The log.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.10586.20 BrowserJavaVersion: 10.21.2
Run by Joaqu?n Jimenez at 16:55:36 on 2016-06-05
Microsoft Windows 10 Home 10.0.10586.0.1252.800.1033.18.8092.5846 [GMT -3:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\nvvsvc.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCRTP.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
C:\WINDOWS\system32\dashost.exe
C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\SysWOW64\svchost.exe -k kuaizipupdatesvc
C:\WINDOWS\system32\taskeng.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
C:\WINDOWS\system32\sihost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\system32\wscript.exe
C:\Windows\DAODx.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Joaqu?n Jimenez\AppData\Roaming\ContentPush\ContentPush.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AsDLNAServerReal.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\System32\svchost.exe -k swprv
C:\WINDOWS\SysWOW64\DllHost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\vssvc.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Users\Joaqu?n Jimenez\Desktop\dds.scr
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.hao123.com/?tn=90820167_hao_pg
mStart Page = hxxp://www.hao123.com/?tn=90820167_hao_pg
uProxyOverride = <local>
mWinlogon: Userinit = wscript C:\WINDOWS\run.vbs,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: ArcPluginIEBHO Class: {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - C:\Program Files (x86)\Arc\plugins\ArcPluginIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [uTorrent] "C:\Users\Joaqu?n Jimenez\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
uRun: [Dxtory Update Checker 2.0] C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe
uRun: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
uRun: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
uRun: [EvolveClient] "C:\Program Files\Echobit\Evolve\EvolveClient.exe" -autorun
uRun: [Akamai NetSession Interface] "C:\Users\Joaqu?n Jimenez\AppData\Local\Akamai\netsession_win.exe"
uRun: [OscarEditor] "C:\Program Files (x86)\X7 Oscar Keyboard Editor\\OscarEditor.exe" Minimum
uRun: [OscarKeyboard] "C:\Program Files (x86)\X7 Oscar Keyboard Editor\OscarEditor.exe" Minimum
uRun: [OneDrive] "C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
uRun: [MurGee.com Auto Clicker] C:\Users\Joaqu?n Jimenez\AppData\Roaming\Auto Clicker\AutoClicker.exe :silent
uRun: [Chromium] "c:\users\joaqu?n jimenez\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
uRun: [Installer] C:\WINDOWS\Temp\A070.tmp /autorun
uRun: [osmsg] C:\ProgramData\WindowsMsg\osmsg.exe /AUTORUN
uRun: [QGuan90132] C:\Users\Joaqu?n Jimenez\AppData\Roaming\service90132.exe /autorun
uRun: [msiql] C:\Users\Joaqu?n Jimenez\AppData\Roaming\msiql.exe /RUNNING
uRunOnce: [Uninstall C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
uRunOnce: [Uninstall C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\17.3.5892.0626] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\17.3.5892.0626"
uRunOnce: [Uninstall C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"
uRunOnce: [Uninstall C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\17.3.6201.1019] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\17.3.6201.1019"
uRunOnce: [Uninstall C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
uRunOnce: [Uninstall C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\17.3.6281.1202] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\17.3.6281.1202"
uRunOnce: [Uninstall C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
uRunOnce: [Uninstall C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\17.3.6301.0127] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\17.3.6301.0127"
uRunOnce: [Uninstall C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
uRunOnce: [Uninstall C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\17.3.6302.0225] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\17.3.6302.0225"
mRun: [ASUS WiFi GO! FileTransfer Execute] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFile\WiFileTransfer.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SteelSeries World of Warcraft MMO Gaming Mouse] "C:\Program Files (x86)\SteelSeries\World of Warcraft MMO Gaming Mouse\WoWMHID.exe"
mRun: [Arc] C:\Program Files (x86)\Arc\ArcLauncher.exe /autorun
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguix.exe" /fmw.trayonly
mRun: [ProductUpdater] C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun: [ QQPCTray] "C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCTray.exe" /regrun
StartupFolder: C:\Users\JOAQUN~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\RAINME~1.LNK - C:\Program Files\Rainmeter\Rainmeter.exe
mPolicies-Explorer: EnableShellExecuteHooks = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:221
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-Windows\System: EnableSmartScreen = dword:0
Trusted Zone: aeriagames.com
Trusted Zone: aeriagames.com
TCP: Interfaces\{652c6e00-a1db-451e-8d8b-684ae10deab9} : DHCPNameServer = 190.55.60.129 181.47.248.145 200.115.192.28
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.79\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-mStart Page = hxxps://ar.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_22¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dar%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzytCyB0EzzyBzytB0AtD0CtN0D0Tzu0StCyCtCyBtN1L2XzutAtFtBtBtFtAtFtDtN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2SyDyC0CtCtC0AyC0BtGyEtBtAtBtGzztD0D0AtGtA0CyD0DtGtAtAyCtCyCyByCtDzzzz0Ezy2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szz0EyD0AtC0D0FtCtG0BtC0F0AtGyEzyyC0EtGzzyEyB0AtGzzyDzzyBtA0ByDyB0D0B0FyB2QtN0A0LzuyE%26cr%3D1934756008%26a%3Dwbf_fs_16_22%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
x64-mWinlogon: Userinit = wscript C:\WINDOWS\run.vbs,
x64-BHO: ?????????: {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} - C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TSWebMon64.dat
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] "C:\WINDOWS\System32\rundll32.exe" C:\WINDOWS\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-mPolicies-Explorer: EnableShellExecuteHooks = dword:1
x64-mPolicies-Explorer: NoDriveTypeAutoRun = dword:221
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: PromptOnSecureDesktop = dword:0
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SEH: <No Name> - {98C066AB-D735-4339-9E52-A34875141B56} - C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\Windows\INetCookies\kunecult.dll
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 DERNPXGHHP;askProtect;C:\WINDOWS\System32\drivers\askProtect64.sys [2016-6-5 208776]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2015-10-30 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2015-10-30 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2015-10-30 199008]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2015-10-30 218624]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2016-5-10 87552]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R1 ndisrd;WinpkFilter LightWeight Filter;C:\WINDOWS\System32\drivers\ndisrd.sys [2015-10-4 32840]
R1 QMUdisk;tencent QMUdisk;C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QMUdisk64.sys [2016-6-5 184952]
R1 softaal;softaal;C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\SoftAAL64.sys [2016-6-5 44664]
R1 TSSysKit;TSSysKit;C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TSSysKit64.sys [2016-6-5 96888]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2015-10-4 920736]
R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2015-10-4 951936]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2015-10-30 43944]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2015-10-30 43944]
R2 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-10-3 1165368]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2016-2-9 9728]
R2 KuaiZipDrive;KuaiZipDrive;C:\WINDOWS\System32\drivers\KuaiZipDrive.sys [2016-6-5 92872]
R2 KuaizipUpdateChecker;KuaizipUpdateChecker;C:\WINDOWS\System32\svchost.exe -k kuaizipupdatesvc [2015-10-30 43944]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2016-5-6 419248]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-10-3 1881144]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-10-3 2522680]
R2 QQPCRTP;QQPCMgr RTP Service;C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCRTP.exe [2016-6-5 313936]
R2 QQSysMonX64;QQSysMonX64;C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQSysMonX64.sys [2016-6-5 154744]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe [2016-5-25 426040]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2015-10-30 78848]
R2 TAOKernelDriver;Tencent Auto Optimize Platform.;C:\WINDOWS\System32\drivers\TAOKernelEx64.sys [2016-6-5 143992]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R2 tsnethlpx64;TsNetHlpX64.sys;C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TsNetHlpX64.sys [2016-6-5 57976]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 EvolveVirtualAdapter;Evolve Virtual Miniport Driver;C:\WINDOWS\System32\drivers\evolve.sys [2015-10-11 21656]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\WINDOWS\System32\drivers\MijXfilt.sys [2015-9-12 121416]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2015-10-30 20480]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-10-3 28216]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2015-10-3 3634232]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\System32\drivers\nvvad64v.sys [2015-10-3 56384]
R3 RTL8168;Realtek 8168 NT Driver;C:\WINDOWS\System32\drivers\Rt630x64.sys [2015-9-6 816344]
R3 ScpVBus;Scp Virtual Bus Driver;C:\WINDOWS\System32\drivers\ScpVBus.sys [2015-9-12 39168]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R3 TAOAccelerator;Tencent TAOAccelerator driver.;C:\WINDOWS\System32\drivers\TAOAccelerator64.sys [2016-6-5 99480]
R3 TFsFlt;TFsFlt;C:\WINDOWS\System32\drivers\TFsFltX64.sys [2016-6-5 97400]
R3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2015-10-30 118112]
R3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-10-30 364464]
R4 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2015-9-6 283064]
S1 TSDefenseBt;TSDefenseBt;C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TsDefenseBT64.sys [2016-6-5 28984]
S2 ADSkipSvc;ADSkip Host Service;C:\Program Files (x86)\ADSKIP\ADSkipSvc.exe --> C:\Program Files (x86)\ADSKIP\ADSkipSvc.exe [?]
S2 doroghtshejasmoduleservice;Doroghtshejas Module;"C:\Program Files (x86)\Doroghtshejas\doroghtshejasmoduleservice.html5" {79740E79-A383-47A7-B513-3DF6563D007F} {8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83} --> C:\Program Files (x86)\Doroghtshejas\doroghtshejasmoduleservice.html5 [?]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S2 dowidoly;Renew Single Click;C:\Program Files (x86)\830E6920-1465117080-11DC-BF61-1C872C58655B\jnsp7CF5.tmp --> C:\Program Files (x86)\830E6920-1465117080-11DC-BF61-1C872C58655B\jnsp7CF5.tmp [?]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2016-5-6 2552840]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2015-10-30 43944]
S2 ProntSpooler;Pront Spooler;C:\Users\Joaqu?n Jimenez\AppData\Local\Apps\2.0\abril.exe [2016-5-19 134656]
S2 rijufoze;Reservation Plastic;C:\Program Files (x86)\830E6920-1465117080-11DC-BF61-1C872C58655B\hnsp9793.tmp --> C:\Program Files (x86)\830E6920-1465117080-11DC-BF61-1C872C58655B\hnsp9793.tmp [?]
S2 Service KMSELDI;Service KMSELDI;C:\Program Files\KMSpico\Service_KMS.exe [2015-9-6 1050904]
S2 siqyhebuzbt;Power Spike Layer;C:\Program Files (x86)\830E6920-1465117080-11DC-BF61-1C872C58655B\knso6030.tmpfs --> C:\Program Files (x86)\830E6920-1465117080-11DC-BF61-1C872C58655B\knso6030.tmpfs [?]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-3-23 327808]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2015-10-30 1135456]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2015-10-30 43944]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 ArcService;Arc Service;C:\Program Files (x86)\Arc\ArcService.exe [2015-9-15 88400]
S3 bcmfn;bcmfn Service;C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2015-10-30 9728]
S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2016-2-11 1345056]
S3 blNetFilter;blNetFilter;C:\WINDOWS\System32\drivers\blNetFilter.sys [2016-6-5 54664]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-10-30 43944]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2015-12-3 117248]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 embeddedmode;embeddedmode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 EvoSvc;Evolve Service;C:\Program Files\Echobit\Evolve\EvoSvc.exe [2015-10-11 1583488]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2015-10-30 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2015-10-30 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2015-10-30 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2015-10-30 117760]
S3 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2015-10-30 46432]
S3 IoQos;IoQos;C:\WINDOWS\System32\drivers\ioqos.sys [2015-10-30 26624]
S3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 Origin Client Service;Origin Client Service;"C:\Program Files (x86)\Origin\OriginClientService.exe" --> C:\Program Files (x86)\Origin\OriginClientService.exe [?]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2015-10-30 930656]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2015-10-30 155488]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2015-10-30 43944]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 Sony PC Companion;Sony PC Companion;C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2015-9-14 155520]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2015-10-30 79200]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2015-10-30 290304]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2016-5-10 63488]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 46592]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2015-10-30 45056]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2015-10-30 28512]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2016-4-12 258912]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-30 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2016-5-10 131424]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2015-10-30 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2015-10-30 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-10-30 27488]
S3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2015-10-30 31744]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 vmicvmsession;Hyper-V VM Session Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2016-4-12 694784]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2015-10-30 43944]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2015-10-30 26976]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2015-10-30 59232]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 WpnService;Windows Push Notifications Service;C:\WINDOWS\System32\svchost.exe -k wswpnservice [2015-10-30 43944]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2015-10-30 216064]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2016-3-1 238592]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2016-4-12 26112]
S4 CDPSvc;Connected Device Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
.
=============== Created Last 30 ================
.
2016-06-05 19:53:28 -------- d-----w- C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft
2016-06-05 09:17:45 -------- d-----w- C:\Program Files (x86)\Common Files\Tencent
2016-06-05 09:06:13 -------- d-----w- C:\Program Files\Common Files\Tencent
2016-06-05 09:06:08 143992 ----a-w- C:\WINDOWS\System32\drivers\TAOKernelEx64.sys
2016-06-05 09:06:07 99480 ----a-w- C:\WINDOWS\System32\drivers\TAOAccelerator64.sys
2016-06-05 09:06:00 -------- d-----w- C:\ProgramData\TXQMPC
2016-06-05 09:05:25 97400 ----a-w- C:\WINDOWS\System32\drivers\TFsFltX64.sys
2016-06-05 09:04:54 -------- d-----w- C:\Program Files (x86)\Tencent
2016-06-05 09:04:50 -------- d-----w- C:\Users\Joaqu?n Jimenez\AppData\Roaming\Tencent
2016-06-05 09:04:48 -------- d-----w- C:\ProgramData\Tencent
2016-06-05 09:03:41 54664 ----a-w- C:\WINDOWS\System32\drivers\blNetFilter.sys
2016-06-05 09:03:41 208776 ----a-w- C:\WINDOWS\System32\drivers\askProtect64.sys
2016-06-05 09:02:59 1443152 ----a-w- C:\Users\Joaqu?n Jimenez\AppData\Roaming\AutoTime_51490.jpg
2016-06-05 09:02:36 92872 ----a-w- C:\WINDOWS\System32\drivers\KuaiZipDrive.sys
2016-06-05 09:02:36 -------- d-----w- C:\Users\Joaqu?n Jimenez\AppData\Roaming\Softlink
2016-06-05 09:02:31 -------- d-----w- C:\Users\Joaqu?n Jimenez\AppData\Roaming\Kuaizip
2016-06-05 09:02:31 -------- d-----w- C:\Program Files\???
2016-06-05 08:58:01 -------- d-----w- C:\Users\Joaqu?n Jimenez\AppData\Roaming\ContentPush
2016-06-05 08:56:30 -------- d-----w- C:\extensions
2016-06-05 08:43:53 -------- d-----w- C:\Users\Joaqu?n Jimenez\AppData\Roaming\Audacity
2016-06-05 08:43:33 -------- d-----w- C:\Program Files (x86)\Audacity
2016-06-05 07:45:20 -------- d-----w- C:\Users\Joaqu?n Jimenez\AppData\Roaming\Ableton
2016-06-05 07:43:13 -------- d-----w- C:\ProgramData\Ableton
2016-06-04 15:00:13 11895896 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F4A8F714-939F-40AD-96DC-E24216B31CDC}\mpengine.dll
2016-06-03 17:03:00 11895896 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2016-06-02 16:50:56 -------- d-----w- C:\Program Files (x86)\Overwatch
2016-06-01 16:43:27 -------- d---a-w- C:\Program Files (x86)\LogMeIn Hamachi
2016-05-29 23:41:21 -------- d-----w- C:\Program Files (x86)\Common Files\Freemake Shared
2016-05-29 23:41:20 -------- d-----w- C:\ProgramData\Freemake
2016-05-29 23:41:02 -------- d---a-w- C:\Program Files (x86)\Freemake
2016-05-28 03:19:32 -------- d---a-w- C:\Program Files\Defraggler
2016-05-27 05:10:18 -------- d-----w- C:\Program Files (x86)\Microsoft ASP.NET
2016-05-26 08:31:32 -------- d-----w- C:\WINDOWS\en
2016-05-26 08:30:30 -------- d---a-w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-05-26 08:30:14 -------- d-----w- C:\WINDOWS\PCHEALTH
2016-05-26 08:27:15 525656 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\671781bb1d1b72803\DXSETUP.exe
2016-05-26 08:27:15 1691480 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\671781bb1d1b72803\dsetup32.dll
2016-05-26 08:27:14 94040 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\671781bb1d1b72803\DSETUP.dll
2016-05-26 08:27:11 89944 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\64f666541d1b72802\DSETUP.dll
2016-05-26 08:27:11 537432 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\64f666541d1b72802\DXSETUP.exe
2016-05-26 08:27:11 1801048 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\64f666541d1b72802\dsetup32.dll
2016-05-26 08:27:08 89944 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\636a81b41d1b72801\DSETUP.dll
2016-05-26 08:27:08 537432 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\636a81b41d1b72801\DXSETUP.exe
2016-05-26 08:27:08 1801048 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\636a81b41d1b72801\dsetup32.dll
2016-05-26 08:26:41 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
2016-05-25 21:50:53 113208 ----a-w- C:\WINDOWS\SysWow64\nvStreaming.exe
2016-05-25 21:50:26 45344 ----a-w- C:\WINDOWS\System32\vulkaninfo.exe
2016-05-25 21:50:26 130848 ----a-w- C:\WINDOWS\System32\vulkan-1.dll
2016-05-25 21:50:25 40224 ----a-w- C:\WINDOWS\SysWow64\vulkaninfo.exe
2016-05-25 21:50:25 129824 ----a-w- C:\WINDOWS\SysWow64\vulkan-1.dll
2016-05-22 05:27:29 1167568 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{57C57192-06A0-479D-8A4D-D6BBBA840C9C}\gapaengine.dll
2016-05-22 00:23:18 -------- d-----w- C:\Program Files (x86)\Common Files\Enterbrain
2016-05-21 01:00:54 -------- d---a-w- C:\Program Files (x86)\Heroes of the Storm
2016-05-14 23:06:08 1924152 ----a-w- C:\WINDOWS\System32\nvdispco6436519.dll
2016-05-14 23:06:08 1573432 ----a-w- C:\WINDOWS\System32\nvdispgenco6436519.dll
2016-05-14 22:56:28 -------- d-----w- C:\WINDOWS\LastGood.Tmp
2016-05-14 22:56:18 113216 ----a-w- C:\WINDOWS\System32\nvaudcap64v.dll
2016-05-14 22:56:18 102976 ----a-w- C:\WINDOWS\SysWow64\nvaudcap32v.dll
2016-05-10 23:27:02 87040 ----a-w- C:\WINDOWS\SysWow64\MapsBtSvc.dll
2016-05-10 23:27:02 800768 ----a-w- C:\WINDOWS\SysWow64\JpMapControl.dll
2016-05-10 23:27:02 59904 ----a-w- C:\WINDOWS\SysWow64\MosStorage.dll
2016-05-10 23:27:02 460800 ----a-w- C:\WINDOWS\System32\MapConfiguration.dll
2016-05-10 23:27:02 349696 ----a-w- C:\WINDOWS\SysWow64\MapConfiguration.dll
2016-05-10 23:27:01 853504 ----a-w- C:\WINDOWS\System32\MapsStore.dll
2016-05-10 23:27:01 7200256 ----a-w- C:\WINDOWS\System32\BingMaps.dll
2016-05-10 23:27:01 5205504 ----a-w- C:\WINDOWS\SysWow64\BingMaps.dll
2016-05-10 23:27:01 1056256 ----a-w- C:\WINDOWS\System32\JpMapControl.dll
2016-05-10 23:27:00 16984576 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.dll
2016-05-10 23:25:59 673280 ----a-w- C:\WINDOWS\System32\Windows.UI.dll
.
==================== Find3M ====================
.
2016-06-05 19:21:03 1048576 ----a-w- C:\WINDOWS\PE_Rom.dll
2016-05-22 21:02:00 13509184 ----a-w- C:\WINDOWS\System32\drivers\nvlddmkm.sys
2016-05-21 21:09:16 46024 ----a-w- C:\WINDOWS\System32\nvhdap64.dll
2016-05-21 21:09:16 1581624 ----a-w- C:\WINDOWS\System32\nvhdagenco64.dll
2016-05-21 21:09:16 141256 ----a-w- C:\WINDOWS\System32\drivers\nvhda64v.sys
2016-05-20 02:08:45 6348344 ----a-w- C:\WINDOWS\System32\nvcpl.dll
2016-05-20 02:08:45 2454976 ----a-w- C:\WINDOWS\System32\nvsvc64.dll
2016-05-20 02:08:43 81856 ----a-w- C:\WINDOWS\System32\nv3dappshextr.dll
2016-05-20 02:08:43 69568 ----a-w- C:\WINDOWS\System32\nvshext.dll
2016-05-20 02:08:43 533560 ----a-w- C:\WINDOWS\System32\nv3dappshext.dll
2016-05-20 02:08:43 392128 ----a-w- C:\WINDOWS\System32\nvmctray.dll
2016-05-20 02:08:43 1762752 ----a-w- C:\WINDOWS\System32\nvsvcr.dll
2016-05-20 02:08:43 1352760 ----a-w- C:\WINDOWS\System32\nvvsvc.exe
2016-05-19 14:54:35 1443152 ----a-w- C:\Users\Joaqu?n Jimenez\AppData\Roaming\AutoTime_51490.jpg
2016-05-18 08:37:33 6448223 ----a-w- C:\WINDOWS\System32\nvcoproc.bin
2016-05-11 19:57:14 829944 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2016-05-11 19:57:14 176632 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2016-05-06 04:53:48 95072 ----a-w- C:\WINDOWS\System32\drivers\sdport.sys
2016-05-06 04:05:35 241664 ----a-w- C:\WINDOWS\SysWow64\cryptngc.dll
2016-05-06 04:03:20 649216 ----a-w- C:\WINDOWS\System32\ngcsvc.dll
2016-05-06 03:53:21 351232 ----a-w- C:\WINDOWS\System32\NgcCtnr.dll
2016-05-06 03:49:14 289792 ----a-w- C:\WINDOWS\System32\NgcCtnrSvc.dll
2016-05-06 03:44:10 582656 ----a-w- C:\WINDOWS\System32\ngccredprov.dll
2016-05-06 03:43:46 320000 ----a-w- C:\WINDOWS\System32\cryptngc.dll
2016-05-06 03:23:53 76288 ----a-w- C:\WINDOWS\System32\ngcpopkeysrv.dll
2016-05-04 02:23:30 129824 ----a-w- C:\WINDOWS\SysWow64\vulkan-1-1-0-11-1.dll
2016-05-04 02:22:58 40224 ----a-w- C:\WINDOWS\SysWow64\vulkaninfo-1-1-0-11-1.exe
2016-05-04 02:22:42 130848 ----a-w- C:\WINDOWS\System32\vulkan-1-1-0-11-1.dll
2016-05-04 02:22:10 45344 ----a-w- C:\WINDOWS\System32\vulkaninfo-1-1-0-11-1.exe
2016-05-02 05:39:01 1377800 ----a-w- C:\WINDOWS\SysWow64\nvspcap.dll
2016-05-02 05:39:01 1316184 ----a-w- C:\WINDOWS\SysWow64\nvspbridge.dll
2016-05-02 05:38:42 1767944 ----a-w- C:\WINDOWS\System32\nvspcap64.dll
2016-05-02 05:38:42 1756608 ----a-w- C:\WINDOWS\System32\nvspbridge64.dll
2016-05-02 05:38:42 112032 ----a-w- C:\WINDOWS\System32\NvRtmpStreamer64.dll
2016-04-30 06:42:19 1387520 ----a-w- C:\WINDOWS\System32\win32kbase.sys
2016-04-30 06:31:37 3591168 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2016-04-27 14:33:47 1922496 ----a-w- C:\WINDOWS\System32\nvdispco6436510.dll
2016-04-27 14:33:47 1573432 ----a-w- C:\WINDOWS\System32\nvdispgenco6436510.dll
2016-04-23 06:12:45 294592 ----a-w- C:\WINDOWS\System32\invagent.dll
2016-04-23 06:12:45 190144 ----a-w- C:\WINDOWS\System32\DeviceCensus.exe
2016-04-23 06:12:45 1401024 ----a-w- C:\WINDOWS\System32\appraiser.dll
2016-04-23 06:12:45 1184960 ----a-w- C:\WINDOWS\System32\aeinv.dll
2016-04-23 06:12:44 92352 ----a-w- C:\WINDOWS\System32\acmigration.dll
2016-04-23 06:12:44 713920 ----a-w- C:\WINDOWS\System32\generaltel.dll
2016-04-23 06:12:44 514752 ----a-w- C:\WINDOWS\System32\devinv.dll
2016-04-23 06:12:44 46784 ----a-w- C:\WINDOWS\System32\CompatTelRunner.exe
2016-04-23 05:28:43 1542816 ----a-w- C:\WINDOWS\SysWow64\ntdll.dll
2016-04-23 05:28:40 1557768 ----a-w- C:\WINDOWS\SysWow64\KernelBase.dll
2016-04-23 05:26:12 707608 ----a-w- C:\WINDOWS\SysWow64\rpcrt4.dll
2016-04-23 05:24:45 7474528 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2016-04-23 05:24:41 1997328 ----a-w- C:\WINDOWS\System32\KernelBase.dll
2016-04-23 05:24:37 99680 ----a-w- C:\WINDOWS\System32\drivers\pdc.sys
2016-04-23 05:24:37 638816 ----a-w- C:\WINDOWS\System32\drivers\fvevol.sys
2016-04-23 05:24:28 1819208 ----a-w- C:\WINDOWS\System32\ntdll.dll
2016-04-23 05:24:16 335712 ----a-w- C:\WINDOWS\System32\drivers\fastfat.sys
2016-04-23 05:24:13 754664 ----a-w- C:\WINDOWS\System32\CoreMessaging.dll
2016-04-23 05:22:15 1161120 ----a-w- C:\WINDOWS\System32\rpcrt4.dll
2016-04-23 05:13:12 306832 ----a-w- C:\WINDOWS\SysWow64\wlanapi.dll
2016-04-23 05:13:01 84832 ----a-w- C:\WINDOWS\SysWow64\NetSetupApi.dll
2016-04-23 05:13:01 502104 ----a-w- C:\WINDOWS\SysWow64\NetSetupEngine.dll
2016-04-23 05:12:48 413536 ----a-w- C:\WINDOWS\System32\wifitask.exe
2016-04-23 05:12:42 451928 ----a-w- C:\WINDOWS\SysWow64\MFCaptureEngine.dll
2016-04-23 05:12:33 925064 ----a-w- C:\WINDOWS\SysWow64\mfplat.dll
2016-04-23 05:11:52 390496 ----a-w- C:\WINDOWS\System32\wlanapi.dll
2016-04-23 05:11:44 696672 ----a-w- C:\WINDOWS\System32\NetSetupEngine.dll
2016-04-23 05:11:43 115040 ----a-w- C:\WINDOWS\System32\NetSetupApi.dll
2016-04-23 05:11:30 1092464 ----a-w- C:\WINDOWS\System32\mfplat.dll
2016-04-23 05:11:27 498960 ----a-w- C:\WINDOWS\System32\MFCaptureEngine.dll
2016-04-23 05:11:14 131424 ----a-w- C:\WINDOWS\System32\drivers\ufxsynopsys.sys
2016-04-23 05:10:41 330072 ----a-w- C:\WINDOWS\System32\drivers\pci.sys
2016-04-23 05:09:39 255168 ----a-w- C:\WINDOWS\SysWow64\LockAppHost.exe
2016-04-23 05:09:36 465760 ----a-w- C:\WINDOWS\SysWow64\SettingSyncHost.exe
2016-04-23 05:09:27 5240960 ----a-w- C:\WINDOWS\SysWow64\windows.storage.dll
2016-04-23 05:09:18 569744 ----a-w- C:\WINDOWS\SysWow64\SHCore.dll
2016-04-23 05:09:18 4074160 ----a-w- C:\WINDOWS\SysWow64\explorer.exe
2016-04-23 05:09:00 565600 ----a-w- C:\WINDOWS\System32\SettingSyncHost.exe
2016-04-23 05:09:00 303216 ----a-w- C:\WINDOWS\System32\LockAppHost.exe
2016-04-23 05:08:45 6605504 ----a-w- C:\WINDOWS\System32\windows.storage.dll
2016-04-23 05:08:41 725776 ----a-w- C:\WINDOWS\System32\SHCore.dll
2016-04-23 05:08:40 4515256 ----a-w- C:\WINDOWS\explorer.exe
2016-04-23 05:07:38 183904 ----a-w- C:\WINDOWS\SysWow64\rsaenh.dll
2016-04-23 05:07:34 1536088 ----a-w- C:\WINDOWS\SysWow64\crypt32.dll
2016-04-23 05:07:26 204048 ----a-w- C:\WINDOWS\System32\rsaenh.dll
2016-04-23 05:07:19 1848072 ----a-w- C:\WINDOWS\System32\crypt32.dll
2016-04-23 05:06:57 291360 ----a-w- C:\WINDOWS\System32\wininit.exe
2016-04-23 05:02:02 188256 ----a-w- C:\WINDOWS\SysWow64\AppxAllUserStore.dll
2016-04-23 05:01:54 217440 ----a-w- C:\WINDOWS\System32\AppxAllUserStore.dll
2016-04-23 05:01:25 619296 ----a-w- C:\WINDOWS\System32\d3d10level9.dll
2016-04-23 05:01:25 1996640 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys
2016-04-23 05:01:17 650304 ----a-w- C:\WINDOWS\System32\dxgi.dll
2016-04-23 05:01:15 393568 ----a-w- C:\WINDOWS\System32\drivers\dxgmms1.sys
2016-04-23 05:01:13 513368 ----a-w- C:\WINDOWS\SysWow64\d3d10level9.dll
2016-04-23 05:01:11 577368 ----a-w- C:\WINDOWS\System32\drivers\dxgmms2.sys
2016-04-23 05:01:10 522176 ----a-w- C:\WINDOWS\SysWow64\dxgi.dll
2016-04-23 05:00:52 1776768 ----a-w- C:\WINDOWS\System32\WindowsCodecs.dll
2016-04-23 05:00:45 550656 ----a-w- C:\WINDOWS\System32\directmanipulation.dll
2016-04-23 05:00:45 1399224 ----a-w- C:\WINDOWS\System32\user32.dll
2016-04-23 05:00:43 1594920 ----a-w- C:\WINDOWS\System32\gdi32.dll
2016-04-23 05:00:43 1522152 ----a-w- C:\WINDOWS\SysWow64\WindowsCodecs.dll
2016-04-23 05:00:40 453472 ----a-w- C:\WINDOWS\SysWow64\directmanipulation.dll
.
============= FINISH: 16:55:52.83 ===============
First of all, i did ask for help on other forums, is will close those threads when i finish writing this, i was really desperate
Here's my current situation.
My computer is disconected (i know it's a typo, but i'm not a native speaker and i have no way to check with no internet, so sorry about that) from the internet, because the first program started downloading a lot of malware.
Once i disconected it (sorry) and deleted most of the malware, my computer is running normally, with just some malware i can't delete.
Here is what i know.
CMD opens and closes all the time, i can't see it, but the task manager shows so.
I can delete the contents of the folder "Tencent".
I can't uninstall any of the software it installed.
There's a "Product Updater" on the task manager.
The path is C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater
Pretty sure it's malware.
SysWow64 is present.
I came across this one before, i think, so i don't think is that bad.
I think it's malware, i just don't know how to completely remove it.
C:\Users\Joaqu?n Jimenez\AppData\Roaming\ContentPush
Content push is there too.
C:\Users\Joaqu?n Jimenez\AppData\Roaming\Kuaizip
Kuaizip was installed too, i think it was installed here: C:\Program Files\???
It might be anything else all together.
There's a process called Kuaizipupdatesvc that leads me to syswow64's svchost.
I keep deleting an archive named AutoTime and it keeps popping out.
There's also that "Microso.ft Photos" thing i mentioned on my first post.
I don't know what it was, but it looks like it's gone now.
When i firs encountered, i opened the file location, it told me i didn't have permision, it somehow removed all my permisions, i couldn't even access my own files at that point, and it turned off my computer.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.10586.20 BrowserJavaVersion: 10.21.2
Run by Joaqu?n Jimenez at 16:55:36 on 2016-06-05
Microsoft Windows 10 Home 10.0.10586.0.1252.800.1033.18.8092.5846 [GMT -3:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\nvvsvc.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCRTP.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
C:\WINDOWS\system32\dashost.exe
C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\SysWOW64\svchost.exe -k kuaizipupdatesvc
C:\WINDOWS\system32\taskeng.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
C:\WINDOWS\system32\sihost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\system32\wscript.exe
C:\Windows\DAODx.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Joaqu?n Jimenez\AppData\Roaming\ContentPush\ContentPush.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AsDLNAServerReal.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\System32\svchost.exe -k swprv
C:\WINDOWS\SysWOW64\DllHost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\vssvc.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Users\Joaqu?n Jimenez\Desktop\dds.scr
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.hao123.com/?tn=90820167_hao_pg
mStart Page = hxxp://www.hao123.com/?tn=90820167_hao_pg
uProxyOverride = <local>
mWinlogon: Userinit = wscript C:\WINDOWS\run.vbs,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: ArcPluginIEBHO Class: {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - C:\Program Files (x86)\Arc\plugins\ArcPluginIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [uTorrent] "C:\Users\Joaqu?n Jimenez\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
uRun: [Dxtory Update Checker 2.0] C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe
uRun: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
uRun: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
uRun: [EvolveClient] "C:\Program Files\Echobit\Evolve\EvolveClient.exe" -autorun
uRun: [Akamai NetSession Interface] "C:\Users\Joaqu?n Jimenez\AppData\Local\Akamai\netsession_win.exe"
uRun: [OscarEditor] "C:\Program Files (x86)\X7 Oscar Keyboard Editor\\OscarEditor.exe" Minimum
uRun: [OscarKeyboard] "C:\Program Files (x86)\X7 Oscar Keyboard Editor\OscarEditor.exe" Minimum
uRun: [OneDrive] "C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
uRun: [MurGee.com Auto Clicker] C:\Users\Joaqu?n Jimenez\AppData\Roaming\Auto Clicker\AutoClicker.exe :silent
uRun: [Chromium] "c:\users\joaqu?n jimenez\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
uRun: [Installer] C:\WINDOWS\Temp\A070.tmp /autorun
uRun: [osmsg] C:\ProgramData\WindowsMsg\osmsg.exe /AUTORUN
uRun: [QGuan90132] C:\Users\Joaqu?n Jimenez\AppData\Roaming\service90132.exe /autorun
uRun: [msiql] C:\Users\Joaqu?n Jimenez\AppData\Roaming\msiql.exe /RUNNING
uRunOnce: [Uninstall C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
uRunOnce: [Uninstall C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\17.3.5892.0626] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\17.3.5892.0626"
uRunOnce: [Uninstall C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"
uRunOnce: [Uninstall C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\17.3.6201.1019] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\17.3.6201.1019"
uRunOnce: [Uninstall C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
uRunOnce: [Uninstall C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\17.3.6281.1202] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\17.3.6281.1202"
uRunOnce: [Uninstall C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
uRunOnce: [Uninstall C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\17.3.6301.0127] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\17.3.6301.0127"
uRunOnce: [Uninstall C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
uRunOnce: [Uninstall C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\17.3.6302.0225] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\OneDrive\17.3.6302.0225"
mRun: [ASUS WiFi GO! FileTransfer Execute] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFile\WiFileTransfer.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SteelSeries World of Warcraft MMO Gaming Mouse] "C:\Program Files (x86)\SteelSeries\World of Warcraft MMO Gaming Mouse\WoWMHID.exe"
mRun: [Arc] C:\Program Files (x86)\Arc\ArcLauncher.exe /autorun
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguix.exe" /fmw.trayonly
mRun: [ProductUpdater] C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun: [ QQPCTray] "C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCTray.exe" /regrun
StartupFolder: C:\Users\JOAQUN~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\RAINME~1.LNK - C:\Program Files\Rainmeter\Rainmeter.exe
mPolicies-Explorer: EnableShellExecuteHooks = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:221
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-Windows\System: EnableSmartScreen = dword:0
Trusted Zone: aeriagames.com
Trusted Zone: aeriagames.com
TCP: Interfaces\{652c6e00-a1db-451e-8d8b-684ae10deab9} : DHCPNameServer = 190.55.60.129 181.47.248.145 200.115.192.28
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.79\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-mStart Page = hxxps://ar.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_22¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dar%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzytCyB0EzzyBzytB0AtD0CtN0D0Tzu0StCyCtCyBtN1L2XzutAtFtBtBtFtAtFtDtN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2SyDyC0CtCtC0AyC0BtGyEtBtAtBtGzztD0D0AtGtA0CyD0DtGtAtAyCtCyCyByCtDzzzz0Ezy2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szz0EyD0AtC0D0FtCtG0BtC0F0AtGyEzyyC0EtGzzyEyB0AtGzzyDzzyBtA0ByDyB0D0B0FyB2QtN0A0LzuyE%26cr%3D1934756008%26a%3Dwbf_fs_16_22%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
x64-mWinlogon: Userinit = wscript C:\WINDOWS\run.vbs,
x64-BHO: ?????????: {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} - C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TSWebMon64.dat
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] "C:\WINDOWS\System32\rundll32.exe" C:\WINDOWS\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-mPolicies-Explorer: EnableShellExecuteHooks = dword:1
x64-mPolicies-Explorer: NoDriveTypeAutoRun = dword:221
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: PromptOnSecureDesktop = dword:0
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SEH: <No Name> - {98C066AB-D735-4339-9E52-A34875141B56} - C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft\Windows\INetCookies\kunecult.dll
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 DERNPXGHHP;askProtect;C:\WINDOWS\System32\drivers\askProtect64.sys [2016-6-5 208776]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2015-10-30 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2015-10-30 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2015-10-30 199008]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2015-10-30 218624]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2016-5-10 87552]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R1 ndisrd;WinpkFilter LightWeight Filter;C:\WINDOWS\System32\drivers\ndisrd.sys [2015-10-4 32840]
R1 QMUdisk;tencent QMUdisk;C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QMUdisk64.sys [2016-6-5 184952]
R1 softaal;softaal;C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\SoftAAL64.sys [2016-6-5 44664]
R1 TSSysKit;TSSysKit;C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TSSysKit64.sys [2016-6-5 96888]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2015-10-4 920736]
R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2015-10-4 951936]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2015-10-30 43944]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2015-10-30 43944]
R2 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-10-3 1165368]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2016-2-9 9728]
R2 KuaiZipDrive;KuaiZipDrive;C:\WINDOWS\System32\drivers\KuaiZipDrive.sys [2016-6-5 92872]
R2 KuaizipUpdateChecker;KuaizipUpdateChecker;C:\WINDOWS\System32\svchost.exe -k kuaizipupdatesvc [2015-10-30 43944]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2016-5-6 419248]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-10-3 1881144]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-10-3 2522680]
R2 QQPCRTP;QQPCMgr RTP Service;C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCRTP.exe [2016-6-5 313936]
R2 QQSysMonX64;QQSysMonX64;C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQSysMonX64.sys [2016-6-5 154744]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe [2016-5-25 426040]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2015-10-30 78848]
R2 TAOKernelDriver;Tencent Auto Optimize Platform.;C:\WINDOWS\System32\drivers\TAOKernelEx64.sys [2016-6-5 143992]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R2 tsnethlpx64;TsNetHlpX64.sys;C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TsNetHlpX64.sys [2016-6-5 57976]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 EvolveVirtualAdapter;Evolve Virtual Miniport Driver;C:\WINDOWS\System32\drivers\evolve.sys [2015-10-11 21656]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\WINDOWS\System32\drivers\MijXfilt.sys [2015-9-12 121416]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2015-10-30 20480]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-10-3 28216]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2015-10-3 3634232]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\System32\drivers\nvvad64v.sys [2015-10-3 56384]
R3 RTL8168;Realtek 8168 NT Driver;C:\WINDOWS\System32\drivers\Rt630x64.sys [2015-9-6 816344]
R3 ScpVBus;Scp Virtual Bus Driver;C:\WINDOWS\System32\drivers\ScpVBus.sys [2015-9-12 39168]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R3 TAOAccelerator;Tencent TAOAccelerator driver.;C:\WINDOWS\System32\drivers\TAOAccelerator64.sys [2016-6-5 99480]
R3 TFsFlt;TFsFlt;C:\WINDOWS\System32\drivers\TFsFltX64.sys [2016-6-5 97400]
R3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2015-10-30 118112]
R3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-10-30 364464]
R4 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2015-9-6 283064]
S1 TSDefenseBt;TSDefenseBt;C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TsDefenseBT64.sys [2016-6-5 28984]
S2 ADSkipSvc;ADSkip Host Service;C:\Program Files (x86)\ADSKIP\ADSkipSvc.exe --> C:\Program Files (x86)\ADSKIP\ADSkipSvc.exe [?]
S2 doroghtshejasmoduleservice;Doroghtshejas Module;"C:\Program Files (x86)\Doroghtshejas\doroghtshejasmoduleservice.html5" {79740E79-A383-47A7-B513-3DF6563D007F} {8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83} --> C:\Program Files (x86)\Doroghtshejas\doroghtshejasmoduleservice.html5 [?]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S2 dowidoly;Renew Single Click;C:\Program Files (x86)\830E6920-1465117080-11DC-BF61-1C872C58655B\jnsp7CF5.tmp --> C:\Program Files (x86)\830E6920-1465117080-11DC-BF61-1C872C58655B\jnsp7CF5.tmp [?]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2016-5-6 2552840]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2015-10-30 43944]
S2 ProntSpooler;Pront Spooler;C:\Users\Joaqu?n Jimenez\AppData\Local\Apps\2.0\abril.exe [2016-5-19 134656]
S2 rijufoze;Reservation Plastic;C:\Program Files (x86)\830E6920-1465117080-11DC-BF61-1C872C58655B\hnsp9793.tmp --> C:\Program Files (x86)\830E6920-1465117080-11DC-BF61-1C872C58655B\hnsp9793.tmp [?]
S2 Service KMSELDI;Service KMSELDI;C:\Program Files\KMSpico\Service_KMS.exe [2015-9-6 1050904]
S2 siqyhebuzbt;Power Spike Layer;C:\Program Files (x86)\830E6920-1465117080-11DC-BF61-1C872C58655B\knso6030.tmpfs --> C:\Program Files (x86)\830E6920-1465117080-11DC-BF61-1C872C58655B\knso6030.tmpfs [?]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-3-23 327808]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2015-10-30 1135456]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2015-10-30 43944]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 ArcService;Arc Service;C:\Program Files (x86)\Arc\ArcService.exe [2015-9-15 88400]
S3 bcmfn;bcmfn Service;C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2015-10-30 9728]
S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2016-2-11 1345056]
S3 blNetFilter;blNetFilter;C:\WINDOWS\System32\drivers\blNetFilter.sys [2016-6-5 54664]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-10-30 43944]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2015-12-3 117248]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 embeddedmode;embeddedmode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 EvoSvc;Evolve Service;C:\Program Files\Echobit\Evolve\EvoSvc.exe [2015-10-11 1583488]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2015-10-30 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2015-10-30 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2015-10-30 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2015-10-30 117760]
S3 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2015-10-30 46432]
S3 IoQos;IoQos;C:\WINDOWS\System32\drivers\ioqos.sys [2015-10-30 26624]
S3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 Origin Client Service;Origin Client Service;"C:\Program Files (x86)\Origin\OriginClientService.exe" --> C:\Program Files (x86)\Origin\OriginClientService.exe [?]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2015-10-30 930656]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2015-10-30 155488]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2015-10-30 43944]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 Sony PC Companion;Sony PC Companion;C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2015-9-14 155520]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2015-10-30 79200]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2015-10-30 290304]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2016-5-10 63488]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 46592]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2015-10-30 45056]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2015-10-30 28512]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2016-4-12 258912]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-30 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2016-5-10 131424]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2015-10-30 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2015-10-30 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-10-30 27488]
S3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2015-10-30 31744]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 vmicvmsession;Hyper-V VM Session Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2016-4-12 694784]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2015-10-30 43944]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2015-10-30 26976]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2015-10-30 59232]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 WpnService;Windows Push Notifications Service;C:\WINDOWS\System32\svchost.exe -k wswpnservice [2015-10-30 43944]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2015-10-30 216064]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2016-3-1 238592]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2016-4-12 26112]
S4 CDPSvc;Connected Device Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
.
=============== Created Last 30 ================
.
2016-06-05 19:53:28 -------- d-----w- C:\Users\Joaqu?n Jimenez\AppData\Local\Microsoft
2016-06-05 09:17:45 -------- d-----w- C:\Program Files (x86)\Common Files\Tencent
2016-06-05 09:06:13 -------- d-----w- C:\Program Files\Common Files\Tencent
2016-06-05 09:06:08 143992 ----a-w- C:\WINDOWS\System32\drivers\TAOKernelEx64.sys
2016-06-05 09:06:07 99480 ----a-w- C:\WINDOWS\System32\drivers\TAOAccelerator64.sys
2016-06-05 09:06:00 -------- d-----w- C:\ProgramData\TXQMPC
2016-06-05 09:05:25 97400 ----a-w- C:\WINDOWS\System32\drivers\TFsFltX64.sys
2016-06-05 09:04:54 -------- d-----w- C:\Program Files (x86)\Tencent
2016-06-05 09:04:50 -------- d-----w- C:\Users\Joaqu?n Jimenez\AppData\Roaming\Tencent
2016-06-05 09:04:48 -------- d-----w- C:\ProgramData\Tencent
2016-06-05 09:03:41 54664 ----a-w- C:\WINDOWS\System32\drivers\blNetFilter.sys
2016-06-05 09:03:41 208776 ----a-w- C:\WINDOWS\System32\drivers\askProtect64.sys
2016-06-05 09:02:59 1443152 ----a-w- C:\Users\Joaqu?n Jimenez\AppData\Roaming\AutoTime_51490.jpg
2016-06-05 09:02:36 92872 ----a-w- C:\WINDOWS\System32\drivers\KuaiZipDrive.sys
2016-06-05 09:02:36 -------- d-----w- C:\Users\Joaqu?n Jimenez\AppData\Roaming\Softlink
2016-06-05 09:02:31 -------- d-----w- C:\Users\Joaqu?n Jimenez\AppData\Roaming\Kuaizip
2016-06-05 09:02:31 -------- d-----w- C:\Program Files\???
2016-06-05 08:58:01 -------- d-----w- C:\Users\Joaqu?n Jimenez\AppData\Roaming\ContentPush
2016-06-05 08:56:30 -------- d-----w- C:\extensions
2016-06-05 08:43:53 -------- d-----w- C:\Users\Joaqu?n Jimenez\AppData\Roaming\Audacity
2016-06-05 08:43:33 -------- d-----w- C:\Program Files (x86)\Audacity
2016-06-05 07:45:20 -------- d-----w- C:\Users\Joaqu?n Jimenez\AppData\Roaming\Ableton
2016-06-05 07:43:13 -------- d-----w- C:\ProgramData\Ableton
2016-06-04 15:00:13 11895896 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F4A8F714-939F-40AD-96DC-E24216B31CDC}\mpengine.dll
2016-06-03 17:03:00 11895896 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2016-06-02 16:50:56 -------- d-----w- C:\Program Files (x86)\Overwatch
2016-06-01 16:43:27 -------- d---a-w- C:\Program Files (x86)\LogMeIn Hamachi
2016-05-29 23:41:21 -------- d-----w- C:\Program Files (x86)\Common Files\Freemake Shared
2016-05-29 23:41:20 -------- d-----w- C:\ProgramData\Freemake
2016-05-29 23:41:02 -------- d---a-w- C:\Program Files (x86)\Freemake
2016-05-28 03:19:32 -------- d---a-w- C:\Program Files\Defraggler
2016-05-27 05:10:18 -------- d-----w- C:\Program Files (x86)\Microsoft ASP.NET
2016-05-26 08:31:32 -------- d-----w- C:\WINDOWS\en
2016-05-26 08:30:30 -------- d---a-w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-05-26 08:30:14 -------- d-----w- C:\WINDOWS\PCHEALTH
2016-05-26 08:27:15 525656 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\671781bb1d1b72803\DXSETUP.exe
2016-05-26 08:27:15 1691480 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\671781bb1d1b72803\dsetup32.dll
2016-05-26 08:27:14 94040 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\671781bb1d1b72803\DSETUP.dll
2016-05-26 08:27:11 89944 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\64f666541d1b72802\DSETUP.dll
2016-05-26 08:27:11 537432 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\64f666541d1b72802\DXSETUP.exe
2016-05-26 08:27:11 1801048 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\64f666541d1b72802\dsetup32.dll
2016-05-26 08:27:08 89944 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\636a81b41d1b72801\DSETUP.dll
2016-05-26 08:27:08 537432 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\636a81b41d1b72801\DXSETUP.exe
2016-05-26 08:27:08 1801048 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\636a81b41d1b72801\dsetup32.dll
2016-05-26 08:26:41 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
2016-05-25 21:50:53 113208 ----a-w- C:\WINDOWS\SysWow64\nvStreaming.exe
2016-05-25 21:50:26 45344 ----a-w- C:\WINDOWS\System32\vulkaninfo.exe
2016-05-25 21:50:26 130848 ----a-w- C:\WINDOWS\System32\vulkan-1.dll
2016-05-25 21:50:25 40224 ----a-w- C:\WINDOWS\SysWow64\vulkaninfo.exe
2016-05-25 21:50:25 129824 ----a-w- C:\WINDOWS\SysWow64\vulkan-1.dll
2016-05-22 05:27:29 1167568 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{57C57192-06A0-479D-8A4D-D6BBBA840C9C}\gapaengine.dll
2016-05-22 00:23:18 -------- d-----w- C:\Program Files (x86)\Common Files\Enterbrain
2016-05-21 01:00:54 -------- d---a-w- C:\Program Files (x86)\Heroes of the Storm
2016-05-14 23:06:08 1924152 ----a-w- C:\WINDOWS\System32\nvdispco6436519.dll
2016-05-14 23:06:08 1573432 ----a-w- C:\WINDOWS\System32\nvdispgenco6436519.dll
2016-05-14 22:56:28 -------- d-----w- C:\WINDOWS\LastGood.Tmp
2016-05-14 22:56:18 113216 ----a-w- C:\WINDOWS\System32\nvaudcap64v.dll
2016-05-14 22:56:18 102976 ----a-w- C:\WINDOWS\SysWow64\nvaudcap32v.dll
2016-05-10 23:27:02 87040 ----a-w- C:\WINDOWS\SysWow64\MapsBtSvc.dll
2016-05-10 23:27:02 800768 ----a-w- C:\WINDOWS\SysWow64\JpMapControl.dll
2016-05-10 23:27:02 59904 ----a-w- C:\WINDOWS\SysWow64\MosStorage.dll
2016-05-10 23:27:02 460800 ----a-w- C:\WINDOWS\System32\MapConfiguration.dll
2016-05-10 23:27:02 349696 ----a-w- C:\WINDOWS\SysWow64\MapConfiguration.dll
2016-05-10 23:27:01 853504 ----a-w- C:\WINDOWS\System32\MapsStore.dll
2016-05-10 23:27:01 7200256 ----a-w- C:\WINDOWS\System32\BingMaps.dll
2016-05-10 23:27:01 5205504 ----a-w- C:\WINDOWS\SysWow64\BingMaps.dll
2016-05-10 23:27:01 1056256 ----a-w- C:\WINDOWS\System32\JpMapControl.dll
2016-05-10 23:27:00 16984576 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.dll
2016-05-10 23:25:59 673280 ----a-w- C:\WINDOWS\System32\Windows.UI.dll
.
==================== Find3M ====================
.
2016-06-05 19:21:03 1048576 ----a-w- C:\WINDOWS\PE_Rom.dll
2016-05-22 21:02:00 13509184 ----a-w- C:\WINDOWS\System32\drivers\nvlddmkm.sys
2016-05-21 21:09:16 46024 ----a-w- C:\WINDOWS\System32\nvhdap64.dll
2016-05-21 21:09:16 1581624 ----a-w- C:\WINDOWS\System32\nvhdagenco64.dll
2016-05-21 21:09:16 141256 ----a-w- C:\WINDOWS\System32\drivers\nvhda64v.sys
2016-05-20 02:08:45 6348344 ----a-w- C:\WINDOWS\System32\nvcpl.dll
2016-05-20 02:08:45 2454976 ----a-w- C:\WINDOWS\System32\nvsvc64.dll
2016-05-20 02:08:43 81856 ----a-w- C:\WINDOWS\System32\nv3dappshextr.dll
2016-05-20 02:08:43 69568 ----a-w- C:\WINDOWS\System32\nvshext.dll
2016-05-20 02:08:43 533560 ----a-w- C:\WINDOWS\System32\nv3dappshext.dll
2016-05-20 02:08:43 392128 ----a-w- C:\WINDOWS\System32\nvmctray.dll
2016-05-20 02:08:43 1762752 ----a-w- C:\WINDOWS\System32\nvsvcr.dll
2016-05-20 02:08:43 1352760 ----a-w- C:\WINDOWS\System32\nvvsvc.exe
2016-05-19 14:54:35 1443152 ----a-w- C:\Users\Joaqu?n Jimenez\AppData\Roaming\AutoTime_51490.jpg
2016-05-18 08:37:33 6448223 ----a-w- C:\WINDOWS\System32\nvcoproc.bin
2016-05-11 19:57:14 829944 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2016-05-11 19:57:14 176632 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2016-05-06 04:53:48 95072 ----a-w- C:\WINDOWS\System32\drivers\sdport.sys
2016-05-06 04:05:35 241664 ----a-w- C:\WINDOWS\SysWow64\cryptngc.dll
2016-05-06 04:03:20 649216 ----a-w- C:\WINDOWS\System32\ngcsvc.dll
2016-05-06 03:53:21 351232 ----a-w- C:\WINDOWS\System32\NgcCtnr.dll
2016-05-06 03:49:14 289792 ----a-w- C:\WINDOWS\System32\NgcCtnrSvc.dll
2016-05-06 03:44:10 582656 ----a-w- C:\WINDOWS\System32\ngccredprov.dll
2016-05-06 03:43:46 320000 ----a-w- C:\WINDOWS\System32\cryptngc.dll
2016-05-06 03:23:53 76288 ----a-w- C:\WINDOWS\System32\ngcpopkeysrv.dll
2016-05-04 02:23:30 129824 ----a-w- C:\WINDOWS\SysWow64\vulkan-1-1-0-11-1.dll
2016-05-04 02:22:58 40224 ----a-w- C:\WINDOWS\SysWow64\vulkaninfo-1-1-0-11-1.exe
2016-05-04 02:22:42 130848 ----a-w- C:\WINDOWS\System32\vulkan-1-1-0-11-1.dll
2016-05-04 02:22:10 45344 ----a-w- C:\WINDOWS\System32\vulkaninfo-1-1-0-11-1.exe
2016-05-02 05:39:01 1377800 ----a-w- C:\WINDOWS\SysWow64\nvspcap.dll
2016-05-02 05:39:01 1316184 ----a-w- C:\WINDOWS\SysWow64\nvspbridge.dll
2016-05-02 05:38:42 1767944 ----a-w- C:\WINDOWS\System32\nvspcap64.dll
2016-05-02 05:38:42 1756608 ----a-w- C:\WINDOWS\System32\nvspbridge64.dll
2016-05-02 05:38:42 112032 ----a-w- C:\WINDOWS\System32\NvRtmpStreamer64.dll
2016-04-30 06:42:19 1387520 ----a-w- C:\WINDOWS\System32\win32kbase.sys
2016-04-30 06:31:37 3591168 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2016-04-27 14:33:47 1922496 ----a-w- C:\WINDOWS\System32\nvdispco6436510.dll
2016-04-27 14:33:47 1573432 ----a-w- C:\WINDOWS\System32\nvdispgenco6436510.dll
2016-04-23 06:12:45 294592 ----a-w- C:\WINDOWS\System32\invagent.dll
2016-04-23 06:12:45 190144 ----a-w- C:\WINDOWS\System32\DeviceCensus.exe
2016-04-23 06:12:45 1401024 ----a-w- C:\WINDOWS\System32\appraiser.dll
2016-04-23 06:12:45 1184960 ----a-w- C:\WINDOWS\System32\aeinv.dll
2016-04-23 06:12:44 92352 ----a-w- C:\WINDOWS\System32\acmigration.dll
2016-04-23 06:12:44 713920 ----a-w- C:\WINDOWS\System32\generaltel.dll
2016-04-23 06:12:44 514752 ----a-w- C:\WINDOWS\System32\devinv.dll
2016-04-23 06:12:44 46784 ----a-w- C:\WINDOWS\System32\CompatTelRunner.exe
2016-04-23 05:28:43 1542816 ----a-w- C:\WINDOWS\SysWow64\ntdll.dll
2016-04-23 05:28:40 1557768 ----a-w- C:\WINDOWS\SysWow64\KernelBase.dll
2016-04-23 05:26:12 707608 ----a-w- C:\WINDOWS\SysWow64\rpcrt4.dll
2016-04-23 05:24:45 7474528 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2016-04-23 05:24:41 1997328 ----a-w- C:\WINDOWS\System32\KernelBase.dll
2016-04-23 05:24:37 99680 ----a-w- C:\WINDOWS\System32\drivers\pdc.sys
2016-04-23 05:24:37 638816 ----a-w- C:\WINDOWS\System32\drivers\fvevol.sys
2016-04-23 05:24:28 1819208 ----a-w- C:\WINDOWS\System32\ntdll.dll
2016-04-23 05:24:16 335712 ----a-w- C:\WINDOWS\System32\drivers\fastfat.sys
2016-04-23 05:24:13 754664 ----a-w- C:\WINDOWS\System32\CoreMessaging.dll
2016-04-23 05:22:15 1161120 ----a-w- C:\WINDOWS\System32\rpcrt4.dll
2016-04-23 05:13:12 306832 ----a-w- C:\WINDOWS\SysWow64\wlanapi.dll
2016-04-23 05:13:01 84832 ----a-w- C:\WINDOWS\SysWow64\NetSetupApi.dll
2016-04-23 05:13:01 502104 ----a-w- C:\WINDOWS\SysWow64\NetSetupEngine.dll
2016-04-23 05:12:48 413536 ----a-w- C:\WINDOWS\System32\wifitask.exe
2016-04-23 05:12:42 451928 ----a-w- C:\WINDOWS\SysWow64\MFCaptureEngine.dll
2016-04-23 05:12:33 925064 ----a-w- C:\WINDOWS\SysWow64\mfplat.dll
2016-04-23 05:11:52 390496 ----a-w- C:\WINDOWS\System32\wlanapi.dll
2016-04-23 05:11:44 696672 ----a-w- C:\WINDOWS\System32\NetSetupEngine.dll
2016-04-23 05:11:43 115040 ----a-w- C:\WINDOWS\System32\NetSetupApi.dll
2016-04-23 05:11:30 1092464 ----a-w- C:\WINDOWS\System32\mfplat.dll
2016-04-23 05:11:27 498960 ----a-w- C:\WINDOWS\System32\MFCaptureEngine.dll
2016-04-23 05:11:14 131424 ----a-w- C:\WINDOWS\System32\drivers\ufxsynopsys.sys
2016-04-23 05:10:41 330072 ----a-w- C:\WINDOWS\System32\drivers\pci.sys
2016-04-23 05:09:39 255168 ----a-w- C:\WINDOWS\SysWow64\LockAppHost.exe
2016-04-23 05:09:36 465760 ----a-w- C:\WINDOWS\SysWow64\SettingSyncHost.exe
2016-04-23 05:09:27 5240960 ----a-w- C:\WINDOWS\SysWow64\windows.storage.dll
2016-04-23 05:09:18 569744 ----a-w- C:\WINDOWS\SysWow64\SHCore.dll
2016-04-23 05:09:18 4074160 ----a-w- C:\WINDOWS\SysWow64\explorer.exe
2016-04-23 05:09:00 565600 ----a-w- C:\WINDOWS\System32\SettingSyncHost.exe
2016-04-23 05:09:00 303216 ----a-w- C:\WINDOWS\System32\LockAppHost.exe
2016-04-23 05:08:45 6605504 ----a-w- C:\WINDOWS\System32\windows.storage.dll
2016-04-23 05:08:41 725776 ----a-w- C:\WINDOWS\System32\SHCore.dll
2016-04-23 05:08:40 4515256 ----a-w- C:\WINDOWS\explorer.exe
2016-04-23 05:07:38 183904 ----a-w- C:\WINDOWS\SysWow64\rsaenh.dll
2016-04-23 05:07:34 1536088 ----a-w- C:\WINDOWS\SysWow64\crypt32.dll
2016-04-23 05:07:26 204048 ----a-w- C:\WINDOWS\System32\rsaenh.dll
2016-04-23 05:07:19 1848072 ----a-w- C:\WINDOWS\System32\crypt32.dll
2016-04-23 05:06:57 291360 ----a-w- C:\WINDOWS\System32\wininit.exe
2016-04-23 05:02:02 188256 ----a-w- C:\WINDOWS\SysWow64\AppxAllUserStore.dll
2016-04-23 05:01:54 217440 ----a-w- C:\WINDOWS\System32\AppxAllUserStore.dll
2016-04-23 05:01:25 619296 ----a-w- C:\WINDOWS\System32\d3d10level9.dll
2016-04-23 05:01:25 1996640 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys
2016-04-23 05:01:17 650304 ----a-w- C:\WINDOWS\System32\dxgi.dll
2016-04-23 05:01:15 393568 ----a-w- C:\WINDOWS\System32\drivers\dxgmms1.sys
2016-04-23 05:01:13 513368 ----a-w- C:\WINDOWS\SysWow64\d3d10level9.dll
2016-04-23 05:01:11 577368 ----a-w- C:\WINDOWS\System32\drivers\dxgmms2.sys
2016-04-23 05:01:10 522176 ----a-w- C:\WINDOWS\SysWow64\dxgi.dll
2016-04-23 05:00:52 1776768 ----a-w- C:\WINDOWS\System32\WindowsCodecs.dll
2016-04-23 05:00:45 550656 ----a-w- C:\WINDOWS\System32\directmanipulation.dll
2016-04-23 05:00:45 1399224 ----a-w- C:\WINDOWS\System32\user32.dll
2016-04-23 05:00:43 1594920 ----a-w- C:\WINDOWS\System32\gdi32.dll
2016-04-23 05:00:43 1522152 ----a-w- C:\WINDOWS\SysWow64\WindowsCodecs.dll
2016-04-23 05:00:40 453472 ----a-w- C:\WINDOWS\SysWow64\directmanipulation.dll
.
============= FINISH: 16:55:52.83 ===============
First of all, i did ask for help on other forums, is will close those threads when i finish writing this, i was really desperate
Here's my current situation.
My computer is disconected (i know it's a typo, but i'm not a native speaker and i have no way to check with no internet, so sorry about that) from the internet, because the first program started downloading a lot of malware.
Once i disconected it (sorry) and deleted most of the malware, my computer is running normally, with just some malware i can't delete.
Here is what i know.
CMD opens and closes all the time, i can't see it, but the task manager shows so.
I can delete the contents of the folder "Tencent".
I can't uninstall any of the software it installed.
There's a "Product Updater" on the task manager.
The path is C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater
Pretty sure it's malware.
SysWow64 is present.
I came across this one before, i think, so i don't think is that bad.
I think it's malware, i just don't know how to completely remove it.
C:\Users\Joaqu?n Jimenez\AppData\Roaming\ContentPush
Content push is there too.
C:\Users\Joaqu?n Jimenez\AppData\Roaming\Kuaizip
Kuaizip was installed too, i think it was installed here: C:\Program Files\???
It might be anything else all together.
There's a process called Kuaizipupdatesvc that leads me to syswow64's svchost.
I keep deleting an archive named AutoTime and it keeps popping out.
There's also that "Microso.ft Photos" thing i mentioned on my first post.
I don't know what it was, but it looks like it's gone now.
When i firs encountered, i opened the file location, it told me i didn't have permision, it somehow removed all my permisions, i couldn't even access my own files at that point, and it turned off my computer.