• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 16

    Que estan haciendo estos hackers?

    Hola a todos, Tengo un problema muy molesto con algunos tipos que están espiando mi computadora. Lo han estado haciendo durante mucho tiempo. Lo sé porque me han enviado correos electrónicos en el pasado diciendo ...

    1. #1
      Usuario Avatar de pc7000
      Registrado
      oct 2017
      Ubicación
      colombia
      Mensajes
      11

      Que estan haciendo estos hackers?

      Hola a todos,

      Tengo un problema muy molesto con algunos tipos que están espiando mi computadora. Lo han estado haciendo durante mucho tiempo. Lo sé porque me han enviado correos electrónicos en el pasado diciendo que les gusta meter la nariz en los asuntos de otras personas y jugar con sus vidas. Últimamente, han dejado comentarios provocativos en los videos de YouTube que veo, y lo sé con certeza porque he visto algunos videos viejos en los que ya nadie comenta, y tan pronto como termino de verlos y me desplazo hacia abajo para leer los comentarios, encuentro indirectas relacionadas con mi vida personal que han sido publicadas recientemente. También entran a las mismas salas de chat en las que entro solo para hacerme cyberbullying y meterse conmigo indirectamente para que yo sepa que están allí. Lo mismo sucede cuando uso redes sociales como Facebook o algunos sitios de citas (por cierto, soy un hombre). Siempre me encuentro con perfiles falsos de mujeres que me dan like o visitan mi perfil intencionalmente para que visite el de ellas y lea las indirectas que han escrito allí. De alguna manera, estos tipos saben todo lo que hago en línea, e incluso creo que podrian comentar en este hilo.


      He ejecutado muchos programas antivirus, incluidos malaware bytes, escáner en línea eset, Windows Defender, tdskiller, adwcleaner, jrt, etc. y nada funciona. Sigue sucediendo. Siguen espiándome. Debo decir que el uso de mi disco duro aumenta al 100% sin razón aparente. Parece que tiene que ver con un proceso llamado System, específicamente ntoskrnl . Me pregunto si están usando archivos del sistema para acceder a mi computadora o algo así. Me gustaría saber qué están haciendo para espiarme y si hay algo que se pueda hacer para detenerlo.

      Por favor denme algunas soluciones.

    2. #2
      Usuario Avatar de monstertruckpa
      Registrado
      abr 2016
      Ubicación
      alemania
      Mensajes
      54

      Re: Que estan haciendo estos hackers?

      saben tu dirección ip por eso te rastrean fácilmente, te falta encriptación en las conexiones ya sea si usas una conexion wifi de condominio o red lan porque incluso un isp te puede ver todo lo que hagas, te hace falta un buen antiexploit para proteger las aplicaciones mas vulnerables a los ataques, yo primero haría es darle un super lavado al disco formateando por completo, reinstalando el windows, actualizando todo a full (windows y programas), meterle antiexploit como hitmanpro.alert o malwarebytes y usar una vpn, si no tienes plata para comprarte una servicio vpn deberias al menos tener dnscrypt que es gratis, cambiar tus contraseñas wifis y tus credenciales online, borrar la data de sincronización de todas las nubes apps de san google, backups de google drive, onedrive y preferiblemente yo me cambiara de correo a protonmail. despues que hagas todo eso nos echas un cuento para ver si nuevamente te siguen hackeando. también puedes instalar heimdal security que te evitará algunos dolores de cabeza contra los robos de datos

    3. #3
      Usuario Avatar de jhonn13
      Registrado
      oct 2017
      Ubicación
      venezuela
      Mensajes
      10

      Re: Que estan haciendo estos hackers?

      no entiendo mucho pero yo le haria caso. gracias . ellos saben mucho de eso

    4. #4
      Usuario Avatar de pc7000
      Registrado
      oct 2017
      Ubicación
      colombia
      Mensajes
      11

      Re: Que estan haciendo estos hackers?

      Cita Originalmente publicado por monstertruckpa Ver Mensaje
      saben tu dirección ip por eso te rastrean fácilmente, te falta encriptación en las conexiones ya sea si usas una conexion wifi de condominio o red lan porque incluso un isp te puede ver todo lo que hagas, te hace falta un buen antiexploit para proteger las aplicaciones mas vulnerables a los ataques, yo primero haría es darle un super lavado al disco formateando por completo, reinstalando el windows, actualizando todo a full (windows y programas), meterle antiexploit como hitmanpro.alert o malwarebytes y usar una vpn, si no tienes plata para comprarte una servicio vpn deberias al menos tener dnscrypt que es gratis, cambiar tus contraseñas wifis y tus credenciales online, borrar la data de sincronización de todas las nubes apps de san google, backups de google drive, onedrive y preferiblemente yo me cambiara de correo a protonmail. despues que hagas todo eso nos echas un cuento para ver si nuevamente te siguen hackeando. también puedes instalar heimdal security que te evitará algunos dolores de cabeza contra los robos de datos
      Hola, muchas gracias por tu respuesta. Si eso creo que me rastrean la ip, pero no se como lo hacen porque esta laptop es nueva, la compre hace mas o menos tres meses y nunca abri ninguna pagina sospechosa, tampoco entre a chats, ni a sitios de citas, ni nada por el estilo con esta laptop. Incluso me cree un nuevo correo electronico para no usar el anterior y aun asi me rastrearon de nuevo. Sospecho que me espiaron mi celular primero porque tengo una app de citas y subi unas fotos, puede ser que me ubicaron por las fotos y luego de alguna forma dieron con el email con el que me registre en el dating site y asi me hackeron el gmail y luego la laptop. Se puede hacer eso? Tambien pienso que me pudieron haber encontrado porque ya me estaban hackeando el internet en mi antigua casa y como me conecto con mis familiares tal vez rastrearon esa conexion y encontraron mi nueva ip. Puede ser eso o no?

      No creo que pueda cambiar la contrasena del wifi del lugar donde vivo. El internet esta incluido en la renta y no es solo para mi es para todos los demas inquilinos tambien. Tampoco se como encriptar la conexion.

      Puedo formatear, reinstalar windows, bajar el antiexploit que me dices y la vpn gratuita, pero ya he intentado formateando varias veces y siempre vuelven a meterse, supongo que es porque la ip de mi maquina no cambia cuando la formateo. Incluso estaba usando una vpn gratuita en esta maquina y no funciono. Que puedo hacer para cambiar la ip de mi pc y que no me rastreen?

      Es necesario cambiar mis credenciales online, borrar los datos de sincronizacion de google, backups de google drive, onedrive y todo eso que me explicas si es que voy a formatear y empezar de cero de nuevo?

      El uso de la memoria de mi pc esta a tope a 85 % a veces mas de 90 % y no tengo abierto nada pesado y el uso del disco tambien se dispara a ratos a 100 %, eso no es nada normal y creo que es porque me han instalado algun spyware o algo que no se detecta facilmente con programas de antivirus. Hay algun programa que si pueda encontrar y eliminar este tipo de spywares dificiles de detectar?

      Ayuda por favor!

    5. #5
      Warrior Avatar de @Miguelgrado
      Registrado
      dic 2005
      Ubicación
      Asturias-España
      Mensajes
      18.147

      Re: Que estan haciendo estos hackers?

      Hola pc7000
      ç
      Tu caso parece bastante grave, y seria denunciable a la policia.


      Vamos a hacer unas comprobaciones de tu pc:


      Paso 1.-: Descarga Malwarebytes Anti-Rootkit Beta >>Malwarebytes Anti-Rootkit | InfoSpyware y descomprima el contenido en su escritorio
      Paso 2.- : Desactiva tu antivirus >> Cómo deshabilitar temporalmente su Antivirus

      Abra la carpeta Mbar. Doble clic en el archivo Mbar.exe
      • En la interfaz del programa haga clic en Next.
      • Haga clic en el botón Update. Terminando clic en Next
      • Para iniciar el análisis clic en el botón Scan
      • Terminando, si hay infección clic en CleanUp, si no hay, clic en Exit.


      Al finalizar abra la carpeta Mbar, los archivos mbar-log.txt , copie y pegue todo su contenido en la siguiente respuesta y comentando los resultados.


      1-Descarga Farbar Recovery Scan Tool By Farbar (Descarga el archivo dependiendo de la arquitectura de tu sistema).>> Como saber si mi sistema es de 32 o de 64 Bits

      • La guardas en el escritorio >> Esto es muy importante..
      • Con todos los programas /ventanas cerrados, doble clic para ejecutar Frst.exe.
      • En la ventana del Disclaimer, presiona Yes.
      • En la nueva ventana que se abre, presiona el botón Scan y espera paciente a que concluya el análisis.

      • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, estos estarán grabados en tu escritorio.

      • Para terminar abres los archivos Frst.txt y Addition.Txt copia y pega todo su contenido en tu próxima respuesta. Utiliza dos mensajes si te dice que es muy largo.



      Me pones logs en orden
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    6. #6
      Usuario Avatar de pc7000
      Registrado
      oct 2017
      Ubicación
      colombia
      Mensajes
      11

      Re: Que estan haciendo estos hackers?

      Cita Originalmente publicado por @Miguelgrado Ver Mensaje
      Hola pc7000
      ç
      Tu caso parece bastante grave, y seria denunciable a la policia.


      Vamos a hacer unas comprobaciones de tu pc:






      1-Descarga Farbar Recovery Scan Tool By Farbar (Descarga el archivo dependiendo de la arquitectura de tu sistema).>> Como saber si mi sistema es de 32 o de 64 Bits

      • La guardas en el escritorio >> Esto es muy importante..
      • Con todos los programas /ventanas cerrados, doble clic para ejecutar Frst.exe.
      • En la ventana del Disclaimer, presiona Yes.
      • En la nueva ventana que se abre, presiona el botón Scan y espera paciente a que concluya el análisis.

      • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, estos estarán grabados en tu escritorio.

      • Para terminar abres los archivos Frst.txt y Addition.Txt copia y pega todo su contenido en tu próxima respuesta. Utiliza dos mensajes si te dice que es muy largo.



      Me pones logs en orden
      Hola, gracias por tu mensaje. Aqui estan los resultados del analisis con malware bytes:

      Malwarebytes Anti-Rootkit BETA 1.10.3.1001
      www.malwarebytes.org

      Database version:
      main: v2017.11.02.02
      rootkit: v2017.10.14.01

      Windows 10 x64 NTFS
      Internet Explorer 11.674.15063.0
      Alex :: DESKTOP-RC057PR [administrator]

      11/2/2017 4:01:07 AM
      mbar-log-2017-11-02 (04-01-07).txt

      Scan type: Quick scan
      Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
      Scan options disabled:
      Objects scanned: 287519
      Time elapsed: 18 minute(s), 42 second(s)

      Memory Processes Detected: 0
      (No malicious items detected)

      Memory Modules Detected: 0
      (No malicious items detected)

      Registry Keys Detected: 0
      (No malicious items detected)

      Registry Values Detected: 0
      (No malicious items detected)

      Registry Data Items Detected: 0
      (No malicious items detected)

      Folders Detected: 0
      (No malicious items detected)

      Files Detected: 1
      C:\Windows\System32\drivers\etc\hosts (RiskWare.DontStealOurSoftware) -> Bad: ( 127.0.0.1 keystone.mwbsys.com) Good: () -> Replace on reboot. [4773da23a405af87089a98bd32ce59a7]

      Physical Sectors Detected: 0
      (No malicious items detected)

      (end)

    7. #7
      Usuario Avatar de pc7000
      Registrado
      oct 2017
      Ubicación
      colombia
      Mensajes
      11

      Re: Que estan haciendo estos hackers?

      Y este es el FRST:

      Y este es el FRST:

      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-11-2017
      Ran by Alex (administrator) on DESKTOP-RC057PR (02-11-2017 17:33:02)
      Running from C:\Users\Alex\Desktop
      Loaded Profiles: Alex (Available Profiles: Alex)
      Platform: Windows 10 Home Version 1703 15063.674 (X64) Language: English (United States)
      Internet Explorer Version 11 (Default browser: Chrome)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: ***********************************************************************************************************

      ==================== Processes (Whitelisted) =================

      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

      (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki123525.inf_amd64_785c9312ba75cb53\igfxCUIService.exe
      (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
      (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
      (Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
      (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
      (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
      (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
      (McAfee, Inc.) C:\Windows\System32\mfevtps.exe
      (Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
      (Intel Corporation) C:\Windows\System32\ibtsiva.exe
      () C:\Program Files\Nitro\Pro 11\Nitro_UpdateService.exe
      (Nitro Software, Inc.) C:\Program Files\Nitro\Pro 11\NitroPDFDriverService11x64.exe
      (Intel Security, Inc.) C:\Program Files\Common Files\intel security\pef\CORE\PEFService.exe
      (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki123525.inf_amd64_785c9312ba75cb53\IntelCpHeciSvc.exe
      (McAfee, Inc.) C:\Program Files\Common Files\mcafee\SystemCore\mfemms.exe
      (Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
      (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
      (McAfee, Inc.) C:\Program Files\Common Files\mcafee\modulecore\ModuleCoreService.exe
      (Microsoft Corporation) C:\Windows\System32\wlanext.exe
      (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
      (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki123525.inf_amd64_785c9312ba75cb53\IntelCpHDCPSvc.exe
      (McAfee, Inc.) C:\Windows\System32\mfevtps.exe
      (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
      (McAfee, Inc.) C:\Program Files\Common Files\mcafee\SystemCore\mfefire.exe
      (McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe
      (McAfee, Inc.) C:\Program Files\Common Files\mcafee\SystemCore\mfefire.exe
      (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
      (McAfee, Inc.) C:\Program Files\Common Files\mcafee\VSCore_15_7\mcapexe.exe
      (McAfee, Inc.) C:\Program Files\mcafee\MfeAV\MfeAVSvc.exe
      (Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
      (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
      (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
      (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki123525.inf_amd64_785c9312ba75cb53\igfxEM.exe
      (McAfee, Inc.) C:\Program Files\Common Files\mcafee\csp\2.5.312.0\McCSPServiceHost.exe
      (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
      () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
      (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
      (McAfee, Inc.) C:\Program Files\Common Files\mcafee\modulecore\ModuleCoreService.exe
      (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
      (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
      (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
      (Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
      (Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
      (BitTorrent Inc.) C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.exe
      (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
      (Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
      (Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
      (Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
      (Dell) C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
      (Dell Inc.) C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe
      (Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
      (Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
      (Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
      (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      (Dell) C:\Program Files\Dell\Dell Product Registration\PRSvc.exe
      (Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
      (Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
      (Dell) C:\Program Files\Dell\Dell Foundation Services\DFS.Common.Agent.exe
      (Dell Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
      (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
      (Microsoft Corporation) C:\Windows\System32\dllhost.exe
      () C:\Program Files\Intel Driver and Support Assistant\SUR\SurSvc.exe
      () C:\Program Files\Intel\SUR\QUEENCREEK\esrv.exe
      (Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
      () C:\Users\Alex\Downloads\psiphon3.exe
      (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
      (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
      (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Dell) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      () C:\Users\Alex\AppData\Local\Temp\psiphon-tunnel-core.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      () C:\Program Files (x86)\Mendeley Desktop\MendeleyWordPlugin.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Microsoft Corporation) C:\Windows\System32\msinfo32.exe
      (Microsoft Corporation) C:\Windows\System32\smartscreen.exe

      ==================== Registry (Whitelisted) ===========================

      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

      HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
      HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235464 2017-05-08] (Realtek Semiconductor)
      HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [7824848 2016-07-20] (Dell Inc.)
      HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1494024 2017-05-08] (Realtek Semiconductor)
      HKLM\...\Run: [WavesSvc] => c:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [975744 2017-05-01] (Waves Audio Ltd.)
      HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-07-21] (Intel Corporation)
      HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
      HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
      HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [131360 2017-09-18] (Intel)
      HKU\S-1-5-21-3661476216-3847632659-3844190572-1001\...\Run: [uTorrent] => C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.exe [2146496 2017-09-05] (BitTorrent Inc.)
      HKU\S-1-5-21-3661476216-3847632659-3844190572-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-14] (Disc Soft Ltd)
      HKU\S-1-5-21-3661476216-3847632659-3844190572-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3102496 2017-10-25] (Valve Corporation)
      HKU\S-1-5-21-3661476216-3847632659-3844190572-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9292504 2016-12-21] (Piriform Ltd)
      HKU\S-1-5-21-3661476216-3847632659-3844190572-1001\...\MountPoints2: {94cb4d03-900d-11e7-8a2d-7c67a2b0024c} - "D:\autorun.exe"

      ==================== Internet (Whitelisted) ====================

      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

      ProxyEnable: [S-1-5-21-3661476216-3847632659-3844190572-1001] => Proxy is enabled.
      ProxyServer: [S-1-5-21-3661476216-3847632659-3844190572-1001] => http=127.0.0.1:61031;https=127.0.0.1:61031;socks=127.0.0.1:61030
      Tcpip\Parameters: [DhcpNameServer] 172.16.1.254 142.165.21.5
      Tcpip\..\Interfaces\{022146e4-c19f-467d-8269-3050d491b47c}: [DhcpNameServer] 10.10.10.10 10.10.11.11
      Tcpip\..\Interfaces\{10548e87-be87-49e7-9bc8-4960fcc349e8}: [DhcpNameServer] 172.16.1.254 142.165.21.5
      Tcpip\..\Interfaces\{1a0ef253-d5e6-44d4-b8c8-48d6016131a1}: [DhcpNameServer] 172.16.1.254 142.165.21.5
      Tcpip\..\Interfaces\{b3e5c95e-e1b9-4264-b2ea-16ebf13eb77d}: [DhcpNameServer] 172.16.1.254 142.165.21.5
      Tcpip\..\Interfaces\{be74033f-0949-4b70-82d1-b5d02750a3ba}: [DhcpNameServer] 172.16.1.254 142.165.21.5
      Tcpip\..\Interfaces\{dbf61d50-c4ad-44f1-8d27-cf43b3d0217c}: [DhcpNameServer] 172.16.1.254 142.165.21.5
      ManualProxies: 1http=127.0.0.1:58118;https=127.0.0.1:58118;socks=127.0.0.1:58117

      Internet Explorer:
      ==================
      HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
      HKU\S-1-5-21-3661476216-3847632659-3844190572-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
      HKU\S-1-5-21-3661476216-3847632659-3844190572-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
      BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-10-29] (Microsoft Corporation)
      BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-09-06] (McAfee, Inc.)
      BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-10-29] (Oracle Corporation)
      BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-09-06] (McAfee, Inc.)
      BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-29] (Oracle Corporation)
      Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-10-29] (Microsoft Corporation)
      Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-10-29] (Microsoft Corporation)
      Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-10-29] (Microsoft Corporation)
      Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-10-29] (Microsoft Corporation)
      Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-09-06] (McAfee, Inc.)
      Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-09-06] (McAfee, Inc.)
      Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2017-09-25] (McAfee, Inc.)
      Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2017-09-25] (McAfee, Inc.)

      FireFox:
      ========
      FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
      FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-07-20]
      FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
      FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
      FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-09-06] [not signed]
      FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-09-25] ()
      FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-29] (Oracle Corporation)
      FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-29] (Oracle Corporation)
      FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-09-25] ()
      FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll [2011-08-30] ( Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-10-20] (Microsoft Corporation)
      FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 11\npnitromozilla.dll [2016-12-08] (Nitro PDF)
      FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation)
      FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation)
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-19] (Google Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-19] (Google Inc.)

      Chrome:
      =======
      CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default [2017-11-02]
      CHR Extension: (Slides) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
      CHR Extension: (Docs) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
      CHR Extension: (Google Drive) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-19]
      CHR Extension: (YouTube) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-19]
      CHR Extension: (Mendeley Importer) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\dagcmkpagjlhakfdhnbomgmjdpkdklff [2017-10-20]
      CHR Extension: (Sheets) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
      CHR Extension: (McAfee® WebAdvisor) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2017-10-26]
      CHR Extension: (Google Docs Offline) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-19]
      CHR Extension: (Chrome Web Store Payments) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-30]
      CHR Extension: (Gmail) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-19]
      CHR Extension: (Chrome Media Router) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-15]
      CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx

      ==================== Services (Whitelisted) ====================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      S2 0270101509657766mcinstcleanup; C:\Windows\TEMP\027010~1.EXE [1031928 2017-11-02] (McAfee, Inc.)
      R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7923880 2017-10-23] (Microsoft Corporation)
      S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1511728 2017-08-10] (McAfee, Inc.)
      S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [85216 2015-06-10] (Dell Inc.)
      R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208760 2017-07-27] (Dell Inc.)
      R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3294584 2017-07-27] (Dell Inc.)
      R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217464 2017-07-27] (Dell Inc.)
      R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2017-09-19] (Dell Inc.)
      R2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [97616 2017-01-11] (Dell)
      R2 Dell Help & Support; C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe [40976 2017-09-18] (Dell Inc.)
      R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [122400 2017-10-13] (Dell)
      R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [230248 2017-05-01] (Dell Inc.)
      S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd)
      R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [22816 2017-09-18] (Intel)
      S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [400656 2017-09-08] (EasyAntiCheat Ltd)
      R2 esifsvc; C:\Windows\system32\Intel\DPTF\esif_uf.exe [2208888 2016-09-02] (Intel Corporation)
      S2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [824592 2017-03-07] ()
      R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
      S3 iaStorAfsService; C:\Windows\IAStorAfsService\iaStorAfsService.exe [2413752 2017-07-21] (Intel Corporation)
      R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2017-07-21] (Intel Corporation)
      S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
      S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Corporation)
      R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-10-05] (Intel Corporation)
      S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes)
      R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [590880 2017-09-06] (McAfee, Inc.)
      R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_7\McApExe.exe [994280 2017-09-14] (McAfee, Inc.)
      S3 McAWFwk; c:\Program Files\Common Files\mcafee\actwiz\McAWFwk.exe [454560 2017-01-17] (McAfee, Inc.)
      R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
      R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.5.312.0\\McCSPServiceHost.exe [2139832 2017-05-30] (McAfee, Inc.)
      R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
      R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
      R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
      R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [242640 2017-06-21] (McAfee, Inc.)
      R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [394704 2017-06-21] (McAfee, Inc.)
      R3 mfevtp; C:\Windows\system32\mfevtps.exe [350160 2017-06-21] (McAfee, Inc.)
      R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1546904 2017-08-17] (McAfee, Inc.)
      S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
      S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2017-03-21] ()
      R2 NitroDriverReadSpool11; C:\Program Files\Nitro\Pro 11\NitroPDFDriverService11x64.exe [327368 2016-12-08] (Nitro Software, Inc.)
      R2 NitroUpdateService; C:\Program Files\Nitro\Pro 11\Nitro_UpdateService.exe [419016 2016-12-08] ()
      R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518264 2017-10-10] (NVIDIA Corporation)
      S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518264 2017-10-10] (NVIDIA Corporation)
      R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-10-27] (NVIDIA Corporation)
      R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [460920 2017-10-10] (NVIDIA Corporation)
      R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1043864 2017-07-31] (Intel Security, Inc.)
      R2 Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [46632 2017-04-17] (Dell)
      R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [333320 2017-05-08] (Realtek Semiconductor)
      R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [53208 2017-09-22] (Dell Inc.)
      R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel Driver and Support Assistant\SUR\SurSvc.exe [157456 2017-03-07] ()
      S2 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [824592 2017-03-07] ()
      R2 WavesSysSvc; c:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [592776 2017-05-01] (Waves Audio Ltd.)
      R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
      R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
      R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3750304 2017-03-21] (Intel® Corporation)
      S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{D3ED71BB-A29B-44B8-A37B-2F919D186FB1}
      R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

      ===================== Drivers (Whitelisted) ======================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2017-06-21] (Bluestack System Inc. )
      R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [77800 2017-06-26] (McAfee, Inc.)
      R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [32960 2017-04-11] (Dell Inc.)
      R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [32568 2017-04-11] (Dell Computer Corporation)
      R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [71232 2016-08-12] (Intel Corporation)
      R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [66624 2016-08-12] (Intel Corporation)
      R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-09-05] (Disc Soft Ltd)
      R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-09-05] (Disc Soft Ltd)
      R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [350272 2016-08-12] (Intel Corporation)
      R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-10-10] ()
      R3 HidEventFilter; C:\Windows\System32\drivers\HidEventFilter.sys [54800 2016-08-16] (Intel Corporation)
      S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [209608 2017-08-07] (McAfee, Inc.)
      S3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [89912 2016-08-29] (Intel Corporation)
      S3 iaStorAfs; C:\Windows\System32\drivers\iaStorAfs.sys [70664 2017-07-21] (Intel Corporation)
      R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [249104 2016-10-06] (Intel Corporation)
      S4 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [66824 2017-06-15] (IObit)
      R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [487408 2017-06-26] (McAfee, Inc.)
      R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [355312 2017-06-26] (McAfee, Inc.)
      U3 mfeavfk01; no ImagePath
      S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [84544 2017-06-26] (McAfee, Inc.)
      R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [506352 2017-06-26] (McAfee, Inc.)
      R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [933360 2017-06-26] (McAfee, Inc.)
      R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [504792 2017-06-27] (McAfee LLC.)
      S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [108504 2017-06-27] (McAfee LLC.)
      R3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [116208 2017-06-26] (McAfee, Inc.)
      R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.)
      R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [253424 2017-06-26] (McAfee, Inc.)
      R1 MpKsl22f2bc2e; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EC5F85D5-97CB-4618-BAA8-5C15A6C460BE}\MpKsl22f2bc2e.sys [58120 2017-11-02] (Microsoft Corporation)
      R3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [7630080 2017-04-03] (Intel Corporation)
      R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_fad4db87aeb294c4\nvlddmkm.sys [16936048 2017-10-28] (NVIDIA Corporation)
      S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-10-10] (NVIDIA Corporation)
      R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50808 2017-10-10] (NVIDIA Corporation)
      R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57976 2017-10-27] (NVIDIA Corporation)
      R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [946696 2016-10-19] (Realtek )
      S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [418784 2016-08-04] (Realsil Semiconductor Corporation)
      S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
      R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
      R3 tap-tb-0901; C:\Windows\System32\drivers\tap-tb-0901.sys [38656 2017-09-06] (The OpenVPN Project)
      S3 tapwindscribe0901; C:\Windows\System32\drivers\tapwindscribe0901.sys [54896 2017-04-21] (The OpenVPN Project)
      S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
      R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
      R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

    8. #8
      Usuario Avatar de pc7000
      Registrado
      oct 2017
      Ubicación
      colombia
      Mensajes
      11

      Re: Que estan haciendo estos hackers?

      ==================== NetSvcs (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


      ==================== One Month Created files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-11-02 17:33 - 2017-11-02 17:34 - 000030636 _____ C:\Users\Alex\Desktop\FRST.txt
      2017-11-02 17:32 - 2017-11-02 17:33 - 000000000 ____D C:\FRST
      2017-11-02 17:29 - 2017-11-02 17:30 - 002403328 _____ (Farbar) C:\Users\Alex\Desktop\FRST64.exe
      2017-11-02 04:00 - 2017-11-02 04:00 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\62385194.sys
      2017-11-02 03:59 - 2017-11-02 17:26 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
      2017-11-02 03:59 - 2017-11-02 17:25 - 000000000 ____D C:\Users\Alex\Desktop\mbar
      2017-11-02 03:57 - 2017-11-02 03:57 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Alex\Downloads\mbar-1.10.3.1001.exe
      2017-11-02 01:11 - 2017-11-02 01:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
      2017-11-01 02:41 - 2017-10-27 11:06 - 000136312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
      2017-11-01 02:35 - 2017-10-27 12:50 - 040237688 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
      2017-11-01 02:35 - 2017-10-27 12:50 - 036239480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
      2017-11-01 02:35 - 2017-10-27 12:50 - 035156928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
      2017-11-01 02:35 - 2017-10-27 12:50 - 029270976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
      2017-11-01 02:35 - 2017-10-27 12:50 - 023262280 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
      2017-11-01 02:35 - 2017-10-27 12:50 - 019037416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
      2017-11-01 02:35 - 2017-10-27 12:50 - 013864048 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
      2017-11-01 02:35 - 2017-10-27 12:50 - 013254520 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
      2017-11-01 02:35 - 2017-10-27 12:50 - 011779328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
      2017-11-01 02:35 - 2017-10-27 12:50 - 010882720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
      2017-11-01 02:35 - 2017-10-27 12:50 - 004201592 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
      2017-11-01 02:35 - 2017-10-27 12:50 - 003614328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
      2017-11-01 02:35 - 2017-10-27 12:50 - 001989056 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438813.dll
      2017-11-01 02:35 - 2017-10-27 12:50 - 001673848 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438813.dll
      2017-11-01 02:35 - 2017-10-27 12:50 - 001331200 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFThevc.dll
      2017-11-01 02:35 - 2017-10-27 12:50 - 001321448 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
      2017-11-01 02:35 - 2017-10-27 12:50 - 001135464 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
      2017-11-01 02:35 - 2017-10-27 12:50 - 001099712 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
      2017-11-01 02:35 - 2017-10-27 12:50 - 001044848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFThevc.dll
      2017-11-01 02:35 - 2017-10-27 12:50 - 001038680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
      2017-11-01 02:35 - 2017-10-27 12:50 - 001031104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
      2017-11-01 02:35 - 2017-10-27 12:50 - 000981112 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
      2017-11-01 02:35 - 2017-10-27 12:50 - 000932288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
      2017-11-01 02:35 - 2017-10-27 12:50 - 000885680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
      2017-11-01 02:35 - 2017-10-27 12:50 - 000794392 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
      2017-11-01 02:35 - 2017-10-27 12:50 - 000634224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
      2017-11-01 02:35 - 2017-10-27 12:50 - 000615544 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
      2017-11-01 02:35 - 2017-10-27 12:50 - 000505976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
      2017-10-30 16:18 - 2017-10-30 16:18 - 000789258 _____ C:\Users\Alex\Downloads\73967-91539-1-PB.pdf
      2017-10-30 09:59 - 2017-10-30 09:59 - 001903359 _____ C:\Users\Alex\Downloads\blanchette_15_English-Neg (2).pdf
      2017-10-29 23:48 - 2017-10-29 23:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver and Support Assistant
      2017-10-29 23:48 - 2017-10-29 23:48 - 000000000 ____D C:\Program Files (x86)\Intel Driver and Support Assistant
      2017-10-29 23:47 - 2017-10-29 23:48 - 000002524 _____ C:\Windows\System32\Tasks\USER_ESRV_SVC_QUEENCREEK
      2017-10-29 23:47 - 2017-10-29 23:47 - 000000000 ____D C:\Program Files\Intel Driver and Support Assistant
      2017-10-29 23:47 - 2016-10-18 17:14 - 000021984 _____ C:\Windows\system32\Drivers\semav6msr64.sys
      2017-10-29 23:45 - 2017-10-29 23:46 - 008986120 _____ (Intel) C:\Users\Alex\Downloads\Intel Driver and Support Assistant Installer.exe
      2017-10-29 23:41 - 2017-10-29 23:41 - 000097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
      2017-10-29 23:41 - 2017-10-29 23:41 - 000000000 ____D C:\Users\Alex\AppData\Roaming\Sun
      2017-10-29 23:41 - 2017-10-29 23:41 - 000000000 ____D C:\Users\Alex\AppData\LocalLow\Sun
      2017-10-29 23:41 - 2017-10-29 23:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
      2017-10-29 23:40 - 2017-10-29 23:42 - 000000000 ____D C:\ProgramData\Oracle
      2017-10-29 23:40 - 2017-10-29 23:40 - 000000000 ____D C:\Program Files (x86)\Java
      2017-10-29 23:31 - 2017-10-29 23:32 - 001852992 _____ (Oracle Corporation) C:\Users\Alex\Downloads\JavaSetup8u151.exe
      2017-10-29 23:10 - 2017-10-29 23:22 - 132050720 _____ (Intel Corporation) C:\Users\Alex\Downloads\win64_153345.4653.exe
      2017-10-29 22:37 - 2017-10-12 16:38 - 001988032 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438800.dll
      2017-10-29 22:37 - 2017-10-12 16:38 - 001606592 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438800.dll
      2017-10-29 22:37 - 2017-10-12 16:38 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json
      2017-10-29 22:37 - 2017-10-12 16:38 - 000000669 _____ C:\Windows\system32\nv-vk64.json
      2017-10-29 22:19 - 2017-10-29 22:19 - 000001491 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
      2017-10-29 22:18 - 2017-10-29 22:41 - 000000000 ____D C:\Windows\LastGood
      2017-10-29 22:10 - 2017-10-29 22:16 - 081400776 _____ (NVIDIA Corporation) C:\Users\Alex\Downloads\GeForce_Experience_v3.10.0.95.exe
      2017-10-29 20:53 - 2017-10-29 20:53 - 000000991 _____ C:\Users\Alex\Desktop\Core Temp.lnk
      2017-10-29 20:53 - 2017-10-29 20:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
      2017-10-29 20:53 - 2017-10-29 20:53 - 000000000 ____D C:\Program Files\Core Temp
      2017-10-29 20:48 - 2017-10-29 20:49 - 001232200 _____ (ALCPU ) C:\Users\Alex\Downloads\Core-Temp-setup.exe
      2017-10-29 19:21 - 2017-10-29 19:21 - 000108333 _____ C:\Users\Alex\Downloads\1551591 (1)
      2017-10-29 19:21 - 2017-10-29 19:21 - 000108333 _____ C:\Users\Alex\Downloads\1551591
      2017-10-29 16:13 - 2017-10-29 16:13 - 000719596 _____ C:\Users\Alex\Downloads\SS_013_0049.pdf
      2017-10-29 14:55 - 2017-10-29 14:55 - 000000661 _____ C:\Users\Alex\Downloads\audio10.diagcab
      2017-10-29 14:39 - 2017-10-29 23:48 - 000000000 ____D C:\Windows\System32\Tasks\Intel
      2017-10-29 02:32 - 2017-10-29 02:32 - 000000000 ____D C:\ProgramData\0950d168-60a4-401b-afa9-0d947c3eb28a
      2017-10-29 02:28 - 2017-10-29 03:13 - 595775664 _____ (Dell Inc.) C:\Users\Alex\Downloads\nVIDIA-Geforce-GTX-1050-1050-Ti-Graphics-Driver_CC64G_WIN_22.21.13.8477_A02.EXE
      2017-10-29 02:24 - 2017-10-29 02:32 - 092047584 _____ (Dell Inc.) C:\Users\Alex\Downloads\Chipset_Driver_JTXD1_WN32_8.2.11000.2996_A04.EXE
      2017-10-29 02:16 - 2017-10-29 02:16 - 000000000 ____D C:\ProgramData\dfd50e2a-4c47-4476-b123-c28b7e982735
      2017-10-29 02:14 - 2017-10-29 03:18 - 000000000 ____D C:\Windows\LastGood.Tmp
      2017-10-29 02:01 - 2017-10-29 14:39 - 000000000 ____D C:\Windows\IAStorAfsService
      2017-10-29 02:01 - 2017-10-29 02:01 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
      2017-10-29 01:53 - 2017-10-29 01:53 - 000000000 ____D C:\Users\Alex\Documents\Dell Downloads
      2017-10-29 01:53 - 2017-10-29 01:53 - 000000000 ____D C:\Users\Alex\AppData\Roaming\NVIDIA
      2017-10-29 01:52 - 2017-10-29 01:52 - 000000000 ____D C:\ProgramData\PC-Doctor, Inc
      2017-10-29 01:42 - 2017-10-29 01:42 - 000000000 ____D C:\Windows\{71D42091-73E6-4587-805D-BE1DC3D7D4F9}
      2017-10-29 01:38 - 2017-10-29 01:40 - 029521608 _____ (Dell Inc.) C:\Users\Alex\Downloads\System-Utilities_Application_3N7TV_WN32_2.1.0_A00.EXE
      2017-10-29 01:16 - 2017-10-29 01:16 - 000004126 _____ C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
      2017-10-29 01:16 - 2017-10-29 01:16 - 000003560 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask
      2017-10-29 01:16 - 2017-10-29 01:16 - 000000000 ____D C:\Users\Alex\AppData\LocalLow\PCDr
      2017-10-29 01:16 - 2017-10-29 01:16 - 000000000 ____D C:\ProgramData\PC-Doctor for Windows
      2017-10-29 01:16 - 2017-10-29 01:16 - 000000000 ____D C:\Program Files\Dell Support Center
      2017-10-29 01:11 - 2017-10-29 01:14 - 006951376 _____ C:\Users\Alex\Downloads\Inspiron_14_15_7000_Gaming_1.2.0.exe
      2017-10-29 01:09 - 2017-11-01 02:41 - 000000000 ____D C:\temp
      2017-10-29 01:08 - 2017-10-29 01:51 - 000000000 ____D C:\Users\Alex\AppData\Roaming\PCDr
      2017-10-29 01:06 - 2017-10-29 01:34 - 000000000 ____D C:\Users\Alex\AppData\Local\Deployment
      2017-10-29 01:06 - 2017-10-29 01:06 - 000576688 _____ () C:\Users\Alex\Downloads\DellSystemDetectLauncher.exe
      2017-10-29 01:06 - 2017-10-29 01:06 - 000000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
      2017-10-29 01:06 - 2017-10-29 01:06 - 000000000 ____D C:\Users\Alex\AppData\Local\Apps\2.0
      2017-10-29 00:28 - 2017-10-29 00:29 - 001426720 _____ (Microsoft Corporation) C:\Users\Alex\Downloads\NDP47-KB3186500-Web.exe
      2017-10-28 16:42 - 2017-10-28 16:42 - 000835454 _____ C:\Users\Alex\Downloads\bleotu_08_Modals-and-Nega.pdf
      2017-10-26 19:59 - 2017-10-26 20:01 - 034126852 _____ C:\Users\Alex\Downloads\313356542-A-Comprehensive-Grammar-of-the-English-Language-pdf.pdf
      2017-10-26 16:47 - 2017-10-26 16:47 - 000598492 _____ C:\Users\Alex\Downloads\1516-X8251879P.pdf
      2017-10-26 16:29 - 2017-10-26 16:29 - 000000139 _____ C:\Windows\SysWOW64\DLC_Debug_log.txt
      2017-10-23 12:09 - 2017-10-23 12:09 - 000846919 _____ C:\Users\Alex\Downloads\Differences between Ecuadorian Spanish and Mexican Spanish (1) (1).pptx
      2017-10-23 11:57 - 2017-10-23 12:07 - 000846901 _____ C:\Users\Alex\Downloads\Differences between Ecuadorian Spanish and Mexican Spanish (2).pptx
      2017-10-23 03:55 - 2017-10-23 03:55 - 000869121 _____ C:\Users\Alex\Downloads\Differences between Ecuadorian Spanish and Mexican Spanish (1).pptx
      2017-10-23 01:29 - 2017-10-23 01:29 - 002547115 _____ C:\Users\Alex\Downloads\Differences between Ecuadorian Spanish and Mexican spanish+2 (1).pptx
      2017-10-22 20:36 - 2017-10-22 20:37 - 000976541 _____ C:\Users\Alex\Downloads\8377-31417-1-PB.pdf
      2017-10-20 13:29 - 2017-10-20 13:29 - 000000000 ____D C:\Program Files (x86)\Dell Customer Connect
      2017-10-20 13:26 - 2017-10-20 13:17 - 000544424 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
      2017-10-19 21:15 - 2017-10-19 21:16 - 013840946 _____ C:\Users\Alex\Downloads\azu_td_9626511_sip1_m.pdf
      2017-10-19 14:04 - 2017-10-19 14:04 - 001903359 _____ C:\Users\Alex\Downloads\blanchette_15_English-Neg (1).pdf
      2017-10-17 10:52 - 2017-10-17 10:53 - 002352639 _____ C:\Users\Alex\Downloads\Differences between Ecuadorian Spanish and Mexican spanish+2.pptx
      2017-10-16 18:57 - 2017-10-16 18:57 - 001195443 _____ C:\Users\Alex\Downloads\321781-458210-1-SM (1).pdf
      2017-10-16 18:57 - 2017-10-16 18:57 - 000765714 _____ C:\Users\Alex\Downloads\263406-356189-1-SM.pdf
      2017-10-16 18:55 - 2017-10-16 18:55 - 001195443 _____ C:\Users\Alex\Downloads\321781-458210-1-SM.pdf
      2017-10-16 17:55 - 2017-10-16 17:55 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
      2017-10-16 17:45 - 2017-10-16 17:45 - 000192952 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
      2017-10-16 16:52 - 2017-10-16 16:52 - 001739882 _____ C:\Users\Alex\Downloads\Sentential_negation_in_English.PDF
      2017-10-16 15:56 - 2017-10-16 15:56 - 000125384 _____ C:\Users\Alex\Downloads\Chapter 5 Grammar 2 negation with nunca tampoco nadie and nada.pptx
      2017-10-16 15:32 - 2017-10-16 15:33 - 001903359 _____ C:\Users\Alex\Downloads\blanchette_15_English-Neg.pdf
      2017-10-16 14:10 - 2017-10-16 14:11 - 006777159 _____ C:\Users\Alex\Downloads\Spanish_syntax.zip
      2017-10-16 12:32 - 2017-09-30 00:52 - 001595152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
      2017-10-16 12:32 - 2017-09-30 00:51 - 001458320 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
      2017-10-16 12:32 - 2017-09-30 00:51 - 001147288 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
      2017-10-16 12:32 - 2017-09-30 00:51 - 000661224 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
      2017-10-16 12:32 - 2017-09-30 00:50 - 001346112 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
      2017-10-16 12:32 - 2017-09-30 00:50 - 001068208 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
      2017-10-16 12:32 - 2017-09-30 00:50 - 001024920 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
      2017-10-16 12:32 - 2017-09-30 00:49 - 001004136 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
      2017-10-16 12:32 - 2017-09-30 00:49 - 000777400 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
      2017-10-16 12:32 - 2017-09-30 00:49 - 000135576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
      2017-10-16 12:32 - 2017-09-30 00:48 - 008319384 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
      2017-10-16 12:32 - 2017-09-30 00:48 - 002399728 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
      2017-10-16 12:32 - 2017-09-30 00:48 - 002327448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
      2017-10-16 12:32 - 2017-09-30 00:47 - 002969880 _____ (Microsoft Corporation) C:\Windows\system32\CoreUIComponents.dll
      2017-10-16 12:32 - 2017-09-30 00:47 - 001194792 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
      2017-10-16 12:32 - 2017-09-30 00:45 - 000511896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
      2017-10-16 12:32 - 2017-09-30 00:44 - 000712600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
      2017-10-16 12:32 - 2017-09-30 00:44 - 000181912 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
      2017-10-16 12:32 - 2017-09-30 00:43 - 007318888 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
      2017-10-16 12:32 - 2017-09-30 00:43 - 002442136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
      2017-10-16 12:32 - 2017-09-30 00:42 - 004848952 _____ (Microsoft Corporation) C:\Windows\explorer.exe
      2017-10-16 12:32 - 2017-09-30 00:42 - 001506712 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
      2017-10-16 12:32 - 2017-09-30 00:42 - 000820120 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
      2017-10-16 12:32 - 2017-09-30 00:41 - 005477600 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
      2017-10-16 12:32 - 2017-09-30 00:41 - 005304496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
      2017-10-16 12:32 - 2017-09-30 00:41 - 002086808 _____ (Microsoft Corporation) C:\Windows\system32\UpdateAgent.dll
      2017-10-16 12:32 - 2017-09-30 00:41 - 000961944 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
      2017-10-16 12:32 - 2017-09-30 00:41 - 000654976 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
      2017-10-16 12:32 - 2017-09-30 00:41 - 000651672 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
      2017-10-16 12:32 - 2017-09-30 00:41 - 000259400 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
      2017-10-16 12:32 - 2017-09-30 00:41 - 000257432 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
      2017-10-16 12:32 - 2017-09-30 00:41 - 000228248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
      2017-10-16 12:32 - 2017-09-30 00:40 - 000724704 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
      2017-10-16 12:32 - 2017-09-30 00:40 - 000558912 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.dll
      2017-10-16 12:32 - 2017-09-30 00:40 - 000408984 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
      2017-10-16 12:32 - 2017-09-30 00:40 - 000336320 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthService.exe
      2017-10-16 12:32 - 2017-09-30 00:40 - 000173976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
      2017-10-16 12:32 - 2017-09-30 00:39 - 021351760 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
      2017-10-16 12:32 - 2017-09-30 00:38 - 007910072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
      2017-10-16 12:32 - 2017-09-30 00:38 - 002239136 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
      2017-10-16 12:32 - 2017-09-30 00:36 - 002672024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
      2017-10-16 12:32 - 2017-09-30 00:36 - 000057976 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
      2017-10-16 12:32 - 2017-09-29 21:29 - 001408536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
      2017-10-16 12:32 - 2017-09-29 21:29 - 000804784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
      2017-10-16 12:32 - 2017-09-29 21:26 - 001333136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
      2017-10-16 12:32 - 2017-09-29 21:26 - 001292872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
      2017-10-16 12:32 - 2017-09-29 21:10 - 001839872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
      2017-10-16 12:32 - 2017-09-29 21:10 - 001150776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
      2017-10-16 12:32 - 2017-09-29 21:10 - 000606072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
      2017-10-16 12:32 - 2017-09-29 21:10 - 000508344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
      2017-10-16 12:32 - 2017-09-29 21:10 - 000480920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
      2017-10-16 12:32 - 2017-09-29 21:09 - 002259760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreUIComponents.dll
      2017-10-16 12:32 - 2017-09-29 21:09 - 000787712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
      2017-10-16 12:32 - 2017-09-29 21:06 - 004471368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
      2017-10-16 12:32 - 2017-09-29 21:05 - 005827744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
      2017-10-16 12:32 - 2017-09-29 21:05 - 002603744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
      2017-10-16 12:32 - 2017-09-29 21:05 - 001266544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
      2017-10-16 12:32 - 2017-09-29 21:05 - 000750488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
      2017-10-16 12:32 - 2017-09-29 21:05 - 000559000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
      2017-10-16 12:32 - 2017-09-29 21:04 - 004215184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
      2017-10-16 12:32 - 2017-09-29 21:04 - 000612120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
      2017-10-16 12:32 - 2017-09-29 21:04 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
      2017-10-16 12:32 - 2017-09-29 21:04 - 000438096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.dll
      2017-10-16 12:32 - 2017-09-29 21:04 - 000347544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
      2017-10-16 12:32 - 2017-09-29 21:04 - 000182680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
      2017-10-16 12:32 - 2017-09-29 21:03 - 020373408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
      2017-10-16 12:32 - 2017-09-29 21:03 - 006768288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
      2017-10-16 12:32 - 2017-09-29 21:03 - 001439032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
      2017-10-16 12:32 - 2017-09-29 21:02 - 000175512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
      2017-10-16 12:32 - 2017-09-29 21:01 - 000124544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
      2017-10-16 12:32 - 2017-09-29 02:46 - 023678976 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
      2017-10-16 12:32 - 2017-09-29 02:45 - 002953216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
      2017-10-16 12:32 - 2017-09-29 02:44 - 000133120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
      2017-10-16 12:32 - 2017-09-29 02:43 - 002199552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Resources.dll
      2017-10-16 12:32 - 2017-09-29 02:43 - 000142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\smartscreenps.dll
      2017-10-16 12:32 - 2017-09-29 02:43 - 000060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
      2017-10-16 12:32 - 2017-09-29 02:42 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mgmtapi.dll
      2017-10-16 12:32 - 2017-09-29 02:41 - 013844992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
      2017-10-16 12:32 - 2017-09-29 02:41 - 000110080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BitLockerCsp.dll
      2017-10-16 12:32 - 2017-09-29 02:40 - 006728192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
      2017-10-16 12:32 - 2017-09-29 02:40 - 000371200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
      2017-10-16 12:32 - 2017-09-29 02:40 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
      2017-10-16 12:32 - 2017-09-29 02:39 - 020511232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
      2017-10-16 12:32 - 2017-09-29 02:39 - 011888640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
      2017-10-16 12:32 - 2017-09-29 02:39 - 000364032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
      2017-10-16 12:32 - 2017-09-29 02:38 - 005721600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
      2017-10-16 12:32 - 2017-09-29 02:38 - 002671616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
      2017-10-16 12:32 - 2017-09-29 02:38 - 001135616 ____R (The ICU Project) C:\Windows\SysWOW64\icuuc.dll
      2017-10-16 12:32 - 2017-09-29 02:38 - 000471040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmCoreProvisioning.dll
      2017-10-16 12:32 - 2017-09-29 02:38 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
      2017-10-16 12:32 - 2017-09-29 02:38 - 000370688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
      2017-10-16 12:32 - 2017-09-29 02:38 - 000308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptngc.dll
      2017-10-16 12:32 - 2017-09-29 02:38 - 000229376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll
      2017-10-16 12:32 - 2017-09-29 02:37 - 000306688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.dll
      2017-10-16 12:32 - 2017-09-29 02:37 - 000038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerUI.dll
      2017-10-16 12:32 - 2017-09-29 02:36 - 019337216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
      2017-10-16 12:32 - 2017-09-29 02:36 - 000590336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
      2017-10-16 12:32 - 2017-09-29 02:35 - 003654656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
      2017-10-16 12:32 - 2017-09-29 02:34 - 017370624 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
      2017-10-16 12:32 - 2017-09-29 02:34 - 006255616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
      2017-10-16 12:32 - 2017-09-29 02:34 - 003669504 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
      2017-10-16 12:32 - 2017-09-29 02:34 - 002859520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
      2017-10-16 12:32 - 2017-09-29 02:34 - 000798720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
      2017-10-16 12:32 - 2017-09-29 02:34 - 000787456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
      2017-10-16 12:32 - 2017-09-29 02:34 - 000434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll
      2017-10-16 12:32 - 2017-09-29 02:33 - 007598080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
      2017-10-16 12:32 - 2017-09-29 02:33 - 004559360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
      2017-10-16 12:32 - 2017-09-29 02:33 - 001506816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
      2017-10-16 12:32 - 2017-09-29 02:33 - 000658944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
      2017-10-16 12:32 - 2017-09-29 02:32 - 002782720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
      2017-10-16 12:32 - 2017-09-29 02:32 - 002340864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
      2017-10-16 12:32 - 2017-09-29 02:32 - 002199552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.dll
      2017-10-16 12:32 - 2017-09-29 02:32 - 001627136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
      2017-10-16 12:32 - 2017-09-29 02:32 - 001244160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Phone.dll
      2017-10-16 12:32 - 2017-09-29 02:32 - 000209920 _____ (Microsoft Corporation) C:\Windows\system32\smartscreenps.dll
      2017-10-16 12:32 - 2017-09-29 02:32 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
      2017-10-16 12:32 - 2017-09-29 02:32 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
      2017-10-16 12:32 - 2017-09-29 02:32 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
      2017-10-16 12:32 - 2017-09-29 02:32 - 000029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
      2017-10-16 12:32 - 2017-09-29 02:32 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\mgmtapi.dll
      2017-10-16 12:32 - 2017-09-29 02:31 - 003107328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
      2017-10-16 12:32 - 2017-09-29 02:31 - 000306176 _____ (Microsoft Corporation) ====

    9. #9
      Usuario Avatar de pc7000
      Registrado
      oct 2017
      Ubicación
      colombia
      Mensajes
      11

      Re: Que estan haciendo estos hackers?

      C:\Windows\system32\MusNotification.exe
      2017-10-16 12:32 - 2017-09-29 02:31 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
      2017-10-16 12:32 - 2017-09-29 02:31 - 000113152 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll
      2017-10-16 12:32 - 2017-09-29 02:31 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
      2017-10-16 12:32 - 2017-09-29 02:30 - 023686144 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
      2017-10-16 12:32 - 2017-09-29 02:30 - 007931392 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
      2017-10-16 12:32 - 2017-09-29 02:30 - 000529408 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
      2017-10-16 12:32 - 2017-09-29 02:30 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
      2017-10-16 12:32 - 2017-09-29 02:30 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
      2017-10-16 12:32 - 2017-09-29 02:29 - 008333312 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
      2017-10-16 12:32 - 2017-09-29 02:29 - 001460736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_fs.dll
      2017-10-16 12:32 - 2017-09-29 02:29 - 001318912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_health.dll
      2017-10-16 12:32 - 2017-09-29 02:29 - 000724992 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
      2017-10-16 12:32 - 2017-09-29 02:29 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll
      2017-10-16 12:32 - 2017-09-29 02:29 - 000157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
      2017-10-16 12:32 - 2017-09-29 02:29 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
      2017-10-16 12:32 - 2017-09-29 02:29 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
      2017-10-16 12:32 - 2017-09-29 02:28 - 000699904 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll
      2017-10-16 12:32 - 2017-09-29 02:28 - 000681472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
      2017-10-16 12:32 - 2017-09-29 02:28 - 000556032 _____ (Microsoft Corporation) C:\Windows\system32\TpmCoreProvisioning.dll
      2017-10-16 12:32 - 2017-09-29 02:28 - 000527360 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
      2017-10-16 12:32 - 2017-09-29 02:28 - 000473088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
      2017-10-16 12:32 - 2017-09-29 02:28 - 000458752 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnr.dll
      2017-10-16 12:32 - 2017-09-29 02:28 - 000297984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe
      2017-10-16 12:32 - 2017-09-29 02:28 - 000256000 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll
      2017-10-16 12:32 - 2017-09-29 02:28 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
      2017-10-16 12:32 - 2017-09-29 02:28 - 000040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cipher.exe
      2017-10-16 12:32 - 2017-09-29 02:27 - 012803072 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
      2017-10-16 12:32 - 2017-09-29 02:27 - 000616960 _____ (Microsoft Corporation) C:\Windows\system32\WindowManagement.dll
      2017-10-16 12:32 - 2017-09-29 02:27 - 000524800 _____ (Microsoft Corporation) C:\Windows\system32\TileDataRepository.dll
      2017-10-16 12:32 - 2017-09-29 02:27 - 000412160 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
      2017-10-16 12:32 - 2017-09-29 02:27 - 000409600 _____ (Microsoft Corporation) C:\Windows\system32\cryptngc.dll
      2017-10-16 12:32 - 2017-09-29 02:27 - 000350720 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.dll
      2017-10-16 12:32 - 2017-09-29 02:26 - 008213504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
      2017-10-16 12:32 - 2017-09-29 02:26 - 002809344 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
      2017-10-16 12:32 - 2017-09-29 02:26 - 001468928 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
      2017-10-16 12:32 - 2017-09-29 02:26 - 001269760 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
      2017-10-16 12:32 - 2017-09-29 02:26 - 000772096 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll
      2017-10-16 12:32 - 2017-09-29 02:26 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerUI.dll
      2017-10-16 12:32 - 2017-09-29 02:25 - 008199168 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
      2017-10-16 12:32 - 2017-09-29 02:25 - 004175872 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
      2017-10-16 12:32 - 2017-09-29 02:25 - 002760704 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
      2017-10-16 12:32 - 2017-09-29 02:25 - 000586240 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
      2017-10-16 12:32 - 2017-09-29 02:24 - 003377664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
      2017-10-16 12:32 - 2017-09-29 02:24 - 003307008 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
      2017-10-16 12:32 - 2017-09-29 02:24 - 002503680 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
      2017-10-16 12:32 - 2017-09-29 02:24 - 001886208 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
      2017-10-16 12:32 - 2017-09-29 02:24 - 001628672 _____ (Microsoft Corporation) C:\Windows\system32\UserDataService.dll
      2017-10-16 12:32 - 2017-09-29 02:24 - 001307648 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
      2017-10-16 12:32 - 2017-09-29 02:24 - 000684032 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
      2017-10-16 12:32 - 2017-09-29 02:23 - 005557760 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
      2017-10-16 12:32 - 2017-09-29 02:23 - 004730368 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
      2017-10-16 12:32 - 2017-09-29 02:23 - 003140096 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
      2017-10-16 12:32 - 2017-09-29 02:23 - 002730496 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe
      2017-10-16 12:32 - 2017-09-29 02:23 - 002446336 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
      2017-10-16 12:32 - 2017-09-29 02:23 - 002055680 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
      2017-10-16 12:32 - 2017-09-29 02:23 - 001887744 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
      2017-10-16 12:32 - 2017-09-29 02:23 - 001605632 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
      2017-10-16 12:32 - 2017-09-29 02:23 - 001460224 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
      2017-10-16 12:32 - 2017-09-29 02:23 - 001398784 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
      2017-10-16 12:32 - 2017-09-29 02:23 - 001052672 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
      2017-10-16 12:32 - 2017-09-29 02:23 - 000986624 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
      2017-10-16 12:32 - 2017-09-29 02:23 - 000972288 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
      2017-10-16 12:32 - 2017-09-29 02:23 - 000756224 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
      2017-10-16 12:32 - 2017-09-29 02:23 - 000647168 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
      2017-10-16 12:32 - 2017-09-29 02:22 - 002829824 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
      2017-10-16 12:32 - 2017-09-29 02:22 - 001802240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
      2017-10-16 12:32 - 2017-09-29 02:22 - 000407040 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
      2017-10-16 12:32 - 2017-09-29 02:21 - 003304448 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
      2017-10-16 12:32 - 2017-09-29 02:21 - 000722944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
      2017-10-16 12:32 - 2017-09-29 02:21 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Core.TextInput.dll
      2017-10-16 12:32 - 2017-09-29 02:21 - 000414208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
      2017-10-16 12:32 - 2017-09-29 02:21 - 000324096 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
      2017-10-16 12:32 - 2017-09-29 02:21 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\InputLocaleManager.dll
      2017-10-16 12:32 - 2017-09-29 02:20 - 000804864 _____ (Microsoft Corporation) C:\Windows\system32\fvewiz.dll
      2017-10-16 12:32 - 2017-09-29 02:20 - 000385536 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
      2017-10-16 12:32 - 2017-09-29 02:20 - 000286208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
      2017-10-16 12:32 - 2017-09-29 02:20 - 000194560 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
      2017-10-16 12:32 - 2017-09-29 02:19 - 000325120 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
      2017-10-16 12:32 - 2017-09-29 02:19 - 000306176 _____ (Microsoft Corporation) C:\Windows\system32\fveui.dll
      2017-10-16 12:32 - 2017-09-29 02:19 - 000208896 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
      2017-10-16 12:32 - 2017-09-29 02:18 - 002438656 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll
      2017-10-16 12:32 - 2017-09-29 02:18 - 001527296 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
      2017-10-16 12:32 - 2017-09-29 02:18 - 000215040 _____ (Microsoft Corporation) C:\Windows\system32\manage-bde.exe
      2017-10-16 12:32 - 2017-09-29 02:18 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerDeviceEncryption.exe
      2017-10-16 12:32 - 2017-09-29 00:40 - 000804312 _____ C:\Windows\SysWOW64\locale.nls
      2017-10-16 12:32 - 2017-09-29 00:40 - 000804312 _____ C:\Windows\system32\locale.nls
      2017-10-16 12:32 - 2017-09-20 10:08 - 000640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll
      2017-10-16 12:32 - 2017-09-20 10:08 - 000345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
      2017-10-16 12:32 - 2017-09-20 10:08 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll
      2017-10-16 12:32 - 2017-09-18 18:20 - 001065104 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
      2017-10-16 12:32 - 2017-09-18 18:20 - 000900376 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
      2017-10-16 12:32 - 2017-09-18 18:18 - 000965024 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.efi
      2017-10-16 12:32 - 2017-09-18 18:17 - 001395664 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
      2017-10-16 12:32 - 2017-09-18 18:17 - 001186464 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
      2017-10-16 12:32 - 2017-09-18 18:17 - 000821664 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.exe
      2017-10-16 12:32 - 2017-09-18 18:11 - 001018272 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
      2017-10-16 12:32 - 2017-09-18 18:09 - 000554400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
      2017-10-16 12:32 - 2017-09-18 17:25 - 000117248 _____ (Microsoft Corporation) C:\Windows\system32\eShims.dll
      2017-10-16 12:32 - 2017-09-18 17:20 - 000831488 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
      2017-10-16 12:32 - 2017-09-18 17:20 - 000049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tetheringclient.dll
      2017-10-16 12:32 - 2017-09-18 17:15 - 000648704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
      2017-10-16 12:31 - 2017-09-30 00:48 - 000644696 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
      2017-10-16 12:31 - 2017-09-30 00:40 - 000642680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
      2017-10-16 12:31 - 2017-09-30 00:40 - 000184728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
      2017-10-16 12:31 - 2017-09-30 00:40 - 000072944 _____ (Microsoft Corporation) C:\Windows\system32\easinvoker.exe
      2017-10-16 12:31 - 2017-09-30 00:39 - 000203672 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
      2017-10-16 12:31 - 2017-09-29 02:33 - 000175616 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
      2017-10-16 12:31 - 2017-09-29 02:32 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\usoapi.dll
      2017-10-16 12:31 - 2017-09-29 02:31 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\efssvc.dll
      2017-10-16 12:31 - 2017-09-29 02:30 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerCsp.dll
      2017-10-16 12:31 - 2017-09-29 02:29 - 000550400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
      2017-10-16 12:31 - 2017-09-29 02:29 - 000461824 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
      2017-10-16 12:31 - 2017-09-29 02:29 - 000304640 _____ (Microsoft Corporation) C:\Windows\system32\dusmsvc.dll
      2017-10-16 12:31 - 2017-09-29 02:29 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\ServiceWorkerHost.exe
      2017-10-16 12:31 - 2017-09-29 02:28 - 000254976 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
      2017-10-16 12:31 - 2017-09-29 02:27 - 001321984 ____R (The ICU Project) C:\Windows\system32\icuuc.dll
      2017-10-16 12:31 - 2017-09-29 02:27 - 000565760 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
      2017-10-16 12:31 - 2017-09-29 02:27 - 000538624 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
      2017-10-16 12:31 - 2017-09-29 02:26 - 000356864 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
      2017-10-16 12:31 - 2017-09-29 02:23 - 000841216 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
      2017-10-16 12:31 - 2017-09-29 02:23 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
      2017-10-16 12:31 - 2017-09-29 02:22 - 001438208 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Phone.dll
      2017-10-16 12:31 - 2017-09-29 02:21 - 000154624 _____ (Microsoft Corporation) C:\Windows\system32\regsvc.dll
      2017-10-16 12:31 - 2017-09-29 02:21 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
      2017-10-16 12:31 - 2017-09-29 02:20 - 001811456 _____ (Microsoft Corporation) C:\Windows\system32\wsp_health.dll
      2017-10-16 12:31 - 2017-09-29 02:20 - 000150016 _____ (Microsoft Corporation) C:\Windows\system32\iscsiexe.dll
      2017-10-16 12:31 - 2017-09-29 02:19 - 002088448 _____ (Microsoft Corporation) C:\Windows\system32\wsp_fs.dll
      2017-10-16 12:31 - 2017-09-29 02:18 - 000893440 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
      2017-10-16 12:31 - 2017-09-29 02:18 - 000603136 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
      2017-10-16 12:31 - 2017-09-29 02:18 - 000347648 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
      2017-10-16 12:31 - 2017-09-29 02:18 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
      2017-10-16 12:31 - 2017-09-29 02:18 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\cipher.exe
      2017-10-16 12:31 - 2017-09-18 17:26 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\tetheringclient.dll
      2017-10-16 12:31 - 2017-09-18 17:23 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll
      2017-10-15 23:39 - 2017-10-15 23:39 - 002171783 _____ C:\Users\Alex\Downloads\Differences between Ecuadorian Spanish and Mexican spanish.pptx
      2017-10-15 22:49 - 2017-10-15 22:49 - 000001265 _____ C:\Users\Public\Desktop\aTube Catcher.lnk
      2017-10-15 22:49 - 2017-10-15 22:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
      2017-10-15 22:49 - 2017-10-15 22:49 - 000000000 ____D C:\Program Files (x86)\DsNET Corp
      2017-10-15 22:49 - 2013-05-23 09:52 - 000386560 _____ (Dart Communications) C:\Windows\SysWOW64\DartSecure2.dll
      2017-10-15 22:49 - 2013-05-23 09:52 - 000234496 _____ (Dart Communications) C:\Windows\SysWOW64\DartCertificate.dll
      2017-10-15 22:49 - 2013-05-06 13:17 - 000425472 _____ (Dart Communications) C:\Windows\SysWOW64\DartSock.dll
      2017-10-15 22:49 - 2008-08-18 19:18 - 000077824 _____ (Fox Magic Software) C:\Windows\SysWOW64\fmcodec.DLL
      2017-10-15 22:37 - 2017-10-15 22:37 - 000573324 _____ C:\Users\Alex\Downloads\¿Cómo hablan los ecuatorianos-.mp4
      2017-10-15 22:19 - 2017-10-15 22:19 - 000403244 _____ C:\Users\Alex\Documents\Cuenca-Spanish.wav
      2017-10-15 22:17 - 2017-10-15 22:17 - 000403244 _____ C:\Users\Alex\Documents\Cuenca-Spanish_3.wav
      2017-10-15 22:16 - 2017-10-15 22:16 - 000000000 _____ C:\Users\Alex\Documents\Cuenca-Spanish
      2017-10-14 22:05 - 2017-10-14 22:06 - 000832000 _____ C:\Users\Alex\Downloads\Word+Order (1).ppt
      2017-10-14 21:54 - 2017-10-14 21:54 - 002870984 _____ (ESET) C:\Users\Alex\Downloads\esetsmartinstaller_enu.exe
      2017-10-14 21:54 - 2017-10-14 21:54 - 000000000 ____D C:\Users\Alex\AppData\Local\ESET
      2017-10-14 21:53 - 2017-10-14 21:54 - 006754944 _____ (ESET spol. s r.o.) C:\Users\Alex\Downloads\esetonlinescanner_enu.exe
      2017-10-14 21:44 - 2017-10-14 21:44 - 001790024 _____ (Malwarebytes) C:\Users\Alex\Desktop\JRT.exe
      2017-10-14 19:29 - 2017-10-14 20:41 - 001354902 _____ C:\TDSSKiller.3.1.0.15_14.10.2017_19.29.45_log.txt
      2017-10-14 19:24 - 2017-10-31 16:11 - 000000000 ____D C:\AdwCleaner
      2017-10-14 19:14 - 2017-10-14 19:15 - 008250832 _____ (Malwarebytes) C:\Users\Alex\Desktop\AdwCleaner.exe
      2017-10-14 19:13 - 2017-10-14 19:26 - 000303048 _____ C:\TDSSKiller.3.1.0.15_14.10.2017_19.13.24_log.txt
      2017-10-14 19:12 - 2017-10-14 19:12 - 004922400 _____ (AO Kaspersky Lab) C:\Users\Alex\Desktop\tdsskiller.exe
      2017-10-14 19:07 - 2017-10-14 19:07 - 000892416 _____ (Farbar) C:\Users\Alex\Desktop\MiniToolBox.exe
      2017-10-11 21:25 - 2017-10-11 21:26 - 000606720 _____ C:\Users\Alex\Downloads\Word+Order.ppt
      2017-10-10 10:05 - 2017-10-10 10:05 - 003608131 _____ C:\Users\Alex\Downloads\TreeForm_1_0_3 (1).zip
      2017-10-10 10:05 - 2017-10-10 10:05 - 000000000 ____D C:\Users\Alex\Downloads\TreeForm_1_0_3 (1)
      2017-10-10 10:00 - 2017-10-10 10:00 - 000073349 _____ C:\Users\Alex\Downloads\SyntacticTree.jar
      2017-10-10 09:58 - 2017-10-10 09:58 - 000000000 ____D C:\Users\Alex\AppData\Roaming\LingTreeConstructor
      2017-10-10 09:57 - 2017-10-10 09:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LingTreeConstructor
      2017-10-10 09:57 - 2017-10-10 09:57 - 000000000 ____D C:\Program Files (x86)\LingTreeConstructor
      2017-10-10 09:55 - 2017-10-10 09:56 - 017079765 _____ C:\Users\Alex\Downloads\ltc-3.2.0-setup-windows.exe
      2017-10-10 09:49 - 2017-10-10 09:49 - 003608131 _____ C:\Users\Alex\Downloads\TreeForm_1_0_3.zip
      2017-10-10 09:49 - 2017-10-10 09:49 - 000000000 ____D C:\Users\Alex\Downloads\TreeForm_1_0_3
      2017-10-09 18:39 - 2017-10-09 18:39 - 000140436 _____ C:\Users\Alex\Downloads\THE_INTRANSITIVE_PREDICATION.pdf
      2017-10-07 18:02 - 2017-10-07 18:02 - 000380379 _____ C:\Users\Alex\Downloads\rodriguez-mondonedo_05_Ca (1).pdf
      2017-10-07 15:19 - 2017-10-07 16:46 - 000707187 _____ C:\Users\Alex\Downloads\Structure of an Academic Paper.pptx
      2017-10-07 14:40 - 2017-10-07 14:40 - 000380379 _____ C:\Users\Alex\Downloads\rodriguez-mondonedo_05_Ca.pdf
      2017-10-07 14:31 - 2017-10-07 14:31 - 001567423 _____ C:\Users\Alex\Downloads\english-spanish-syntactic-contrasts-minimalism-and-optimality--0.pdf
      2017-10-07 01:10 - 2017-10-07 01:10 - 000853525 _____ C:\Users\Alex\Downloads\310-310-2-PB (1).pdf
      2017-10-07 01:09 - 2017-10-07 01:09 - 000853525 _____ C:\Users\Alex\Downloads\310-310-2-PB.pdf
      2017-10-05 16:15 - 2017-11-02 04:01 - 000000000 ____D C:\ProgramData\Malwarebytes
      2017-10-05 16:15 - 2017-10-10 21:16 - 000077440 _____ C:\Windows\system32\Drivers\mbae64.sys
      2017-10-05 16:15 - 2017-10-05 16:15 - 000001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
      2017-10-05 16:15 - 2017-10-05 16:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
      2017-10-05 16:15 - 2017-10-05 16:15 - 000000000 ____D C:\ProgramData\MB2Migration
      2017-10-05 16:15 - 2017-10-05 16:15 - 000000000 ____D C:\Program Files\Malwarebytes
      2017-10-05 16:10 - 2017-10-05 16:10 - 000000000 ____D C:\Users\Alex\Downloads\AntiMalware byte 3.2.2.2018 by Mat Kairos
      2017-10-05 15:33 - 2017-10-05 16:09 - 089308921 _____ C:\Users\Alex\Downloads\AntiMalware byte 3.2.2.2018 by Mat Kairos.rar
      2017-10-03 15:51 - 2017-10-03 15:51 - 000000744 _____ C:\Users\Alex\Documents\Pictures - Shortcut.lnk
      2017-10-03 11:22 - 2017-10-10 15:07 - 000000000 ____D C:\Users\Alex\AppData\Local\ElevatedDiagnostics

      ==================== One Month Modified files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-11-02 17:32 - 2017-09-05 20:28 - 000000000 ____D C:\Users\Alex\AppData\Roaming\uTorrent
      2017-11-02 17:24 - 2017-06-28 16:53 - 000000000 ____D C:\Windows\system32\SleepStudy
      2017-11-02 16:38 - 2017-03-18 16:03 - 000000000 ____D C:\Windows\AppReadiness
      2017-11-02 16:26 - 2017-09-15 22:25 - 000000000 ____D C:\Users\Alex\Desktop\Syntax and Morphology for Applied Linguistics
      2017-11-02 16:22 - 2017-06-28 17:10 - 000000000 ____D C:\Program Files (x86)\McAfee
      2017-11-02 13:32 - 2017-09-18 01:16 - 000000000 ____D C:\Users\Alex\AppData\Roaming\Psiphon3
      2017-11-02 12:25 - 2017-06-28 17:09 - 000000000 ____D C:\ProgramData\NVIDIA
      2017-11-02 11:37 - 2017-09-14 14:12 - 000000000 ____D C:\Users\Alex\Documents\Praat Samples
      2017-11-02 11:31 - 2017-03-18 16:03 - 000000000 ____D C:\Windows\system32\NDF
      2017-11-02 11:04 - 2017-09-19 21:55 - 000000000 ____D C:\Users\Alex\Desktop\Phonetics and Phonology
      2017-11-02 03:50 - 2017-08-19 15:50 - 000000000 ____D C:\Users\Alex\AppData\Roaming\Nitro
      2017-11-01 22:55 - 2017-08-18 23:39 - 000000000 ____D C:\Users\Alex\AppData\Local\NVIDIA
      2017-11-01 14:48 - 2017-06-28 17:01 - 000000000 ____D C:\ProgramData\Package Cache
      2017-11-01 14:44 - 2017-03-18 16:03 - 000000000 ___HD C:\Program Files\WindowsApps
      2017-11-01 02:47 - 2017-06-28 17:00 - 001791310 _____ C:\Windows\system32\PerfStringBackup.INI
      2017-11-01 02:41 - 2017-06-28 17:07 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
      2017-11-01 02:41 - 2017-03-18 16:01 - 000000000 ____D C:\Windows\INF
      2017-11-01 02:40 - 2017-06-28 17:06 - 000000000 ____D C:\Program Files (x86)\VulkanRT
      2017-11-01 01:23 - 2017-09-07 15:57 - 000000000 ____D C:\Users\Alex\AppData\Local\CrashDumps
      2017-10-31 20:19 - 2017-08-18 23:42 - 000003376 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3661476216-3847632659-3844190572-1001
      2017-10-31 20:19 - 2017-08-18 23:41 - 000002366 _____ C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
      2017-10-31 20:19 - 2017-08-18 23:41 - 000000000 ___RD C:\Users\Alex\OneDrive
      2017-10-31 00:53 - 2017-08-18 23:39 - 000000000 ____D C:\Users\Alex\AppData\Local\Packages
      2017-10-29 23:48 - 2017-06-28 17:03 - 000000000 ____D C:\ProgramData\Intel
      2017-10-29 23:47 - 2017-06-28 17:01 - 000000000 ____D C:\Program Files\Intel
      2017-10-29 22:43 - 2017-06-28 17:08 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
      2017-10-29 22:41 - 2017-06-28 17:06 - 000000000 ____D C:\Program Files\NVIDIA Corporation
      2017-10-29 22:25 - 2017-08-18 23:40 - 000000000 ____D C:\Users\Alex\AppData\Local\NVIDIA Corporation
      2017-10-29 22:19 - 2017-09-13 20:53 - 000004000 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-10-29 22:19 - 2017-09-13 20:53 - 000003940 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-10-29 22:18 - 2017-09-13 20:53 - 000004308 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-10-29 22:18 - 2017-09-13 20:53 - 000003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-10-29 22:18 - 2017-09-13 20:53 - 000003866 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-10-29 22:18 - 2017-09-13 20:53 - 000003858 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-10-29 22:18 - 2017-09-13 20:53 - 000003696 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-10-29 22:18 - 2017-09-13 20:53 - 000003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-10-29 14:41 - 2017-08-18 23:39 - 000000000 __SHD C:\Users\Alex\IntelGraphicsProfiles
      2017-10-29 14:41 - 2017-06-28 17:10 - 000018818 _____ C:\Windows\system32\results.xml
      2017-10-29 14:39 - 2017-09-26 20:37 - 000394464 _____ C:\Windows\system32\FNTCACHE.DAT
      2017-10-29 14:39 - 2017-06-28 16:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2017-10-29 03:26 - 2017-08-18 23:36 - 000000000 ____D C:\Users\Alex
      2017-10-29 02:01 - 2017-06-28 17:03 - 000000000 ____D C:\Program Files (x86)\Intel
      2017-10-29 01:44 - 2017-06-28 16:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
      2017-10-29 01:44 - 2017-03-18 16:03 - 000000000 ____D C:\Windows\Registration
      2017-10-29 01:44 - 2017-03-18 16:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
      2017-10-29 01:43 - 2017-06-28 17:08 - 000000000 ____D C:\ProgramData\Dell
      2017-10-29 01:43 - 2017-06-28 16:59 - 000000000 ____D C:\Program Files\Dell
      2017-10-29 01:42 - 2017-06-28 17:19 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
      2017-10-29 01:22 - 2017-06-28 16:59 - 000000000 ____D C:\ProgramData\PCDr
      2017-10-29 01:18 - 2017-03-18 06:40 - 001048576 _____ C:\Windows\system32\config\BBI
      2017-10-29 01:16 - 2017-09-08 13:40 - 000000000 ____D C:\Program Files (x86)\Steam
      2017-10-27 12:50 - 2017-09-13 20:50 - 000057976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
      2017-10-27 12:50 - 2017-06-28 17:07 - 004485048 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
      2017-10-27 12:50 - 2017-06-28 17:07 - 003817584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
      2017-10-27 12:50 - 2017-06-28 17:07 - 000048442 _____ C:\Windows\system32\nvinfo.pb
      2017-10-27 11:36 - 2017-09-13 20:52 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
      2017-10-27 11:12 - 2017-06-28 17:07 - 005960824 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
      2017-10-27 11:12 - 2017-06-28 17:07 - 002587768 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
      2017-10-27 11:12 - 2017-06-28 17:07 - 001766520 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
      2017-10-27 11:12 - 2017-06-28 17:07 - 000607168 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
      2017-10-27 11:12 - 2017-06-28 17:07 - 000449656 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
      2017-10-27 11:12 - 2017-06-28 17:07 - 000123000 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
      2017-10-27 11:12 - 2017-06-28 17:07 - 000081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
      2017-10-26 16:29 - 2017-06-28 17:01 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
      2017-10-25 17:45 - 2017-09-23 18:40 - 000004598 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
      2017-10-25 17:45 - 2017-03-18 16:03 - 000000000 ____D C:\Windows\SysWOW64\Macromed
      2017-10-25 17:45 - 2017-03-18 16:03 - 000000000 ____D C:\Windows\system32\Macromed
      2017-10-25 05:33 - 2017-06-28 17:07 - 007802921 _____ C:\Windows\system32\nvcoproc.bin
      2017-10-17 20:44 - 2017-03-18 16:03 - 000000000 ____D C:\Windows\rescache
      2017-10-17 18:11 - 2017-03-18 15:51 - 000000000 ____D C:\Windows\CbsTemp
      2017-10-16 18:30 - 2017-06-28 17:13 - 000000000 __RHD C:\Users\Public\AccountPictures
      2017-10-16 17:57 - 2017-08-19 16:30 - 000000000 ____D C:\Windows\system32\MRT
      2017-10-16 17:55 - 2017-08-19 16:29 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
      2017-10-16 17:38 - 2017-03-18 16:03 - 000000000 ____D C:\Windows\ShellExperiences
      2017-10-16 17:38 - 2017-03-18 16:03 - 000000000 ____D C:\Windows\Provisioning
      2017-10-16 17:37 - 2017-03-18 16:03 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
      2017-10-16 17:37 - 2017-03-18 16:03 - 000207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
      2017-10-16 13:57 - 2017-09-18 01:16 - 006659184 _____ C:\Users\Alex\Downloads\psiphon3.exe
      2017-10-12 19:54 - 2017-08-19 14:38 - 000003446 _____ C:\Windows\System32\Tasks\McAfee Remediation (Prepare)
      2017-10-12 19:21 - 2017-03-18 16:06 - 000835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
      2017-10-12 19:21 - 2017-03-18 16:06 - 000177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
      2017-10-12 16:38 - 2017-09-13 20:50 - 000057792 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\SETE13F.tmp
      2017-10-12 16:38 - 2017-06-28 17:07 - 004482792 _____ (NVIDIA Corporation) C:\Windows\system32\SETED9E.tmp
      2017-10-12 16:38 - 2017-06-28 17:07 - 003816560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\SETB77.tmp
      2017-10-11 18:14 - 2017-09-23 18:40 - 000004422 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
      2017-10-10 20:01 - 2017-09-13 20:53 - 001796216 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
      2017-10-10 20:01 - 2017-09-13 20:53 - 001578104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
      2017-10-10 20:01 - 2017-09-13 20:53 - 000919160 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
      2017-10-10 20:01 - 2017-09-13 20:50 - 000186488 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
      2017-10-10 20:01 - 2017-09-13 20:50 - 000152696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
      2017-10-10 20:01 - 2017-09-13 20:50 - 000057976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\SETB4E9.tmp
      2017-10-10 20:01 - 2017-09-13 20:50 - 000050808 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
      2017-10-10 18:26 - 2017-09-13 20:52 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
      2017-10-07 01:20 - 2017-06-28 17:11 - 000003142 _____ C:\Windows\System32\Tasks\McAfeeLogon

      ==================== Files in the root of some directories =======

      2017-09-18 03:12 - 2017-09-29 19:35 - 000007623 _____ () C:\Users\Alex\AppData\Local\Resmon.ResmonCfg

      Some files in TEMP:
      ====================
      2009-05-05 15:30 - 2009-05-05 15:30 - 022385499 _____ () C:\Users\Alex\AppData\Local\Temp\aoe3-113-english.exe
      2009-05-05 15:41 - 2009-05-05 15:41 - 021301977 _____ () C:\Users\Alex\AppData\Local\Temp\aoe3x-105-english.exe
      2009-05-20 09:54 - 2009-05-20 09:54 - 018450772 _____ () C:\Users\Alex\AppData\Local\Temp\aoe3y-102-english.exe
      2017-10-29 22:43 - 2017-10-12 14:59 - 000760032 _____ (NVIDIA Corporation) C:\Users\Alex\AppData\Local\Temp\nvSCPAPI.dll
      2017-10-29 22:43 - 2017-10-12 14:59 - 000874184 _____ (NVIDIA Corporation) C:\Users\Alex\AppData\Local\Temp\nvSCPAPI64.dll
      2017-11-01 02:35 - 2017-10-12 14:59 - 000370112 _____ (NVIDIA Corporation) C:\Users\Alex\AppData\Local\Temp\nvStInst.exe
      2017-09-18 01:16 - 2017-11-02 04:55 - 015939512 _____ () C:\Users\Alex\AppData\Local\Temp\psiphon-tunnel-core.exe
      2017-10-14 18:18 - 2017-10-14 18:18 - 010979296 _____ () C:\Users\Alex\AppData\Local\Temp\psiphon-url-proxy.exe
      2005-12-09 16:08 - 2005-12-09 16:08 - 000061440 _____ () C:\Users\Alex\AppData\Local\Temp\standalonepatcher.exe
      2007-01-09 17:39 - 2007-01-09 17:39 - 000061440 _____ () C:\Users\Alex\AppData\Local\Temp\standalonepatcherX.exe
      2008-02-15 15:57 - 2008-02-15 15:57 - 000061440 _____ () C:\Users\Alex\AppData\Local\Temp\standalonepatcherY.exe
      2017-10-01 19:34 - 2017-09-29 19:39 - 000169648 _____ () C:\Users\Alex\AppData\Local\Temp\substat.dll
      2017-10-01 19:34 - 2017-09-29 19:39 - 000445104 _____ () C:\Users\Alex\AppData\Local\Temp\uninstall.dll

      ==================== Bamital & volsnap ======================

      (There is no automatic fix for files that do not pass verification.)

      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\SysWOW64\explorer.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\SysWOW64\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll => File is digitally signed
      C:\Windows\SysWOW64\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\SysWOW64\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

      LastRegBack: 2017-10-28 17:05

      ==================== End of FRST.txt ========================

    10. #10
      Usuario Avatar de pc7000
      Registrado
      oct 2017
      Ubicación
      colombia
      Mensajes
      11

      Re: Que estan haciendo estos hackers?

      Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-11-2017
      Ran by Alex (02-11-2017 17:34:59)
      Running from C:\Users\Alex\Desktop
      Windows 10 Home Version 1703 15063.674 (X64) (2017-08-19 06:05:59)
      Boot Mode: Normal
      ==========================================================


      ==================== Accounts: =============================

      Administrator (S-1-5-21-3661476216-3847632659-3844190572-500 - Administrator - Disabled)
      Alex (S-1-5-21-3661476216-3847632659-3844190572-1001 - Administrator - Enabled) => C:\Users\Alex
      DefaultAccount (S-1-5-21-3661476216-3847632659-3844190572-503 - Limited - Disabled)
      Guest (S-1-5-21-3661476216-3847632659-3844190572-501 - Limited - Disabled)

      ==================== Security Center ========================

      (If an entry is included in the fixlist, it will be removed.)

      AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      AV: McAfee VirusScan (Disabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
      AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      AS: McAfee VirusScan (Disabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
      FW: McAfee Firewall (Disabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}

      ==================== Installed Programs ======================

      (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

      . . (HKLM\...\{8FD6FE5A-E1E1-47F3-BBE6-FE2B1364DCB8}) (Version: 7.1 - Intel) Hidden
      . . . (HKLM-x32\...\{2394186A-5445-4293-B739-352009350342}) (Version: 3.0.0.9 - Intel) Hidden
      µTorrent (HKU\S-1-5-21-3661476216-3847632659-3844190572-1001\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
      Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.183 - Adobe Systems Incorporated)
      Age of Empires III - The Asian Dynasties (HKLM-x32\...\{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
      Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios)
      Age of Empires III - The WarChiefs (HKLM-x32\...\{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
      Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios)
      Age of Empires III (HKLM-x32\...\{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
      Age of Empires III (HKLM-x32\...\InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}) (Version: 1.00.0000 - Microsoft Game Studios)
      aTube Catcher version 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
      Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
      BlueStacks 3 (HKLM-x32\...\BlueStacks) (Version: 3.50.50.1647 - BlueStack Systems, Inc.)
      CCleaner (HKLM\...\CCleaner) (Version: 5.26 - Piriform)
      Core Temp 1.10.2 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.10.2 - ALCPU)
      DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.6.0.0283 - Disc Soft Ltd)
      Dell Command | Power Manager (HKLM\...\{DDDAF4A7-8B7D-4088-AECC-6F50E594B4F5}) (Version: 2.1.0 - Dell Inc.)
      Dell Customer Connect (HKLM-x32\...\{04A41EBC-AB30-4574-A14D-E0CDFE31AB70}) (Version: 1.5.1.0 - Dell Inc.)
      Dell Digital Delivery (HKLM-x32\...\{7294961D-6EC1-4418-9017-0180A0C78A91}) (Version: 3.2.1006.0 - Dell Products, LP)
      Dell Foundation Services (HKLM\...\{BDB50421-E961-42F3-B803-6DAC6F173834}) (Version: 3.4.16100.0 - Dell Inc.)
      Dell Help & Support (HKLM\...\{457EFE69-8F49-43E0-80F9-1DEF4F7690C2}) (Version: 2.5.23.0 - Dell Inc.) Hidden
      Dell Help & Support (HKLM-x32\...\InstallShield_{457EFE69-8F49-43E0-80F9-1DEF4F7690C2}) (Version: 2.5.23.0 - Dell Inc.)
      Dell Product Registration (HKLM-x32\...\InstallShield_{0CB75726-FC62-4609-B5DA-0031E64F771B}) (Version: 3.0.128.0 - Dell Inc.)
      Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 2.0.6875.668 - Dell)
      Dell SupportAssist Remediation (HKLM\...\{4164FBBB-3428-4EFE-863F-30CAC3ADE51A}) (Version: 3.1.2.3837 - Dell Inc.) Hidden
      Dell SupportAssist Remediation (HKLM-x32\...\{80642b68-d76d-4777-a9dc-4ca30647e8a8}) (Version: 3.1.2.3837 - Dell Inc.)
      Dell SupportAssistAgent (HKLM\...\{18EF001B-B005-46CB-917B-112BA69ED85E}) (Version: 2.0.3.10 - Dell)
      Dell System Detect (HKU\S-1-5-21-3661476216-3847632659-3844190572-1001\...\d24084d039586cae) (Version: 8.8.0.1 - Dell)
      Dell Update - SupportAssist Update Plugin (HKLM\...\{2228BC43-73DA-4F9A-BEE6-8E9C15328513}) (Version: 3.1.1.3832 - Dell Inc.)
      Dell Update (HKLM-x32\...\{F91263FA-BE4D-439D-9C0A-2E7204E0E9E3}) (Version: 1.9.20.0 - Dell Inc.)
      Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
      Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
      Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
      Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11000.2996 - Intel Corporation)
      Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 1.1.0.317 - Intel Corporation)
      Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1035 - Intel Corporation)
      Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4735 - Intel Corporation)
      Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.7.3.1019 - Intel Corporation)
      Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{7FADF1ED-241A-4F82-B8FD-19BD0A82FFA0}) (Version: 19.11.1639.0649 - Intel Corporation)
      Intel® Driver & Support Assistant (HKLM-x32\...\{01f3f6b8-1a81-4b10-b51f-f69af12e1d69}) (Version: 3.0.0.9 - Intel)
      Intel® PROSet/Wireless Software (HKLM-x32\...\{8431b7d7-59d1-4f45-8212-a2eac049528f}) (Version: 19.60.0 - Intel Corporation)
      IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.1.2 - IObit)
      Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
      League of Legends (HKLM-x32\...\{2F5D7825-7460-43B1-B467-7F9737557108}) (Version: 4.2.1 - Riot Games) Hidden
      League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
      Linguistic Tree Constructor (HKLM-x32\...\LingTreeConstructor) (Version: - )
      Malwarebytes version 3.2.2.2018 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2018 - Malwarebytes)
      Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.9177.0 - Waves Audio Ltd.) Hidden
      McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0.3 - McAfee, Inc.)
      McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.139 - McAfee, Inc.)
      Mendeley Desktop 1.17.11 (HKLM-x32\...\Mendeley Desktop) (Version: 1.17.11 - Mendeley Ltd.)
      Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.8528.2147 - Microsoft Corporation)
      Microsoft Office 365 - es-es (HKLM\...\O365HomePremRetail - es-es) (Version: 16.0.8528.2147 - Microsoft Corporation)
      Microsoft Office 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.8528.2147 - Microsoft Corporation)
      Microsoft OneDrive (HKU\S-1-5-21-3661476216-3847632659-3844190572-1001\...\OneDriveSetup.exe) (Version: 17.3.7074.1023 - Microsoft Corporation)
      Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60831.0 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{56F27690-F6EA-3356-980A-02BA379506EE}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
      Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
      Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
      Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
      Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
      Nitro Pro (HKLM\...\{9651FF7E-0DB1-4388-ADE7-017E4B9C9D47}) (Version: 11.0.3.134 - Nitro)
      NVIDIA 3D Vision Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
      NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
      NVIDIA Graphics Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
      NVIDIA HD Audio Driver 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
      NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
      Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8528.2147 - Microsoft Corporation) Hidden
      Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8528.2147 - Microsoft Corporation) Hidden
      Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8528.2147 - Microsoft Corporation) Hidden
      Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
      Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-040C-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
      Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
      OpenAL (HKLM-x32\...\OpenAL) (Version: - )
      Product Registration (HKLM\...\{0CB75726-FC62-4609-B5DA-0031E64F771B}) (Version: 3.0.128.0 - Dell Inc.) Hidden
      Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.17.018 - Dell Inc.)
      Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
      Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 10.11.923.2016 - Realtek)
      Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8142 - Realtek Semiconductor Corp.)
      Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
      TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
      Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
      Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
      Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
      WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

      ==================== Custom CLSID (Whitelisted): ==========================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2017-09-25] (McAfee, Inc.)
      ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Nitro\Pro 11\NPShellExtension.dll [2016-12-08] (Nitro PDF)
      ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2015-07-15] (IObit)
      ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
      ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
      ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
      ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2015-07-15] (IObit)
      ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
      ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\ki123525.inf_amd64_785c9312ba75cb53\igfxDTCM.dll [2017-07-24] (Intel Corporation)
      ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
      ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
      ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2017-09-25] (McAfee, Inc.)
      ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2015-07-15] (IObit)
      ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
      ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

      ==================== Scheduled Tasks (Whitelisted) =============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      Task: {0E7391FA-C0C6-471E-ACFB-FAC2B4B8500D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-10] (NVIDIA Corporation)
      Task: {2D871CB2-1CBA-48BB-8446-B431CE484E27} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-21] (Piriform Ltd)
      Task: {341B9339-D3CF-4F8C-87BB-18CF86ED143F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-28] ()
      Task: {3BCE5633-0601-4567-A810-43E29D257D90} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-28] ()
      Task: {455185B5-C5AA-4F5C-B0C5-89B51DEE6069} - System32\Tasks\McAfee\McAfee Idle Detection Task
      Task: {5C35DD6E-D8CC-4469-A995-A61C1E616F57} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-10-23] (Microsoft Corporation)
      Task: {5C5B937B-141C-445E-AA03-5E8D814BA34B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-10-23] (Microsoft Corporation)
      Task: {5EA2EAC9-4122-484C-93E7-6C5B85B55F13} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2017-09-14] (PC-Doctor, Inc.)
      Task: {61E03913-552A-42BD-9FC4-829ACBF2BA3B} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\mcafee\platform\McUICnt.exe [2017-05-31] (McAfee, Inc.)
      Task: {89E9531E-FFBD-448A-A991-2497946B83E8} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-10] (NVIDIA Corporation)
      Task: {8A685823-4D46-4DAE-BBB7-CF79E9EB56FA} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-10-10] (NVIDIA Corporation)
      Task: {8A888C3A-1602-42A1-BD59-C05AEA8D5C81} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
      Task: {8E869C31-16BC-473B-A2A8-4A51431A55E3} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-09-22] (Dell Inc.)
      Task: {933F8F14-74E3-4FAF-99CA-FEAF5C729644} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
      Task: {952265C0-2FE3-4373-BC1E-F883094B929A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-19] (Google Inc.)
      Task: {9A215EB3-5D47-4C35-B635-DE75912C091F} - System32\Tasks\S-1-5-21-3661476216-3847632659-3844190572-1001\DataSenseLiveTileTask => C:\Windows\System32\DataUsageLiveTileTask.exe [2017-03-18] (Microsoft Corporation)
      Task: {9D11E8E6-6EBE-4EC2-B7A3-1E3E10C1DF5E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-10] (NVIDIA Corporation)
      Task: {9F498A46-00A3-43CB-AFCA-39CEE2A35B6E} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-10-10] (NVIDIA Corporation)
      Task: {A080CE55-45F6-4043-9499-670531F734CD} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
      Task: {A968CD7C-69A7-45B4-8B74-47B3FDD41200} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [2017-08-29] (McAfee, Inc.)
      Task: {BC2FEA02-7D4E-48E7-9225-7118E8BAF5E7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-25] (Adobe Systems Incorporated)
      Task: {C2C8059C-44F4-49F8-A69D-26A15CA3A707} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-10] (NVIDIA Corporation)
      Task: {C330D7AA-DA04-43B2-A3E1-E1FCA59983E9} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-07-26] (Intel(R) Corporation)
      Task: {C3D66357-6F3E-4388-B6CB-C72A233302CE} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs"
      Task: {C5B4D831-715C-4D54-8604-D1EEFCD18E1C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-10] (NVIDIA Corporation)
      Task: {CAE72649-4F7C-493C-8E66-F47DA5573418} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-10-10] (NVIDIA Corporation)
      Task: {CB3E7C96-41C1-41B3-81D2-A044A767E16D} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_183_pepper.exe [2017-10-25] (Adobe Systems Incorporated)
      Task: {CE45A4F1-E7B8-4AB0-A833-D903D1C0CD31} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-05-08] (Realtek Semiconductor)
      Task: {D680FE3B-6AA1-477C-AB09-EF57FFB31804} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-19] (Google Inc.)
      Task: {E6BE37E4-1CE4-4DE4-9F65-4DA8670B458E} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2017-09-14] (PC-Doctor, Inc.)
      Task: {F90476F0-ABA4-49BA-AA4F-FF2766C4A4F1} - System32\Tasks\Intel\Intel Telemetry 2

      (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


      ==================== Shortcuts & WMI ========================

      (The entries could be listed to be restored or removed.)

      WMI_ActiveScriptEventConsumer_DellCommandPowerManagerAlertEventConsumer:
      WMI_ActiveScriptEventConsumer_DellCommandPowerManagerPolicyChangeEventConsumer:

      ==================== Loaded Modules (Whitelisted) ==============

      2016-12-08 12:29 - 2016-12-08 12:29 - 000419016 _____ () c:\program files\nitro\pro 11\nitro_updateservice.exe
      2016-12-08 12:29 - 2016-12-08 12:29 - 002730696 _____ () c:\program files\nitro\pro 11\Nitro_KissMetrics.dll
      2017-08-20 19:26 - 2017-09-25 12:48 - 001436400 _____ () C:\Program Files\McAfee\MSC\WscInteractionHandler.dll
      2017-08-20 19:27 - 2017-08-11 14:08 - 000595608 _____ () C:\Program Files\McAfee\MfeAV\RealProtectAMScanIf.dll
      2017-08-20 19:27 - 2017-08-11 14:08 - 000586728 _____ () C:\Program Files\McAfee\MfeAV\RepairModule.dll
      2017-03-18 15:58 - 2017-03-18 15:58 - 000138000 _____ () C:\Windows\SYSTEM32\inputhost.dll
      2017-10-19 13:01 - 2017-10-19 13:02 - 000087552 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
      2017-10-19 13:01 - 2017-10-19 13:02 - 000206336 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
      2017-10-19 13:01 - 2017-10-19 13:02 - 025446400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\SkyWrap.dll
      2017-10-19 13:01 - 2017-10-19 13:02 - 002542592 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\skypert.dll
      2016-12-16 15:03 - 2016-12-16 15:03 - 000054488 _____ () C:\Program Files\CCleaner\branding.dll
      2017-09-13 20:53 - 2017-10-10 20:01 - 001267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
      2017-03-07 19:04 - 2017-03-07 19:04 - 000157456 _____ () C:\Program Files\Intel Driver and Support Assistant\SUR\SurSvc.exe
      2017-10-29 23:47 - 2017-03-07 19:13 - 000747792 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\esrv.exe
      2017-10-29 23:47 - 2017-03-07 19:18 - 001981712 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_modeler.dll
      2017-10-29 23:47 - 2017-03-07 19:11 - 000238864 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\foreground_window_input.dll
      2017-10-29 23:47 - 2017-03-07 19:08 - 000218384 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_user_waiting_input.dll
      2017-03-18 15:59 - 2017-03-18 21:32 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
      2017-09-18 01:16 - 2017-10-16 13:57 - 006659184 _____ () C:\Users\Alex\Downloads\psiphon3.exe
      2017-06-28 17:07 - 2017-10-27 11:12 - 000133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
      2017-09-21 21:58 - 2017-09-21 02:29 - 004022616 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libglesv2.dll
      2017-09-21 21:58 - 2017-09-21 02:29 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libegl.dll
      2017-09-18 01:16 - 2017-11-02 04:55 - 015939512 _____ () C:\Users\Alex\AppData\Local\Temp\psiphon-tunnel-core.exe
      2017-09-08 10:39 - 2017-09-08 10:39 - 000388096 _____ () C:\Program Files (x86)\Mendeley Desktop\MendeleyWordPlugin.exe
      2017-09-19 10:35 - 2017-09-19 10:35 - 000134008 _____ () C:\Program Files (x86)\Dell Customer Connect\ServiceTagPlusPlus.dll
      2017-04-28 09:05 - 2017-04-28 09:05 - 000134008 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
      2017-05-01 17:27 - 2017-05-01 17:27 - 000133992 _____ () C:\Program Files (x86)\Dell Update\ServiceTagPlusPlus.dll
      2016-10-05 23:17 - 2016-10-05 23:17 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
      2017-09-13 20:53 - 2017-10-10 20:01 - 001040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
      2017-09-13 20:53 - 2017-10-10 20:00 - 070806136 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
      2016-12-08 11:56 - 2016-12-08 11:56 - 000004608 _____ () C:\Program Files (x86)\Common Files\Nitro\Pro\11\Nitro.OfficeAddin.Net.Aggregator.11.dll
      2016-12-08 11:56 - 2016-12-08 11:56 - 000040448 _____ () C:\Program Files (x86)\Common Files\Nitro\Pro\11\Nitro.OfficeAddin.Net.Common.11.dll
      2016-12-08 11:56 - 2016-12-08 11:56 - 000948736 _____ () C:\Program Files (x86)\Common Files\Nitro\Pro\11\Nitro.OfficeAddin.Net.UI.11.dll
      2016-12-08 11:56 - 2016-12-08 11:56 - 000074240 _____ () C:\Program Files (x86)\Common Files\Nitro\Pro\11\Nitro.PdfCommon.Net.11.dll
      2017-06-28 17:22 - 2017-10-16 18:49 - 001444560 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\ClientTelemetry.dll
      2017-09-08 10:38 - 2017-09-08 10:38 - 000636416 _____ () C:\Program Files (x86)\Mendeley Desktop\Mendeley.dll

    Página 1 de 2 12 ÚltimoÚltimo