• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 15

    TDSSkiller no se ejecuta

    bueno de antemano quiero pedir disculpas si no me he presentado, se que estas cosas se hacen en los foros pero lo hare luego de solucionar este problema que ya llevo hace 2 dias. Pasare ...

    1. #1
      Usuario Avatar de Death17
      Registrado
      oct 2017
      Ubicación
      Argentina
      Mensajes
      11

      Pregunta TDSSkiller no se ejecuta

      bueno de antemano quiero pedir disculpas si no me he presentado, se que estas cosas se hacen en los foros pero lo hare luego de solucionar este problema que ya llevo hace 2 dias.

      Pasare a contar todo la historia, el dia 14-10 decidi hacer una limpieza regular como la que hacemos siempre todos empece con malwarebytes(si mal no recuerdo me encontro 2 amenazas) continue con jrt(no detecto nada) luego adwcleaner(me detecto 3 amenzas) y al ultimo al querer ejecutar tdsskiller no pasaba nada salia el icono de cargando en el puntero pero no abria la interfaz ni nada, mi primera suposicion fue que el programa estaba desactualizado (lo cual me parecia raro ya que la ultima limpieza la realice el 30-09 y si lo pude ejecutar y no me detecto nada) asi que opte por descargarlo de vuelta para ver si eso lo solucionaba, y HE aqui cuando descubro el segundo problema que me tiene tambien asustado, al querer descargarlo desde la pag de kaspersky empezaba normalmente y a los segundo se detenia y se me era imposible reanundar, probe con chrome y con el navegador de avast pero no podia o bien se quedaba descargado a 0kb, tambien quise descargarlo desde mi movil pero me decia lo mismo descarga detenida, ni siquiera desde otra red me permitia descargarlo ni con el movil de mi padre ni con los datos moviles, lo cual me llevo a pensar que todos los dispositivos concetados a la red estan afectados (no lo he probado pero se me hace que es asi si no me dejo con los dos moviles)
      Volviendo al tema de la ejecucion del que ya tenia en el escritorio, vi en el foro la guia de tdsskiller, la cual decia que si no se ejecutaba se la renombrara, le cambie el nombre por iexplorer y por explorer pero seguia sin ejecutar, hice lo de mostrar los archivos ocultos y le cambie el nombre por los mismos pero esta vez con extensiones .pif o .com pero tampoco se ha ejecutado lo cual me tiene preocupado, lo probe en modo seguro y se ejecuta pero para sorpresa mia no detecta nada, le pedi a un amigo que si lo podia descargar y lo ha descargado en su movil y me lo ha enviado, lo descomprimi en el escritrio pero sigue sin ejecutar le cambie el nombre a explorer pero tampoco y cuando estaba ene modo seguro malwarebytes me ha detectado el explorer que yo habia renombrado como un riskware si mal no recuerdo por lo cual me lo puso en cuarentena... los reportes de los primeros analisis que hice no los tengo porque no pense que iba a tener este problema he guardado el de modo seguro de malwarebytes y creo que el adwcleaner se puede recuperar

      Es por eso que vengo en busca de ayuda por los dos problemas que tengo

      -puede ser que tenga algun rootkit que me bloquee las descargas de tdsskiller desde todos los disposititvos??

      - y este mismo rootkit me bloquea la ejecucion del mismo??

      he entrado a la configuracion del router pero no entiendo mucho del tema asi que no toque nada
      sepan disculpar si es muy extenso solo queria que entiendan el contexto
      por favor necesito de su ayuda espero que alguien del staff lo lea,
      saludos

    2. #2
      Warrior Avatar de @Miguelgrado
      Registrado
      dic 2005
      Ubicación
      Asturias-España
      Mensajes
      18.142

      Re: TDSSkiller no se ejecuta

      Saludos y [email protected]






      Paso 1.-: Descarga Malwarebytes Anti-Rootkit Beta >>Malwarebytes Anti-Rootkit | InfoSpyware y descomprima el contenido en su escritorio
      Paso 2.- : Desactiva tu antivirus >> Cómo deshabilitar temporalmente su Antivirus

      Abra la carpeta Mbar. Doble clic en el archivo Mbar.exe
      • En la interfaz del programa haga clic en Next.
      • Haga clic en el botón Update. Terminando clic en Next
      • Para iniciar el análisis clic en el botón Scan
      • Terminando, si hay infección clic en CleanUp, si no hay, clic en Exit.


      Al finalizar abra la carpeta Mbar, los archivos mbar-log.txt , copie y pegue todo su contenido en la siguiente respuesta y comentando los resultados.



      1-Descarga Farbar Recovery Scan Tool By Farbar (Descarga el archivo dependiendo de la arquitectura de tu sistema).>> Como saber si mi sistema es de 32 o de 64 Bits

      • La guardas en el escritorio >> Esto es muy importante..
      • Con todos los programas /ventanas cerrados, doble clic para ejecutar Frst.exe.
      • En la ventana del Disclaimer, presiona Yes.
      • En la nueva ventana que se abre, presiona el botón Scan y espera paciente a que concluya el análisis.

      • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, estos estarán grabados en tu escritorio.

      • Para terminar abres los archivos Frst.txt y Addition.Txt copia y pega todo su contenido en tu próxima respuesta. Utiliza dos mensajes si te dice que es muy largo.
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de Death17
      Registrado
      oct 2017
      Ubicación
      Argentina
      Mensajes
      11

      Re: TDSSkiller no se ejecuta

      Hola Miguel gracias por la respuesta, he pasado los dos programas y ahora pasare a pegar los informes, pero antes queria comentar algo que no he dicho en el msj original y es que al ver que no podia ejecutar ni descargar tdsskiller me habia descargado eset online scaner y me detecto tres amenzas las cuales elimino, y tambien decir que soy usuario de ccleaner, solo eso ahora paso los informes:


      Malwarebytes Anti-Rootkit BETA 1.9.3.1001
      www.malwarebytes.org

      Database version:
      main: v2017.10.16.10
      rootkit: v2017.10.14.01

      Windows 10 x64 NTFS
      Internet Explorer 11.674.15063.0
      HHD :: DESKTOP-9JU5PDF [administrator]

      16/10/2017 16:41:39
      mbar-log-2017-10-16 (16-41-39).txt

      Scan type: Quick scan
      Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
      Scan options disabled:
      Objects scanned: 254198
      Time elapsed: 7 minute(s), 58 second(s)

      Memory Processes Detected: 0
      (No malicious items detected)

      Memory Modules Detected: 0
      (No malicious items detected)

      Registry Keys Detected: 0
      (No malicious items detected)

      Registry Values Detected: 0
      (No malicious items detected)

      Registry Data Items Detected: 0
      (No malicious items detected)

      Folders Detected: 0
      (No malicious items detected)

      Files Detected: 0
      (No malicious items detected)

      Physical Sectors Detected: 0
      (No malicious items detected)

      (end)


      utilizare mas de dos respuestas ya que me dice que es muy largo

    4. #4
      Usuario Avatar de Death17
      Registrado
      oct 2017
      Ubicación
      Argentina
      Mensajes
      11

      Re: TDSSkiller no se ejecuta

      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-10-2017
      Ran by HHD (administrator) on DESKTOP-9JU5PDF (16-10-2017 16:54:00)
      Running from C:\Users\HHD\Desktop
      Loaded Profiles: HHD (Available Profiles: HHD)
      Platform: Windows 10 Pro Version 1703 170317-1834 (X64) Language: Español (España, internacional)
      Internet Explorer Version 11 (Default browser: Chrome)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: ***********************************************************************************************************

      ==================== Processes (Whitelisted) =================

      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

      (AMD) C:\Windows\System32\atiesrxx.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
      (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
      (Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
      (VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
      (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
      (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
      (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
      (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
      (AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe

      ==================== Registry (Whitelisted) ===========================

      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

      HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-10-08] (AVAST Software)
      HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
      HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
      HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
      HKU\S-1-5-21-2175840329-2766892455-3668070443-1001\...\Run: [Akamai NetSession Interface] => C:\Users\HHD\AppData\Local\Akamai\netsession_win.exe [4490200 2017-09-08] (Akamai Technologies, Inc.)
      HKU\S-1-5-21-2175840329-2766892455-3668070443-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3101984 2017-10-13] (Valve Corporation)
      HKU\S-1-5-21-2175840329-2766892455-3668070443-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9856176 2017-09-20] (Piriform Ltd)
      GroupPolicy: Restriction <==== ATTENTION

      ==================== Internet (Whitelisted) ====================

      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

      Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
      Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
      Tcpip\Parameters: [NameServer] 8.8.8.8
      Tcpip\..\Interfaces\{70e82492-9891-4c4a-adc0-d46366ac2bd4}: [NameServer] 8.8.8.8
      Tcpip\..\Interfaces\{85358b5f-d65c-4ac0-9138-1a49ab9cb8e2}: [NameServer] 8.8.8.8,8.8.4.4
      Tcpip\..\Interfaces\{85358b5f-d65c-4ac0-9138-1a49ab9cb8e2}: [DhcpNameServer] 192.168.1.1

      Internet Explorer:
      ==================
      SearchScopes: HKU\S-1-5-21-2175840329-2766892455-3668070443-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

      FireFox:
      ========
      FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-12] ()
      FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-12] ()
      FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-09-16] (NVIDIA Corporation)
      FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-09-16] (NVIDIA Corporation)
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-09-30] (Google Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-09-30] (Google Inc.)

      Chrome:
      =======
      CHR Profile: C:\Users\HHD\AppData\Local\Google\Chrome\User Data\Default [2017-10-16]
      CHR Extension: (Presentaciones) - C:\Users\HHD\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
      CHR Extension: (Documentos) - C:\Users\HHD\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
      CHR Extension: (Google Drive) - C:\Users\HHD\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-30]
      CHR Extension: (YouTube) - C:\Users\HHD\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-30]
      CHR Extension: (Hojas*de*cálculo) - C:\Users\HHD\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
      CHR Extension: (Documentos de Google sin conexión) - C:\Users\HHD\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-30]
      CHR Extension: (AdBlock) - C:\Users\HHD\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-10-05]
      CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\HHD\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-30]
      CHR Extension: (Gmail) - C:\Users\HHD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-30]
      CHR Extension: (Chrome Media Router) - C:\Users\HHD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-30]
      CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

      ==================== Services (Whitelisted) ====================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7446024 2017-10-08] (AVAST Software s.r.o.)
      R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-10-08] (AVAST Software)
      R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes)
      R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-09-19] (NVIDIA Corporation)
      S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-09-19] (NVIDIA Corporation)
      R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-09-16] (NVIDIA Corporation)
      R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-09-19] (NVIDIA Corporation)
      S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2169696 2017-08-08] (Electronic Arts)
      R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3149672 2017-08-08] (Electronic Arts)
      S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
      R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [41952 2016-10-27] (VIA Technologies, Inc.)
      S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
      S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)

      ===================== Drivers (Whitelisted) ======================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [321032 2017-10-08] (AVAST Software s.r.o.)
      R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [198976 2017-10-08] (AVAST Software s.r.o.)
      R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [343288 2017-10-08] (AVAST Software s.r.o.)
      R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [57736 2017-10-08] (AVAST Software s.r.o.)
      S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [47008 2017-10-08] (AVAST Software)
      R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41832 2017-09-21] (AVAST Software)
      R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [147776 2017-10-08] (AVAST Software)
      R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [110376 2017-10-08] (AVAST Software)
      R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [84416 2017-10-08] (AVAST Software)
      R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1020536 2017-10-08] (AVAST Software)
      R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [587168 2017-10-08] (AVAST Software)
      R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [201352 2017-10-08] (AVAST Software)
      R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [363440 2017-10-08] (AVAST Software)
      R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-10-14] ()
      R0 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [192952 2017-10-14] (Malwarebytes)
      R3 MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [110016 2017-10-16] (Malwarebytes)
      R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [45504 2017-10-16] (Malwarebytes)
      R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [252232 2017-10-15] (Malwarebytes)
      R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [94144 2017-10-16] (Malwarebytes)
      R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
      R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_63f40b686fe9309f\nvlddmkm.sys [15619320 2017-09-18] (NVIDIA Corporation)
      S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-09-19] (NVIDIA Corporation)
      R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48248 2017-09-16] (NVIDIA Corporation)
      R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57792 2017-09-19] (NVIDIA Corporation)
      R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [888064 2015-09-10] (Realtek )
      S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
      S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
      S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
      S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
      U1 aswbdisk; no ImagePath
      S3 NTLiveGuardEV64; \??\D:\mus2\LiveGuard\NTLiveGuardEV64.sys [X]

      ==================== NetSvcs (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    5. #5
      Usuario Avatar de Death17
      Registrado
      oct 2017
      Ubicación
      Argentina
      Mensajes
      11

      Re: TDSSkiller no se ejecuta

      ==================== One Month Created files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-10-16 16:54 - 2017-10-16 16:54 - 000011863 _____ C:\Users\HHD\Desktop\FRST.txt
      2017-10-16 16:53 - 2017-10-16 16:54 - 000000000 ____D C:\FRST
      2017-10-16 16:41 - 2017-10-16 16:49 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
      2017-10-16 16:39 - 2017-10-16 16:49 - 000000000 ____D C:\Users\HHD\Desktop\mbar
      2017-10-16 16:37 - 2017-10-16 16:37 - 002401792 _____ (Farbar) C:\Users\HHD\Desktop\FRST64.exe
      2017-10-16 16:33 - 2017-10-16 16:34 - 016563352 _____ (Malwarebytes Corp.) C:\Users\HHD\Desktop\mbar-1.09.3.1001.exe
      2017-10-16 06:32 - 2017-10-16 06:32 - 000000000 ____D C:\ProgramData\SWCUTemp
      2017-10-16 05:44 - 2017-10-16 05:44 - 000000012 _____ C:\Users\HHD\Desktop\asdfg.txt
      2017-10-15 23:40 - 2017-10-15 23:40 - 000001897 _____ C:\Users\HHD\Desktop\informe malwarebytes modo seguro.txt
      2017-10-15 23:22 - 2017-10-15 23:24 - 000267458 _____ C:\TDSSKiller.3.1.0.15_15.10.2017_23.22.41_log.txt
      2017-10-14 19:43 - 2017-10-14 19:43 - 000000000 ___HD C:\$SysReset
      2017-10-14 19:22 - 2017-10-14 19:22 - 000267424 _____ C:\TDSSKiller.3.1.0.15_14.10.2017_19.22.17_log.txt
      2017-10-14 19:12 - 2017-10-14 19:16 - 000530054 _____ C:\TDSSKiller.3.1.0.15_14.10.2017_19.12.10_log.txt
      2017-10-14 16:44 - 2017-10-14 16:44 - 006760064 _____ (ESET spol. s r.o.) C:\Users\HHD\Downloads\ESETOnlineScanner_ESL.exe
      2017-10-14 16:44 - 2017-10-14 16:44 - 000000000 ____D C:\Users\HHD\AppData\Local\ESET
      2017-10-14 15:42 - 2017-10-16 08:17 - 000094144 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
      2017-10-14 15:42 - 2017-10-16 05:26 - 000045504 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
      2017-10-14 15:42 - 2017-10-15 23:21 - 000252232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
      2017-10-14 15:42 - 2017-10-14 15:42 - 000192952 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
      2017-10-14 15:07 - 2017-10-16 05:27 - 000110016 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
      2017-10-12 18:19 - 2017-10-14 09:07 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
      2017-10-11 08:19 - 2017-09-30 02:49 - 001004136 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
      2017-10-11 08:19 - 2017-09-30 02:45 - 000511896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
      2017-10-11 08:19 - 2017-09-30 02:42 - 000820120 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
      2017-10-11 08:19 - 2017-09-30 02:41 - 000259400 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
      2017-10-11 08:19 - 2017-09-30 02:40 - 000336320 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthService.exe
      2017-10-11 08:19 - 2017-09-30 02:40 - 000173976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
      2017-10-11 08:19 - 2017-09-30 02:36 - 002672024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
      2017-10-11 08:19 - 2017-09-29 23:29 - 001408536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
      2017-10-11 08:19 - 2017-09-29 23:29 - 000804784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
      2017-10-11 08:19 - 2017-09-29 23:26 - 001333136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
      2017-10-11 08:19 - 2017-09-29 23:26 - 001292872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
      2017-10-11 08:19 - 2017-09-29 23:10 - 001839872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
      2017-10-11 08:19 - 2017-09-29 23:10 - 000606072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
      2017-10-11 08:19 - 2017-09-29 23:10 - 000508344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
      2017-10-11 08:19 - 2017-09-29 23:10 - 000480920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
      2017-10-11 08:19 - 2017-09-29 23:09 - 002259760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreUIComponents.dll
      2017-10-11 08:19 - 2017-09-29 23:09 - 000787712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
      2017-10-11 08:19 - 2017-09-29 23:06 - 004471368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
      2017-10-11 08:19 - 2017-09-29 23:05 - 005827744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
      2017-10-11 08:19 - 2017-09-29 23:05 - 002603744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
      2017-10-11 08:19 - 2017-09-29 23:05 - 001266544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
      2017-10-11 08:19 - 2017-09-29 23:05 - 000750488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
      2017-10-11 08:19 - 2017-09-29 23:05 - 000559000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
      2017-10-11 08:19 - 2017-09-29 23:04 - 004215184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
      2017-10-11 08:19 - 2017-09-29 23:04 - 000612120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
      2017-10-11 08:19 - 2017-09-29 23:04 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
      2017-10-11 08:19 - 2017-09-29 23:04 - 000438096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.dll
      2017-10-11 08:19 - 2017-09-29 23:04 - 000347544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
      2017-10-11 08:19 - 2017-09-29 23:04 - 000182680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
      2017-10-11 08:19 - 2017-09-29 23:03 - 020373408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
      2017-10-11 08:19 - 2017-09-29 23:03 - 006768288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
      2017-10-11 08:19 - 2017-09-29 23:03 - 001439032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
      2017-10-11 08:19 - 2017-09-29 23:02 - 001624096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.AppAgent.dll
      2017-10-11 08:19 - 2017-09-29 23:02 - 001517464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVEntSubsystems32.dll
      2017-10-11 08:19 - 2017-09-29 23:02 - 000175512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
      2017-10-11 08:19 - 2017-09-29 23:01 - 000124544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
      2017-10-11 08:19 - 2017-09-29 04:45 - 002953216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
      2017-10-11 08:19 - 2017-09-29 04:44 - 000133120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
      2017-10-11 08:19 - 2017-09-29 04:43 - 002199552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Resources.dll
      2017-10-11 08:19 - 2017-09-29 04:43 - 000142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\smartscreenps.dll
      2017-10-11 08:19 - 2017-09-29 04:43 - 000060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
      2017-10-11 08:19 - 2017-09-29 04:42 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mgmtapi.dll
      2017-10-11 08:19 - 2017-09-29 04:41 - 013844992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
      2017-10-11 08:19 - 2017-09-29 04:41 - 000110080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BitLockerCsp.dll
      2017-10-11 08:19 - 2017-09-29 04:40 - 006728192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
      2017-10-11 08:19 - 2017-09-29 04:40 - 000371200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
      2017-10-11 08:19 - 2017-09-29 04:40 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
      2017-10-11 08:19 - 2017-09-29 04:39 - 020511232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
      2017-10-11 08:19 - 2017-09-29 04:39 - 000364032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
      2017-10-11 08:19 - 2017-09-29 04:38 - 005721600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
      2017-10-11 08:19 - 2017-09-29 04:38 - 002671616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
      2017-10-11 08:19 - 2017-09-29 04:38 - 001135616 ____R (The ICU Project) C:\Windows\SysWOW64\icuuc.dll
      2017-10-11 08:19 - 2017-09-29 04:38 - 000498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
      2017-10-11 08:19 - 2017-09-29 04:38 - 000471040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmCoreProvisioning.dll
      2017-10-11 08:19 - 2017-09-29 04:38 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
      2017-10-11 08:19 - 2017-09-29 04:38 - 000370688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
      2017-10-11 08:19 - 2017-09-29 04:38 - 000308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptngc.dll
      2017-10-11 08:19 - 2017-09-29 04:38 - 000229376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll
      2017-10-11 08:19 - 2017-09-29 04:37 - 000306688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.dll
      2017-10-11 08:19 - 2017-09-29 04:37 - 000038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerUI.dll
      2017-10-11 08:19 - 2017-09-29 04:36 - 000590336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
      2017-10-11 08:19 - 2017-09-29 04:34 - 002859520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
      2017-10-11 08:19 - 2017-09-29 04:34 - 000798720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
      2017-10-11 08:19 - 2017-09-29 04:34 - 000787456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
      2017-10-11 08:19 - 2017-09-29 04:34 - 000434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll
      2017-10-11 08:19 - 2017-09-29 04:33 - 007598080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
      2017-10-11 08:19 - 2017-09-29 04:33 - 004559360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
      2017-10-11 08:19 - 2017-09-29 04:33 - 001506816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
      2017-10-11 08:19 - 2017-09-29 04:32 - 002782720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
      2017-10-11 08:19 - 2017-09-29 04:32 - 002340864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
      2017-10-11 08:19 - 2017-09-29 04:32 - 001627136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
      2017-10-11 08:19 - 2017-09-29 04:32 - 001244160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Phone.dll
      2017-10-11 08:19 - 2017-09-29 04:32 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
      2017-10-11 08:19 - 2017-09-29 04:32 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
      2017-10-11 08:19 - 2017-09-29 04:31 - 003107328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
      2017-10-11 08:19 - 2017-09-29 04:31 - 000306176 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
      2017-10-11 08:19 - 2017-09-29 04:31 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
      2017-10-11 08:19 - 2017-09-29 04:31 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
      2017-10-11 08:19 - 2017-09-29 04:29 - 001460736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_fs.dll
      2017-10-11 08:19 - 2017-09-29 04:29 - 001318912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_health.dll
      2017-10-11 08:19 - 2017-09-29 04:29 - 000724992 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
      2017-10-11 08:19 - 2017-09-29 04:29 - 000157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
      2017-10-11 08:19 - 2017-09-29 04:29 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
      2017-10-11 08:19 - 2017-09-29 04:29 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
      2017-10-11 08:19 - 2017-09-29 04:28 - 000681472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
      2017-10-11 08:19 - 2017-09-29 04:28 - 000473088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
      2017-10-11 08:19 - 2017-09-29 04:28 - 000458752 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnr.dll
      2017-10-11 08:19 - 2017-09-29 04:28 - 000297984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe
      2017-10-11 08:19 - 2017-09-29 04:28 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
      2017-10-11 08:19 - 2017-09-29 04:28 - 000040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cipher.exe
      2017-10-11 08:19 - 2017-09-29 04:27 - 000409600 _____ (Microsoft Corporation) C:\Windows\system32\cryptngc.dll
      2017-10-11 08:19 - 2017-09-29 04:27 - 000350720 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.dll
      2017-10-11 08:19 - 2017-09-29 04:26 - 008213504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
      2017-10-11 08:19 - 2017-09-29 04:24 - 003377664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
      2017-10-11 08:19 - 2017-09-29 04:24 - 001628672 _____ (Microsoft Corporation) C:\Windows\system32\UserDataService.dll
      2017-10-11 08:19 - 2017-09-29 04:21 - 003304448 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
      2017-10-11 08:19 - 2017-09-29 04:21 - 000414208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
      2017-10-11 08:19 - 2017-09-29 04:20 - 000385536 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
      2017-10-11 08:19 - 2017-09-29 04:20 - 000286208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
      2017-10-11 08:19 - 2017-09-29 04:19 - 000306176 _____ (Microsoft Corporation) C:\Windows\system32\fveui.dll
      2017-10-11 08:19 - 2017-09-29 04:18 - 000215040 _____ (Microsoft Corporation) C:\Windows\system32\manage-bde.exe
      2017-10-11 08:19 - 2017-09-29 04:18 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerDeviceEncryption.exe
      2017-10-11 08:19 - 2017-09-29 02:40 - 000804312 _____ C:\Windows\SysWOW64\locale.nls
      2017-10-11 08:19 - 2017-09-29 02:40 - 000804312 _____ C:\Windows\system32\locale.nls
      2017-10-11 08:19 - 2017-09-20 12:08 - 000640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll
      2017-10-11 08:19 - 2017-09-20 12:08 - 000345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
      2017-10-11 08:19 - 2017-09-20 12:08 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll
      2017-10-11 08:18 - 2017-09-30 02:52 - 001595152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
      2017-10-11 08:18 - 2017-09-30 02:51 - 001458320 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
      2017-10-11 08:18 - 2017-09-30 02:51 - 001147288 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
      2017-10-11 08:18 - 2017-09-30 02:51 - 000661224 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
      2017-10-11 08:18 - 2017-09-30 02:50 - 001346112 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
      2017-10-11 08:18 - 2017-09-30 02:50 - 001068208 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
      2017-10-11 08:18 - 2017-09-30 02:50 - 001024920 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
      2017-10-11 08:18 - 2017-09-30 02:49 - 000777400 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
      2017-10-11 08:18 - 2017-09-30 02:49 - 000135576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
      2017-10-11 08:18 - 2017-09-30 02:48 - 008319384 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
      2017-10-11 08:18 - 2017-09-30 02:48 - 002399728 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
      2017-10-11 08:18 - 2017-09-30 02:48 - 002327448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
      2017-10-11 08:18 - 2017-09-30 02:48 - 000644696 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
      2017-10-11 08:18 - 2017-09-30 02:47 - 002969880 _____ (Microsoft Corporation) C:\Windows\system32\CoreUIComponents.dll
      2017-10-11 08:18 - 2017-09-30 02:47 - 001194792 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
      2017-10-11 08:18 - 2017-09-30 02:44 - 000712600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
      2017-10-11 08:18 - 2017-09-30 02:44 - 000181912 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
      2017-10-11 08:18 - 2017-09-30 02:43 - 007318888 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
      2017-10-11 08:18 - 2017-09-30 02:43 - 002442136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
      2017-10-11 08:18 - 2017-09-30 02:42 - 004848952 _____ (Microsoft Corporation) C:\Windows\explorer.exe
      2017-10-11 08:18 - 2017-09-30 02:42 - 001506712 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
      2017-10-11 08:18 - 2017-09-30 02:41 - 005477600 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
      2017-10-11 08:18 - 2017-09-30 02:41 - 005304496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
      2017-10-11 08:18 - 2017-09-30 02:41 - 002086808 _____ (Microsoft Corporation) C:\Windows\system32\UpdateAgent.dll
      2017-10-11 08:18 - 2017-09-30 02:41 - 000961944 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
      2017-10-11 08:18 - 2017-09-30 02:41 - 000654976 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
      2017-10-11 08:18 - 2017-09-30 02:41 - 000651672 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
      2017-10-11 08:18 - 2017-09-30 02:41 - 000257432 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
      2017-10-11 08:18 - 2017-09-30 02:41 - 000228248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
      2017-10-11 08:18 - 2017-09-30 02:40 - 000849816 _____ (Microsoft Corporation) C:\Windows\system32\AppVClient.exe
      2017-10-11 08:18 - 2017-09-30 02:40 - 000724704 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
      2017-10-11 08:18 - 2017-09-30 02:40 - 000701336 _____ (Microsoft Corporation) C:\Windows\system32\AppVCatalog.dll
      2017-10-11 08:18 - 2017-09-30 02:40 - 000642680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
      2017-10-11 08:18 - 2017-09-30 02:40 - 000558912 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.dll
      2017-10-11 08:18 - 2017-09-30 02:40 - 000408984 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
      2017-10-11 08:18 - 2017-09-30 02:40 - 000184728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
      2017-10-11 08:18 - 2017-09-30 02:40 - 000072944 _____ (Microsoft Corporation) C:\Windows\system32\easinvoker.exe
      2017-10-11 08:18 - 2017-09-30 02:39 - 021351760 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
      2017-10-11 08:18 - 2017-09-30 02:39 - 001694104 _____ (Microsoft Corporation) C:\Windows\system32\AppVIntegration.dll
      2017-10-11 08:18 - 2017-09-30 02:39 - 000203672 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
      2017-10-11 08:18 - 2017-09-30 02:38 - 007910072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
      2017-10-11 08:18 - 2017-09-30 02:38 - 002239136 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
      2017-10-11 08:18 - 2017-09-30 02:38 - 001854872 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntVirtualization.dll
      2017-10-11 08:18 - 2017-09-30 02:37 - 002377112 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.AppAgent.dll
      2017-10-11 08:18 - 2017-09-30 02:37 - 002229144 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll
      2017-10-11 08:18 - 2017-09-30 02:37 - 001464728 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll
      2017-10-11 08:18 - 2017-09-30 02:36 - 000855960 _____ (Microsoft Corporation) C:\Windows\system32\AppVOrchestration.dll
      2017-10-11 08:18 - 2017-09-30 02:36 - 000675224 _____ (Microsoft Corporation) C:\Windows\system32\AppVPublishing.dll
      2017-10-11 08:18 - 2017-09-30 02:36 - 000057976 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
      2017-10-11 08:18 - 2017-09-29 23:10 - 001150776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
      2017-10-11 08:18 - 2017-09-29 04:46 - 023678976 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
      2017-10-11 08:18 - 2017-09-29 04:39 - 011888640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
      2017-10-11 08:18 - 2017-09-29 04:36 - 019337216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
      2017-10-11 08:18 - 2017-09-29 04:35 - 003654656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
      2017-10-11 08:18 - 2017-09-29 04:34 - 017370624 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
      2017-10-11 08:18 - 2017-09-29 04:34 - 006255616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
      2017-10-11 08:18 - 2017-09-29 04:34 - 003669504 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
      2017-10-11 08:18 - 2017-09-29 04:33 - 000658944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
      2017-10-11 08:18 - 2017-09-29 04:33 - 000175616 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
      2017-10-11 08:18 - 2017-09-29 04:32 - 002199552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.dll
      2017-10-11 08:18 - 2017-09-29 04:32 - 000209920 _____ (Microsoft Corporation) C:\Windows\system32\smartscreenps.dll
      2017-10-11 08:18 - 2017-09-29 04:32 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\usoapi.dll
      2017-10-11 08:18 - 2017-09-29 04:32 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
      2017-10-11 08:18 - 2017-09-29 04:32 - 000029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
      2017-10-11 08:18 - 2017-09-29 04:32 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\mgmtapi.dll
      2017-10-11 08:18 - 2017-09-29 04:31 - 000113152 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll
      2017-10-11 08:18 - 2017-09-29 04:31 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\efssvc.dll
      2017-10-11 08:18 - 2017-09-29 04:30 - 023686144 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
      2017-10-11 08:18 - 2017-09-29 04:30 - 007931392 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
      2017-10-11 08:18 - 2017-09-29 04:30 - 000529408 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
      2017-10-11 08:18 - 2017-09-29 04:30 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerCsp.dll
      2017-10-11 08:18 - 2017-09-29 04:30 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
      2017-10-11 08:18 - 2017-09-29 04:30 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
      2017-10-11 08:18 - 2017-09-29 04:29 - 008333312 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
      2017-10-11 08:18 - 2017-09-29 04:29 - 000550400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
      2017-10-11 08:18 - 2017-09-29 04:29 - 000461824 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
      2017-10-11 08:18 - 2017-09-29 04:29 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll
      2017-10-11 08:18 - 2017-09-29 04:29 - 000304640 _____ (Microsoft Corporation) C:\Windows\system32\dusmsvc.dll
      2017-10-11 08:18 - 2017-09-29 04:29 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\ServiceWorkerHost.exe
      2017-10-11 08:18 - 2017-09-29 04:28 - 000699904 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll
      2017-10-11 08:18 - 2017-09-29 04:28 - 000556032 _____ (Microsoft Corporation) C:\Windows\system32\TpmCoreProvisioning.dll
      2017-10-11 08:18 - 2017-09-29 04:28 - 000527360 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
      2017-10-11 08:18 - 2017-09-29 04:28 - 000256000 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll
      2017-10-11 08:18 - 2017-09-29 04:28 - 000254976 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
      2017-10-11 08:18 - 2017-09-29 04:27 - 012803072 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
      2017-10-11 08:18 - 2017-09-29 04:27 - 001321984 ____R (The ICU Project) C:\Windows\system32\icuuc.dll
      2017-10-11 08:18 - 2017-09-29 04:27 - 000616960 _____ (Microsoft Corporation) C:\Windows\system32\WindowManagement.dll
      2017-10-11 08:18 - 2017-09-29 04:27 - 000565760 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
      2017-10-11 08:18 - 2017-09-29 04:27 - 000538624 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
      2017-10-11 08:18 - 2017-09-29 04:27 - 000524800 _____ (Microsoft Corporation) C:\Windows\system32\TileDataRepository.dll
      2017-10-11 08:18 - 2017-09-29 04:27 - 000412160 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
      2017-10-11 08:18 - 2017-09-29 04:26 - 002809344 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
      2017-10-11 08:18 - 2017-09-29 04:26 - 001468928 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
      2017-10-11 08:18 - 2017-09-29 04:26 - 001269760 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
      2017-10-11 08:18 - 2017-09-29 04:26 - 001197568 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.CommonBridge.dll
      2017-10-11 08:18 - 2017-09-29 04:26 - 001141760 _____ (Microsoft Corporation) C:\Windows\system32\ApplySettingsTemplateCatalog.exe
      2017-10-11 08:18 - 2017-09-29 04:26 - 000772096 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll
      2017-10-11 08:18 - 2017-09-29 04:26 - 000356864 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
      2017-10-11 08:18 - 2017-09-29 04:26 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerUI.dll
      2017-10-11 08:18 - 2017-09-29 04:25 - 008199168 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
      2017-10-11 08:18 - 2017-09-29 04:25 - 004175872 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
      2017-10-11 08:18 - 2017-09-29 04:25 - 002760704 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
      2017-10-11 08:18 - 2017-09-29 04:25 - 000586240 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
      2017-10-11 08:18 - 2017-09-29 04:24 - 003307008 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
      2017-10-11 08:18 - 2017-09-29 04:24 - 002503680 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
      2017-10-11 08:18 - 2017-09-29 04:24 - 001886208 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
      2017-10-11 08:18 - 2017-09-29 04:24 - 001307648 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
      2017-10-11 08:18 - 2017-09-29 04:24 - 001201664 _____ (Microsoft Corporation) C:\Windows\system32\AgentService.exe
      2017-10-11 08:18 - 2017-09-29 04:24 - 000684032 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
      2017-10-11 08:18 - 2017-09-29 04:23 - 005557760 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
      2017-10-11 08:18 - 2017-09-29 04:23 - 004730368 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
      2017-10-11 08:18 - 2017-09-29 04:23 - 003140096 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
      2017-10-11 08:18 - 2017-09-29 04:23 - 002730496 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe
      2017-10-11 08:18 - 2017-09-29 04:23 - 002446336 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
      2017-10-11 08:18 - 2017-09-29 04:23 - 002195968 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ModernAppAgent.dll
      2017-10-11 08:18 - 2017-09-29 04:23 - 002055680 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
      2017-10-11 08:18 - 2017-09-29 04:23 - 001887744 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
      2017-10-11 08:18 - 2017-09-29 04:23 - 001605632 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
      2017-10-11 08:18 - 2017-09-29 04:23 - 001460224 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
      2017-10-11 08:18 - 2017-09-29 04:23 - 001398784 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
      2017-10-11 08:18 - 2017-09-29 04:23 - 001052672 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
      2017-10-11 08:18 - 2017-09-29 04:23 - 000986624 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
      2017-10-11 08:18 - 2017-09-29 04:23 - 000972288 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
      2017-10-11 08:18 - 2017-09-29 04:23 - 000841216 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
      2017-10-11 08:18 - 2017-09-29 04:23 - 000756224 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
      2017-10-11 08:18 - 2017-09-29 04:23 - 000647168 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
      2017-10-11 08:18 - 2017-09-29 04:23 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
      2017-10-11 08:18 - 2017-09-29 04:22 - 002829824 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
      2017-10-11 08:18 - 2017-09-29 04:22 - 001802240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
      2017-10-11 08:18 - 2017-09-29 04:22 - 001438208 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Phone.dll
      2017-10-11 08:18 - 2017-09-29 04:22 - 000407040 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
      2017-10-11 08:18 - 2017-09-29 04:21 - 000722944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
      2017-10-11 08:18 - 2017-09-29 04:21 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Core.TextInput.dll
      2017-10-11 08:18 - 2017-09-29 04:21 - 000324096 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
      2017-10-11 08:18 - 2017-09-29 04:21 - 000154624 _____ (Microsoft Corporation) C:\Windows\system32\regsvc.dll
      2017-10-11 08:18 - 2017-09-29 04:21 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
      2017-10-11 08:18 - 2017-09-29 04:21 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\InputLocaleManager.dll
      2017-10-11 08:18 - 2017-09-29 04:20 - 001811456 _____ (Microsoft Corporation) C:\Windows\system32\wsp_health.dll
      2017-10-11 08:18 - 2017-09-29 04:20 - 000804864 _____ (Microsoft Corporation) C:\Windows\system32\fvewiz.dll
      2017-10-11 08:18 - 2017-09-29 04:20 - 000194560 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
      2017-10-11 08:18 - 2017-09-29 04:20 - 000150016 _____ (Microsoft Corporation) C:\Windows\system32\iscsiexe.dll
      2017-10-11 08:18 - 2017-09-29 04:19 - 002088448 _____ (Microsoft Corporation) C:\Windows\system32\wsp_fs.dll
      2017-10-11 08:18 - 2017-09-29 04:19 - 000325120 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
      2017-10-11 08:18 - 2017-09-29 04:19 - 000208896 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
      2017-10-11 08:18 - 2017-09-29 04:18 - 002438656 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll
      2017-10-11 08:18 - 2017-09-29 04:18 - 001527296 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
      2017-10-11 08:18 - 2017-09-29 04:18 - 000893440 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
      2017-10-11 08:18 - 2017-09-29 04:18 - 000603136 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
      2017-10-11 08:18 - 2017-09-29 04:18 - 000364032 _____ (Microsoft Corporation) C:\Windows\system32\bdechangepin.exe
      2017-10-11 08:18 - 2017-09-29 04:18 - 000347648 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
      2017-10-11 08:18 - 2017-09-29 04:18 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
      2017-10-11 08:18 - 2017-09-29 04:18 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\cipher.exe
      2017-10-08 09:17 - 2017-10-08 09:17 - 000401488 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
      2017-10-03 01:56 - 2017-10-03 01:56 - 000000659 _____ C:\Users\Public\Desktop\Guild Wars 2.lnk
      2017-10-03 01:56 - 2017-10-03 01:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
      2017-10-03 01:51 - 2017-10-03 01:57 - 000000000 ____D C:\Users\HHD\AppData\Roaming\Guild Wars 2
      2017-10-03 01:51 - 2017-10-03 01:52 - 032826536 _____ (ArenaNet) C:\Users\HHD\Downloads\Gw2Setup-64.tmp
      2017-10-03 01:51 - 2017-10-03 01:51 - 000000000 ____D C:\Users\HHD\Downloads\bin64
      2017-10-03 01:51 - 2017-10-03 01:51 - 000000000 _____ C:\Users\HHD\Downloads\Gw2.tmp
      2017-10-03 01:51 - 2017-10-03 01:51 - 000000000 _____ C:\Users\HHD\Downloads\Gw2.dat
      2017-10-03 01:49 - 2017-10-03 01:52 - 032826536 _____ (ArenaNet) C:\Users\HHD\Downloads\Gw2Setup-64.exe
      2017-09-30 07:18 - 2017-09-30 07:19 - 000529038 _____ C:\TDSSKiller.3.1.0.15_30.09.2017_07.18.08_log.txt
      2017-09-30 07:17 - 2017-09-30 07:17 - 004922400 _____ (AO Kaspersky Lab) C:\Users\HHD\Desktop\iexplorer.com.pif
      2017-09-30 05:03 - 2017-09-30 05:03 - 000002346 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2017-09-30 05:03 - 2017-09-30 05:03 - 000002334 _____ C:\Users\Public\Desktop\Google Chrome.lnk
      2017-09-30 05:00 - 2017-10-12 18:19 - 000003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
      2017-09-30 05:00 - 2017-10-12 18:19 - 000003318 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
      2017-09-30 05:00 - 2017-09-30 05:00 - 001130328 _____ (Google Inc.) C:\Users\HHD\Downloads\ChromeSetup.exe
      2017-09-30 04:48 - 2017-09-30 04:48 - 000000000 ____D C:\Users\HHD\AppData\LocalLow\Temp
      2017-09-30 04:47 - 2017-10-12 18:19 - 000003418 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{4F02B59E-99F1-4F18-832B-80811EA61C39}
      2017-09-30 04:10 - 2017-09-30 04:10 - 008250832 _____ (Malwarebytes)

    6. #6
      Usuario Avatar de Death17
      Registrado
      oct 2017
      Ubicación
      Argentina
      Mensajes
      11

      Re: TDSSkiller no se ejecuta

      C:\Users\HHD\Desktop\adwcleaner_7.0.3.1.exe
      2017-09-30 04:07 - 2017-10-16 16:21 - 000000000 ____D C:\AdwCleaner
      2017-09-30 03:48 - 2017-09-30 03:49 - 001790024 _____ (Malwarebytes) C:\Users\HHD\Desktop\JRT.exe
      2017-09-30 03:46 - 2017-10-14 15:03 - 000002220 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
      2017-09-30 03:46 - 2017-09-30 03:46 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
      2017-09-30 03:46 - 2017-09-30 03:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
      2017-09-30 03:45 - 2017-09-30 03:46 - 000000000 ____D C:\Program Files\CCleaner
      2017-09-30 03:44 - 2017-09-30 03:45 - 009809688 _____ (Piriform Ltd) C:\Users\HHD\Downloads\ccsetup535.exe
      2017-09-30 03:33 - 2017-10-15 23:21 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
      2017-09-30 03:14 - 2017-09-30 03:14 - 000000000 ____D C:\Windows\System32\Tasks\S-1-5-21-2175840329-2766892455-3668070443-1001
      2017-09-30 02:11 - 2017-09-18 20:20 - 001065104 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
      2017-09-30 02:11 - 2017-09-18 20:20 - 000900376 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
      2017-09-30 02:11 - 2017-09-18 20:18 - 000965024 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.efi
      2017-09-30 02:11 - 2017-09-18 20:17 - 001395664 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
      2017-09-30 02:11 - 2017-09-18 20:17 - 001186464 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
      2017-09-30 02:11 - 2017-09-18 20:17 - 000821664 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.exe
      2017-09-30 02:11 - 2017-09-18 20:11 - 001018272 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
      2017-09-30 02:11 - 2017-09-18 20:09 - 000554400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
      2017-09-30 02:11 - 2017-09-18 19:26 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\tetheringclient.dll
      2017-09-30 02:11 - 2017-09-18 19:25 - 000117248 _____ (Microsoft Corporation) C:\Windows\system32\eShims.dll
      2017-09-30 02:11 - 2017-09-18 19:23 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll
      2017-09-30 02:11 - 2017-09-18 19:20 - 000831488 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
      2017-09-30 02:11 - 2017-09-18 19:20 - 000049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tetheringclient.dll
      2017-09-30 02:11 - 2017-09-18 19:15 - 000648704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
      2017-09-30 02:04 - 2017-09-30 02:04 - 000007606 _____ C:\Users\HHD\AppData\Local\Resmon.ResmonCfg
      2017-09-30 00:30 - 2017-09-30 00:30 - 000000000 ____D C:\Windows\system32\appmgmt
      2017-09-30 00:01 - 2017-09-30 00:01 - 000140800 _____ C:\Users\HHD\AppData\Local\installer.dat
      2017-09-29 23:59 - 2017-09-29 23:59 - 000000000 ____D C:\Program Files (x86)\nowidget
      2017-09-29 23:56 - 2017-09-30 00:28 - 000000000 ____D C:\Program Files\KMSpico
      2017-09-29 23:56 - 2017-09-29 23:56 - 000004608 _____ C:\Windows\SECOH-QAD.exe
      2017-09-29 23:56 - 2017-09-29 23:56 - 000003584 _____ C:\Windows\SECOH-QAD.dll
      2017-09-29 23:56 - 2010-12-05 23:16 - 000090112 _____ (Vestris Inc.) C:\Windows\system32\Vestris.ResourceLib.dll
      2017-09-29 05:41 - 2017-09-29 05:41 - 000051644 _____ C:\Windows\uninstaller.dat
      2017-09-28 22:01 - 2017-10-16 05:46 - 000000000 ____D C:\Users\HHD\AppData\Local\CrashDumps
      2017-09-28 22:00 - 2017-04-09 21:33 - 000000000 ____D C:\Users\HHD\Desktop\Guru3D.com RTSS
      2017-09-28 21:50 - 2017-09-28 21:52 - 022051119 _____ C:\Users\HHD\Downloads\[Guru3D.com]-RTSSSetup700Beta19.zip
      2017-09-28 21:49 - 2017-10-02 00:32 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
      2017-09-28 21:49 - 2017-09-28 22:00 - 000000000 ____D C:\Windows\SysWOW64\directx
      2017-09-28 21:49 - 2017-09-28 21:49 - 000000000 ____D C:\Users\HHD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
      2017-09-28 21:48 - 2017-09-30 07:41 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
      2017-09-28 21:48 - 2017-09-28 21:48 - 000001159 _____ C:\Users\HHD\Desktop\MSI Afterburner.lnk
      2017-09-28 21:48 - 2017-09-28 21:48 - 000000000 ____D C:\Users\HHD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
      2017-09-28 17:54 - 2017-09-28 18:08 - 039173612 _____ C:\Users\HHD\Downloads\MSIAfterburnerSetup.zip
      2017-09-28 17:14 - 2017-09-28 17:14 - 000000000 ____D C:\Users\HHD\AppData\Roaming\NVIDIA
      2017-09-28 16:47 - 2017-10-12 18:19 - 000003458 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-09-28 16:47 - 2017-10-12 18:19 - 000003236 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-09-28 16:47 - 2017-10-12 18:19 - 000003044 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-09-28 16:47 - 2017-10-12 18:19 - 000003028 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-09-28 16:47 - 2017-10-12 18:19 - 000003016 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-09-28 16:47 - 2017-10-12 18:19 - 000002898 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-09-28 16:47 - 2017-10-12 18:19 - 000002846 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-09-28 16:47 - 2017-10-09 20:21 - 000000000 ____D C:\Users\HHD\AppData\Local\NVIDIA Corporation
      2017-09-28 16:47 - 2017-09-30 05:17 - 000001489 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
      2017-09-28 16:47 - 2017-09-28 16:48 - 000000000 ____D C:\Users\HHD\AppData\Local\NVIDIA
      2017-09-28 16:47 - 2017-09-19 04:23 - 001923008 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
      2017-09-28 16:47 - 2017-09-19 04:23 - 001755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
      2017-09-28 16:47 - 2017-09-19 04:23 - 001505728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
      2017-09-28 16:47 - 2017-09-19 04:23 - 001317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
      2017-09-28 16:47 - 2017-09-19 04:23 - 000121280 _____ C:\Windows\system32\NvRtmpStreamer64.dll
      2017-09-28 16:46 - 2017-10-12 18:19 - 000002804 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-09-28 16:46 - 2017-09-28 16:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
      2017-09-28 16:46 - 2017-09-28 16:46 - 000000000 ____D C:\Program Files (x86)\VulkanRT
      2017-09-28 16:46 - 2017-09-19 04:23 - 000179136 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
      2017-09-28 16:46 - 2017-09-19 04:23 - 000146368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
      2017-09-28 16:46 - 2017-09-18 18:29 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
      2017-09-28 16:46 - 2017-09-16 14:34 - 006463424 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
      2017-09-28 16:46 - 2017-09-16 14:34 - 002478528 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
      2017-09-28 16:46 - 2017-09-16 14:34 - 001762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
      2017-09-28 16:46 - 2017-09-16 14:34 - 000548472 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
      2017-09-28 16:46 - 2017-09-16 14:34 - 000392312 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
      2017-09-28 16:46 - 2017-09-16 14:34 - 000082040 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
      2017-09-28 16:46 - 2017-09-16 14:34 - 000069752 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
      2017-09-28 16:46 - 2017-09-16 14:17 - 000135800 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
      2017-09-28 16:46 - 2017-09-15 12:03 - 008248071 _____ C:\Windows\system32\nvcoproc.bin
      2017-09-28 16:46 - 2017-07-20 14:21 - 000905504 _____ C:\Windows\system32\vulkan-1.dll
      2017-09-28 16:46 - 2017-07-20 14:21 - 000776992 _____ C:\Windows\SysWOW64\vulkan-1.dll
      2017-09-28 16:46 - 2017-07-20 14:21 - 000578848 _____ C:\Windows\system32\vulkaninfo.exe
      2017-09-28 16:46 - 2017-07-20 14:21 - 000477472 _____ C:\Windows\SysWOW64\vulkaninfo.exe
      2017-09-28 16:45 - 2017-10-16 16:16 - 000000000 ____D C:\ProgramData\NVIDIA
      2017-09-28 16:45 - 2017-10-02 13:49 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
      2017-09-28 16:45 - 2017-09-16 16:27 - 000512960 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
      2017-09-28 16:45 - 2017-08-20 11:24 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
      2017-09-28 16:44 - 2017-09-30 05:17 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
      2017-09-28 16:44 - 2017-09-19 04:23 - 000057792 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
      2017-09-28 16:44 - 2017-09-16 16:27 - 040240064 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
      2017-09-28 16:44 - 2017-09-16 16:27 - 035925440 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
      2017-09-28 16:44 - 2017-09-16 16:27 - 035314112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
      2017-09-28 16:44 - 2017-09-16 16:27 - 029020096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
      2017-09-28 16:44 - 2017-09-16 16:27 - 023132720 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
      2017-09-28 16:44 - 2017-09-16 16:27 - 018849784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
      2017-09-28 16:44 - 2017-09-16 16:27 - 013782904 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
      2017-09-28 16:44 - 2017-09-16 16:27 - 012241792 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
      2017-09-28 16:44 - 2017-09-16 16:27 - 011692856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
      2017-09-28 16:44 - 2017-09-16 16:27 - 010087504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
      2017-09-28 16:44 - 2017-09-16 16:27 - 004210544 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
      2017-09-28 16:44 - 2017-09-16 16:27 - 004145088 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
      2017-09-28 16:44 - 2017-09-16 16:27 - 003712024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
      2017-09-28 16:44 - 2017-09-16 16:27 - 003575744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
      2017-09-28 16:44 - 2017-09-16 16:27 - 001988216 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438569.dll
      2017-09-28 16:44 - 2017-09-16 16:27 - 001615448 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
      2017-09-28 16:44 - 2017-09-16 16:27 - 001606592 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438569.dll
      2017-09-28 16:44 - 2017-09-16 16:27 - 001067968 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
      2017-09-28 16:44 - 2017-09-16 16:27 - 001005176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
      2017-09-28 16:44 - 2017-09-16 16:27 - 000972920 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
      2017-09-28 16:44 - 2017-09-16 16:27 - 000924280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
      2017-09-28 16:44 - 2017-09-16 16:27 - 000690504 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
      2017-09-28 16:44 - 2017-09-16 16:27 - 000578056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
      2017-09-28 16:44 - 2017-09-16 16:27 - 000218712 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
      2017-09-28 16:44 - 2017-09-16 16:27 - 000048248 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
      2017-09-28 16:44 - 2017-09-16 16:27 - 000046443 _____ C:\Windows\system32\nvinfo.pb
      2017-09-28 16:44 - 2017-09-16 16:27 - 000045976 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
      2017-09-28 16:44 - 2017-09-16 16:27 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json
      2017-09-28 16:44 - 2017-09-16 16:27 - 000000669 _____ C:\Windows\system32\nv-vk64.json
      2017-09-28 16:42 - 2017-09-30 05:16 - 000000000 ____D C:\Program Files\NVIDIA Corporation
      2017-09-28 14:52 - 2017-09-28 15:19 - 456765712 _____ (NVIDIA Corporation) C:\Users\HHD\Downloads\385.69-desktop-win10-64bit-international-whql.exe
      2017-09-26 02:49 - 2017-10-14 04:13 - 000000000 ____D C:\Users\HHD\AppData\Local\Warframe
      2017-09-25 23:37 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
      2017-09-25 23:37 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
      2017-09-25 23:37 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
      2017-09-25 23:37 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
      2017-09-25 23:37 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
      2017-09-25 23:37 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
      2017-09-25 23:37 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
      2017-09-25 23:37 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
      2017-09-25 23:37 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
      2017-09-25 23:37 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
      2017-09-25 23:37 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
      2017-09-25 23:37 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
      2017-09-25 23:37 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
      2017-09-25 23:37 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
      2017-09-25 23:37 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
      2017-09-25 23:37 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
      2017-09-25 23:37 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
      2017-09-25 23:37 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
      2017-09-25 23:37 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
      2017-09-25 23:37 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
      2017-09-25 23:37 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
      2017-09-25 23:37 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
      2017-09-25 23:37 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
      2017-09-25 23:37 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
      2017-09-25 23:37 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
      2017-09-25 23:37 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
      2017-09-25 23:37 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
      2017-09-25 23:37 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
      2017-09-25 23:37 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
      2017-09-25 23:37 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
      2017-09-25 23:37 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
      2017-09-25 23:37 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
      2017-09-25 23:37 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
      2017-09-25 23:37 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
      2017-09-25 23:37 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
      2017-09-25 23:37 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
      2017-09-25 23:37 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
      2017-09-25 23:37 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
      2017-09-25 23:37 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
      2017-09-25 23:37 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
      2017-09-25 23:37 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
      2017-09-25 23:37 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
      2017-09-25 23:37 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
      2017-09-25 23:37 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
      2017-09-25 23:37 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
      2017-09-25 23:37 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
      2017-09-25 23:37 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
      2017-09-25 23:37 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
      2017-09-25 23:37 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
      2017-09-25 23:37 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
      2017-09-25 23:37 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
      2017-09-25 23:37 - 2008-10-15 06:22 - 002605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
      2017-09-25 23:37 - 2008-10-15 06:22 - 002036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
      2017-09-25 23:37 - 2008-10-15 06:22 - 000519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
      2017-09-25 23:37 - 2008-10-15 06:22 - 000452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
      2017-09-25 23:36 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
      2017-09-25 23:36 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
      2017-09-25 23:36 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
      2017-09-25 23:36 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
      2017-09-25 23:36 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
      2017-09-25 23:36 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
      2017-09-25 23:36 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
      2017-09-25 23:36 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
      2017-09-25 23:36 - 2008-10-15 06:22 - 005631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
      2017-09-25 23:36 - 2008-10-15 06:22 - 004379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
      2017-09-25 23:36 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
      2017-09-25 23:36 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
      2017-09-25 23:36 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
      2017-09-25 23:36 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
      2017-09-25 23:36 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
      2017-09-25 23:36 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
      2017-09-25 23:36 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
      2017-09-25 23:36 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
      2017-09-25 23:36 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
      2017-09-25 23:36 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
      2017-09-25 23:36 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
      2017-09-25 23:36 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
      2017-09-25 23:36 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
      2017-09-25 23:36 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
      2017-09-25 23:36 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
      2017-09-25 23:36 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
      2017-09-25 23:36 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
      2017-09-25 23:36 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
      2017-09-25 23:36 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
      2017-09-25 23:36 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
      2017-09-25 23:36 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
      2017-09-25 23:36 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
      2017-09-25 23:36 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
      2017-09-25 23:36 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
      2017-09-25 23:36 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
      2017-09-25 23:36 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
      2017-09-25 23:36 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
      2017-09-25 23:36 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
      2017-09-25 23:36 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
      2017-09-25 23:36 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
      2017-09-25 23:36 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
      2017-09-25 23:36 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
      2017-09-25 23:36 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
      2017-09-25 23:36 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
      2017-09-25 23:36 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
      2017-09-25 23:36 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
      2017-09-25 23:36 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
      2017-09-25 23:36 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
      2017-09-25 23:36 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
      2017-09-25 23:36 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
      2017-09-25 23:36 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
      2017-09-25 23:36 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
      2017-09-25 23:36 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
      2017-09-25 23:36 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
      2017-09-25 23:36 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
      2017-09-25 23:36 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
      2017-09-25 23:36 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
      2017-09-25 23:36 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
      2017-09-25 23:36 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
      2017-09-25 23:36 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
      2017-09-25 23:36 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
      2017-09-25 23:36 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
      2017-09-25 23:36 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
      2017-09-25 23:36 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
      2017-09-25 23:36 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
      2017-09-25 23:36 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
      2017-09-25 23:36 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
      2017-09-25 23:36 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
      2017-09-25 23:36 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
      2017-09-25 23:36 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
      2017-09-25 23:36 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
      2017-09-25 23:36 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
      2017-09-25 23:36 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
      2017-09-25 23:36 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
      2017-09-25 23:36 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
      2017-09-25 23:36 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
      2017-09-25 23:36 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
      2017-09-25 23:36 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
      2017-09-25 23:36 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
      2017-09-25 23:36 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
      2017-09-25 23:36 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
      2017-09-25 23:36 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
      2017-09-25 23:36 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
      2017-09-25 23:36 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
      2017-09-25 23:36 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
      2017-09-25 23:36 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
      2017-09-25 23:36 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
      2017-09-25 23:36 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
      2017-09-25 23:36 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
      2017-09-25 23:36 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
      2017-09-25 23:36 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
      2017-09-25 23:36 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
      2017-09-25 23:36 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
      2017-09-25 23:36 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
      2017-09-25 23:36 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
      2017-09-25 23:36 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
      2017-09-25 23:36 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
      2017-09-25 23:36 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
      2017-09-25 23:36 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
      2017-09-25 23:36 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
      2017-09-25 23:36 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
      2017-09-25 23:36 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
      2017-09-25 23:36 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
      2017-09-25 23:36 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
      2017-09-25 23:36 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
      2017-09-25 23:36 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
      2017-09-25 23:36 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
      2017-09-25 23:36 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
      2017-09-25 23:36 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
      2017-09-25 23:36 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
      2017-09-25 23:36 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
      2017-09-25 23:36 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
      2017-09-25 23:36 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
      2017-09-25 23:36 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
      2017-09-25 23:36 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
      2017-09-25 23:36 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
      2017-09-25 23:36 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
      2017-09-25 23:36 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
      2017-09-25 23:36 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
      2017-09-25 23:36 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
      2017-09-25 23:36 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
      2017-09-25 23:36 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
      2017-09-25 23:36 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
      2017-09-25 23:36 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
      2017-09-25 23:36 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
      2017-09-21 01:49 - 2017-10-14 18:12 - 000000000 ____D C:\Users\HHD\Downloads\FATE-STAY NIGHT visual novel
      2017-09-21 01:48 - 2017-09-21 11:00 - 000000000 ____D C:\Users\HHD\Downloads\Recreatros
      2017-09-20 01:34 - 2017-09-20 01:34 - 000000000 ____D C:\Users\HHD\AppData\Local\Steam
      2017-09-20 01:20 - 2017-10-16 05:27 - 000000000 ____D C:\Program Files (x86)\Steam
      2017-09-20 01:20 - 2017-09-20 01:20 - 000001036 _____ C:\Users\Public\Desktop\Steam.lnk
      2017-09-20 01:20 - 2017-09-20 01:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam

      ==================== One Month Modified files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-10-16 16:41 - 2017-07-27 02:14 - 000000000 ____D C:\ProgramData\Malwarebytes
      2017-10-16 16:07 - 2017-07-24 01:50 - 000000000 ____D C:\Windows\system32\SleepStudy
      2017-10-16 16:03 - 2017-07-27 02:27 - 000004268 _____ C:\Windows\System32\Tasks\Avast Emergency Update
      2017-10-16 05:26 - 2017-07-24 01:50 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2017-10-16 05:26 - 2017-03-18 08:40 - 001310720 _____ C:\Windows\system32\config\BBI
      2017-10-15 23:18 - 2017-07-24 01:56 - 000000000 ____D C:\Users\HHD
      2017-10-14 19:42 - 2017-08-02 07:38 - 000000000 ____D C:\Windows\Minidump
      2017-10-14 19:27 - 2017-03-18 18:01 - 000000000 ____D C:\Windows\INF
      2017-10-14 19:20 - 2017-07-27 02:28 - 000002152 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
      2017-10-14 15:42 - 2017-07-27 02:14 - 000077440 _____ C:\Windows\system32\Drivers\mbae64.sys
      2017-10-14 15:07 - 2017-07-27 02:14 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
      2017-10-12 18:19 - 2017-07-29 02:37 - 000002920 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2175840329-2766892455-3668070443-1001
      2017-10-12 18:19 - 2017-07-27 02:35 - 000003438 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1501133730
      2017-10-12 18:19 - 2017-07-25 07:09 - 000003850 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
      2017-10-12 17:05 - 2017-07-25 07:07 - 000000000 ____D C:\Users\HHD\AppData\Local\Adobe
      2017-10-12 15:38 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\SysWOW64\Macromed
      2017-10-12 15:38 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\system32\Macromed
      2017-10-12 07:35 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\rescache
      2017-10-12 07:27 - 2017-03-18 18:03 - 000000000 ___HD C:\Program Files\WindowsApps
      2017-10-12 07:27 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\AppReadiness
      2017-10-11 15:49 - 2017-07-24 01:57 - 003337256 _____ C:\Windows\system32\PerfStringBackup.INI
      2017-10-11 15:49 - 2017-03-20 02:11 - 001612538 _____ C:\Windows\system32\perfh00A.dat
      2017-10-11 15:49 - 2017-03-20 02:11 - 000400280 _____ C:\Windows\system32\perfc00A.dat
      2017-10-11 15:44 - 2017-07-24 01:57 - 000000000 __RHD C:\Users\Public\AccountPictures
      2017-10-11 15:43 - 2017-07-24 01:50 - 000217408 _____ C:\Windows\system32\FNTCACHE.DAT
      2017-10-11 15:41 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\ShellExperiences
      2017-10-11 15:41 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\Provisioning
      2017-10-11 15:41 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\PolicyDefinitions
      2017-10-11 15:40 - 2017-03-18 18:03 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
      2017-10-11 15:40 - 2017-03-18 18:03 - 000207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
      2017-10-11 08:23 - 2017-03-18 17:51 - 000000000 ____D C:\Windows\CbsTemp
      2017-10-08 09:17 - 2017-07-27 02:28 - 000061304 _____ () C:\Windows\system32\Drivers\lpsport.sys
      2017-10-08 09:17 - 2017-07-27 02:27 - 001020536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
      2017-10-08 09:17 - 2017-07-27 02:27 - 000587168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
      2017-10-08 09:17 - 2017-07-27 02:27 - 000363440 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
      2017-10-08 09:17 - 2017-07-27 02:27 - 000343288 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
      2017-10-08 09:17 - 2017-07-27 02:27 - 000321032 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
      2017-10-08 09:17 - 2017-07-27 02:27 - 000201352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
      2017-10-08 09:17 - 2017-07-27 02:27 - 000198976 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
      2017-10-08 09:17 - 2017-07-27 02:27 - 000147776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
      2017-10-08 09:17 - 2017-07-27 02:27 - 000110376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
      2017-10-08 09:17 - 2017-07-27 02:27 - 000084416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
      2017-10-08 09:17 - 2017-07-27 02:27 - 000057736 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
      2017-10-08 09:17 - 2017-07-27 02:27 - 000047008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
      2017-10-08 09:17 - 2017-07-27 02:16 - 000000000 ____D C:\ProgramData\AVAST Software
      2017-09-30 05:03 - 2017-07-25 02:33 - 000000000 ____D C:\Users\HHD\AppData\Local\Google
      2017-09-30 05:03 - 2017-07-25 02:33 - 000000000 ____D C:\Program Files (x86)\Google
      2017-09-30 03:54 - 2017-07-24 02:49 - 000000000 ____D C:\Windows\Panther
      2017-09-30 03:54 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\LiveKernelReports
      2017-09-30 02:37 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\system32\NDF
      2017-09-30 00:29 - 2017-03-18 18:03 - 000000000 ____D C:\Program Files\CurToile Compact (USB)
      2017-09-29 23:59 - 2017-07-25 01:29 - 000000000 ____D C:\Program Files\VIA
      2017-09-28 16:46 - 2017-03-18 18:03 - 000000000 ____D C:\Windows\Help
      2017-09-25 20:02 - 2017-07-27 05:53 - 000000000 ____D C:\Users\HHD\AppData\Local\Akamai
      2017-09-22 00:07 - 2017-07-24 01:59 - 000002393 _____ C:\Users\HHD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
      2017-09-22 00:07 - 2017-07-24 01:59 - 000000000 ___RD C:\Users\HHD\OneDrive
      2017-09-21 07:58 - 2017-07-27 02:27 - 000199312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys.150599152473405
      2017-09-21 07:57 - 2017-07-27 02:35 - 000041832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
      2017-09-16 16:27 - 2017-03-20 02:14 - 000418936 _____ (Khronos Group) C:\Windows\SysWOW64\opencl.dll

      ==================== Files in the root of some directories =======

      2017-09-30 00:01 - 2017-09-30 00:01 - 000140800 _____ () C:\Users\HHD\AppData\Local\installer.dat
      2017-09-30 02:04 - 2017-09-30 02:04 - 000007606 _____ () C:\Users\HHD\AppData\Local\Resmon.ResmonCfg

      ==================== Bamital & volsnap ======================

      (There is no automatic fix for files that do not pass verification.)

      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\SysWOW64\explorer.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\SysWOW64\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll => File is digitally signed
      C:\Windows\SysWOW64\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\SysWOW64\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

      LastRegBack: 2017-10-15 20:42

      ==================== End of FRST.txt ============================

    7. #7
      Usuario Avatar de Death17
      Registrado
      oct 2017
      Ubicación
      Argentina
      Mensajes
      11

      Re: TDSSkiller no se ejecuta

      Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-10-2017
      Ran by HHD (16-10-2017 16:54:46)
      Running from C:\Users\HHD\Desktop
      Windows 10 Pro Version 1703 170317-1834 (X64) (2017-07-24 04:54:11)
      Boot Mode: Normal
      ==========================================================


      ==================== Accounts: =============================

      Administrador (S-1-5-21-2175840329-2766892455-3668070443-500 - Administrator - Disabled)
      DefaultAccount (S-1-5-21-2175840329-2766892455-3668070443-503 - Limited - Disabled)
      HHD (S-1-5-21-2175840329-2766892455-3668070443-1001 - Administrator - Enabled) => C:\Users\HHD
      Invitado (S-1-5-21-2175840329-2766892455-3668070443-501 - Limited - Disabled)

      ==================== Security Center ========================

      (If an entry is included in the fixlist, it will be removed.)

      AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
      AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
      AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
      AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

      ==================== Installed Programs ======================

      (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

      Actualización de NVIDIA 28.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 28.0.0.0 - NVIDIA Corporation) Hidden
      Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
      Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.159 - Adobe Systems Incorporated)
      Akamai NetSession Interface (HKU\S-1-5-21-2175840329-2766892455-3668070443-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
      Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 385.69 - NVIDIA Corporation) Hidden
      Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.7.2314 - AVAST Software)
      CCleaner (HKLM\...\CCleaner) (Version: 5.35 - Piriform)
      CPUID CPU-Z 1.80 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
      Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
      Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
      Guild Wars 2 (HKLM\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
      Malwarebytes versión 3.2.2.2018 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2018 - Malwarebytes)
      Microsoft OneDrive (HKU\S-1-5-21-2175840329-2766892455-3668070443-1001\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
      MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD)
      NVIDIA Controlador de 3D Vision 385.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 385.69 - NVIDIA Corporation)
      NVIDIA Controlador de audio HD 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
      NVIDIA Controlador de gráficos 385.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 385.69 - NVIDIA Corporation)
      NVIDIA Controlador de la controladora 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
      NVIDIA GeForce Experience 3.9.0.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.97 - NVIDIA Corporation)
      NVIDIA Software del sistema PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
      Origin (HKLM-x32\...\Origin) (Version: 10.4.16.25850 - Electronic Arts, Inc.)
      Panel de control de NVIDIA 385.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 385.69 - NVIDIA Corporation) Hidden
      Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.44 - VIA Technologies, Inc.) Hidden
      RivaTuner Statistics Server 7.0.0 Beta 19 (HKLM-x32\...\RTSS) (Version: 7.0.0 Beta 19 - Unwinder)
      SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
      Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
      VIA Administrador de dispositivos de plataforma (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.44 - VIA Technologies, Inc.)
      Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
      WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

      ==================== Custom CLSID (Whitelisted): ==========================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-08] (AVAST Software)
      ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-08] (AVAST Software)
      ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
      ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
      ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-08] (AVAST Software)
      ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
      ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-09-16] (NVIDIA Corporation)
      ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-08] (AVAST Software)
      ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
      ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
      ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)

      ==================== Scheduled Tasks (Whitelisted) =============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      Task: {37E86F0C-90A3-4BF8-A655-29149FF377CE} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_159_pepper.exe [2017-10-12] (Adobe Systems Incorporated)
      Task: {3DCC90BF-1AD3-4A01-BF1F-054F6D805B41} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-09-19] (NVIDIA Corporation)
      Task: {4DC16E73-F198-406E-99E0-1FE374E8BB78} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-09-19] (NVIDIA Corporation)
      Task: {54716DF1-DF03-47FE-ACE7-AB75E8736C62} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-09-19] (NVIDIA Corporation)
      Task: {59E9F7FD-16DA-4E85-A691-43E3D41E6373} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-10-08] (AVAST Software)
      Task: {60647A67-8715-458F-B77F-377A52963582} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-09-19] (NVIDIA Corporation)
      Task: {771C497E-D75D-4572-AC83-AA6F6051D47D} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-09-19] (NVIDIA Corporation)
      Task: {89E836A6-B6AB-4190-8F7A-2D7F2110D943} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-09-19] (NVIDIA Corporation)
      Task: {AAD249C2-51C6-413C-94EC-A24B131EC155} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-09-19] (NVIDIA Corporation)
      Task: {B0117BB3-F98F-40E8-BC5B-2920F0F59121} - System32\Tasks\S-1-5-21-2175840329-2766892455-3668070443-1001\DataSenseLiveTileTask => C:\Windows\System32\DataUsageLiveTileTask.exe [2017-03-18] (Microsoft Corporation)
      Task: {BE32FC46-0597-4172-8D5B-28C9CF5AE038} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-09-19] (NVIDIA Corporation)
      Task: {BF956124-48AB-4E61-A6F5-1630C9B6DFB8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-30] (Google Inc.)
      Task: {CD75DA76-73F3-4B75-B805-9BB0DE14EA5E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-30] (Google Inc.)
      Task: {E94CD0D9-DB91-45CA-BBB7-CF7BF5744929} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-09-20] (Piriform Ltd)
      Task: {FB716967-8DB2-4A08-9B43-15A87C1CEC0D} - System32\Tasks\SafeZone scheduled Autoupdate 1501133730 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)

      (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

      Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

      ==================== Shortcuts & WMI ========================

      (The entries could be listed to be restored or removed.)


      ==================== Loaded Modules (Whitelisted) ==============

      2017-07-27 02:14 - 2017-10-14 15:42 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
      2017-07-27 02:14 - 2017-10-14 15:42 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
      2017-03-18 17:58 - 2017-03-18 17:58 - 000138000 _____ () C:\Windows\SYSTEM32\inputhost.dll
      2017-09-07 13:12 - 2017-09-07 13:12 - 000077824 _____ () C:\Program Files\CCleaner\lang\lang-1034.dll
      2017-03-18 17:59 - 2017-03-20 02:14 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
      2017-09-28 16:47 - 2017-09-19 04:23 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
      2017-08-08 10:33 - 2017-08-08 10:31 - 002493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
      2017-10-08 09:17 - 2017-10-08 09:17 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
      2017-10-08 09:17 - 2017-10-08 09:17 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
      2017-07-27 02:27 - 2017-07-27 02:27 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
      2017-10-08 09:17 - 2017-10-08 09:17 - 000217088 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
      2017-10-08 09:17 - 2017-10-08 09:17 - 000244584 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
      2017-10-08 09:17 - 2017-10-08 09:17 - 000234280 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
      2017-10-08 09:17 - 2017-10-08 09:17 - 000700656 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll

      ==================== Alternate Data Streams (Whitelisted) =========

      (If an entry is included in the fixlist, only the ADS will be removed.)


      ==================== Safe Mode (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"

      ==================== Association (Whitelisted) ===============

      (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


      ==================== Internet Explorer trusted/restricted ===============

      (If an entry is included in the fixlist, it will be removed from the registry.)


      ==================== Hosts content: ==========================

      (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

      2017-03-18 18:03 - 2017-09-29 23:59 - 000001832 _____ C:\Windows\system32\Drivers\etc\hosts

      127.0.0.1 wemsofts.com
      127.0.0.1 bongadoom.com
      127.0.0.1 wepcmainsystem.com
      127.0.0.1 internalcampaigntargets.com
      127.0.0.1 bongadoom.com
      127.0.0.1 getthefilenow.com
      127.0.0.1 bigpicturepop.com
      127.0.0.1 wizzcaster.com
      127.0.0.1 bestoffersfortoday.com
      127.0.0.1 wepcmainsystem.com
      127.0.0.1 agent.wizztrakys.com
      127.0.0.1 csdimonetize.com
      127.0.0.1 dl.azalee.site
      127.0.0.1 titiaredh.com
      127.0.0.1 wepcdisplaysystem.com
      127.0.0.1 wepcanalyticsystem.com
      127.0.0.1 healthydownload.com
      127.0.0.1 leading2download.com
      127.0.0.1 dwl0.wizzlabs.com
      127.0.0.1 dwl1.wizzlabs.com
      127.0.0.1 mess1.wizzmonetize.com
      127.0.0.1 dl.azalee.site
      127.0.0.1 dl.smashdl.com
      127.0.0.1 downloadmyhost.com
      127.0.0.1 lapapahoster.com
      127.0.0.1 bratitlamio.com
      127.0.0.1 mess1.wizzmonetize.com
      127.0.0.1 dl.wizzuniquify.com
      127.0.0.1 wizzmonetize.com
      127.0.0.1 laserveradedomaina.com

      ==================== Other Areas ============================

      (Currently there is no automatic fix for this section.)

      HKU\S-1-5-21-2175840329-2766892455-3668070443-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\HHD\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{1030237b-daa2-472c-b71c-b73c12539fbe}.jpg
      DNS Servers: 8.8.8.8 - 8.8.4.4
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
      Windows Firewall is enabled.

      ==================== MSCONFIG/TASK MANAGER disabled items ==


      ==================== FirewallRules (Whitelisted) ===============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      FirewallRules: [{9857F891-9112-4A5B-B1FE-9B2B1A958CAD}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609\SZBrowser.exe
      FirewallRules: [TCP Query User{A9CFAEA1-4B43-498E-B5C4-4A41783774FE}C:\users\hhd\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\hhd\appdata\local\akamai\netsession_win.exe
      FirewallRules: [UDP Query User{E4792CD1-5052-4ADE-B475-724C350FD0A6}C:\users\hhd\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\hhd\appdata\local\akamai\netsession_win.exe
      FirewallRules: [TCP Query User{D4023349-C6F6-49BE-BC12-27EA8B7A2BCB}C:\users\hhd\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\hhd\appdata\local\akamai\netsession_win.exe
      FirewallRules: [UDP Query User{6253E9F5-9E34-452C-BE3C-1DEDDDDDF91D}C:\users\hhd\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\hhd\appdata\local\akamai\netsession_win.exe
      FirewallRules: [{4DC69522-56FE-4626-B98A-B7C6DA6FB049}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
      FirewallRules: [{F68D6C60-AA99-44B1-B46C-6EE01B09CA10}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
      FirewallRules: [{5B92DAA0-F59C-4006-94C7-B3166B0CA01E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
      FirewallRules: [{0E8AC64A-C5DF-4DDC-B40C-1F9D688BDACD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
      FirewallRules: [{4010BA1D-5113-4A4B-BD99-F13774E18482}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
      FirewallRules: [{878E88A7-9049-43B1-A482-A08BC6E0C911}] => (Allow) D:\GAMES\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
      FirewallRules: [{6268415B-0E25-4EDF-86DA-8D93195D8BE9}] => (Allow) D:\GAMES\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
      FirewallRules: [{45531793-4637-4FFD-8E76-7EEA1A363597}] => (Allow) C:\Users\HHD\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe
      FirewallRules: [{E8B2E0D9-4AB7-4CFB-AF01-50984D22D833}] => (Allow) C:\Users\HHD\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe
      FirewallRules: [{DC1E54AA-F3FF-4762-BBA2-F721E3B812CF}] => (Allow) D:\GAMES\SteamLibrary\steamapps\common\Warframe\Warframe.exe
      FirewallRules: [{3ABCB83C-8DAD-49EF-9C97-42BDE1C9D089}] => (Allow) D:\GAMES\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
      FirewallRules: [{80E06641-B1BA-4B63-BE10-3AF8106FAF90}] => (Allow) D:\GAMES\SteamLibrary\steamapps\common\Warframe\Warframe.exe
      FirewallRules: [{C1CDCC14-77CD-4E46-ACA2-81AAC932334F}] => (Allow) D:\GAMES\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
      FirewallRules: [{E61AD89B-F88F-4F93-9619-EA4F92BFE3B2}] => (Allow) D:\GAMES\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe
      FirewallRules: [{441CA545-F2D7-463D-9DB3-EAC454EF01FF}] => (Allow) D:\GAMES\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
      FirewallRules: [{895CB724-203A-42D1-AD25-D04EF155AD47}] => (Allow) D:\GAMES\SteamLibrary\steamapps\common\Warframe\Warframe.exe
      FirewallRules: [{9B9AE660-7286-4E60-8147-46C25ED857A8}] => (Allow) D:\GAMES\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
      FirewallRules: [{7239C018-698A-4DDA-BE28-3A6C4E63607D}] => (Allow) D:\GAMES\SteamLibrary\steamapps\common\Warframe\Warframe.exe
      FirewallRules: [{F3C3EA15-110A-46DB-8A83-66B9D09580C8}] => (Allow) D:\GAMES\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
      FirewallRules: [{35BC65EC-3A74-47DD-BB8D-770265131FD4}] => (Allow) D:\GAMES\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe
      FirewallRules: [{6F113170-33AB-4651-8329-D2ECE4F47AB2}] => (Allow) D:\GAMES\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
      FirewallRules: [{29E43095-028C-40CF-8EC7-08D38926725D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      FirewallRules: [{4AB9ABAF-2ED8-47D3-8795-28FCC55BAF07}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      FirewallRules: [{49FF4FC0-B670-4101-8EE8-1790E26550D6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
      FirewallRules: [{A1503BA9-2237-493B-8C0F-A74BB9704990}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
      FirewallRules: [{A2F30B33-08E1-4585-9D60-843368A07CF5}] => (Allow) C:\Windows\system32\rundll32.exe
      FirewallRules: [{E2B4BCFE-64D9-48CD-B326-A8CF2896A8E6}] => (Allow) C:\Windows\System32\rundll32.exe
      FirewallRules: [{F484B66A-1D5E-4990-9F63-5F8D57A9E449}] => (Allow) C:\Windows\System32\rundll32.exe
      FirewallRules: [{9B189922-A556-4F26-B846-B68550EC588A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      FirewallRules: [{9E557787-8B70-4DB3-B1EE-6E997FBD0155}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

      ==================== Restore Points =========================

      30-09-2017 04:17:40 JRT Pre-Junkware Removal
      10-10-2017 07:34:34 Punto de control programado
      14-10-2017 15:18:31 JRT Pre-Junkware Removal
      14-10-2017 18:39:20 JRT Pre-Junkware Removal
      14-10-2017 19:35:59 JRT Pre-Junkware Removal
      15-10-2017 20:30:32 JRT Pre-Junkware Removal
      16-10-2017 05:11:35 JRT Pre-Junkware Removal
      16-10-2017 16:15:24 JRT Pre-Junkware Removal

      ==================== Faulty Device Manager Devices =============


      ==================== Event log errors: =========================

      Application errors:
      ==================
      Error: (10/16/2017 05:44:52 AM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: iexplorer.com.pif, versión: 3.1.0.15, marca de tiempo: 0x566b123a
      Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
      Código de excepción: 0xc0000409
      Desplazamiento de errores: 0xafeaa020
      Identificador del proceso con errores: 0xf5c
      Hora de inicio de la aplicación con errores: 0x01d3465b082c655b
      Ruta de acceso de la aplicación con errores: C:\Users\HHD\Desktop\iexplorer.com.pif
      Ruta de acceso del módulo con errores: unknown
      Identificador del informe: 3103f0b3-fff3-4621-a9a0-65bf1abfff34
      Nombre completo del paquete con errores:
      Identificador de aplicación relativa del paquete con errores:

      Error: (10/16/2017 12:37:28 AM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: iexplorer.com.pif, versión: 3.1.0.15, marca de tiempo: 0x566b123a
      Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
      Código de excepción: 0xc0000409
      Desplazamiento de errores: 0x641ba020
      Identificador del proceso con errores: 0x1538
      Hora de inicio de la aplicación con errores: 0x01d3463016e6003e
      Ruta de acceso de la aplicación con errores: C:\Users\HHD\Desktop\iexplorer.com.pif
      Ruta de acceso del módulo con errores: unknown
      Identificador del informe: 309aeb8e-6058-40fe-a2a1-349552f75cf5
      Nombre completo del paquete con errores:
      Identificador de aplicación relativa del paquete con errores:

      Error: (10/15/2017 11:51:33 PM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: iexplorer.com.pif, versión: 3.1.0.15, marca de tiempo: 0x566b123a
      Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
      Código de excepción: 0xc0000409
      Desplazamiento de errores: 0x641ba020
      Identificador del proceso con errores: 0x1f08
      Hora de inicio de la aplicación con errores: 0x01d34629ac4bc17e
      Ruta de acceso de la aplicación con errores: C:\Users\HHD\Desktop\iexplorer.com.pif
      Ruta de acceso del módulo con errores: unknown
      Identificador del informe: fb2e7e41-7085-4e06-9a97-06ec965fdf6c
      Nombre completo del paquete con errores:
      Identificador de aplicación relativa del paquete con errores:

      Error: (10/15/2017 11:17:36 PM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: Explorer.exe, versión: 3.1.0.15, marca de tiempo: 0x566b123a
      Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
      Código de excepción: 0xc0000409
      Desplazamiento de errores: 0x27e5a020
      Identificador del proceso con errores: 0x2748
      Hora de inicio de la aplicación con errores: 0x01d34624eee87599
      Ruta de acceso de la aplicación con errores: C:\Users\HHD\Desktop\Explorer.exe
      Ruta de acceso del módulo con errores: unknown
      Identificador del informe: 06e785da-496c-4f22-b689-4ab330ea60f9
      Nombre completo del paquete con errores:
      Identificador de aplicación relativa del paquete con errores:

      Error: (10/15/2017 11:16:10 PM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: Explorer.exe, versión: 3.1.0.15, marca de tiempo: 0x566b123a
      Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
      Código de excepción: 0xc0000409
      Desplazamiento de errores: 0x27e5a020
      Identificador del proceso con errores: 0x1150
      Hora de inicio de la aplicación con errores: 0x01d34624bbc39479
      Ruta de acceso de la aplicación con errores: C:\Users\HHD\Desktop\Explorer.exe
      Ruta de acceso del módulo con errores: unknown
      Identificador del informe: 7aed352f-858a-4dfc-afb4-1cc3b6bfbc3c
      Nombre completo del paquete con errores:
      Identificador de aplicación relativa del paquete con errores:

      Error: (10/15/2017 11:06:13 PM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: Explorer.exe, versión: 3.1.0.15, marca de tiempo: 0x566b123a
      Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
      Código de excepción: 0xc0000409
      Desplazamiento de errores: 0x27e5a020
      Identificador del proceso con errores: 0x2238
      Hora de inicio de la aplicación con errores: 0x01d3462357b28219
      Ruta de acceso de la aplicación con errores: C:\Users\HHD\Desktop\Explorer.exe
      Ruta de acceso del módulo con errores: unknown
      Identificador del informe: 24100bdc-b6ee-450e-a95e-873cb63b8c1d
      Nombre completo del paquete con errores:
      Identificador de aplicación relativa del paquete con errores:

      Error: (10/15/2017 11:05:34 PM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: Explorer.exe, versión: 3.1.0.15, marca de tiempo: 0x566b123a
      Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
      Código de excepción: 0xc0000409
      Desplazamiento de errores: 0x27e5a020
      Identificador del proceso con errores: 0xad0
      Hora de inicio de la aplicación con errores: 0x01d34623403c1daa
      Ruta de acceso de la aplicación con errores: C:\Users\HHD\Desktop\Explorer.exe
      Ruta de acceso del módulo con errores: unknown
      Identificador del informe: dc53f09d-7a99-4957-a4bf-a802530bded4
      Nombre completo del paquete con errores:
      Identificador de aplicación relativa del paquete con errores:

      Error: (10/15/2017 11:00:50 PM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: explorer.com.pif, versión: 3.1.0.15, marca de tiempo: 0x566b123a
      Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
      Código de excepción: 0xc0000409
      Desplazamiento de errores: 0x27e5a020
      Identificador del proceso con errores: 0x1eb8
      Hora de inicio de la aplicación con errores: 0x01d34622974695eb
      Ruta de acceso de la aplicación con errores: C:\Users\HHD\Desktop\explorer.com.pif
      Ruta de acceso del módulo con errores: unknown
      Identificador del informe: 50fedfc8-19de-4de0-86ef-604ad462467b
      Nombre completo del paquete con errores:
      Identificador de aplicación relativa del paquete con errores:

      Error: (10/15/2017 11:00:20 PM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: explorer.pif.pif, versión: 3.1.0.15, marca de tiempo: 0x566b123a
      Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
      Código de excepción: 0xc0000409
      Desplazamiento de errores: 0x27e5a020
      Identificador del proceso con errores: 0x1d8c
      Hora de inicio de la aplicación con errores: 0x01d34622852fb721
      Ruta de acceso de la aplicación con errores: C:\Users\HHD\Desktop\explorer.pif.pif
      Ruta de acceso del módulo con errores: unknown
      Identificador del informe: 0123a592-7f57-4822-a7e6-4da9d032c3b7
      Nombre completo del paquete con errores:
      Identificador de aplicación relativa del paquete con errores:

      Error: (10/15/2017 10:54:04 PM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: Explorer.exe, versión: 3.1.0.15, marca de tiempo: 0x566b123a
      Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
      Código de excepción: 0xc0000409
      Desplazamiento de errores: 0x27e5a020
      Identificador del proceso con errores: 0x3ac
      Hora de inicio de la aplicación con errores: 0x01d34621a4ec537c
      Ruta de acceso de la aplicación con errores: C:\Users\HHD\Desktop\Explorer.exe
      Ruta de acceso del módulo con errores: unknown
      Identificador del informe: 36c0a8c9-84e4-4a2d-9e66-4afb25e76560
      Nombre completo del paquete con errores:
      Identificador de aplicación relativa del paquete con errores:


      System errors:
      =============
      Error: (10/16/2017 04:15:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
      Description: El servicio NVIDIA LocalSystem Container terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.

      Error: (10/16/2017 04:15:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
      Description: El servicio NVIDIA Display Container LS terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 1000 milisegundos: Reiniciar el servicio.

      Error: (10/16/2017 04:02:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
      Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
      {D63B10C5-BB46-4990-A94F-E40B9D520160}
      y APPID
      {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
      al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

      Error: (10/16/2017 05:26:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
      Description: El servicio CldFlt no pudo iniciarse debido al siguiente error:
      Solicitud no compatible.

      Error: (10/16/2017 05:25:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
      Description: El servicio Origin Web Helper Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

      Error: (10/16/2017 05:25:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
      Description: El servicio NVIDIA LocalSystem Container terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 8000 milisegundos: Reiniciar el servicio.

      Error: (10/16/2017 05:25:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
      Description: El servicio NVIDIA Telemetry Container terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 1000 milisegundos: Reiniciar el servicio.

      Error: (10/16/2017 05:25:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
      Description: El servicio NVIDIA Display Container LS terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 5000 milisegundos: Reiniciar el servicio.

      Error: (10/16/2017 05:25:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
      Description: El servicio VIA Karaoke digital mixer Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

      Error: (10/16/2017 05:25:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
      Description: El servicio AMD External Events Utility se terminó de manera inesperada. Esto ha sucedido 1 veces.


      ==================== Memory info ===========================

      Processor: AMD FX(tm)-8350 Eight-Core Processor
      Percentage of memory in use: 24%
      Total physical RAM: 8174.11 MB
      Available physical RAM: 6131.62 MB
      Total Virtual: 9454.11 MB
      Available Virtual: 7216.74 MB

      ==================== Drives ================================

      Drive c: () (Fixed) (Total:216.02 GB) (Free:175.74 GB) NTFS
      Drive d: (Archivos) (Fixed) (Total:715 GB) (Free:626.96 GB) NTFS

      ==================== MBR & Partition Table ==================

      ========================================================
      Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2C43AF26)
      Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
      Partition 2: (Not Active) - (Size=216 GB) - (Type=07 NTFS)
      Partition 3: (Not Active) - (Size=715 GB) - (Type=07 NTFS)

      ==================== End of Addition.txt ============================

    8. #8
      Usuario Avatar de Death17
      Registrado
      oct 2017
      Ubicación
      Argentina
      Mensajes
      11

      Re: TDSSkiller no se ejecuta

      esos son los reportes los tuve que recortar bastante lo siento espero que se entienda porque no me dejaba, estare esperando su ayuda, saludos y gracias

    9. #9
      Warrior Avatar de @Miguelgrado
      Registrado
      dic 2005
      Ubicación
      Asturias-España
      Mensajes
      18.142

      Re: TDSSkiller no se ejecuta

      Realiza lo siguiente por favor:

      En el equipo con los demas programas cerrados:
      Inicio >>> Ejecutar >>>Escribes notepad.exe.

      Ahora copia y pega estos archivos dentro del Notepad: (Se excluye la palabra código)
      Código:
      Start
      CreateRestorePoint:
      CloseProcesses:
      
      GroupPolicy: Restriction <==== ATTENTION
      SearchScopes: HKU\S-1-5-21-2175840329-2766892455-3668070443-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
      U1 aswbdisk; no ImagePath
      S3 NTLiveGuardEV64; \??\D:\mus2\LiveGuard\NTLiveGuardEV64.sys [X]
       
      
      HOSTS:
      REMOVEPROXY:
      EMPTYTEMP:
      CMD: netsh winsock reset
      CMD: ipconfig /renew
      CMD: ipconfig /flushdns
      CMD: bitsadmin /reset /allusers
      END
      Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<

      Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.
      Ejecutas Frst.exe.

      Presionas el botón Fix y aguardas a que termine.
      La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
      ATENCION!!!! El siguiente Script de reparación fue hecho específicamente por un miembro del staff para este usuario, si tiene un problema similar por favor abra su propio tema para recibir ayuda personalizada. Usar Scripts de otros usuarios puede causar daños a su equipo
      Lo pegas en tu próxima respuesta,


      No se ven infecciones,


      Descargas en el escritorio >> https://www.infospyware.com/antirootkits/tdsskiller/


      Boton derecho -ejecutar como administrador y comentas el resultado
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    10. #10
      Usuario Avatar de Death17
      Registrado
      oct 2017
      Ubicación
      Argentina
      Mensajes
      11

      Re: TDSSkiller no se ejecuta

      hola miguel gracias por la respuesta, disculpa la tardanza en responder pero estuve todo el dia de ayer sin internet, he realizado el fix que me pasaste ahora pasare a deajrte el fixlog, sin embargo sigo sin poder descargar el tdsskiller y sin ejecutarlo pasare a detallarlo luego en otra respuesta con unas capturas que he hecho

      Fix result of Farbar Recovery Scan Tool (x64) Version: 18-10-2017 01
      Ran by HHD (18-10-2017 1747) Run:1
      Running from C:\Users\HHD\Desktop
      Loaded Profiles: HHD (Available Profiles: HHD)
      Boot Mode: Normal
      ==============================================

      fixlist content:
      *****************
      Start
      CreateRestorePoint:
      CloseProcesses:

      GroupPolicy: Restriction <==== ATTENTION
      SearchScopes: HKU\S-1-5-21-2175840329-2766892455-3668070443-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
      U1 aswbdisk; no ImagePath
      S3 NTLiveGuardEV64; \??\D:\mus2\LiveGuard\NTLiveGuardEV64.sys [X]


      HOSTS:
      REMOVEPROXY:
      EMPTYTEMP:
      CMD: netsh winsock reset
      CMD: ipconfig /renew
      CMD: ipconfig /flushdns
      CMD: bitsadmin /reset /allusers
      END
      *****************

      Restore point was successfully created.
      Processes closed successfully.
      C:\Windows\system32\GroupPolicy\Machine => moved successfully
      C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
      C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
      HKU\S-1-5-21-2175840329-2766892455-3668070443-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
      HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => key removed successfully
      HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => key removed successfully
      HKLM\System\CurrentControlSet\Services\aswbdisk => key could not remove, key could be protected
      HKLM\System\CurrentControlSet\Services\NTLiveGuardEV64 => key removed successfully
      NTLiveGuardEV64 => service removed successfully
      C:\Windows\System32\Drivers\etc\hosts => moved successfully
      Hosts restored successfully.

      ========= RemoveProxy: =========

      HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
      HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
      HKU\S-1-5-21-2175840329-2766892455-3668070443-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
      HKU\S-1-5-21-2175840329-2766892455-3668070443-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


      ========= End of RemoveProxy: =========


      ========= netsh winsock reset =========


      El cat*logo Winsock se restableci¢ correctamente.
      Debe reiniciar el equipo para completar el restablecimiento.


      ========= End of CMD: =========


      ========= ipconfig /renew =========


      Configuraci¢n IP de Windows


      Adaptador de Ethernet Ethernet:

      Sufijo DNS espec¡fico para la conexi¢n. . :
      V¡nculo: direcci¢n IPv6 local. . . : fe80::ac59:ba73:2551:3528%8
      Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.8
      M*scara de subred . . . . . . . . . . . . : 255.255.255.0
      Puerta de enlace predeterminada . . . . . : 192.168.1.1

      ========= End of CMD: =========


      ========= ipconfig /flushdns =========


      Configuraci¢n IP de Windows

      Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

      ========= End of CMD: =========


      ========= bitsadmin /reset /allusers =========


      BITSADMIN version 3.0
      BITS administration utility.
      (C) Copyright 2000-2006 Microsoft Corp.

      BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
      Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

      {8C7058BF-A187-4F37-851F-D672F3552A8E} canceled.
      {FE9C5A32-2B96-41FA-953C-5A69658B13FC} canceled.
      {D79B71C9-D9C0-441E-8236-C3225F641CE7} canceled.
      3 out of 3 jobs canceled.

      ========= End of CMD: =========


      =========== EmptyTemp: ==========

      BITS transfer queue => 9986048 B
      DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 35546256 B
      Java, Flash, Steam htmlcache => 136280668 B
      Windows/system/drivers => 0 B
      Edge => 308 B
      Chrome => 1604452 B
      Firefox => 0 B
      Opera => 0 B

      Temp, IE cache, history, cookies, recent:
      Default => 0 B
      Users => 0 B
      ProgramData => 0 B
      Public => 0 B
      systemprofile => 128 B
      systemprofile32 => 0 B
      LocalService => 1650 B
      NetworkService => 0 B
      HHD => 11981673 B

      RecycleBin => 381024 B
      EmptyTemp: => 186.7 MB temporary data Removed.

      ================================

      Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 18-10-2017 17:12:54)


      Result of scheduled keys to remove after reboot:

      HKLM\System\CurrentControlSet\Services\aswbdisk => key could not remove, key could be protected

      ==== End of Fixlog 17:12:55 ====

    Página 1 de 2 12 ÚltimoÚltimo