01 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll2016-01-13 07:47 - 2015-12-30 13:00 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll2016-01-13 07:47 - 2015-12-30 12:59 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll2016-01-13 07:47 - 2015-12-30 12:59 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll2016-01-13 07:47 - 2015-12-30 12:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll2016-01-13 07:47 - 2015-12-30 12:58 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll2016-01-13 07:47 - 2015-12-30 12:58 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll2016-01-13 07:47 - 2015-12-30 12:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll2016-01-13 07:47 - 2015-12-30 12:57 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll2016-01-13 07:47 - 2015-12-30 12:57 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll2016-01-13 07:47 - 2015-12-30 12:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll2016-01-13 07:47 - 2015-12-30 12:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll2016-01-13 07:47 - 2015-12-30 12:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:47 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe2016-01-13 07:47 - 2015-12-30 12:47 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe2016-01-13 07:47 - 2015-12-30 12:44 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll2016-01-13 07:47 - 2015-12-30 12:41 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll2016-01-13 07:47 - 2015-12-30 12:41 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll2016-01-13 07:47 - 2015-12-30 12:41 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll2016-01-13 07:47 - 2015-12-30 12:41 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll2016-01-13 07:47 - 2015-12-30 12:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll2016-01-13 07:47 - 2015-12-30 12:41 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll2016-01-13 07:47 - 2015-12-30 12:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll2016-01-13 07:47 - 2015-12-30 12:41 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll2016-01-13 07:47 - 2015-12-30 12:40 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll2016-01-13 07:47 - 2015-12-30 12:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll2016-01-13 07:47 - 2015-12-30 12:39 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll2016-01-13 07:47 - 2015-12-30 12:39 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll2016-01-13 07:47 - 2015-12-30 12:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll2016-01-13 07:47 - 2015-12-30 12:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll2016-01-13 07:47 - 2015-12-30 12:38 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll2016-01-13 07:47 - 2015-12-30 12:38 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 11:57 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe2016-01-13 07:47 - 2015-12-30 11:50 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe2016-01-13 07:47 - 2015-12-30 11:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe2016-01-13 07:47 - 2015-12-30 11:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe2016-01-13 07:47 - 2015-12-30 11:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys2016-01-13 07:47 - 2015-12-30 11:42 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys2016-01-13 07:47 - 2015-12-30 11:42 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys2016-01-13 07:47 - 2015-12-30 11:41 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe2016-01-13 07:47 - 2015-12-30 11:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe2016-01-13 07:47 - 2015-12-30 11:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe2016-01-13 07:47 - 2015-12-30 11:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll2016-01-13 07:47 - 2015-12-30 11:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe2016-01-13 07:47 - 2015-12-30 11:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe2016-01-13 07:47 - 2015-12-30 11:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll2016-01-13 07:47 - 2015-12-30 11:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 11:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 11:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 11:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll2016-01-13 07:47 - 2015-12-08 15:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll2016-01-13 07:47 - 2015-12-08 15:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll2016-01-13 07:47 - 2015-12-08 13:07 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll2016-01-13 07:47 - 2015-12-08 13:07 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll2016-01-13 07:47 - 2015-11-16 19:11 - 00025024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe2016-01-13 07:47 - 2015-11-16 19:08 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll2016-01-13 07:47 - 2015-11-16 19:08 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll2016-01-13 07:47 - 2015-11-16 19:08 - 00705536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll2016-01-13 07:47 - 2015-11-16 19:08 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll2016-01-13 07:47 - 2015-11-16 19:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll2016-01-13 07:47 - 2015-11-16 14:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll2016-01-11 16:41 - 2016-01-11 16:41 - 42089679 _____ C:\Users\Ivan Moreno\Downloads\Make a Subsite SP v1.wmv2016-01-11 10:56 - 2016-01-15 11:53 - 00000000 ____D C:\Users\Ivan Moreno\Desktop\New folder2016-01-07 08:48 - 2016-01-07 08:48 - 00000000 ____D C:\Users\Ivan Moreno\AppData\Roaming\LSC2016-01-06 17:02 - 2016-01-06 17:02 - 00001991 _____ C:\Users\Public\Desktop\Lenovo Solution Center.lnk2016-01-06 10:50 - 2016-01-06 10:50 - 93747134 _____ C:\Users\Ivan Moreno\Downloads\Seguridad enero 2016.mp42015-12-29 13:33 - 2015-12-29 13:33 - 00536597 _____ C:\Users\Ivan Moreno\Downloads\WhistleblowerHotline1877844.wma2015-12-23 19:27 - 2015-12-23 19:27 - 08307025 _____ C:\Users\Ivan Moreno\Documents\Firmas electrónicas.zip2015-12-23 16:00 - 2015-12-31 09:43 - 00000000 ____D C:\Users\Ivan Moreno\Documents\Firmas electrónicas2015-12-22 20:54 - 2015-12-22 20:54 - 00009949 _____ C:\Users\Ivan Moreno\Downloads\Nomina2015-12-21 15:25 - 2015-12-21 15:50 - 76742656 _____ C:\Users\Ivan Moreno\Downloads\V2w-20.mp4.2lqb1z5.partial2015-12-18 11:23 - 2015-12-18 11:23 - 00224376 _____ C:\Users\Ivan Moreno\Downloads\WhistleblowerHotline1871290.wma2015-12-18 11:19 - 2015-12-18 11:19 - 00350082 _____ C:\Users\Ivan Moreno\Downloads\WhistleblowerHotline1871288.wma ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-01-16 18:09 - 2015-02-21 17:15 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2016-01-16 18:08 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT2016-01-16 17:44 - 2015-06-01 08:09 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-431013118-809749992-1248859224-1001UA.job2016-01-16 17:43 - 2014-01-08 11:30 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job2016-01-16 16:44 - 2009-07-13 22:45 - 00022400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02016-01-16 16:44 - 2009-07-13 22:45 - 00022400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02016-01-16 16:44 - 2009-07-13 21:20 - 00000000 ____D C:\Windows2016-01-16 16:42 - 2009-07-13 23:13 - 00785942 _____ C:\Windows\system32\PerfStringBackup.INI2016-01-16 16:42 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\inf2016-01-15 13:57 - 2015-05-04 12:05 - 00000000 ____D C:\Users\Ivan Moreno\AppData\LocalLow\Temp2016-01-15 10:44 - 2015-06-01 08:09 - 00000880 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-431013118-809749992-1248859224-1001Core.job2016-01-15 06:54 - 2015-02-21 17:00 - 00000000 ____D C:\Program Files (x86)\TeamViewer2016-01-14 21:13 - 2014-01-08 11:22 - 00000000 ____D C:\ProgramData\Microsoft Help2016-01-14 21:12 - 2015-02-23 15:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight2016-01-14 21:12 - 2014-01-08 11:24 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 20132016-01-14 21:11 - 2015-02-23 15:26 - 00000000 ____D C:\Program Files\Microsoft Silverlight2016-01-14 21:11 - 2015-02-23 15:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight2016-01-14 21:10 - 2014-08-15 19:57 - 00000000 ____D C:\Windows\system32\MRT2016-01-14 21:05 - 2014-08-15 19:57 - 143671360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2016-01-14 21:04 - 2009-07-13 20:34 - 00000478 _____ C:\Windows\win.ini2016-01-14 17:19 - 2015-02-21 17:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2016-01-14 17:19 - 2015-02-21 17:15 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware2016-01-14 07:57 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\rescache2016-01-14 07:30 - 2015-09-21 11:19 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit2016-01-14 07:18 - 2009-07-13 22:45 - 00433760 _____ C:\Windows\system32\FNTCACHE.DAT2016-01-14 07:17 - 2015-02-21 15:22 - 00000000 ___SD C:\Windows\system32\CompatTel2016-01-14 07:17 - 2015-02-21 15:22 - 00000000 ____D C:\Windows\system32\appraiser2016-01-13 19:40 - 2015-02-21 12:51 - 00000000 ____D C:\ProgramData\Package Cache2016-01-12 20:55 - 2014-01-08 11:36 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk2016-01-06 17:02 - 2015-02-21 12:43 - 00000000 ____D C:\Program Files\Lenovo2016-01-06 17:02 - 2015-02-21 12:35 - 00000000 ____D C:\Windows\System32\Tasks\Lenovo2016-01-06 17:02 - 2015-02-21 11:53 - 00000000 ____D C:\Program Files (x86)\Lenovo2016-01-06 17:02 - 2015-02-21 11:49 - 00000000 ____D C:\Windows\Downloaded Installations2016-01-06 16:59 - 2015-02-21 12:34 - 00000000 ____D C:\ProgramData\Lenovo2016-01-06 16:58 - 2015-02-21 12:37 - 00000000 ____D C:\Windows\System32\Tasks\TVT2016-01-06 16:58 - 2015-02-21 11:54 - 00000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools2016-01-04 09:44 - 2014-01-08 11:30 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2016-01-04 09:44 - 2014-01-08 11:30 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2016-01-04 09:44 - 2014-01-08 11:30 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater2015-12-31 10:24 - 2015-02-28 10:51 - 00000000 ____D C:\Users\Ivan Moreno\AppData\Roaming\TeamViewer2015-12-31 09:43 - 2015-04-01 10:43 - 00000000 ____D C:\Users\Ivan Moreno\Documents\Temporal2015-12-21 08:31 - 2009-07-13 23:08 - 00032646 _____ C:\Windows\Tasks\SCHEDLGU.TXT2015-12-18 09:56 - 2015-04-17 11:13 - 00000000 ____D C:\Users\Ivan Moreno\Documents\Formato semanal Some files in TEMP:====================C:\Users\fcfs\AppData\Local\Temp\jre-8u31-windows-au.exeC:\Users\Ivan Moreno\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signedC:\Windows\system32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\system32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\system32\services.exe => File is digitally signedC:\Windows\system32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\system32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\system32\rpcss.dll => File is digitally signedC:\Windows\system32\dnsapi.dll => File is digitally signedC:\Windows\SysWOW64\dnsapi.dll => File is digitally signedC:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-01-11 08:55 ==================== End of FRST.txt ============================Addition.txt

Ok Kevin, I will follow your instructions and then comment... Thank you!!!

Kevin, I didnt find the log called Shortcut.txt only the Addition.txt Thank you, I will now wait for your instructions.

Hi again Kevin, this is the log from the last software... Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-01-2015 01Ran by Ivan.Moreno (administrator) on RMG_LP_PBHFE23 (16-01-2016 16:43:36)Running from C:\Users\Ivan Moreno\DownloadsLoaded Profiles: Ivan.Moreno (Available Profiles: fcfs & Ivan.Moreno & backdoor)Platform: Windows 7 Enterprise Service Pack 1 (X64) Language: English (United States)Internet Explorer Version 11 (Default browser: Chrome)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Lenovo.) C:\Windows\System32\ibmpmsvc.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe(Microsoft Corporation) C:\Windows\System32\wlanext.exe(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe(Microsoft Corporation) C:\Windows\System32\rundll32.exe(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe(Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe(Intel Corporation) C:\Windows\System32\hkcmd.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe(Microsoft Corporation) C:\Windows\System32\rundll32.exe(Google Inc.) C:\Users\Ivan Moreno\AppData\Local\Google\Update\1.3.29.1\GoogleCrashHandler.exe(Google Inc.) C:\Users\Ivan Moreno\AppData\Local\Google\Update\1.3.29.1\GoogleCrashHandler64.exe(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe(Google Inc.) C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\Application\chrome.exe(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe(Lenovo) C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [tvncontrol] => C:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC.)HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63728 2015-06-08] (Lenovo)HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [60920 2013-05-29] (Lenovo Group Limited)HKLM\...\Run: [ALCKRESI.EXE] => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [388600 2013-04-15] (Lenovo Group Limited)HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitorHKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2621240 2015-11-18] (Malwarebytes Corporation)HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-17] (Adobe Systems Incorporated)Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)HKU\S-1-5-21-431013118-809749992-1248859224-1001\...\Run: [Google Update] => C:\Users\Ivan Moreno\AppData\Local\Google\Update\GoogleUpdate.exe [107848 2015-06-01] (Google Inc.)HKU\S-1-5-21-431013118-809749992-1248859224-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-20] (Microsoft Corporation)HKU\S-1-5-18\...\RunOnce: [ ISSetupPrerequisistes] => "C:\ProgramData\Lenovo\SystemUpdate\session\Repository\lscsetup_x64_28004_7\securedfolder\lscsetup_x64_28004.exe" /s /v"/qn /norestart REBOOT=ReallySuppress"Lsa: [Notification Packages] scecli ACGinaStartup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk [2015-02-21]ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 93.158.216.100 8.8.8.8Tcpip\..\Interfaces\{09D2DC1F-A686-447C-AD31-33D0CBCCEE79}: [DhcpNameServer] 93.158.216.100 8.8.8.8Tcpip\..\Interfaces\{5D3BA6DD-1A47-4D3D-B40B-F7AB60135A7B}: [NameServer] 172.17.1.13 Internet Explorer:==================HKU\S-1-5-21-431013118-809749992-1248859224-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://login.microsoftonline.com/SearchScopes: HKU\S-1-5-21-431013118-809749992-1248859224-1001 -> {FB0F028C-29CC-4C9A-8029-54EE22AAF8A4} URL = hxxps://www.google.com/search?q={searchTerms}BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-27] (Oracle Corporation)BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-27] (Oracle Corporation)BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-27] (Oracle Corporation)BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-27] (Oracle Corporation) FireFox:========FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-27] (Oracle Corporation)FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-27] (Oracle Corporation)FF Plugin: @microsoft.com/GENUINE -> disabled [No File]FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll [2014-07-09] (Intel Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll [2014-07-09] (Intel Corporation)FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-27] (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-27] (Oracle Corporation)FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-12-17] (Adobe Systems Inc.)FF Plugin HKU\S-1-5-21-431013118-809749992-1248859224-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Ivan Moreno\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-07] (Google Inc.)FF Plugin HKU\S-1-5-21-431013118-809749992-1248859224-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Ivan Moreno\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-07] (Google Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation) Chrome: =======CHR Profile: C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (BIODIGITAL HUMAN) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2015-06-01]CHR Extension: (Duolingo on the Web) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2015-06-01]CHR Extension: (Google Drive) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-20]CHR Extension: (YouTube) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-01]CHR Extension: (Spotify - Music for every moment) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2015-06-01]CHR Extension: (Google Search) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-01]CHR Extension: (Gun Blood) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpbkahmbgcfjocgliikbkfiieemcjkoj [2015-06-01]CHR Extension: (Box) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl [2015-06-01]CHR Extension: (EWC Presenter) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdginhbdpekijhadlcniofmnmpbgdkjd [2015-06-01]CHR Extension: (Pixlr Express) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Default\Extensions\hojmjpdlmjopaeginhldhiokeidchjid [2015-06-01]CHR Extension: (Pixlr Editor) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmaknaampgiegkcjlimdiidlhopknpk [2015-06-01]CHR Extension: (Build with Chrome) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbbbhbjeecagnlfgggogfclkdjamoapf [2015-06-01]CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-01]CHR Extension: (Sketchpad) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkllajgbhondgjjnhmmgbjndmogapinp [2015-06-01]CHR Extension: (Google Classroom) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhehppjhmmnlfbbopchdfldgimhfhfk [2015-06-01]CHR Extension: (Moqups · Mockups, Wireframes & Prototyping) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlfbhphohgafllkjnakmdppmmkjfbnke [2015-06-01]CHR Extension: (Chrome Web Store Payments) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-27]CHR Extension: (Deezer) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Default\Extensions\npfkoakaabdallkcdbpkkhfilkkngakh [2015-06-01]CHR Extension: (Gmail) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-01]CHR Extension: (Canvas Rider) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk [2015-06-01]CHR Profile: C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 1CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2015-09-02]CHR Extension: (Duolingo on the Web) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2015-09-02]CHR Extension: (Google Drive) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-24]CHR Extension: (YouTube) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-24]CHR Extension: (Spotify - Music for every moment) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2015-09-02]CHR Extension: (Google Search) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-24]CHR Extension: (Gun Blood) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cpbkahmbgcfjocgliikbkfiieemcjkoj [2015-09-02]CHR Extension: (Box) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl [2015-09-02]CHR Extension: (EWC Presenter) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hdginhbdpekijhadlcniofmnmpbgdkjd [2015-09-02]CHR Extension: (Pixlr Editor) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\icmaknaampgiegkcjlimdiidlhopknpk [2015-09-02]CHR Extension: (Build with Chrome) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbbbhbjeecagnlfgggogfclkdjamoapf [2015-09-02]CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-24]CHR Extension: (Sketchpad) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lkllajgbhondgjjnhmmgbjndmogapinp [2015-09-02]CHR Extension: (Google Classroom) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mfhehppjhmmnlfbbopchdfldgimhfhfk [2015-09-02]CHR Extension: (Moqups · Mockups, Wireframes & Prototyping) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nlfbhphohgafllkjnakmdppmmkjfbnke [2015-09-02]CHR Extension: (Chrome Web Store Payments) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-24]CHR Extension: (Deezer) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\npfkoakaabdallkcdbpkkhfilkkngakh [2015-09-02]CHR Extension: (Gmail) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-24]CHR Extension: (Canvas Rider) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\poknhlcknimnnbfcombaooklofipaibk [2015-09-02]CHR Profile: C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 2CHR Extension: (Google Slides) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-02]CHR Extension: (Google Docs) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-03]CHR Extension: (Google Drive) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-26]CHR Extension: (YouTube) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-02]CHR Extension: (Google Search) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]CHR Extension: (Google Sheets) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-02]CHR Extension: (Google Docs Offline) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-03]CHR Extension: (Chrome Web Store Payments) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-02]CHR Extension: (Gmail) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-03]CHR Profile: C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2015-11-12]CHR Extension: (Duolingo on the Web) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2015-11-12]CHR Extension: (Google Drive) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-12]CHR Extension: (YouTube) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-12]CHR Extension: (Spotify - Music for every moment) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2015-11-12]CHR Extension: (Google Search) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-12]CHR Extension: (Gun Blood) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\cpbkahmbgcfjocgliikbkfiieemcjkoj [2015-11-12]CHR Extension: (Box) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl [2015-11-12]CHR Extension: (Google Docs Offline) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-12]CHR Extension: (EWC Presenter) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\hdginhbdpekijhadlcniofmnmpbgdkjd [2015-11-12]CHR Extension: (Pixlr Editor) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\icmaknaampgiegkcjlimdiidlhopknpk [2015-11-12]CHR Extension: (Build with Chrome) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lbbbhbjeecagnlfgggogfclkdjamoapf [2015-11-12]CHR Extension: (Sketchpad) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lkllajgbhondgjjnhmmgbjndmogapinp [2015-11-12]CHR Extension: (Google Classroom) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\mfhehppjhmmnlfbbopchdfldgimhfhfk [2015-11-12]CHR Extension: (Moqups · Mockups, Wireframes & Prototyping) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nlfbhphohgafllkjnakmdppmmkjfbnke [2015-11-12]CHR Extension: (Chrome Web Store Payments) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-12]CHR Extension: (Deezer) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\npfkoakaabdallkcdbpkkhfilkkngakh [2015-11-12]CHR Extension: (Gmail) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-12]CHR Extension: (Privacy Badger) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2015-11-12]CHR Extension: (Canvas Rider) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\poknhlcknimnnbfcombaooklofipaibk [2015-11-12]CHR Profile: C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 5CHR Profile: C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 6CHR Extension: (Google Slides) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-17]CHR Extension: (Google Docs) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-17]CHR Extension: (Google Drive) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-17]CHR Extension: (YouTube) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-17]CHR Extension: (Google Search) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-17]CHR Extension: (Session Buddy) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2015-12-31]CHR Extension: (Google Sheets) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-17]CHR Extension: (Google Docs Offline) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]CHR Extension: (Cisco WebEx Extension) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2016-01-15]CHR Extension: (Chrome Web Store Payments) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-17]CHR Extension: (Gmail) - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-17]StartMenuInternet: Google Chrome.PF7CAFPGK2LBCHDWMDMKWYWIKI - C:\Users\Ivan Moreno\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [319536 2014-11-14] (Lenovo.)S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272864 2015-12-10] (Lenovo)R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [739640 2015-11-18] (Malwarebytes Corporation)R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [21536 2015-11-11] ()R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)R2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC.)S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3342640 2012-08-23] (Intel® Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 Alpham1; C:\Windows\System32\DRIVERS\Alpham164.sys [52992 2007-07-23] (Ideazon Corporation)R3 Alpham2; C:\Windows\System32\DRIVERS\Alpham264.sys [21760 2007-03-20] (Ideazon Corporation)R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-11-18] ()S3 jakstaVA; C:\Windows\System32\DRIVERS\jaksta_va.sys [103816 2014-12-08] (e2eSoft)R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-16] (Malwarebytes)R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45296 2014-07-28] (Synaptics Incorporated)S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-01-16 16:43 - 2016-01-16 16:44 - 00029031 _____ C:\Users\Ivan Moreno\Downloads\FRST.txt2016-01-16 16:43 - 2016-01-16 16:43 - 00000000 ____D C:\FRST2016-01-16 16:42 - 2016-01-16 16:42 - 02370560 _____ (Farbar) C:\Users\Ivan Moreno\Downloads\FRST64.exe2016-01-16 16:31 - 2016-01-16 16:35 - 00000000 ____D C:\AdwCleaner2016-01-16 16:30 - 2016-01-16 16:30 - 01754112 _____ C:\Users\Ivan Moreno\Downloads\AdwCleaner.exe2016-01-15 13:58 - 2016-01-15 13:58 - 00000000 ____D C:\Users\Ivan Moreno\AppData\Roaming\webex2016-01-15 13:57 - 2016-01-15 15:05 - 00000000 ____D C:\Users\Ivan Moreno\AppData\LocalLow\WebEx2016-01-15 13:57 - 2016-01-15 13:58 - 00000000 ____D C:\ProgramData\WebEx2016-01-15 13:57 - 2016-01-15 13:57 - 00708280 _____ (Cisco WebEx LLC) C:\Users\Ivan Moreno\Downloads\Cisco_WebEx_Add-On.exe2016-01-15 13:57 - 2016-01-15 13:57 - 00000000 ____D C:\Users\Ivan Moreno\AppData\Roaming\Mozilla2016-01-15 13:57 - 2016-01-15 13:57 - 00000000 ____D C:\Users\Ivan Moreno\AppData\Local\WebEx2016-01-14 17:17 - 2016-01-14 17:19 - 22908888 _____ (Malwarebytes ) C:\Users\Ivan Moreno\Downloads\mbam-setup-web.NT-2.2.0.1024.exe2016-01-14 12:00 - 2016-01-14 12:00 - 02017853 _____ C:\Users\Ivan Moreno\Downloads\QUICK TEAM-BUILDING ACTIVITIES FOR BUSY MANAGERS.pdf2016-01-13 07:52 - 2015-12-11 12:57 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll2016-01-13 07:52 - 2015-12-08 15:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll2016-01-13 07:52 - 2015-12-08 15:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL2016-01-13 07:52 - 2015-12-08 15:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL2016-01-13 07:52 - 2015-12-08 15:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL2016-01-13 07:52 - 2015-12-08 15:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL2016-01-13 07:52 - 2015-12-08 15:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL2016-01-13 07:52 - 2015-12-08 15:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll2016-01-13 07:52 - 2015-12-08 15:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL2016-01-13 07:52 - 2015-12-08 15:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL2016-01-13 07:52 - 2015-12-08 15:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL2016-01-13 07:52 - 2015-12-08 15:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL2016-01-13 07:52 - 2015-12-08 15:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL2016-01-13 07:52 - 2015-12-08 15:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll2016-01-13 07:52 - 2015-12-08 15:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll2016-01-13 07:52 - 2015-12-08 15:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll2016-01-13 07:52 - 2015-12-08 15:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL2016-01-13 07:52 - 2015-12-08 15:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL2016-01-13 07:52 - 2015-12-08 15:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll2016-01-13 07:52 - 2015-12-08 15:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll2016-01-13 07:52 - 2015-12-08 15:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll2016-01-13 07:52 - 2015-12-08 15:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL2016-01-13 07:52 - 2015-12-08 15:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll2016-01-13 07:52 - 2015-12-08 15:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL2016-01-13 07:52 - 2015-12-08 15:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL2016-01-13 07:52 - 2015-12-08 15:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL2016-01-13 07:52 - 2015-12-08 15:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll2016-01-13 07:52 - 2015-12-08 15:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax2016-01-13 07:52 - 2015-12-08 15:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL2016-01-13 07:52 - 2015-12-08 15:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll2016-01-13 07:52 - 2015-12-08 15:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL2016-01-13 07:52 - 2015-12-08 15:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll2016-01-13 07:52 - 2015-12-08 15:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll2016-01-13 07:52 - 2015-12-08 15:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe2016-01-13 07:52 - 2015-12-08 15:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe2016-01-13 07:52 - 2015-12-08 15:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll2016-01-13 07:52 - 2015-12-08 15:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll2016-01-13 07:52 - 2015-12-08 13:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll2016-01-13 07:52 - 2015-12-08 13:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll2016-01-13 07:52 - 2015-12-08 13:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL2016-01-13 07:52 - 2015-12-08 13:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL2016-01-13 07:52 - 2015-12-08 13:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL2016-01-13 07:52 - 2015-12-08 13:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll2016-01-13 07:52 - 2015-12-08 13:07 - 01393152 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll2016-01-13 07:52 - 2015-12-08 13:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll2016-01-13 07:52 - 2015-12-08 13:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL2016-01-13 07:52 - 2015-12-08 13:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL2016-01-13 07:52 - 2015-12-08 13:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL2016-01-13 07:52 - 2015-12-08 13:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll2016-01-13 07:52 - 2015-12-08 13:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll2016-01-13 07:52 - 2015-12-08 13:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL2016-01-13 07:52 - 2015-12-08 13:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL2016-01-13 07:52 - 2015-12-08 13:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL2016-01-13 07:52 - 2015-12-08 13:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL2016-01-13 07:52 - 2015-12-08 13:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll2016-01-13 07:52 - 2015-12-08 13:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll2016-01-13 07:52 - 2015-12-08 13:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL2016-01-13 07:52 - 2015-12-08 13:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL2016-01-13 07:52 - 2015-12-08 13:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll2016-01-13 07:52 - 2015-12-08 13:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll2016-01-13 07:52 - 2015-12-08 13:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll2016-01-13 07:52 - 2015-12-08 13:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL2016-01-13 07:52 - 2015-12-08 13:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll2016-01-13 07:52 - 2015-12-08 13:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL2016-01-13 07:52 - 2015-12-08 13:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL2016-01-13 07:52 - 2015-12-08 13:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL2016-01-13 07:52 - 2015-12-08 13:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll2016-01-13 07:52 - 2015-12-08 13:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL2016-01-13 07:52 - 2015-12-08 13:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL2016-01-13 07:52 - 2015-12-08 13:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll2016-01-13 07:52 - 2015-12-08 13:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll2016-01-13 07:52 - 2015-12-08 13:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe2016-01-13 07:52 - 2015-12-08 13:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll2016-01-13 07:52 - 2015-12-08 13:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax2016-01-13 07:52 - 2015-12-08 13:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe2016-01-13 07:52 - 2015-12-08 13:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll2016-01-13 07:52 - 2015-12-08 12:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys2016-01-13 07:52 - 2015-12-08 12:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys2016-01-13 07:52 - 2015-12-08 12:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys2016-01-13 07:52 - 2015-12-08 11:58 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2016-01-13 07:52 - 2015-11-13 17:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll2016-01-13 07:52 - 2015-11-13 17:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll2016-01-13 07:52 - 2015-11-13 17:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe2016-01-13 07:52 - 2015-11-13 16:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll2016-01-13 07:52 - 2015-11-13 16:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll2016-01-13 07:52 - 2015-11-13 16:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe2016-01-13 07:51 - 2015-12-23 17:13 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2016-01-13 07:51 - 2015-12-23 16:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2016-01-13 07:51 - 2015-12-12 12:54 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2016-01-13 07:51 - 2015-12-12 12:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2016-01-13 07:51 - 2015-12-12 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2016-01-13 07:51 - 2015-12-12 12:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2016-01-13 07:51 - 2015-12-12 12:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2016-01-13 07:51 - 2015-12-12 12:15 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2016-01-13 07:51 - 2015-12-12 12:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec2016-01-13 07:51 - 2015-12-12 12:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2016-01-13 07:51 - 2015-12-12 12:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll2016-01-13 07:51 - 2015-12-12 12:07 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2016-01-13 07:51 - 2015-12-12 12:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2016-01-13 07:51 - 2015-12-12 12:07 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2016-01-13 07:51 - 2015-12-12 12:03 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2016-01-13 07:51 - 2015-12-12 12:02 - 20367360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2016-01-13 07:51 - 2015-12-12 12:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2016-01-13 07:51 - 2015-12-12 12:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2016-01-13 07:51 - 2015-12-12 12:02 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2016-01-13 07:51 - 2015-12-12 12:02 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2016-01-13 07:51 - 2015-12-12 11:55 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2016-01-13 07:51 - 2015-12-12 11:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2016-01-13 07:51 - 2015-12-12 11:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2016-01-13 07:51 - 2015-12-12 11:44 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2016-01-13 07:51 - 2015-12-12 11:40 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2016-01-13 07:51 - 2015-12-12 11:39 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2016-01-13 07:51 - 2015-12-12 11:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2016-01-13 07:51 - 2015-12-12 11:37 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2016-01-13 07:51 - 2015-12-12 11:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2016-01-13 07:51 - 2015-12-12 11:37 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2016-01-13 07:51 - 2015-12-12 11:36 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec2016-01-13 07:51 - 2015-12-12 11:36 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll2016-01-13 07:51 - 2015-12-12 11:35 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll2016-01-13 07:51 - 2015-12-12 11:33 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2016-01-13 07:51 - 2015-12-12 11:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2016-01-13 07:51 - 2015-12-12 11:30 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2016-01-13 07:51 - 2015-12-12 11:28 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2016-01-13 07:51 - 2015-12-12 11:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2016-01-13 07:51 - 2015-12-12 11:27 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2016-01-13 07:51 - 2015-12-12 11:27 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2016-01-13 07:51 - 2015-12-12 11:25 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll2016-01-13 07:51 - 2015-12-12 11:23 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2016-01-13 07:51 - 2015-12-12 11:22 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2016-01-13 07:51 - 2015-12-12 11:21 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2016-01-13 07:51 - 2015-12-12 11:20 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2016-01-13 07:51 - 2015-12-12 11:19 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2016-01-13 07:51 - 2015-12-12 11:18 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2016-01-13 07:51 - 2015-12-12 11:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2016-01-13 07:51 - 2015-12-12 11:12 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2016-01-13 07:51 - 2015-12-12 11:10 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2016-01-13 07:51 - 2015-12-12 11:10 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2016-01-13 07:51 - 2015-12-12 11:09 - 04610560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2016-01-13 07:51 - 2015-12-12 11:08 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll2016-01-13 07:51 - 2015-12-12 11:06 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2016-01-13 07:51 - 2015-12-12 11:02 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll2016-01-13 07:51 - 2015-12-12 11:00 - 12856320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2016-01-13 07:51 - 2015-12-12 11:00 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2016-01-13 07:51 - 2015-12-12 11:00 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2016-01-13 07:51 - 2015-12-12 11:00 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2016-01-13 07:51 - 2015-12-12 10:54 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2016-01-13 07:51 - 2015-12-12 10:42 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2016-01-13 07:51 - 2015-12-12 10:41 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2016-01-13 07:51 - 2015-12-12 10:38 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2016-01-13 07:51 - 2015-12-12 10:36 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2016-01-13 07:47 - 2015-12-30 13:08 - 05572544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe2016-01-13 07:47 - 2015-12-30 13:08 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys2016-01-13 07:47 - 2015-12-30 13:08 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys2016-01-13 07:47 - 2015-12-30 13:05 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll2016-01-13 07:47 - 2015-12-30 13:02 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll2016-01-13 07:47 - 2015-12-30 13:02 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll2016-01-13 07:47 - 2015-12-30 13:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll2016-01-13 07:47 - 2015-12-30 13:02 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll2016-01-13 07:47 - 2015-12-30 13:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll2016-01-13 07:47 - 2015-12-30 13:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll2016-01-13 07:47 - 2015-12-30 13:01 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll2016-01-13 07:47 - 2015-12-30 13:01 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll2016-01-13 07:47 - 2015-12-30 13:01 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll2016-01-13 07:47 - 2015-12-30 13:01 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll2016-01-13 07:47 - 2015-12-30 13:01 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll2016-01-13 07:47 - 2015-12-30 13:01 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll2016-01-13 07:47 - 2015-12-30 13:01 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll2016-01-13 07:47 - 2015-12-30 13:00 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll2016-01-13 07:47 - 2015-12-30 12:59 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll2016-01-13 07:47 - 2015-12-30 12:59 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll2016-01-13 07:47 - 2015-12-30 12:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll2016-01-13 07:47 - 2015-12-30 12:58 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll2016-01-13 07:47 - 2015-12-30 12:58 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll2016-01-13 07:47 - 2015-12-30 12:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll2016-01-13 07:47 - 2015-12-30 12:57 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll2016-01-13 07:47 - 2015-12-30 12:57 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll2016-01-13 07:47 - 2015-12-30 12:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll2016-01-13 07:47 - 2015-12-30 12:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll2016-01-13 07:47 - 2015-12-30 12:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:47 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe2016-01-13 07:47 - 2015-12-30 12:47 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe2016-01-13 07:47 - 2015-12-30 12:44 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll2016-01-13 07:47 - 2015-12-30 12:41 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll2016-01-13 07:47 - 2015-12-30 12:41 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll2016-01-13 07:47 - 2015-12-30 12:41 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll2016-01-13 07:47 - 2015-12-30 12:41 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll2016-01-13 07:47 - 2015-12-30 12:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll2016-01-13 07:47 - 2015-12-30 12:41 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll2016-01-13 07:47 - 2015-12-30 12:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll2016-01-13 07:47 - 2015-12-30 12:41 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll2016-01-13 07:47 - 2015-12-30 12:40 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll2016-01-13 07:47 - 2015-12-30 12:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll2016-01-13 07:47 - 2015-12-30 12:39 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll2016-01-13 07:47 - 2015-12-30 12:39 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll2016-01-13 07:47 - 2015-12-30 12:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll2016-01-13 07:47 - 2015-12-30 12:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll2016-01-13 07:47 - 2015-12-30 12:38 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll2016-01-13 07:47 - 2015-12-30 12:38 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 12:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 11:57 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe2016-01-13 07:47 - 2015-12-30 11:50 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe2016-01-13 07:47 - 2015-12-30 11:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe2016-01-13 07:47 - 2015-12-30 11:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe2016-01-13 07:47 - 2015-12-30 11:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys2016-01-13 07:47 - 2015-12-30 11:42 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys2016-01-13 07:47 - 2015-12-30 11:42 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys2016-01-13 07:47 - 2015-12-30 11:41 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe2016-01-13 07:47 - 2015-12-30 11:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe2016-01-13 07:47 - 2015-12-30 11:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe2016-01-13 07:47 - 2015-12-30 11:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll2016-01-13 07:47 - 2015-12-30 11:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe2016-01-13 07:47 - 2015-12-30 11:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe2016-01-13 07:47 - 2015-12-30 11:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll2016-01-13 07:47 - 2015-12-30 11:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 11:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 11:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll2016-01-13 07:47 - 2015-12-30 11:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll2016-01-13 07:47 - 2015-12-08 15:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll2016-01-13 07:47 - 2015-12-08 15:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll2016-01-13 07:47 - 2015-12-08 13:07 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll2016-01-13 07:47 - 2015-12-08 13:07 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll2016-01-13 07:47 - 2015-11-16 19:11 - 00025024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe2016-01-13 07:47 - 2015-11-16 19:08 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll2016-01-13 07:47 - 2015-11-16 19:08 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll2016-01-13 07:47 - 2015-11-16 19:08 - 00705536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll2016-01-13 07:47 - 2015-11-16 19:08 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll2016-01-13 07:47 - 2015-11-16 19:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll2016-01-13 07:47 - 2015-11-16 14:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll2016-01-11 16:41 - 2016-01-11 16:41 - 42089679 _____ C:\Users\Ivan Moreno\Downloads\Make a Subsite SP v1.wmv2016-01-11 10:56 - 2016-01-15 11:53 - 00000000 ____D C:\Users\Ivan Moreno\Desktop\New folder2016-01-07 08:48 - 2016-01-07 08:48 - 00000000 ____D C:\Users\Ivan Moreno\AppData\Roaming\LSC2016-01-06 17:02 - 2016-01-06 17:02 - 00001991 _____ C:\Users\Public\Desktop\Lenovo Solution Center.lnk2016-01-06 10:50 - 2016-01-06 10:50 - 93747134 _____ C:\Users\Ivan Moreno\Downloads\Seguridad enero 2016.mp42015-12-29 13:33 - 2015-12-29 13:33 - 00536597 _____ C:\Users\Ivan Moreno\Downloads\WhistleblowerHotline1877844.wma2015-12-23 19:27 - 2015-12-23 19:27 - 08307025 _____ C:\Users\Ivan Moreno\Documents\Firmas electrónicas.zip2015-12-23 16:00 - 2015-12-31 09:43 - 00000000 ____D C:\Users\Ivan Moreno\Documents\Firmas electrónicas2015-12-22 20:54 - 2015-12-22 20:54 - 00009949 _____ C:\Users\Ivan Moreno\Downloads\Nomina2015-12-21 15:25 - 2015-12-21 15:50 - 76742656 _____ C:\Users\Ivan Moreno\Downloads\V2w-20.mp4.2lqb1z5.partial2015-12-18 11:23 - 2015-12-18 11:23 - 00224376 _____ C:\Users\Ivan Moreno\Downloads\WhistleblowerHotline1871290.wma2015-12-18 11:19 - 2015-12-18 11:19 - 00350082 _____ C:\Users\Ivan Moreno\Downloads\WhistleblowerHotline1871288.wma ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-01-16 16:44 - 2015-06-01 08:09 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-431013118-809749992-1248859224-1001UA.job2016-01-16 16:43 - 2014-01-08 11:30 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job2016-01-16 16:43 - 2009-07-13 21:20 - 00000000 ____D C:\Windows2016-01-16 16:42 - 2009-07-13 23:13 - 00785942 _____ C:\Windows\system32\PerfStringBackup.INI2016-01-16 16:42 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\inf2016-01-16 16:38 - 2015-02-21 17:15 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2016-01-16 16:36 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT2016-01-16 15:55 - 2009-07-13 22:45 - 00022400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02016-01-16 15:55 - 2009-07-13 22:45 - 00022400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02016-01-15 13:57 - 2015-05-04 12:05 - 00000000 ____D C:\Users\Ivan Moreno\AppData\LocalLow\Temp2016-01-15 10:44 - 2015-06-01 08:09 - 00000880 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-431013118-809749992-1248859224-1001Core.job2016-01-15 06:54 - 2015-02-21 17:00 - 00000000 ____D C:\Program Files (x86)\TeamViewer2016-01-14 21:13 - 2014-01-08 11:22 - 00000000 ____D C:\ProgramData\Microsoft Help2016-01-14 21:12 - 2015-02-23 15:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight2016-01-14 21:12 - 2014-01-08 11:24 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 20132016-01-14 21:11 - 2015-02-23 15:26 - 00000000 ____D C:\Program Files\Microsoft Silverlight2016-01-14 21:11 - 2015-02-23 15:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight2016-01-14 21:10 - 2014-08-15 19:57 - 00000000 ____D C:\Windows\system32\MRT2016-01-14 21:05 - 2014-08-15 19:57 - 143671360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2016-01-14 21:04 - 2009-07-13 20:34 - 00000478 _____ C:\Windows\win.ini2016-01-14 17:19 - 2015-02-21 17:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2016-01-14 17:19 - 2015-02-21 17:15 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware2016-01-14 07:57 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\rescache2016-01-14 07:30 - 2015-09-21 11:19 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit2016-01-14 07:18 - 2009-07-13 22:45 - 00433760 _____ C:\Windows\system32\FNTCACHE.DAT2016-01-14 07:17 - 2015-02-21 15:22 - 00000000 ___SD C:\Windows\system32\CompatTel2016-01-14 07:17 - 2015-02-21 15:22 - 00000000 ____D C:\Windows\system32\appraiser2016-01-13 19:40 - 2015-02-21 12:51 - 00000000 ____D C:\ProgramData\Package Cache2016-01-12 20:55 - 2014-01-08 11:36 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk2016-01-06 17:02 - 2015-02-21 12:43 - 00000000 ____D C:\Program Files\Lenovo2016-01-06 17:02 - 2015-02-21 12:35 - 00000000 ____D C:\Windows\System32\Tasks\Lenovo2016-01-06 17:02 - 2015-02-21 11:53 - 00000000 ____D C:\Program Files (x86)\Lenovo2016-01-06 17:02 - 2015-02-21 11:49 - 00000000 ____D C:\Windows\Downloaded Installations2016-01-06 16:59 - 2015-02-21 12:34 - 00000000 ____D C:\ProgramData\Lenovo2016-01-06 16:58 - 2015-02-21 12:37 - 00000000 ____D C:\Windows\System32\Tasks\TVT2016-01-06 16:58 - 2015-02-21 11:54 - 00000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools2016-01-04 09:44 - 2014-01-08 11:30 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2016-01-04 09:44 - 2014-01-08 11:30 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2016-01-04 09:44 - 2014-01-08 11:30 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater2015-12-31 10:24 - 2015-02-28 10:51 - 00000000 ____D C:\Users\Ivan Moreno\AppData\Roaming\TeamViewer2015-12-31 09:43 - 2015-04-01 10:43 - 00000000 ____D C:\Users\Ivan Moreno\Documents\Temporal2015-12-21 08:31 - 2009-07-13 23:08 - 00032646 _____ C:\Windows\Tasks\SCHEDLGU.TXT2015-12-18 09:56 - 2015-04-17 11:13 - 00000000 ____D C:\Users\Ivan Moreno\Documents\Formato semanal Some files in TEMP:====================C:\Users\fcfs\AppData\Local\Temp\jre-8u31-windows-au.exeC:\Users\Ivan Moreno\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signedC:\Windows\system32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\system32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\system32\services.exe => File is digitally signedC:\Windows\system32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\system32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\system32\rpcss.dll => File is digitally signedC:\Windows\system32\dnsapi.dll => File is digitally signedC:\Windows\SysWOW64\dnsapi.dll => File is digitally signedC:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-01-11 08:55 ==================== End of FRST.txt ============================Addition.txt

This is the log information of AdwCleaner... I will now continue with the last software... # AdwCleaner v5.029 - Logfile created 16/01/2016 at 16:35:00# Updated 11/01/2016 by Xplode# Database : 2016-01-15.2 [server]# Operating system : Windows 7 Enterprise Service Pack 1 (x64)# Username : Ivan.Moreno - RMG_LP_PBHFE23# Running from : C:\Users\Ivan Moreno\Downloads\AdwCleaner.exe# Option : Cleaning# Support : http://toolslib.net/forum ***** [ Services ] ***** ***** [ Folders ] ***** [-] Folder Deleted : C:\Program Files (x86)\Applian Technologies[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Applian Technologies[-] Folder Deleted : C:\Users\Ivan Moreno\AppData\Local\PackageAware[!] Folder Not Deleted : C:\Users\Ivan Moreno\AppData\Local\PackageAware[!] Folder Not Deleted : C:\Users\Ivan Moreno\AppData\Local\PackageAware ***** [ Files ] ***** ***** [ DLLs ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled tasks ] ***** ***** [ Registry ] ***** [-] Key Deleted : HKLM\SOFTWARE\Classes\S ***** [ Web browsers ] ***** ************************* :: "Tracing" keys removed:: Winsock settings cleared ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1115 bytes] ##########

Hello Kevin thank you very much for your assistance! Here I paste the log information provided from Malwarebytes AntiMalware. I will continue to download and use the other software that you gave me. THANK YOU! Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 1/16/2016Scan Time: 3:57 PMLogfile: Administrator: Yes Version: 2.2.0.1024Malware Database: v2016.01.16.04Rootkit Database: v2016.01.09.01License: PremiumMalware Protection: EnabledMalicious Website Protection: EnabledSelf-protection: Disabled OS: Windows 7 Service Pack 1CPU: x64File System: NTFSUser: Ivan.Moreno Scan Type: Threat ScanResult: CompletedObjects Scanned: 422316Time Elapsed: 26 min, 23 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: EnabledHeuristics: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 0(No malicious items detected) Registry Values: 0(No malicious items detected) Registry Data: 0(No malicious items detected) Folders: 0(No malicious items detected) Files: 0(No malicious items detected) Physical Sectors: 0(No malicious items detected) (end)

Hello, My laptop computer is infected with some kind of undetectable malware. This is my computer from work and I think it got infected with a USB drive, I am not sure. I am attaching 2 pictures: One is a scan I performed with Malwarebytes resulting with no infection and the other picture is a malicious popup when I was browsing on the Internet. Please help! Thank You