Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Ransomware kill malwarebytes chamaleon on safe mode


  • This topic is locked This topic is locked

#16
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
OK,

I will get rid of all the left over Comodo files in the fix I'm preparing, theirs quite a few running. Give me a min or so to get the fix ready for you.
  • 0

Advertisements


#17
samidelcueva

samidelcueva

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts

ok, thanks


  • 0

#18
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
What is this in your uninstall programs list, is that a browser or what.

Chromodo

looks like part of Comodo, I'd be getting rid of that too.
  • 0

#19
samidelcueva

samidelcueva

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts

it's okay


  • 0

#20
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
Download the enclosed => Attached File  fixlist.txt   19.93KB   45 downloads Save it in the location FRST64 is. Run FRST and click on the Fix button. Wait until finished.

The tool will make a log in the location FRST is, (Fixlog.txt). Please post it to your reply.
  • 0

#21
samidelcueva

samidelcueva

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts

i dont know what it happened, but the fixlog was not generated, i dont find it anywhere, was bitdefender maybe?, because when i were running FRST, i had to turn it off, because it detected FRST as virus


  • 0

#22
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
Yes Bitdefender is thinking FRST is a virus.


Disable it, run again
  • 0

#23
samidelcueva

samidelcueva

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts

Fix result of Farbar Recovery Scan Tool (x64) Version: 31-08-2016
Ran by samuel (04-09-2016 15:12:17) Run:1
Running from C:\Users\samuel\Desktop
Loaded Profiles: samuel (Available Profiles: samuel)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
S2 ZAMSvc; "C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /service [X]
S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam64.sys [X]
2016-09-02 22:35 - 2016-09-04 12:54 - 00046960 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2016-08-31 21:06 - 2016-08-31 21:37 - 00000000 ____D C:\Program Files (x86)\Avira
2016-08-27 20:54 - 2016-08-27 20:55 - 02307616 _____ (Kaspersky Lab) C:\Users\samuel\Downloads\kts17.0.0.611en_10781.exe
C:\Users\samuel\AppData\Local\Temp\avgnt.exe
C:\Users\samuel\AppData\Local\Temp\dllnt_dump.dll
C:\Users\samuel\AppData\Local\Temp\HitmanPro.exe
C:\Users\samuel\AppData\Local\Temp\libeay32.dll
C:\Users\samuel\AppData\Local\Temp\msvcr120.dll
C:\Users\samuel\AppData\Local\Temp\sqlite3.dll
AlternateDataStreams: C:\setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\acmigration.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AERTAC64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\AERTAR64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\appraiser.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ASGCoInstaller_x64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AzureSettingSyncProvider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CloudBackupSettings.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CompatTelRunner.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\ConsoleLogon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\container.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dafpos.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\das.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dasHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPA64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DDPD64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DDPO64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DDPP64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\deviceassociation.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DeviceCensus.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\difx64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\domgmt.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dosvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyAppv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSBoostDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSGFXAPO64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSGFXAPONS64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSLFXAPO64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSLimiterDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSNeoPCDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSSymmetryDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSU2PGFX64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSU2PLFX64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSU2PREC64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\dxmasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\FMAPO64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\generaltel.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GenValObj.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GfxUIEx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Gfxv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Gfxv4_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ie4uinit.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iedkcs32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ieframe.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iernonce.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iertutil.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iesetup.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCUIService.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxEM.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\igfxext.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxHK.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxSDK.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxTray.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\inetcpl.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelCpHDCPSvc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiUMS64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\KAAPORT64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\LockAppHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\lsasrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO20.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO30.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO4064.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioEQ64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MaxxVolumeSDAPO.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\mf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfpmp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfsrcsnk.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfsvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MSAJApi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msdxm.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msfeeds.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\netiougc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\offlinelsa.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\offlinesam.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\pidgenx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\qmgr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEA64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\R4EED64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\R4EEG64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\R4EEL64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\R4EEP64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RCoInstII64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\reseteng.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ResetEngine.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ResetEngine.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RltkAPO64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RP3DAA64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RP3DHT64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\rpcrt4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTCOM64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtDataProc64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RTEED64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RTEEG64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RTEEL64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RTEEP64A.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtkApi64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtkCfg64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtkCoLDR64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtlCPAPI64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtPgEx64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RTSnMg64.cpl:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\samlib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\samsrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SettingSyncCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SettingSyncHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SettingSyncPolicy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SFAPO64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SFCOM64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SFNHK64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SFSS_APO.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\slc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\slcext.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sppc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sppcext.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sppsvc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\spwmp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSHP64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SRSTSH64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SRSTSX64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SRSWOW64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\StorageUsage.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\StorSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SysResetErr.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\systemreset.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tadefxapo.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\tadefxapo264.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\tcpipcfg.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tepeqapo64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\tosade.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\tsmf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\uReFS.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\urlmon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\w32time.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wdfcoinstaller01009.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wfdprov.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WiFiConfigSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wifiprofilessettinghandler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\win32kbase.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WinBioDataModel.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WinBioDataModelOOBE.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Xaml.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wlanapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wlanhlp.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\wlanmsm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wlansec.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wlansvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wlansvcpal.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wmp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wmploc.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WpAXHolder.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wpninprc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CloudBackupSettings.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\container.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\deviceassociation.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dxmasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iedkcs32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ieframe.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iernonce.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iertutil.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iesetup.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\inetcpl.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\LockAppHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfpmp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfsrcsnk.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfsvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MSAJApi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msdxm.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msfeeds.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\netiougc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\offlinelsa.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\offlinesam.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\pidgenx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\rpcrt4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\samlib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SettingSyncCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SettingSyncHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SFCOM.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\slc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\slcext.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\sppc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\sppcext.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\spwmp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\tcpipcfg.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\tsmf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\uReFS.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\urlmon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wfdprov.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\winmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wlanapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wlanhlp.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wmp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wmploc.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\AsusTP.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\cng.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\hidclass.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\hidparse.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\hidusb.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ksecpkg.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\massfilter_hs.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mrxsmb.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mrxsmb20.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\partmgr.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\rdbss.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RTKVHD64.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\stornvme.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\viahsets.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\viahsser.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wof.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\zghsser.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\samuel\Desktop\adwcleaner_6.010.exe:BDU [0]
AlternateDataStreams: C:\Users\samuel\Desktop\JRT.exe:BDU [0]
AlternateDataStreams: C:\Users\samuel\Desktop\TFC.exe:BDU [0]
AlternateDataStreams: C:\Users\samuel\Desktop\Vldaurri Aguirre Hector M  - Matematicas Financieras.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\samuel\Downloads\El economista camuflado.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\samuel\Downloads\El economista camuflado.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\samuel\Downloads\El Papel de la Bolsa Mexicana de Valores y su impacto en la economía de México.docx:$CmdTcID [64]
AlternateDataStreams: C:\Users\samuel\Downloads\El Papel de la Bolsa Mexicana de Valores y su impacto en la economía de México.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\samuel\Downloads\readerdc_es_xa_install.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\samuel\Downloads\readerdc_es_xa_install.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\samuel\Downloads\u3l3.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Users\samuel\Downloads\u3l3.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\samuel\Downloads\Zemana.AntiMalware.Setup.exe:BDU [0]
Task: C:\WINDOWS\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}.job => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe
C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe
2016-08-30 23:03 - 2016-08-30 23:03 - 00000000 ____D C:\Program Files (x86)\Comodo
2016-08-27 19:19 - 2016-08-27 19:19 - 00000000 ____D C:\WINDOWS\System32\Tasks\COMODO
2016-08-27 19:17 - 2016-08-27 19:17 - 00000000 ____D C:\Users\samuel\AppData\Local\Comodo
2016-08-27 19:11 - 2016-08-27 19:14 - 173597920 _____ (COMODO) C:\Users\samuel\Downloads\cispremium_installer_6100_08.exe
2016-08-27 19:40 - 2016-07-10 07:20 - 3604152 _____ (COMODO) C:\ProgramData\cis458.exe
2016-08-31 21:58 - 2016-07-10 07:20 - 3604152 _____ (COMODO) C:\ProgramData\cis86D2.exe
2016-08-27 20:45 - 2016-07-10 07:20 - 3604152 _____ (COMODO) C:\ProgramData\cisCF4C.exe
Task: {10408CAB-EAED-4FFC-8686-96E9CC82F1E1} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {3F965E7D-E571-4E28-B809-B19BD04BE885} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
C:\Program Files\COMODO\COMODO Internet Security
Task: {8AB45E23-DCEC-42CA-A17B-C0F40CF6ACD6} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
Task: {D29E1A8B-B1B0-46F5-8B74-C70B5FEDB4DA} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {F248122D-FEE1-40FA-92E2-7AD8D04D1758} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset catalog
CMD: ipconfig /flushdns
RemoveProxy:
hosts:
Emptytemp:
*****************

Processes closed successfully.
Restore point was successfully created.
ZAMSvc => service not found.
ZAM => service not found.
"C:\WINDOWS\system32\Drivers\hitmanpro37.sys" => not found.
"C:\Program Files (x86)\Avira" => not found.
"C:\Users\samuel\Downloads\kts17.0.0.611en_10781.exe" => not found.
"C:\Users\samuel\AppData\Local\Temp\avgnt.exe" => not found.
"C:\Users\samuel\AppData\Local\Temp\dllnt_dump.dll" => not found.
"C:\Users\samuel\AppData\Local\Temp\HitmanPro.exe" => not found.
"C:\Users\samuel\AppData\Local\Temp\libeay32.dll" => not found.
"C:\Users\samuel\AppData\Local\Temp\msvcr120.dll" => not found.
"C:\Users\samuel\AppData\Local\Temp\sqlite3.dll" => not found.
"C:\setup.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\acmigration.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\AERTAC64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\AERTAR64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\appraiser.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\ASGCoInstaller_x64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\AzureSettingSyncProvider.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\CloudBackupSettings.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\CompatTelRunner.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\ConsoleLogon.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\container.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\dafpos.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\das.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\dasHost.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\DDPA64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\DDPD64A.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\DDPO64A.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\DDPP64A.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\deviceassociation.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\DeviceCensus.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\difx64.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\domgmt.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\dosvc.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\DPTopologyApp.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\DPTopologyAppv2_0.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\DTSBoostDLL64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\DTSGFXAPO64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\DTSGFXAPONS64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\DTSLFXAPO64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\DTSLimiterDLL64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\DTSNeoPCDLL64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\DTSSymmetryDLL64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\DTSU2PGFX64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\DTSU2PLFX64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\DTSU2PREC64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\dxmasf.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\FMAPO64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\generaltel.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\GenValObj.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\GfxUIEx.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Gfxv2_0.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Gfxv4_0.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\ie4uinit.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\iedkcs32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\ieframe.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\iernonce.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\iertutil.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\iesetup.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\igfxCUIService.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\igfxEM.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\igfxext.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\igfxHK.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\igfxSDK.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\igfxTray.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\inetcpl.cpl" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\IntelCpHDCPSvc.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\IntelWiDiUMS64.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\KAAPORT64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\LockAppHost.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\lsasrv.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\MaxxAudioAPO20.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\MaxxAudioAPO30.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\MaxxAudioAPO4064.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\MaxxAudioEQ64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\MaxxVolumeSDAPO.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\mf.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\mfpmp.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\mfsrcsnk.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\mfsvr.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\MSAJApi.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\msdxm.ocx" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\msfeeds.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\netiougc.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\offlinelsa.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\offlinesam.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\pidgenx.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\qmgr.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\R4EEA64A.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\R4EED64A.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\R4EEG64A.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\R4EEL64A.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\R4EEP64A.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\RCoInstII64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\reseteng.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\ResetEngine.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\ResetEngine.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\RltkAPO64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\RP3DAA64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\RP3DHT64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\rpcrt4.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\RTCOM64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\RtDataProc64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\RTEED64A.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\RTEEG64A.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\RTEEL64A.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\RTEEP64A.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\RtkApi64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\RtkCfg64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\RtkCoLDR64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\RtlCPAPI64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\RtPgEx64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\RTSnMg64.cpl" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\samlib.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\samsrv.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\SettingSyncCore.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\SettingSyncHost.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\SettingSyncPolicy.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\SFAPO64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\SFCOM64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\SFNHK64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\SFSS_APO.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\slc.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\slcext.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\sppc.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\sppcext.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\sppsvc.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\spwmp.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\SRSHP64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\SRSTSH64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\SRSTSX64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\SRSWOW64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\StorageUsage.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\StorSvc.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\SysResetErr.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\systemreset.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\tadefxapo.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\tadefxapo264.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\tcpipcfg.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\tepeqapo64.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\tosade.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\tsmf.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\uReFS.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\urlmon.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\w32time.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\wdfcoinstaller01009.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\wfdprov.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\WiFiConfigSP.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\wifiprofilessettinghandler.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\win32kbase.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\WinBioDataModel.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\WinBioDataModelOOBE.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Windows.UI.Xaml.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\winmde.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\wlanapi.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\wlanhlp.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\wlanmsm.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\wlansec.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\wlansvc.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\wlansvcpal.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\wmp.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\wmploc.DLL" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\WpAXHolder.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\wpninprc.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\CloudBackupSettings.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\container.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\deviceassociation.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\dxmasf.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\iedkcs32.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\ieframe.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\iernonce.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\iertutil.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\iesetup.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\inetcpl.cpl" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\LockAppHost.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\mf.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\mfpmp.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\mfsrcsnk.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\mfsvr.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\MSAJApi.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\msdxm.ocx" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\msfeeds.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\netiougc.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\offlinelsa.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\offlinesam.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\pidgenx.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\rpcrt4.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\samlib.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\SettingSyncCore.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\SettingSyncHost.exe" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\SFCOM.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\slc.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\slcext.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\sppc.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\sppcext.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\spwmp.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\tcpipcfg.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\tsmf.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\uReFS.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\urlmon.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\wfdprov.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\winmde.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\wlanapi.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\wlanhlp.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\wmp.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\SysWOW64\wmploc.DLL" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\AsusTP.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\cng.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\hidclass.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\hidparse.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\hidusb.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\ksecpkg.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\massfilter_hs.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\mrxsmb.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\mrxsmb20.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\partmgr.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\rdbss.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\RTKVHD64.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\stornvme.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\viahsets.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\viahsser.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\wof.sys" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\zghsser.sys" => ":$CmdTcID" ADS not found.
"C:\Users\samuel\Desktop\adwcleaner_6.010.exe" => ":BDU" ADS not found.
"C:\Users\samuel\Desktop\JRT.exe" => ":BDU" ADS not found.
"C:\Users\samuel\Desktop\TFC.exe" => ":BDU" ADS not found.
"C:\Users\samuel\Desktop\Vldaurri Aguirre Hector M  - Matematicas Financieras.pdf" => ":$CmdZnID" ADS not found.
"C:\Users\samuel\Downloads\El economista camuflado.pdf" => ":$CmdTcID" ADS not found.
"C:\Users\samuel\Downloads\El economista camuflado.pdf" => ":$CmdZnID" ADS not found.
"C:\Users\samuel\Downloads\El Papel de la Bolsa Mexicana de Valores y su impacto en la economía de México.docx" => ":$CmdTcID" ADS not found.
"C:\Users\samuel\Downloads\El Papel de la Bolsa Mexicana de Valores y su impacto en la economía de México.docx" => ":$CmdZnID" ADS not found.
"C:\Users\samuel\Downloads\readerdc_es_xa_install.exe" => ":$CmdTcID" ADS not found.
"C:\Users\samuel\Downloads\readerdc_es_xa_install.exe" => ":$CmdZnID" ADS not found.
"C:\Users\samuel\Downloads\u3l3.pdf" => ":$CmdTcID" ADS not found.
"C:\Users\samuel\Downloads\u3l3.pdf" => ":$CmdZnID" ADS not found.
"C:\Users\samuel\Downloads\Zemana.AntiMalware.Setup.exe" => ":BDU" ADS not found.
C:\WINDOWS\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}.job => not found.
"C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe" => not found.
"C:\Program Files (x86)\Comodo" => not found.
"C:\WINDOWS\System32\Tasks\COMODO" => not found.
"C:\Users\samuel\AppData\Local\Comodo" => not found.
"C:\Users\samuel\Downloads\cispremium_installer_6100_08.exe" => not found.
"C:\ProgramData\cis458.exe" => not found.
"C:\ProgramData\cis86D2.exe" => not found.
"C:\ProgramData\cisCF4C.exe" => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10408CAB-EAED-4FFC-8686-96E9CC82F1E1} => key not found.
C:\WINDOWS\System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F965E7D-E571-4E28-B809-B19BD04BE885} => key not found.
C:\WINDOWS\System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => key not found.
"C:\Program Files\COMODO\COMODO Internet Security" => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8AB45E23-DCEC-42CA-A17B-C0F40CF6ACD6} => key not found.
C:\WINDOWS\System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D29E1A8B-B1B0-46F5-8B74-C70B5FEDB4DA} => key not found.
C:\WINDOWS\System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F248122D-FEE1-40FA-92E2-7AD8D04D1758} => key not found.
C:\WINDOWS\System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => key not found.

========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========


========= netsh winsock reset catalog =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-3690298984-718693576-1200642337-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-3690298984-718693576-1200642337-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7389993 B
Java, Flash, Steam htmlcache => 492 B
Windows/system/drivers => 88812 B
Edge => 0 B
Chrome => 0 B
Firefox => 9904395 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 4142 B
NetworkService => 0 B
samuel => 54248 B

RecycleBin => 0 B
EmptyTemp: => 16.7 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 15:12:30 ====


  • 0

#24
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
Run the computer for a while, your logs are clean.

Let me know how things are.

Thanks
Joe :)
  • 0

#25
samidelcueva

samidelcueva

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts

Okay thanks a lot, i will do that :)


  • 0

Advertisements


#26
samidelcueva

samidelcueva

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts

HI!

I've been using the computer these days, and at first everything right, but lately the programs are "freezing" a lot, the computer works very clumsily


  • 0

#27
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
Hello,

Can you post 2 new frst logs and we can take a look at things. I'll look at them late Tomorrow afternoon. I'm logging off for the nite.


Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Make sure you checkmark Addition.txt box.
  • Press Scan button.
  • Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.

  • 0

#28
samidelcueva

samidelcueva

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts

ok thanks, good night


  • 0

#29
samidelcueva

samidelcueva

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts

I decided to uninstall BitDefender, and my computer is much better, I have to use it more, but I'm pretty sure it was bitdefender the culprit, here are the logs

Attached Files


  • 0

#30
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
A few items to fix

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Open notepad (Start =>All Programs => Accessories => Notepad).
Copy/Paste the contents of the code box below into Notepad.

start
CloseProcesses:
CreateRestorePoint:
ChromodoUpdater; C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe [X]
S0 b06bdrv; System32\drivers\bxvbda.sys [X]
S3 hitmanpro37; \??\C:\WINDOWS\system32\drivers\hitmanpro37.sys [X]
S0 ignis; \SystemRoot\system32\DRIVERS\ignis.sys [X]
2016-09-06 21:05 - 2016-09-06 21:05 - 0101452 _____ () C:\ProgramData\1473217496.bdinstall.bin
2016-09-06 21:07 - 2016-09-06 21:07 - 0101685 _____ () C:\ProgramData\1473217641.bdinstall.bin
2016-09-06 22:51 - 2016-07-10 07:20 - 3604152 _____ (COMODO) C:\ProgramData\cisAE7D.exe
2016-08-27 17:52 - 2016-08-27 17:52 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Emptytemp:
  • Click Format and ensure Wordwrap is unchecked.
  • Save as Fixlist.txt to your Desktop (Must be in this location)
  • Run FRST/FRST64 and press the Fix button just once and wait.
  • If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
  • The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.S2
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP