• Registrarse
  • Iniciar sesión


  • Resultados 1 al 9 de 9

    Hbpix! Ayuda

    Mientras checaba unas cosas un archivo llamado hbpix se me descargo en mi computadora, a pesar de eso no se ejecuto y decidí borrar el archivo y luego vaciar la papelera de reciclaje. Aun asi ...

    1. #1
      Usuario Avatar de ayuda16
      Registrado
      dic 2016
      Ubicación
      Mexico
      Mensajes
      25

      Hbpix! Ayuda

      Mientras checaba unas cosas un archivo llamado hbpix se me descargo en mi computadora, a pesar de eso no se ejecuto y decidí borrar el archivo y luego vaciar la papelera de reciclaje.

      Aun asi para estar seguro estoy sigueindo los pasos de este post http://www.forospyware.com/t532203.html, de momento quisiera saber si hice bien en borrarlo asi y tambien si hay otros pasos a seguir?

      Agradezco su atencion

    2. #2
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      24.364

      Re: Hbpix! Ayuda

      Hola ayuda16

      Hiciste bien en eliminarlo

      Cuando hayas realizado los pasos que indiqué en ese tema, nos pones los reportes para revisarlos y comenta si notas algún problema en tu equipo relacionado con la descarga de hbpix.

      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de ayuda16
      Registrado
      dic 2016
      Ubicación
      Mexico
      Mensajes
      25

      Re: Hbpix! Ayuda

      Malwarebytes Anti-Malware
      www.malwarebytes.org

      Fecha del análisis: 20/09/2017
      Hora del análisis: 06:09 p.m.
      Archivo de registro: Mal.txt
      Administrador: Sí

      Versión: 2.2.1.1043
      Base de datos de malwares: v2017.09.20.06
      Base de datos de rootkits: v2017.09.13.01
      Licencia: Gratis
      Protección contra el malware: Desactivado
      Protección contra sitios web maliciosos: Desactivado
      Autoprotección: Desactivado

      SO: Windows 7 Service Pack 1
      CPU: x86
      Sistema de archivos: NTFS
      Usuario: Kodi

      Tipo de análisis: Análisis de amenazas
      Resultado: Completado
      Objetos analizados: 227567
      Tiempo transcurrido: 17 min, 20 seg

      Memoria: Activado
      Inicio: Activado
      Sistema de archivos: Activado
      Archivo: Activado
      Rootkits: Desactivado
      Heurística: Activado
      PUP: Activado
      PUM: Activado

      Procesos: 0
      (No hay elementos maliciosos detectados)

      Módulos: 0
      (No hay elementos maliciosos detectados)

      Claves del registro: 0
      (No hay elementos maliciosos detectados)

      Valores del registro: 0
      (No hay elementos maliciosos detectados)

      Datos del registro: 0
      (No hay elementos maliciosos detectados)

      Carpetas: 0
      (No hay elementos maliciosos detectados)

      Archivos: 0
      (No hay elementos maliciosos detectados)

      Sectores físicos: 0
      (No hay elementos maliciosos detectados)

    4. #4
      Usuario Avatar de ayuda16
      Registrado
      dic 2016
      Ubicación
      Mexico
      Mensajes
      25

      Re: Hbpix! Ayuda

      Junkware Removal Tool (JRT) by Malwarebytes
      Version: 8.1.4 (07.09.2017)
      Operating System: Windows 7 Home Premium x86
      Ran by Kodi (Administrator) on 20/09/2017 at 18:36:18.97
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




      File System: 0




      Registry: 1

      Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} (Registry Key)




      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Scan was completed on 20/09/2017 at 18:43:25.36
      End of JRT log
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

      Es lo unico que me sale en el registro, espero este bien

    5. #5
      Usuario Avatar de ayuda16
      Registrado
      dic 2016
      Ubicación
      Mexico
      Mensajes
      25

      Re: Hbpix! Ayuda

      # AdwCleaner 7.0.2.1 - Logfile created on Wed Sep 20 23:52:35 2017
      # Updated on 2017/29/08 by Malwarebytes
      # Running on Windows 7 Home Premium (X86)
      # Mode: clean
      # Support: https://www.malwarebytes.com/support

      ***** [ Services ] *****

      No malicious services deleted.

      ***** [ Folders ] *****

      Deleted: C:\Program Files\avg web tuneup


      ***** [ Files ] *****

      No malicious files deleted.

      ***** [ DLL ] *****

      No malicious DLLs cleaned.

      ***** [ WMI ] *****

      No malicious WMI cleaned.

      ***** [ Shortcuts ] *****

      No malicious shortcuts cleaned.

      ***** [ Tasks ] *****

      No malicious tasks deleted.

      ***** [ Registry ] *****

      No malicious registry entries deleted.

      ***** [ Firefox (and derivatives) ] *****

      No malicious Firefox entries deleted.

      ***** [ Chromium (and derivatives) ] *****

      No malicious Chromium entries deleted.

      *************************

      ::Tracing keys deleted
      ::Winsock settings cleared
      ::Additional Actions: 0



      *************************

      C:/AdwCleaner/AdwCleaner[S0].txt - [979 B] - [2017/9/20 23:52:6]


      ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

    6. #6
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      24.364

      Re: Hbpix! Ayuda

      Hola

      Descarga Farbar Recovery Scan Tool segun la arquitectura de tu sistema (32 o 64 bits)

      • La guardas en el escritorio >> Esto es muy importante..
      • Doble clic para ejecutar Frst.exe. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")
      • En la ventana del Disclaimer, presiona Yes.

      • En la nueva ventana que se abre, presiona el botón Scan y espera paciente a que concluya el análisis.
      • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, estos estarán grabados en tu escritorio.

      • Para terminar abres los archivos Frst.txt y Addition.Txt copia y pega todo su contenido en tu próxima respuesta. Utiliza dos mensajes si te dice que es muy largo.


      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #7
      Usuario Avatar de ayuda16
      Registrado
      dic 2016
      Ubicación
      Mexico
      Mensajes
      25

      Re: Hbpix! Ayuda

      FRST:

      Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-09-2017
      Ran by Kodi (administrator) on KODI-PC (21-09-2017 16:40:42)
      Running from C:\Users\Kodi\Desktop
      Loaded Profiles: Kodi (Available Profiles: Kodi)
      Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Español (España, internacional)
      Internet Explorer Version 11 (Default browser: FF)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: ***********************************************************************************************************

      ==================== Processes (Whitelisted) =================

      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

      (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
      (Google Inc.) C:\Program Files\Google\Update\1.3.33.5\GoogleCrashHandler.exe
      (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
      (Intel Corporation) C:\Windows\System32\igfxtray.exe
      (Intel Corporation) C:\Windows\System32\hkcmd.exe
      (Intel Corporation) C:\Windows\System32\igfxpers.exe
      (Star Micronics Co., Ltd.) C:\Program Files\StarMicronics\PrinterSoftware\StarMicronicsCloudUploader.exe
      (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
      (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
      (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
      (Intel Corporation) C:\Windows\System32\igfxsrvc.exe
      (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
      (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
      (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Microsoft Corporation) C:\Windows\System32\dllhost.exe

      ==================== Registry (Whitelisted) ===========================

      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

      HKLM\...\Run: [StarMicronicsCloudUploader_PSA] => C:\Program Files\StarMicronics\PrinterSoftware\StarMicronicsCloudUploader.exe [16384 2015-10-29] (Star Micronics Co., Ltd.)
      HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
      HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [220288 2017-09-14] (AVG Technologies CZ, s.r.o.)
      HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [289248 2017-09-02] (AVG Technologies CZ, s.r.o.)
      HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
      HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
      HKU\S-1-5-21-3893976312-2939792940-1707226396-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7684824 2017-09-07] (Piriform Ltd)
      HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2016-11-28] (Microsoft Corporation)

      ==================== Internet (Whitelisted) ====================

      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

      Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 192.168.1.254
      Tcpip\..\Interfaces\{BB37CF3C-035B-45C3-86C7-36B0C80860A7}: [DhcpNameServer] 192.168.1.254 192.168.1.254

      Internet Explorer:
      ==================
      BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
      BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-06-20] (Oracle Corporation)
      BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
      BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-06-20] (Oracle Corporation)

      FireFox:
      ========
      FF DefaultProfile: k18yswna.default
      FF ProfilePath: C:\Users\Kodi\AppData\Roaming\Mozilla\Firefox\Profiles\k18yswna.default [2017-09-21]
      FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
      FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
      FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-06-20] (Oracle Corporation)
      FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-20] (Oracle Corporation)
      FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
      FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
      FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
      FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
      FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
      FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)

      Chrome:
      =======
      CHR Profile: C:\Users\Kodi\AppData\Local\Google\Chrome\User Data\Default [2017-09-21]
      CHR Extension: (Traductor de Google) - C:\Users\Kodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2016-12-21]
      CHR Extension: (Presentaciones de Google) - C:\Users\Kodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-23]
      CHR Extension: (Google Docs) - C:\Users\Kodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-23]
      CHR Extension: (Google Drive) - C:\Users\Kodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-23]
      CHR Extension: (YouTube) - C:\Users\Kodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-23]
      CHR Extension: (Hojas de cálculo de Google) - C:\Users\Kodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-23]
      CHR Extension: (Documentos de Google sin conexión) - C:\Users\Kodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2009-03-17]
      CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Kodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-26]
      CHR Extension: (Gmail) - C:\Users\Kodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-23]
      CHR Extension: (Chrome Media Router) - C:\Users\Kodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-08]
      CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

      ==================== Services (Whitelisted) ====================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [276328 2017-09-02] (AVG Technologies CZ, s.r.o.)
      R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [5881008 2017-09-02] (AVG Technologies CZ, s.r.o.)
      R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [1189720 2017-09-14] (AVG Technologies CZ, s.r.o.)
      S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)

      ===================== Drivers (Whitelisted) ======================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R1 avgbdisk; C:\Windows\system32\drivers\avgbdiskx.sys [135872 2017-09-02] (AVG Technologies CZ, s.r.o.)
      R1 avgbidsdriver; C:\Windows\system32\drivers\avgbidsdriverx.sys [261128 2017-09-02] (AVG Technologies CZ, s.r.o.)
      R0 avgbidsh; C:\Windows\system32\drivers\avgbidshx.sys [151024 2017-09-02] (AVG Technologies CZ, s.r.o.)
      R0 avgblog; C:\Windows\system32\drivers\avgblogx.sys [270344 2017-09-02] (AVG Technologies CZ, s.r.o.)
      R0 avgbuniv; C:\Windows\system32\drivers\avgbunivx.sys [43992 2017-09-02] (AVG Technologies CZ, s.r.o.)
      S3 avgHwid; C:\Windows\system32\drivers\avgHwid.sys [35264 2017-09-02] (AVG Technologies CZ, s.r.o.)
      R2 avgMonFlt; C:\Windows\system32\drivers\avgMonFlt.sys [117368 2017-09-02] (AVG Technologies CZ, s.r.o.)
      R1 avgRdr; C:\Windows\system32\drivers\avgRdr2.sys [91976 2017-09-02] (AVG Technologies CZ, s.r.o.)
      R0 avgRvrt; C:\Windows\system32\drivers\avgRvrt.sys [63280 2017-09-02] (AVG Technologies CZ, s.r.o.)
      R1 avgSnx; C:\Windows\system32\drivers\avgSnx.sys [766216 2017-09-02] (AVG Technologies CZ, s.r.o.)
      R1 avgSP; C:\Windows\system32\drivers\avgSP.sys [492552 2017-09-02] (AVG Technologies CZ, s.r.o.)
      R2 avgStm; C:\Windows\system32\drivers\avgStm.sys [140648 2017-09-18] (AVG Technologies CZ, s.r.o.)
      R0 avgVmm; C:\Windows\system32\drivers\avgVmm.sys [289240 2017-09-02] (AVG Technologies CZ, s.r.o.)
      S3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes)
      S3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [53120 2016-03-10] (Malwarebytes Corporation)
      S1 ESProtectionDriver; \??\C:\Windows\system32\drivers\mbae.sys [X]
      S3 MBAMFarflt; \??\C:\Windows\system32\drivers\farflt.sys [X]

      ==================== NetSvcs (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


      ==================== One Month Created files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-09-21 16:40 - 2017-09-21 16:42 - 000010614 _____ C:\Users\Kodi\Desktop\FRST.txt
      2017-09-21 16:40 - 2017-09-21 16:40 - 000000000 ____D C:\FRST
      2017-09-21 16:38 - 2017-09-21 16:39 - 001796096 _____ (Farbar) C:\Users\Kodi\Downloads\FRST (1).exe
      2017-09-21 16:38 - 2017-09-21 16:38 - 001796096 _____ (Farbar) C:\Users\Kodi\Desktop\FRST.exe
      2017-09-20 18:59 - 2017-09-20 18:59 - 000000969 _____ C:\Users\Public\Desktop\CCleaner.lnk
      2017-09-20 18:59 - 2017-09-20 18:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
      2017-09-20 18:59 - 2017-09-20 18:59 - 000000000 ____D C:\Program Files\CCleaner
      2017-09-20 18:58 - 2017-09-20 18:58 - 009826968 _____ (Piriform Ltd) C:\Users\Kodi\Downloads\ccsetup534.exe
      2017-09-20 18:46 - 2017-09-20 18:52 - 000000000 ____D C:\AdwCleaner
      2017-09-20 18:46 - 2017-09-20 18:46 - 008182736 _____ (Malwarebytes) C:\Users\Kodi\Downloads\AdwCleaner.exe
      2017-09-20 18:31 - 2017-09-20 18:31 - 001790024 _____ (Malwarebytes) C:\Users\Kodi\Downloads\JRT.exe
      2017-09-20 18:07 - 2017-09-20 18:56 - 000170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
      2017-09-20 18:07 - 2017-09-20 18:07 - 000001064 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      2017-09-20 18:07 - 2017-09-20 18:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
      2017-09-20 18:07 - 2017-09-20 18:07 - 000000000 ____D C:\Program Files\Malwarebytes Anti-Malware
      2017-09-20 18:07 - 2016-03-10 14:09 - 000053120 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
      2017-09-20 18:07 - 2016-03-10 14:08 - 000126336 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
      2017-09-20 18:07 - 2016-03-10 14:08 - 000024448 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
      2017-09-20 18:06 - 2017-09-20 18:06 - 022851472 _____ (Malwarebytes ) C:\Users\Kodi\Downloads\mbam-setup-2.2.1.1043.exe
      2017-09-18 15:38 - 2017-09-18 15:38 - 000000000 ____D C:\Users\Kodi\Documents\Tareas
      2017-09-11 18:27 - 2017-09-11 18:52 - 000000000 ____D C:\Users\Kodi\Desktop\FAC-SEP-2017
      2017-09-02 12:45 - 2017-09-02 12:45 - 000305936 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe

      ==================== One Month Modified files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-09-21 08:32 - 2009-07-13 23:34 - 000019312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      2017-09-21 08:32 - 2009-07-13 23:34 - 000019312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      2017-09-21 08:22 - 2009-07-14 03:48 - 000746992 _____ C:\Windows\system32\perfh00A.dat
      2017-09-21 08:22 - 2009-07-14 03:48 - 000158464 _____ C:\Windows\system32\perfc00A.dat
      2017-09-21 08:22 - 2009-07-13 21:37 - 000000000 ____D C:\Windows\inf
      2017-09-21 08:22 - 2009-03-17 01:42 - 001675926 _____ C:\Windows\system32\PerfStringBackup.INI
      2017-09-21 08:18 - 2009-07-13 23:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2017-09-20 19:05 - 2016-11-29 13:21 - 000000000 ____D C:\Program Files\TeamViewer
      2017-09-20 19:03 - 2017-03-31 14:17 - 000000000 ____D C:\Windows\Minidump
      2017-09-20 19:03 - 2009-03-16 18:13 - 000000000 ____D C:\Windows\Panther
      2017-09-18 08:18 - 2017-03-22 09:04 - 000140648 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgstm.sys
      2017-09-15 18:44 - 2016-11-27 16:56 - 000000000 ____D C:\Users\Kodi\AppData\LocalLow\Mozilla
      2017-09-09 13:11 - 2017-02-23 18:23 - 000000000 ____D C:\Users\Kodi\Documents\Semestre III
      2017-09-09 12:30 - 2016-12-14 18:57 - 000000000 ____D C:\Users\Kodi\AppData\Local\Microsoft Games
      2017-09-05 08:07 - 2016-12-29 18:30 - 000000000 ____D C:\Program Files\Mozilla Firefox
      2017-09-05 08:07 - 2016-11-23 03:23 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
      2017-09-04 16:54 - 2017-04-03 06:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
      2017-09-04 16:54 - 2016-12-12 17:11 - 000000978 _____ C:\Users\Public\Desktop\AVG.lnk
      2017-09-02 13:09 - 2016-12-29 18:39 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
      2017-09-02 12:45 - 2017-03-22 09:04 - 000766216 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
      2017-09-02 12:45 - 2017-03-22 09:04 - 000492552 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
      2017-09-02 12:45 - 2017-03-22 09:04 - 000289240 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
      2017-09-02 12:45 - 2017-03-22 09:04 - 000117368 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
      2017-09-02 12:45 - 2017-03-22 09:04 - 000091976 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
      2017-09-02 12:45 - 2017-03-22 09:04 - 000063280 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
      2017-09-02 12:45 - 2017-03-22 09:04 - 000035264 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgHwid.sys
      2017-09-02 12:44 - 2017-03-22 09:04 - 000270344 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgblogx.sys
      2017-09-02 12:44 - 2017-03-22 09:04 - 000261128 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdriverx.sys
      2017-09-02 12:44 - 2017-03-22 09:04 - 000151024 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidshx.sys
      2017-09-02 12:44 - 2017-03-22 09:04 - 000135872 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbdiskx.sys
      2017-09-02 12:44 - 2017-03-22 09:04 - 000043992 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbunivx.sys
      2017-08-28 18:24 - 2016-11-23 03:52 - 000002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2017-08-28 18:24 - 2016-11-23 03:52 - 000002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk

      ==================== Bamital & volsnap ======================

      (There is no automatic fix for files that do not pass verification.)

      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

      LastRegBack: 2017-09-20 08:41

      ==================== End of FRST.txt ============================

    8. #8
      Usuario Avatar de ayuda16
      Registrado
      dic 2016
      Ubicación
      Mexico
      Mensajes
      25

      Re: Hbpix! Ayuda

      Addition:

      Additional scan result of Farbar Recovery Scan Tool (x86) Version: 20-09-2017
      Ran by Kodi (21-09-2017 16:42:46)
      Running from C:\Users\Kodi\Desktop
      Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2009-03-17 06:36:38)
      Boot Mode: Normal
      ==========================================================


      ==================== Accounts: =============================

      Administrador (S-1-5-21-3893976312-2939792940-1707226396-500 - Administrator - Disabled)
      HomeGroupUser$ (S-1-5-21-3893976312-2939792940-1707226396-1002 - Limited - Enabled)
      Invitado (S-1-5-21-3893976312-2939792940-1707226396-501 - Limited - Disabled)
      Kodi (S-1-5-21-3893976312-2939792940-1707226396-1000 - Administrator - Enabled) => C:\Users\Kodi

      ==================== Security Center ========================

      (If an entry is included in the fixlist, it will be removed.)

      AV: AVG Antivirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
      AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      AS: AVG Antivirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

      ==================== Installed Programs ======================

      (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

      Adobe Acrobat Reader DC - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
      AVG (HKLM\...\{1D382E7D-7E8B-4C85-9233-287017A66599}) (Version: 1.211.2 - AVG Technologies) Hidden
      AVG AntiVirus FREE (HKLM\...\AVG Antivirus) (Version: 17.6.3029 - AVG Technologies)
      CCleaner (HKLM\...\CCleaner) (Version: 5.34 - Piriform)
      CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6389 - CDBurnerXP)
      FMW 1 (HKLM\...\{E2258604-A4CB-4F29-BB9F-58081E193EAA}) (Version: 1.224.4 - AVG Technologies) Hidden
      Google Chrome (HKLM\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
      Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
      Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
      Java 8 Update 131 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
      Malwarebytes Anti-Malware versión 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
      Microsoft .NET Framework 4.5.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.51209 - Microsoft Corporation)
      Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
      Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
      Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
      Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
      Mozilla Firefox 55.0.3 (x86 es-MX) (HKLM\...\Mozilla Firefox 55.0.3 (x86 es-MX)) (Version: 55.0.3 - Mozilla)
      Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3.6445 - Mozilla)
      Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x86) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
      Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
      Star Micronics Printer Software Ver3.2.1 (HKLM\...\{F9DB5F65-098C-495A-B431-B2CA51886A27}) (Version: 3.2.1 - Star Micronics Co., Ltd.)
      Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
      WinRAR 5.40 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

      ==================== Custom CLSID (Whitelisted): ==========================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
      ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2017-09-02] (AVG Technologies CZ, s.r.o.)
      ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
      ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
      ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
      ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2009-09-23] (Intel Corporation)
      ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2017-09-02] (AVG Technologies CZ, s.r.o.)
      ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
      ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)

      ==================== Scheduled Tasks (Whitelisted) =============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      Task: {03AFDCF9-AF67-4EA8-B2CD-665E5106B1BD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-11-23] (Google Inc.)
      Task: {5317D44A-0710-4B5B-93E0-3DA65194E426} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
      Task: {58DD70D8-9918-4FB7-A046-5C11A62BC060} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-11-23] (Google Inc.)
      Task: {700CCABD-FD98-4120-8E71-5D3F2E7F2137} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
      Task: {7911F3A8-3921-4910-BDA4-BD1616E0AAC2} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\Windows\system32\EOSNotify.exe [2016-06-25] (Microsoft Corporation)
      Task: {91890D2E-78A3-4DE5-8243-9D871B61347A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-09-07] (Piriform Ltd)
      Task: {C7BB2E50-22AC-41F0-8F79-BF2E56504181} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [2017-09-02] (AVG Technologies CZ, s.r.o.)
      Task: {CD2D75AB-5322-4E09-B430-82383A3BFB70} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
      Task: {D26F966D-C4EC-471C-877C-7E5F94E87FC3} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3893976312-2939792940-1707226396-1000

      (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


      ==================== Shortcuts & WMI ========================

      (The entries could be listed to be restored or removed.)


      Shortcut: C:\Users\Kodi\Desktop\MACROPRO.lnk -> C:\Backup JISA\MPtotal\MACROPRO.BAT ()

      ==================== Loaded Modules (Whitelisted) ==============

      2017-09-02 12:45 - 2017-09-02 12:45 - 000060160 _____ () C:\Program Files\AVG\Antivirus\module_lifetime.dll
      2017-09-02 12:45 - 2017-09-02 12:45 - 000168216 _____ () C:\Program Files\AVG\Antivirus\JsonRpcServer.dll
      2017-09-02 12:45 - 2017-09-02 12:45 - 000213024 _____ () C:\Program Files\AVG\Antivirus\event_routing_rpc.dll
      2017-09-02 12:45 - 2017-09-02 12:45 - 000243080 _____ () C:\Program Files\AVG\Antivirus\tasks_core.dll
      2017-09-02 12:45 - 2017-09-02 12:45 - 000150688 _____ () C:\Program Files\AVG\Antivirus\network_notifications.dll
      2017-09-20 08:17 - 2017-09-20 08:17 - 005898376 _____ () C:\Program Files\AVG\Antivirus\defs\17092000\algo.dll
      2017-09-02 12:45 - 2017-09-02 12:45 - 000686808 _____ () C:\Program Files\AVG\Antivirus\ffl2.dll
      2017-09-02 12:45 - 2017-09-02 12:45 - 000242568 _____ () C:\Program Files\AVG\Antivirus\streamback.dll
      2017-09-21 12:23 - 2017-09-21 12:23 - 005898888 _____ () C:\Program Files\AVG\Antivirus\defs\17092104\algo.dll
      2013-09-05 00:14 - 2013-09-05 00:14 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
      2016-12-12 17:08 - 2016-12-12 17:07 - 048920064 _____ () C:\Program Files\AVG\UiDll\2623\libcef.dll
      2017-06-26 10:27 - 2017-06-26 10:27 - 067109376 _____ () C:\Program Files\AVG\Antivirus\libcef.dll
      2017-09-02 12:45 - 2017-09-02 12:45 - 000143912 _____ () c:\Program Files\AVG\Antivirus\vaarclient.dll
      2017-08-28 18:24 - 2017-08-23 02:31 - 002117976 _____ () C:\Program Files\Google\Chrome\Application\60.0.3112.113\swiftshader\libglesv2.dll
      2017-08-28 18:24 - 2017-08-23 02:31 - 000112472 _____ () C:\Program Files\Google\Chrome\Application\60.0.3112.113\swiftshader\libegl.dll

      ==================== Alternate Data Streams (Whitelisted) =========

      (If an entry is included in the fixlist, only the ADS will be removed.)


      ==================== Safe Mode (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

      ==================== Association (Whitelisted) ===============

      (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


      ==================== Internet Explorer trusted/restricted ===============

      (If an entry is included in the fixlist, it will be removed from the registry.)


      ==================== Hosts content: ===============================

      (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

      2009-07-13 21:04 - 2016-11-28 21:33 - 000000826 _____ C:\Windows\system32\Drivers\etc\hosts


      ==================== Other Areas ============================

      (Currently there is no automatic fix for this section.)

      HKU\S-1-5-21-3893976312-2939792940-1707226396-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Kodi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
      DNS Servers: 192.168.1.254
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
      Windows Firewall is enabled.

      ==================== MSCONFIG/TASK MANAGER disabled items ==


      ==================== FirewallRules (Whitelisted) ===============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      FirewallRules: [{542C7ED8-B619-4243-A31E-5B5F88A17BE6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
      FirewallRules: [{848C894A-157D-4521-970E-1059F9CAB781}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
      FirewallRules: [{3CDECDD4-9281-46DA-BC77-97A14CAEC3EB}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
      FirewallRules: [{42538038-AED0-4DB2-B7B6-2422E50D1536}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

      ==================== Restore Points =========================

      23-08-2017 08:52:25 Punto de control programado
      04-09-2017 17:15:37 Punto de control programado
      12-09-2017 08:41:53 Punto de control programado
      19-09-2017 08:53:21 Punto de control programado
      20-09-2017 18:32:22 JRT Pre-Junkware Removal
      20-09-2017 18:36:19 JRT Pre-Junkware Removal

      ==================== Faulty Device Manager Devices =============

      Name: Mouse PS/2 de Microsoft
      Description: Mouse PS/2 de Microsoft
      Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
      Manufacturer: Microsoft
      Service: i8042prt
      Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
      Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
      Devices stay in this state if they have been prepared for removal.
      After you remove the device, this error disappears.Remove the device, and this error should be resolved.

      Name: Malwarebytes Anti-Exploit
      Description: Malwarebytes Anti-Exploit
      Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
      Manufacturer:
      Service: ESProtectionDriver
      Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
      Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
      Devices stay in this state if they have been prepared for removal.
      After you remove the device, this error disappears.Remove the device, and this error should be resolved.


      ==================== Event log errors: =========================

      Application errors:
      ==================
      Error: (09/18/2017 01:14:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
      Description: El programa iexplore.exe, versión 11.0.9600.18666, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

      Identificador de proceso: 68c

      Hora de inicio: 01d330a9cba7abb0

      Hora de finalización: 0

      Ruta de acceso de la aplicación: C:\Program Files\Internet Explorer\iexplore.exe

      Identificador de informe:

      Error: (04/29/2017 08:27:12 AM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: mbamtray.exe, versión: 3.0.0.912, marca de tiempo: 0x58811d74
      Nombre del módulo con errores: mbamtray.exe, versión: 3.0.0.912, marca de tiempo: 0x58811d74
      Código de excepción: 0xc0000005
      Desplazamiento de errores: 0x00054645
      Id. del proceso con errores: 0xad4
      Hora de inicio de la aplicación con errores: 0x01d2c0ec42c27fcf
      Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
      Ruta de acceso del módulo con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
      Id. del informe: 8d1b7e45-2cdf-11e7-9e0b-002511344207

      Error: (04/11/2017 12:42:50 PM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: iexplore.exe, versión: 8.0.7601.17514, marca de tiempo: 0x4ce79912
      Nombre del módulo con errores: mshtml.dll, versión: 8.0.7601.17514, marca de tiempo: 0x4ce7b8f3
      Código de excepción: 0xc0000005
      Desplazamiento de errores: 0x000d9e08
      Id. del proceso con errores: 0x1768
      Hora de inicio de la aplicación con errores: 0x01d2b2e8f7fc7945
      Ruta de acceso de la aplicación con errores: C:\Program Files\Internet Explorer\iexplore.exe
      Ruta de acceso del módulo con errores: C:\Windows\System32\mshtml.dll
      Id. del informe: 47b75fea-1ede-11e7-bede-002511344207

      Error: (03/22/2017 09:11:28 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
      Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

      Details:
      AddWin32ServiceFiles: Unable to back up image of service AVGIDSAgent since QueryServiceConfig API failed

      System Error:
      El sistema no puede encontrar el archivo especificado.
      .

      Error: (03/22/2017 09:11:28 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
      Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

      Details:
      AddLegacyDriverFiles: Unable to back up image of binary AVG Universal Driver.

      System Error:
      El sistema no puede encontrar el archivo especificado.
      .

      Error: (03/22/2017 09:11:28 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
      Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

      Details:
      AddLegacyDriverFiles: Unable to back up image of binary AVGIDSHX.

      System Error:
      El sistema no puede encontrar el archivo especificado.
      .

      Error: (03/22/2017 09:11:28 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
      Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

      Details:
      AddLegacyDriverFiles: Unable to back up image of binary AVGIDSDriver.

      System Error:
      El sistema no puede encontrar el archivo especificado.
      .

      Error: (03/22/2017 09:08:22 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
      Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

      Details:
      AddWin32ServiceFiles: Unable to back up image of service AVGIDSAgent since QueryServiceConfig API failed

      System Error:
      El sistema no puede encontrar el archivo especificado.
      .

      Error: (03/22/2017 09:08:22 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
      Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

      Details:
      AddLegacyDriverFiles: Unable to back up image of binary AVGIDSDriver.

      System Error:
      El sistema no puede encontrar el archivo especificado.
      .

      Error: (03/22/2017 09:05:12 AM) (Source: SideBySide) (EventID: 33) (User: )
      Description: Error al generar el contexto de activación para "C:\Program Files\AVG\Antivirus\setup\iplugins\IStats.dll".
      No se encontró el ensamblado dependiente Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1".
      Use sxstrace.exe para obtener un diagnóstico detallado.


      System errors:
      =============
      Error: (09/21/2017 08:18:33 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
      Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente:
      ESProtectionDriver

      Error: (09/20/2017 06:58:58 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
      Description: Se recibió la siguiente alerta irrecuperable: 40.

      Error: (09/20/2017 06:58:57 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
      Description: Se recibió la siguiente alerta irrecuperable: 70.

      Error: (09/20/2017 06:54:44 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
      Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente:
      ESProtectionDriver

      Error: (09/20/2017 06:52:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
      Description: El servicio Servicio de uso compartido de red del Reproductor de Windows Media terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.

      Error: (09/20/2017 06:52:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
      Description: El servicio Adobe Acrobat Update Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

      Error: (09/20/2017 08:15:55 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
      Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente:
      ESProtectionDriver

      Error: (09/19/2017 08:14:06 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
      Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente:
      ESProtectionDriver

      Error: (09/18/2017 0829 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
      Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente:
      ESProtectionDriver

      Error: (09/15/2017 08:04:30 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
      Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente:
      ESProtectionDriver


      ==================== Memory info ===========================

      Processor: Intel(R) Atom(TM) CPU 230 @ 1.60GHz
      Percentage of memory in use: 38%
      Total physical RAM: 2039.24 MB
      Available physical RAM: 1253.75 MB
      Total Virtual: 4078.48 MB
      Available Virtual: 3215.34 MB

      ==================== Drives ================================

      Drive c: () (Fixed) (Total:465.66 GB) (Free:430.48 GB) NTFS

      ==================== MBR & Partition Table ==================

      ========================================================
      Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 8104D575)
      Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
      Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

      ==================== End of Addition.txt ============================

    9. #9
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      24.364

      Re: Hbpix! Ayuda

      Hola

      Sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :

      • Para hacerlo descarga >> DelFix en tu escritorio.
        • Doble clic para ejecutarlo.(Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")
        • Marca unicamente la casilla "Create registry backup".
      • Pulsar en Run.

        Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.


      A continuación inicia tu equipo desde el >> Modo Seguro de Windows con función de red.

      Si tu SO es Windows 8/8.1/10 usa el 2º MÉTODO: de esta Faq de Windows 8 (aplicable a Windows 10) >> ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.


      Con los demás programas cerrados ve a >> Inicio >> Ejecutar >> y escribe notepad.exe.

      Ahora copia y pega estos archivos dentro del Notepad: (Se excluye la palabra código)

      Código:
      Start
      CreateRestorePoint:
      CloseProcesses:
      
      HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
      FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
      FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
      CHR Extension: (Presentaciones de Google) - C:\Users\Kodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-23]
      CHR Extension: (Google Docs) - C:\Users\Kodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-23]
      CHR Extension: (Documentos de Google sin conexión) - C:\Users\Kodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2009-03-17]
      CHR Extension: (Chrome Media Router) - C:\Users\Kodi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-08]
      CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
      S3 MBAMFarflt; \??\C:\Windows\system32\drivers\farflt.sys [X]
      ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
      ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File 
      
      CMD: ipconfig /flushdns
      CMD: ipconfig /renew
      CMD: bitsadmin /reset /allusers
      RemoveProxy:
      EmptyTemp:
      Hosts:
      end
      • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

      Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

      ATENCION!!!! El siguiente Script de reparación fue hecho específicamente por un miembro del staff para este usuario, si tiene un problema similar por favor abra su propio tema para recibir ayuda personalizada. Usar Scripts de otros usuarios puede causar daños a su equipo

      • Ejecutas Frst.exe.
      • Presionas el botón Fix y aguardas a que termine.
      • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
      • Lo pegas en tu próxima respuesta.


      Pon el reporte y comenta como sigue el problema.

      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.