• Registrarse
  • Iniciar sesión


  • Resultados 1 al 5 de 5

    HBPix Duda y ayuda

    Hola, soy nuevo en este foro. Mi caso es el siguiente, estaba navegando en una pagina de juegos (requerimientos, reseñas) y se descargo solo un archivo llamado Hbpix con un icono de disco duro de ...

    1. #1
      Usuario Avatar de Aportador!
      Registrado
      sep 2017
      Ubicación
      Arg
      Mensajes
      4

      HBPix Duda y ayuda

      Hola, soy nuevo en este foro. Mi caso es el siguiente, estaba navegando en una pagina de juegos (requerimientos, reseñas) y se descargo solo un archivo llamado Hbpix con un icono de disco duro de windows. Me asuste pensando que me hackearon el pc y empece a indagar en este foro, segui los pasos y no me volvio a suceder hasta ahora, tengo una duda que es la siguiente:
      ¿Que es HBpix? Segui los pasos del JRT, Ccleaner, Adw, malware byte, FRST y parece que lo saco al virus no se, ahora subo los logs si falta uno me avisan.

      JRT:
      Código:
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Junkware Removal Tool (JRT) by Malwarebytes
      Version: 8.1.4 (07.09.2017)
      Operating System: Windows 8.1 Pro x64 
      Ran by Usuario (Administrator) on 24/09/2017 at 17:23:23,20
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      
      
      
      
      File System: 2 
      
      Successfully deleted: C:\ProgramData\mntemp (File) 
      Successfully deleted: C:\Windows\system32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 (Task)
      
      
      
      Registry: 0 
      
      
      
      
      
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Scan was completed on 24/09/2017 at 17:25:13,94
      End of JRT log
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Tambien ejecute el Hitman Pro como indica en el post y elimino cookies de publicidades como doubleclick y asi en total 12. Reinstale chrome una vez que utilice todos los programas y le instale adblock para que no vuelva a pasar pero me dicen si tengo que hacer algo mas para poder estar seguro que no hay algo mas que haya dejado dicho archivo?
      Analice mi PC con el antivirus ESET NOD 32 y no me detecto ninguna amenaza, al igual que el malware byte que solo detecto un virus por parte de un programa llamado KMSpico que lo borre

    2. #2
      Usuario Avatar de Aportador!
      Registrado
      sep 2017
      Ubicación
      Arg
      Mensajes
      4

      Re: HBPix Duda y ayuda

      Adw:
      Código:
      # AdwCleaner 7.0.2.1 - Logfile created on Sun Sep 24 20:50:16 2017
      # Updated on 2017/29/08 by Malwarebytes 
      # Database: 09-23-2017.2
      # Running on Windows 8.1 Pro (X64)
      # Mode: scan
      # Support: https://www.malwarebytes.com/support
      
      ***** [ Services ] *****
      
      No malicious services found.
      
      ***** [ Folders ] *****
      
      No malicious folders found.
      
      ***** [ Files ] *****
      
      No malicious files found.
      
      ***** [ DLL ] *****
      
      No malicious DLLs found.
      
      ***** [ WMI ] *****
      
      No malicious WMI found.
      
      ***** [ Shortcuts ] *****
      
      No malicious shortcuts found.
      
      ***** [ Tasks ] *****
      
      No malicious tasks found.
      
      ***** [ Registry ] *****
      
      No malicious registry entries found.
      
      ***** [ Firefox (and derivatives) ] *****
      
      No malicious Firefox entries.
      
      ***** [ Chromium (and derivatives) ] *****
      
      No malicious Chromium entries.
      
      *************************
      
      C:/AdwCleaner/AdwCleaner[C0].txt - [1349 B] - [2017/9/24 20:28:29]
      C:/AdwCleaner/AdwCleaner[S0].txt - [1200 B] - [2017/9/24 20:27:38]
      
      
      ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt ##########

    3. #3
      Usuario Avatar de Aportador!
      Registrado
      sep 2017
      Ubicación
      Arg
      Mensajes
      4

      Re: HBPix Duda y ayuda

      Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-09-2017
      Ran by Usuario (24-09-2017 17:34:56)
      Running from C:\Users\Usuario\Desktop
      Windows 8.1 Pro (Update) (X64) (2015-09-01 15:21:49)
      Boot Mode: Normal
      ==========================================================


      ==================== Accounts: =============================

      Administrador (S-1-5-21-2792719491-1547399323-934514574-500 - Administrator - Disabled)
      Invitado (S-1-5-21-2792719491-1547399323-934514574-501 - Limited - Disabled)
      Usuario (S-1-5-21-2792719491-1547399323-934514574-1001 - Administrator - Enabled) => C:\Users\Usuario

      ==================== Security Center ========================

      (If an entry is included in the fixlist, it will be removed.)

      AV: ESET Smart Security 4.0 (Enabled - Up to date) {CB0F8167-5331-BA19-698E-64816B6801A5}
      AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
      AS: ESET Smart Security 4.0 (Enabled - Up to date) {706E6083-750B-B597-533E-5FF310EF4B18}
      AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
      AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      FW: Cortafuegos personal de ESET (Enabled) {F3340042-195E-BB41-42D1-CDB495BB46DE}

      ==================== Installed Programs ======================

      (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

      7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)
      Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{9FD6F942-BC93-4AB4-9133-6390944E9441}) (Version: 1.4 - Eyeo GmbH)
      Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
      Adobe Illustrator CC (HKLM-x32\...\{F2321021-08A2-44D6-B1DF-BDB415F23EC3}) (Version: 17.0 - Adobe Systems Incorporated)
      Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
      AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.60.1500, 31.08.2015 - AIMP DevTeam)
      AMD Catalyst Install Manager (HKLM\...\{138DA345-3B7B-5B81-34C2-58A43711461D}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
      Autodesk Content Service (HKLM-x32\...\{A37CDB58-AAE8-0000-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
      Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
      Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
      Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
      AVG PC TuneUp 2015 (es-MX) (HKLM-x32\...\{3A5539A4-FECD-4F5E-99DF-EE2539D14D9F}) (Version: 15.0.1001.403 - AVG Technologies) Hidden
      AVG PC TuneUp 2015 (HKLM-x32\...\{A996C182-3724-4DF1-A4BC-66154FE57DFE}) (Version: 15.0.1001.403 - AVG Technologies) Hidden
      AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.403 - AVG Technologies)
      Battlefield 1942 (HKLM-x32\...\{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}) (Version: - )
      Battlefield 1942: The Road To Rome (HKLM-x32\...\{D057AA08-8CBF-42E3-9EAB-23B8FED1C279}) (Version: - )
      Corel Graphics - Windows Shell Extension (HKLM\...\_{3CAAE169-6001-48ED-B2C6-5B6F511552FD}) (Version: 18.0.0.448 - Corel Corporation)
      Corel Graphics - Windows Shell Extension (HKLM\...\{3CAAE169-6001-48ED-B2C6-5B6F511552FD}) (Version: 18.0.448 - Corel Corporation) Hidden
      Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{C8730B1A-133D-4546-8E21-9EC186341F20}) (Version: 18.0.448 - Corel Corporation) Hidden
      Corel Update Manager (HKLM\...\{B8C05FFE-C36F-4F17-AD20-739E4BC65AC9}) (Version: 2.3.201 - Corel corporation) Hidden
      CorelDRAW Graphics Suite X8 - BR (x64) (HKLM\...\{67D57366-EFCC-46DA-BB1F-BBE89B377177}) (Version: 18.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X8 - Capture (x64) (HKLM\...\{1253ED86-69FD-4A7B-BDF2-96A522583A88}) (Version: 18.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X8 - Common (x64) (HKLM\...\{72922AB6-F920-4C98-985D-EC90CE0918D4}) (Version: 18.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X8 - Connect (x64) (HKLM\...\{9782A612-03A7-488F-A598-33558163D8F8}) (Version: 18.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X8 - CS (x64) (HKLM\...\{300DB480-7301-436A-A312-B695B2BC6D71}) (Version: 18.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X8 - CT (x64) (HKLM\...\{43C4A17D-93D9-41C6-8ACA-370EA390ED2A}) (Version: 18.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X8 - Custom Data (x64) (HKLM\...\{02C85FBD-87D3-4352-BF2E-AFE897CD5559}) (Version: 18.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X8 - CZ (x64) (HKLM\...\{A67AEE14-0435-4B8C-A367-F5EDE6CAF9F6}) (Version: 18.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X8 - DE (x64) (HKLM\...\{4AA43BE3-D21B-44D7-B9CD-86692DEF3706}) (Version: 18.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X8 - Draw (x64) (HKLM\...\{A66E09BB-9892-421D-9EB9-311D12AA5244}) (Version: 18.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X8 - EN (x64) (HKLM\...\{A0845CAD-ED13-46A4-A050-5ACE4631FDEC}) (Version: 18.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X8 - ES (x64) (HKLM\...\{B1452C41-DC90-4B58-8320-ABB515E87FFB}) (Version: 18.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X8 - Filters (x64) (HKLM\...\{6E6D1438-33CC-413B-BC96-3497B1271CDD}) (Version: 18.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X8 - Font Manager (x64) (HKLM\...\{5FB5FF89-0938-49D9-850B-53B78B84A7E4}) (Version: 18.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X8 - FR (x64) (HKLM\...\{0A182180-3BAF-4B94-BFD0-CF082CC5FF0D}) (Version: 18.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X8 - IPM (x64) (HKLM\...\{A040C72A-0ADC-4FB9-9DB4-19B18F6053F1}) (Version: 18.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X8 - IPM Content (x64) (HKLM\...\{FB081BA0-08D2-4C8C-9E55-788A90430BE3}) (Version: 18.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X8 - IT (x64) (HKLM\...\{8285FEBA-D373-493F-BC78-934F84A0A298}) (Version: 18.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X8 - JP (x64) (HKLM\...\{F5A1D3E4-416E-4723-AD35-86A372B99174}) (Version: 18.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X8 - NL (x64) (HKLM\...\{A7922CC8-0EBD-497B-B381-5B3992905327}) (Version: 18.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X8 - PHOTO-PAINT (x64) (HKLM\...\{04D8C47E-C0FE-4CA5-8878-91ECD9552109}) (Version: 18.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X8 - PL (x64) (HKLM\...\{6F03D92C-48DB-4182-8A51-BEF8FE64B72C}) (Version: 18.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X8 - Redist (x64) (HKLM\...\{50D1BD2D-6D8C-45A8-9DB5-CDAB7227DB36}) (Version: 18.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X8 - RU (x64) (HKLM\...\{B83D220A-33AB-4AF5-963A-887BD971270E}) (Version: 18.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X8 - Setup Files (x64) (HKLM\...\{4B3FC55D-E999-4BEC-AF29-1091E574961F}) (Version: 18.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X8 - VBA (x64) (HKLM\...\{48DD8181-A983-447B-9660-A55A935CA751}) (Version: 18.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X8 - VideoBrowser (x64) (HKLM\...\{81EBD8D4-9142-4D33-BF34-D99EFC1180F5}) (Version: 18.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X8 - Workspaces (x64) (HKLM\...\{1D4B870D-A5A8-4B88-9520-ED8EFD545AA1}) (Version: 18.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X8 - Writing Tools (x64) (HKLM\...\{23A2ABD8-8231-48AD-AD71-FF0566A7DD8F}) (Version: 18.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X8 (64-Bit) (HKLM\...\_{4B3FC55D-E999-4BEC-AF29-1091E574961F}) (Version: 18.0.0.448 - Corel Corporation)
      CorelDRAW Graphics Suite X8 (HKLM\...\{ECFAF1D6-342D-4AE2-B6BF-82B22F9FE8DE}) (Version: 18.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X8 -TR (x64) (HKLM\...\{ACC8C1B0-E560-4B42-AA52-9CAD14883B29}) (Version: 18.0 - Corel Corporation) Hidden
      Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6) (Version: - )
      D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
      Eines de correcció del Microsoft Office 2013: català (HKLM\...\{90150000-001F-0403-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
      ESET Smart Security (HKLM\...\{813244A1-E734-416E-A62C-692CBD9F986D}) (Version: 4.0.314.0 - ESET spol s r. o.)
      Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM\...\{90150000-001F-0456-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
      FileZilla Client 3.27.1 (HKLM-x32\...\FileZilla Client) (Version: 3.27.1 - Tim Kosse)
      FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
      Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
      Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
      Geeks3D FurMark 1.17.0.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
      Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
      Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
      Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
      Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
      HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
      HP Photosmart Plus B210 series Ayuda (HKLM-x32\...\{7F5FDEA1-D0AC-4D80-9D95-59775FCCFA40}) (Version: 140.0.54.54 - Hewlett Packard)
      HP Photosmart Plus B210 series Software básico del dispositivo (HKLM\...\{68182FEC-6526-45F9-ABA9-642712B74D2E}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
      I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
      Injected Anti-cheat (HKLM-x32\...\Injected Anti-cheat) (Version: 17.1.0.0 - Alejandro Cortés)
      Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
      Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation)
      Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4360 - Intel Corporation)
      Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.63.1519.7 - Intel Corporation)
      Intel(R) USB 3.0 Host Controller Adaptation Driver (HKLM\...\{9472AEE5-5D4D-4329-8BD8-B282FD33B8E0}) (Version: 1.0.1.45 - Intel Corporation)
      Intel® Security Assist (HKLM-x32\...\{B294CE94-FE0F-4427-910C-180AF9FCFED1}) (Version: 1.0.1.620 - Intel Corporation)
      Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
      Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
      KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
      LibreOffice 5.0.0.5 (HKLM-x32\...\{48806D1D-C8D3-4235-8893-D5A03BAFC307}) (Version: 5.0.0.5 - The Document Foundation)
      Los Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
      Malwarebytes versión 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
      MegaDownloader 1.7 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.7 - AppsForMega.info)
      Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
      Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
      Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
      Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
      Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
      Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
      Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
      Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
      Mozilla Firefox 40.0.3 (x86 es-AR) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 es-AR)) (Version: 40.0.3 - Mozilla)
      Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3 - Mozilla)
      MSIRegister (HKLM-x32\...\{80B995A4-3A86-4690-98A6-563F1A788835}_is1) (Version: 1.0.0.07 - MSI)
      MTA:SA v1.5.3 (HKLM-x32\...\MTA:SA 1.5) (Version: v1.5.3 - Multi Theft Auto)
      Nero 7.10.1.0 (HKLM-x32\...\Nero7_is1) (Version: 7.10.1.0 - Nero AG)
      OEM Application Profile (HKLM-x32\...\{FCCF4B77-432F-EA83-4289-40C1DFA14C85}) (Version: 1.00.0000 - Nombre de su organización)
      Outils de vérification linguistique 2013 de Microsoft Office*- Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
      Outlast (HKLM\...\Steam App 238320) (Version: - Red Barrels)
      Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
      PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version: - )
      PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version: - )
      PDF Settings CC (HKLM-x32\...\{1FBAE18D-4DE4-47AA-83EC-D1B046F262DC}) (Version: 12.0 - Adobe Systems Incorporated) Hidden
      PerformanceTest v8.0 (HKLM\...\PerformanceTest 8_is1) (Version: 8.0.1051.0 - Passmark Software)
      Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.239 - Google, Inc.)
      Pro Evolution Soccer 2015 (HKLM-x32\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNQ==_is1) (Version: 1 - )
      Programa de instalacion QSS (HKLM-x32\...\{439A036F-7B1E-45A8-BE0F-8BFA3381F68C}) (Version: 7.0 - TP-LINK) Hidden
      Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.45.311.2016 - Realtek)
      Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7806 - Realtek Semiconductor Corp.)
      Resident Evil Operation Raccoon City Complete versión 1.2.1803.135 (HKLM-x32\...\{9F85947D-F9EC-464F-BC45-BF0660B91AFA}_is1) (Version: 1.2.1803.135 - Capcom)
      Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
      Skype™ 7.9 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.9.103 - Skype Technologies S.A.)
      Software para dispositivos de chipset Intel® (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
      Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
      The Sims 4 Update v1.4.83.1010 inc Outdoor Retreat DLC (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - )
      Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 8.52 - Ghisler Software GmbH)
      TP-LINK Wireless Client Utility (HKLM-x32\...\{B3639A0D-D29C-4F6C-AB59-FCAA34E50589}) (Version: 7.0 - TP-LINK) Hidden
      Ultimate Marvel vs. Capcom 3 (HKLM-x32\...\Ultimate Marvel vs. Capcom 3_is1) (Version: - )
      Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{DAFCD7DE-1531-4483-9F53-170766074E85}) (Version: - Microsoft)
      VirtualDJ 8 (HKLM-x32\...\{0BFED560-B459-42C6-BE7D-E7235AE5407A}) (Version: 8.2.3798.0 - Atomix Productions)
      VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
      Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
      WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

      ==================== Custom CLSID (Whitelisted): ==========================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov)
      ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\System\aimp_menu64.dll [2015-09-01] (AIMP DevTeam)
      ContextMenuHandlers1: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2015-02-25] (AVG Technologies)
      ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2009-02-06] (ESET)
      ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
      ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (Alexander Roshal)
      ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2009-02-06] (ESET)
      ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
      ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov)
      ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\System\aimp_menu64.dll [2015-09-01] (AIMP DevTeam)
      ContextMenuHandlers4: [AVG Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files (x86)\AVG\AVG PC TuneUp\DseShExt-x64.dll [2015-02-25] (AVG Technologies)
      ContextMenuHandlers4: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2015-02-25] (AVG Technologies)
      ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-03-23] (Advanced Micro Devices, Inc.)
      ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
      ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-12-30] (Intel Corporation)
      ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov)
      ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2009-02-06] (ESET)
      ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
      ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
      ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (Alexander Roshal)

      ==================== Scheduled Tasks (Whitelisted) =============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      Task: {01024DAD-A23D-4597-ACF5-69A6C5AC2920} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
      Task: {03E44833-C02F-4A9E-8A86-5553DF08EB64} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
      Task: {03E44833-C02F-4A9E-8A86-5553DF08EB64} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe
      Task: {0C95EFAB-CE23-4FFE-A484-70C32E47F6B6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
      Task: {27E1D5F9-439E-456E-88FB-9D51595BD8F1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
      Task: {2D4DFD24-BE49-4B16-9D56-B07A4C3C4F4B} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2017-07-24] (Corel Corporation)
      Task: {3BA41972-52AD-4106-8635-3027C0583297} - System32\Tasks\LaunchChromeTask111 => C:\Program Files\FileZilla FTP Client\FileZilla.exe [2017-08-14] (FileZilla Project)
      Task: {3D12CDDF-B853-4D8D-A66D-C6D13431D497} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
      Task: {44C90124-5BD1-4511-A860-A1D87FC367B9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
      Task: {85E63BF3-D5D5-423F-8FF2-BC967F5B6EF8} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe
      Task: {889D7E08-5F8F-4DF7-9C38-43B0A401EDDB} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-08-04] (Oracle Corporation)
      Task: {9577B37D-3FB4-465D-BC1C-0F6A2A3BC1B4} - System32\Tasks\CorelUpdateHelperTask => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2017-07-24] (Corel Corporation)
      Task: {9E84AFD4-1849-49CF-9322-9044236E6606} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
      Task: {A4679F17-9356-4218-998E-05620923D6EF} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe
      Task: {C2485D8B-BBFD-477E-B6FB-D42598618B8B} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
      Task: {C2485D8B-BBFD-477E-B6FB-D42598618B8B} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe
      Task: {C7F7F859-E4A8-4FCA-8867-87E43E1904F5} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
      Task: {C7F7F859-E4A8-4FCA-8867-87E43E1904F5} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): C:\Windows\system32\GWX\GWXDetector.exe
      Task: {C8B8FB9A-E6E0-4BA8-8357-865649A6E686} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-02-19] (Intel(R) Corporation)
      Task: {EA7754EF-9E4B-408C-AA2E-BB420986F9DF} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe

      (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


      ==================== Shortcuts & WMI ========================

      (The entries could be listed to be restored or removed.)


      Shortcut: C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki
      Shortcut: C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com

      ==================== Loaded Modules (Whitelisted) ==============

      2015-02-25 09:25 - 2015-02-25 09:25 - 000712504 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\avgrepliba.dll
      2017-09-24 16:43 - 2017-08-24 11:27 - 002264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
      2015-02-25 09:25 - 2015-02-25 09:25 - 000855864 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\tulnga.dll
      2017-03-02 23:03 - 2015-12-30 06:38 - 000384104 _____ () C:\Windows\system32\igfxTray.exe
      2017-08-28 19:31 - 2017-08-23 05:48 - 003824472 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libglesv2.dll
      2017-08-28 19:31 - 2017-08-23 05:48 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libegl.dll
      2016-05-25 22:52 - 2016-05-25 22:52 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

      ==================== Alternate Data Streams (Whitelisted) =========

      (If an entry is included in the fixlist, only the ADS will be removed.)

      AlternateDataStreams: C:\ProgramData:NT [40]
      AlternateDataStreams: C:\ProgramData:NT2 [432]
      AlternateDataStreams: C:\Users\All Users:NT [40]
      AlternateDataStreams: C:\Users\All Users:NT2 [432]
      AlternateDataStreams: C:\ProgramData\Application Data:NT [40]
      AlternateDataStreams: C:\ProgramData\Application Data:NT2 [432]
      AlternateDataStreams: C:\ProgramData\Datos de programa:NT [40]
      AlternateDataStreams: C:\ProgramData\Datos de programa:NT2 [432]
      AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
      AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [432]
      AlternateDataStreams: C:\Users\Usuario\Datos de programa:NT [40]
      AlternateDataStreams: C:\Users\Usuario\Datos de programa:NT2 [432]
      AlternateDataStreams: C:\Users\Usuario\AppData\Roaming:NT [40]
      AlternateDataStreams: C:\Users\Usuario\AppData\Roaming:NT2 [432]

      ==================== Safe Mode (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

      ==================== Association (Whitelisted) ===============

      (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


      ==================== Internet Explorer trusted/restricted ===============

      (If an entry is included in the fixlist, it will be removed from the registry.)


      ==================== Hosts content: ===============================

      (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

      2013-08-22 10:25 - 2013-08-22 10:25 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


      ==================== Other Areas ============================

      (Currently there is no automatic fix for this section.)

      HKU\S-1-5-21-2792719491-1547399323-934514574-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Usuario\Pictures\Walls\1CB.jpg
      DNS Servers: 186.130.128.106 - 200.63.155.96
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
      Windows Firewall is enabled.

      ==================== MSCONFIG/TASK MANAGER disabled items ==

      HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
      HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
      HKLM\...\StartupApproved\Run32: => "AdobeCEPServiceManager"
      HKU\S-1-5-21-2792719491-1547399323-934514574-1001\...\StartupApproved\Run: => "Skype"

      ==================== FirewallRules (Whitelisted) ===============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      FirewallRules: [{EF37CB77-3E81-4BC1-8A61-DCA4E94BC773}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      FirewallRules: [{0F4046DF-35B4-43B0-8D8A-758AAD4F0532}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      FirewallRules: [{415B89E3-1E25-4711-8380-9344C8D10BBB}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
      FirewallRules: [{05759263-4293-4CD0-86A0-D89243ADB487}] => (Allow) LPort=2869
      FirewallRules: [{1D296D24-191A-4F83-86DD-F692B5FCF647}] => (Allow) LPort=1900
      FirewallRules: [{756E5395-8A72-4890-9013-A997E271D143}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
      FirewallRules: [{E0C6959B-0533-4E42-9644-2579185EBB0A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
      FirewallRules: [{A8BE1994-5248-4262-B85A-B2204F091619}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
      FirewallRules: [{479D7CEC-D755-4B4E-9435-654F4732B7B1}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
      FirewallRules: [{9810C9A1-1873-45D3-B777-3F58489DAC65}] => (Allow) C:\Juegos\The Sims 4\Game\Bin\TS4.exe
      FirewallRules: [{AA5A7CBA-CB9D-410C-8F99-73853AEF8C24}] => (Allow) C:\Juegos\The Sims 4\Game\Bin\TS4.exe
      FirewallRules: [{65787A9D-08F9-4AB5-9777-18EE5D1790F6}] => (Block) C:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelDrw.exe
      FirewallRules: [{8590B7D5-3110-458D-BBF9-9C4183446F9B}] => (Block) C:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelPP.exe
      FirewallRules: [TCP Query User{96E410BC-A779-444C-BEC9-6507874F549E}C:\users\usuario\desktop\disc braian\killingfloor\system\killingfloor.exe] => (Block) C:\users\usuario\desktop\disc braian\killingfloor\system\killingfloor.exe
      FirewallRules: [UDP Query User{79E48C9A-2865-41B2-85E8-D2B299ABD8DE}C:\users\usuario\desktop\disc braian\killingfloor\system\killingfloor.exe] => (Block) C:\users\usuario\desktop\disc braian\killingfloor\system\killingfloor.exe
      FirewallRules: [TCP Query User{0DA75ABE-1C9E-485A-B7E0-9FAABF94A6EA}C:\users\usuario\desktop\disc braian\army men rt2\army men rts\army men rts\amrts.exe] => (Block) C:\users\usuario\desktop\disc braian\army men rt2\army men rts\army men rts\amrts.exe
      FirewallRules: [UDP Query User{A2FF0EB2-5DAD-4E56-8C9F-3F2FFE8013CD}C:\users\usuario\desktop\disc braian\army men rt2\army men rts\army men rts\amrts.exe] => (Block) C:\users\usuario\desktop\disc braian\army men rt2\army men rts\army men rts\amrts.exe
      FirewallRules: [TCP Query User{DF545FAC-9940-4546-8BB4-CEC918094888}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
      FirewallRules: [UDP Query User{D6D084C6-DBF4-4957-B051-FA2C76C2C76B}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
      FirewallRules: [TCP Query User{1AA5BC39-05C0-4872-8C52-8AAE3BCDF7E4}C:\juegos\pro evolution soccer 2015\pes2015.exe] => (Block) C:\juegos\pro evolution soccer 2015\pes2015.exe
      FirewallRules: [UDP Query User{2E934E31-ADE4-4A2A-8A0E-04D89F7530AB}C:\juegos\pro evolution soccer 2015\pes2015.exe] => (Block) C:\juegos\pro evolution soccer 2015\pes2015.exe
      FirewallRules: [TCP Query User{19A6D8D0-4B9C-429D-91B4-2DEBE4E0B06E}C:\program files (x86)\counter-strike 1.6\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6\hl.exe
      FirewallRules: [UDP Query User{1D2BFED9-C0B3-4090-85DF-B6BBE60CC035}C:\program files (x86)\counter-strike 1.6\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6\hl.exe
      FirewallRules: [TCP Query User{FE953EFF-0533-4E1A-881E-7FB7AC360BA6}C:\games\resident evil operation raccoon city complete\raccooncity.exe] => (Allow) C:\games\resident evil operation raccoon city complete\raccooncity.exe
      FirewallRules: [UDP Query User{CFA137DB-11BB-4249-8F55-4D06100BC156}C:\games\resident evil operation raccoon city complete\raccooncity.exe] => (Allow) C:\games\resident evil operation raccoon city complete\raccooncity.exe
      FirewallRules: [TCP Query User{68B8F3B7-40EF-46E7-89C6-D754F3C146A5}C:\program files (x86)\ea games\battlefield 1942\bf1942.exe] => (Block) C:\program files (x86)\ea games\battlefield 1942\bf1942.exe
      FirewallRules: [UDP Query User{2EE2677E-6F1B-4EAF-85D6-924ECEF371EF}C:\program files (x86)\ea games\battlefield 1942\bf1942.exe] => (Block) C:\program files (x86)\ea games\battlefield 1942\bf1942.exe
      FirewallRules: [TCP Query User{D7C681D9-4A7F-464B-A6AE-25659BA823DC}C:\program files (x86)\counter-strike 1.6\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6\hl.exe
      FirewallRules: [UDP Query User{7F3D8FA2-F067-4A3D-9703-CFE09B430D8A}C:\program files (x86)\counter-strike 1.6\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6\hl.exe
      FirewallRules: [TCP Query User{34B37145-7783-4BE0-BA57-4BBE715DEAC1}C:\users\usuario\desktop\disc braian\grand thef auto\gta\gta_sa.exe] => (Allow) C:\users\usuario\desktop\disc braian\grand thef auto\gta\gta_sa.exe
      FirewallRules: [UDP Query User{77603842-BC7B-4AD4-A2D4-F7972D06228D}C:\users\usuario\desktop\disc braian\grand thef auto\gta\gta_sa.exe] => (Allow) C:\users\usuario\desktop\disc braian\grand thef auto\gta\gta_sa.exe
      FirewallRules: [TCP Query User{1044D359-DE5E-43C1-8517-DA498B2793CD}C:\program files (x86)\ea games\battlefield 1942\bf1942.exe] => (Allow) C:\program files (x86)\ea games\battlefield 1942\bf1942.exe
      FirewallRules: [UDP Query User{899FCCBE-0A86-404B-AEA4-1F6EB506DA19}C:\program files (x86)\ea games\battlefield 1942\bf1942.exe] => (Allow) C:\program files (x86)\ea games\battlefield 1942\bf1942.exe
      FirewallRules: [TCP Query User{AF68DF68-6CA4-4503-B199-6A271EE3852C}C:\juegos\pro evolution soccer 2015\pes2015.exe] => (Block) C:\juegos\pro evolution soccer 2015\pes2015.exe
      FirewallRules: [UDP Query User{DC810705-9E9B-41E5-B6CE-3165441AD15B}C:\juegos\pro evolution soccer 2015\pes2015.exe] => (Block) C:\juegos\pro evolution soccer 2015\pes2015.exe
      FirewallRules: [{D8ACA1DB-683D-427D-AA48-EED7826A1D45}] => (Allow) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\DeviceSetup.exe
      FirewallRules: [{BF9955B6-9A2C-44BF-B105-5A75B53C5359}] => (Allow) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPNetworkCommunicator.exe
      FirewallRules: [{0DC4A569-D536-4D5A-B0A0-8F18FB242597}] => (Allow) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPNetworkCommunicatorCom.exe
      FirewallRules: [TCP Query User{6AD1F242-FA11-4649-8183-0D8D49828209}C:\users\usuario\downloads\megadownloader\megadownloader.exe] => (Block) C:\users\usuario\downloads\megadownloader\megadownloader.exe
      FirewallRules: [UDP Query User{96158A6A-3EB9-4B5B-81D6-7949D840E8BE}C:\users\usuario\downloads\megadownloader\megadownloader.exe] => (Block) C:\users\usuario\downloads\megadownloader\megadownloader.exe
      FirewallRules: [{3069C895-323A-4913-A680-D40AC33190A4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      FirewallRules: [{C49347A9-6EEC-41FD-9ADE-D6F0E154657F}] => (Allow) C:\Program Files (x86)\WOMic\womicclient.exe
      FirewallRules: [{AF1883EE-0499-4940-A013-5C5F34F93BE2}] => (Allow) C:\Program Files (x86)\WOMic\womicclient.exe
      FirewallRules: [{6BFF001F-8FAC-43FF-8136-C4BF30311F70}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
      FirewallRules: [{F3DAC68A-4CD7-4110-A9EF-C19A3E65C448}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
      FirewallRules: [{33D2BC00-4C56-42C5-97C6-DAD7E32B328C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
      FirewallRules: [{B3AC3EF1-C6C5-41F2-A59F-CD03E6F96AA0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
      FirewallRules: [{2FB5BD5F-7BD3-4FE0-936D-E8021850AE82}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Outlast\OutlastLauncher.exe
      FirewallRules: [{21E3CF7C-6BEE-491F-A450-314DCA0BE4D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Outlast\OutlastLauncher.exe
      FirewallRules: [TCP Query User{896879AF-D8DA-429B-B8F9-34D349B883DE}C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe
      FirewallRules: [UDP Query User{07C6A903-24FC-4463-8065-204599350035}C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe
      FirewallRules: [TCP Query User{B7D2C882-D598-49B6-88E7-18011442ECC2}C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe
      FirewallRules: [UDP Query User{F9379A1D-CB90-4FB4-B075-50B9C7C297C4}C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe

      ==================== Restore Points =========================

      22-04-2017 22:16:38 Instalado LG Mobile Driver
      05-05-2017 22:08:01 Instalado Battlefield 1942
      21-07-2017 22:07:23 Installed VirtualDJ 8
      10-09-2017 19:21:32 Installed PuTTY release 0.70 (64-bit)
      22-09-2017 11:43:34 Se ha instalado DirectX
      24-09-2017 16:27:20 Eliminado LG Mobile Driver
      24-09-2017 17:23:28 JRT Pre-Junkware Removal

      ==================== Faulty Device Manager Devices =============

      Name: Teclado PS/2 estándar
      Description: Teclado PS/2 estándar
      Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
      Manufacturer: (Teclados estándar)
      Service: i8042prt
      Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
      Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
      Devices stay in this state if they have been prepared for removal.
      After you remove the device, this error disappears.Remove the device, and this error should be resolved.

      Name: Mouse PS/2 de Microsoft
      Description: Mouse PS/2 de Microsoft
      Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
      Manufacturer: Microsoft
      Service: i8042prt
      Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
      Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
      Devices stay in this state if they have been prepared for removal.
      After you remove the device, this error disappears.Remove the device, and this error should be resolved.


      ==================== Event log errors: =========================

      Application errors:
      ==================
      Error: (09/21/2017 03:57:41 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
      Description: There was an error with the Windows Location Provider database

      Error: (09/20/2017 12:25:58 AM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: hl.exe, versión: 1.1.1.1, marca de tiempo: 0x43712ff5
      Nombre del módulo con errores: ntdll.dll, versión: 6.3.9600.17936, marca de tiempo: 0x55a68dd1
      Código de excepción: 0xc000041d
      Desplazamiento de errores: 0x00041d2e
      Identificador del proceso con errores: 0xdc8
      Hora de inicio de la aplicación con errores: 0x01d331be8e7318f4
      Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Counter-Strike 1.6\hl.exe
      Ruta de acceso del módulo con errores: C:\Windows\SYSTEM32\ntdll.dll
      Identificador del informe: 6b11024e-9db3-11e7-846f-4ccc6a647d0b
      Nombre completo del paquete con errores:
      Identificador de aplicación relativa del paquete con errores:

      Error: (09/20/2017 12:25:56 AM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: hl.exe, versión: 1.1.1.1, marca de tiempo: 0x43712ff5
      Nombre del módulo con errores: ntdll.dll, versión: 6.3.9600.17936, marca de tiempo: 0x55a68dd1
      Código de excepción: 0xc0000005
      Desplazamiento de errores: 0x00041d2e
      Identificador del proceso con errores: 0xdc8
      Hora de inicio de la aplicación con errores: 0x01d331be8e7318f4
      Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Counter-Strike 1.6\hl.exe
      Ruta de acceso del módulo con errores: C:\Windows\SYSTEM32\ntdll.dll
      Identificador del informe: 69b1bae7-9db3-11e7-846f-4ccc6a647d0b
      Nombre completo del paquete con errores:
      Identificador de aplicación relativa del paquete con errores:

      Error: (09/17/2017 06:11:12 PM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: hl.exe, versión: 1.1.1.1, marca de tiempo: 0x43712ff5
      Nombre del módulo con errores: ieframe.dll, versión: 11.0.9600.18036, marca de tiempo: 0x55d8a181
      Código de excepción: 0xc0000005
      Desplazamiento de errores: 0x000532ce
      Identificador del proceso con errores: 0xf50
      Hora de inicio de la aplicación con errores: 0x01d32ff94ee37689
      Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Counter-Strike 1.6\hl.exe
      Ruta de acceso del módulo con errores: C:\Windows\SYSTEM32\ieframe.dll
      Identificador del informe: bb072cda-9bec-11e7-846a-4ccc6a647d0b
      Nombre completo del paquete con errores:
      Identificador de aplicación relativa del paquete con errores:

      Error: (09/15/2017 1023 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
      Description: There was an error with the Windows Location Provider database

      Error: (09/10/2017 01:18:43 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
      Description: There was an error with the Windows Location Provider database

      Error: (09/09/2017 04:01:35 PM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: hl.exe, versión: 1.1.1.1, marca de tiempo: 0x43712ff5
      Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
      Código de excepción: 0xc00000fd
      Desplazamiento de errores: 0x76f7971d
      Identificador del proceso con errores: 0xf58
      Hora de inicio de la aplicación con errores: 0x01d3299dfb843e20
      Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Counter-Strike 1.6\hl.exe
      Ruta de acceso del módulo con errores: unknown
      Identificador del informe: 4c587beb-9591-11e7-8457-4ccc6a647d0b
      Nombre completo del paquete con errores:
      Identificador de aplicación relativa del paquete con errores:

      Error: (08/29/2017 10:48:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
      Description: El programa hl.exe, versión 1.1.1.1, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

      Identificador de proceso: 63c

      Hora de inicio: 01d3212d34d6bf29

      Hora de finalización: 93

      Ruta de acceso de la aplicación: C:\Program Files (x86)\Counter-Strike 1.6\hl.exe

      Identificador de informe: 43a6b648-8d25-11e7-8443-4ccc6a647d0b

      Nombre completo de paquete con errores:

      Identificador de aplicación relativa del paquete con errores:

      Error: (08/29/2017 10:13:29 PM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: hl.exe, versión: 1.1.1.1, marca de tiempo: 0x43712ff5
      Nombre del módulo con errores: ieframe.dll, versión: 11.0.9600.18036, marca de tiempo: 0x55d8a181
      Código de excepción: 0xc0000005
      Desplazamiento de errores: 0x000532ce
      Identificador del proceso con errores: 0x1710
      Hora de inicio de la aplicación con errores: 0x01d3212d18ab81ee
      Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Counter-Strike 1.6\hl.exe
      Ruta de acceso del módulo con errores: C:\Windows\SYSTEM32\ieframe.dll
      Identificador del informe: 6debb99f-8d20-11e7-8443-4ccc6a647d0b
      Nombre completo del paquete con errores:
      Identificador de aplicación relativa del paquete con errores:

      Error: (08/28/2017 05:46:56 PM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: jucheck.exe, versión: 2.8.60.27, marca de tiempo: 0x55c116b1
      Nombre del módulo con errores: jucheck.exe, versión: 2.8.60.27, marca de tiempo: 0x55c116b1
      Código de excepción: 0x40000015
      Desplazamiento de errores: 0x00052d24
      Identificador del proceso con errores: 0xbd8
      Hora de inicio de la aplicación con errores: 0x01d3203ec7ada0a5
      Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
      Ruta de acceso del módulo con errores: C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
      Identificador del informe: 06f1e92a-8c32-11e7-843f-18d6c70c69c8
      Nombre completo del paquete con errores:
      Identificador de aplicación relativa del paquete con errores:


      System errors:
      =============
      Error: (09/24/2017 05:29:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
      Description: El servicio AMD FUEL Service no pudo iniciarse debido al siguiente error:
      El servicio no respondió a tiempo a la solicitud de inicio o de control.

      Error: (09/24/2017 05:29:10 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
      Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio AMD FUEL Service.

      Error: (09/24/2017 05:28:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
      Description: El servicio Windows Presentation Foundation Font Cache 3.0.0.0 terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.

      Error: (09/24/2017 05:28:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
      Description: El servicio MSIREGISTER_MR se terminó de manera inesperada. Esto ha sucedido 1 veces.

      Error: (09/24/2017 05:28:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
      Description: El servicio AVG PC TuneUp Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

      Error: (09/24/2017 05:28:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
      Description: El servicio Service KMSELDI se terminó de manera inesperada. Esto ha sucedido 1 veces.

      Error: (09/24/2017 05:28:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
      Description: El servicio Intel(R) Dynamic Application Loader Host Interface Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

      Error: (09/24/2017 05:28:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
      Description: El servicio Corel License Validation Service V2, Powered by arvato se terminó de manera inesperada. Esto ha sucedido 1 veces.

      Error: (09/24/2017 05:28:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
      Description: El servicio Adobe Acrobat Update Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

      Error: (09/24/2017 05:28:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
      Description: El servicio Intel(R) HD Graphics Control Panel Service se terminó de manera inesperada. Esto ha sucedido 1 veces.


      ==================== Memory info ===========================

      Processor: Intel(R) Core(TM) i3-6100 CPU @ 3.70GHz
      Percentage of memory in use: 43%
      Total physical RAM: 3987.08 MB
      Available physical RAM: 2256.77 MB
      Total Virtual: 4691.08 MB
      Available Virtual: 2904.97 MB

      ==================== Drives ================================

      Drive c: (Windows 0217) (Fixed) (Total:931.51 GB) (Free:684.48 GB) NTFS ==>[drive with boot components (obtained from BCD)]

      ==================== MBR & Partition Table ==================

      ========================================================
      Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 580A52AC)
      Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

      ==================== End of Addition.txt ============================

    4. #4
      Usuario Avatar de Aportador!
      Registrado
      sep 2017
      Ubicación
      Arg
      Mensajes
      4

      Re: HBPix Duda y ayuda

      FRST

      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-09-2017
      Ran by Usuario (administrator) on EQUIPO (24-09-2017 17:34:13)
      Running from C:\Users\Usuario\Desktop
      Loaded Profiles: Usuario (Available Profiles: Usuario)
      Platform: Windows 8.1 Pro (Update) (X64) Language: Español (España, internacional)
      Internet Explorer Version 11 (Default browser: IE)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: ***********************************************************************************************************

      ==================== Processes (Whitelisted) =================

      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

      (AMD) C:\Windows\System32\atiesrxx.exe
      (AMD) C:\Windows\System32\atieclxx.exe
      (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
      (ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
      (Micro-Star INT'L CO., LTD.) C:\MSI\MSIRegister\MSIRegisterService.exe
      (arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
      (@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
      (AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
      (AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
      (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
      (ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
      (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
      (Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\ScanToPCActivationApp.exe
      (Intel Corporation) C:\Windows\System32\igfxEM.exe
      (Intel Corporation) C:\Windows\System32\igfxHK.exe
      () C:\Windows\System32\igfxTray.exe
      (Micro-Star INT'L CO., LTD.) C:\MSI\MSIRegister\MSIRegister.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
      (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
      (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

      ==================== Registry (Whitelisted) ===========================

      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

      HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [2680696 2009-02-06] (ESET)
      HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
      HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8804608 2016-04-28] (Realtek Semiconductor)
      HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
      HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039240 2013-05-16] (Adobe Systems Incorporated)
      HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-03-23] (Advanced Micro Devices, Inc.)
      HKLM-x32\...\Run: [MSIRegister] => C:\MSI\MSIRegister\MSIRegister.exe [4131792 2015-09-10] (Micro-Star INT'L CO., LTD.)
      HKU\S-1-5-21-2792719491-1547399323-934514574-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [55100016 2015-08-26] (Skype Technologies S.A.)
      HKU\S-1-5-21-2792719491-1547399323-934514574-1001\...\Run: [HP Photosmart Plus B210 series (NET)] => C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
      HKU\S-1-5-21-2792719491-1547399323-934514574-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3071776 2017-09-07] (Valve Corporation)
      HKU\S-1-5-21-2792719491-1547399323-934514574-1001\...\MountPoints2: {280fac85-5886-11e5-8267-806e6f6e6963} - "E:\DVDSetup.exe"
      HKU\S-1-5-21-2792719491-1547399323-934514574-1001\...\MountPoints2: {7c5060dd-ffb4-11e6-827e-806e6f6e6963} - "D:\DVDSetup.exe"
      HKU\S-1-5-21-2792719491-1547399323-934514574-1001\...\MountPoints2: {9b4aa006-f63c-11e6-826c-806e6f6e6963} - "D:\DVDSetup.exe"
      HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->

      ==================== Internet (Whitelisted) ====================

      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

      Tcpip\Parameters: [DhcpNameServer] 186.130.128.106 200.63.155.96
      Tcpip\..\Interfaces\{46DD2CBC-FE5E-40F5-849C-A80A265CA440}: [DhcpNameServer] 186.130.128.106 200.63.155.96
      Tcpip\..\Interfaces\{81205732-01E1-4D70-88EE-E761C7430124}: [DhcpNameServer] 192.168.22.1 192.168.10.1 190.105.0.2 190.105.0.3 190.105.0.2 190.105.0.3
      Tcpip\..\Interfaces\{847501E3-9AB3-4018-9F08-D6FBFF2C0BEF}: [DhcpNameServer] 192.168.116.2
      Tcpip\..\Interfaces\{B150022C-F0A5-4104-B2C2-4A357226A41A}: [DhcpNameServer] 186.130.128.105 200.63.155.221

      Internet Explorer:
      ==================
      HKU\S-1-5-21-2792719491-1547399323-934514574-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-ar/?ocid=iehp
      BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
      BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
      BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-02-25] (Eyeo GmbH)
      BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
      BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-01] (Oracle Corporation)
      BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
      BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
      BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-01] (Oracle Corporation)
      BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25] (Eyeo GmbH)
      Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)

      FireFox:
      ========
      FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
      FF Extension: (Eset Plugin) - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2015-09-01] [not signed]
      FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
      FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems)
      FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-07-11] (Google, Inc.)
      FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-01] (Oracle Corporation)
      FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-01] (Oracle Corporation)
      FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-21] (Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
      FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
      FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
      FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
      FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-05-21] (Microsoft Corporation)
      FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)

      Chrome:
      =======
      CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default [2017-09-24]
      CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
      CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-12]

      ==================== Services (Whitelisted) ====================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-03-23] (Advanced Micro Devices, Inc.) [File not signed]
      S3 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
      S3 EhttpSrv; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [23296 2009-02-06] (ESET)
      R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [727720 2009-02-06] (ESET)
      R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [354920 2015-12-30] (Intel Corporation)
      S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Corporation)
      S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [File not signed]
      R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [File not signed]
      R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-05-25] (Intel Corporation)
      R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
      R2 MSIREGISTER_MR; C:\MSI\MSIRegister\MSIRegisterService.exe [112592 2015-09-10] (Micro-Star INT'L CO., LTD.)
      R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
      R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [737984 2015-08-30] (@ByELDI) [File not signed]
      R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2604856 2015-02-25] (AVG Technologies)
      S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
      S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

      ===================== Drivers (Whitelisted) ======================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [62152 2014-10-27] (Advanced Micro Devices, Inc.)
      R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
      R3 athur; C:\Windows\system32\DRIVERS\athuwbx.sys [2702336 2013-11-20] (Qualcomm Atheros Communications, Inc.)
      S3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-12-21] (Advanced Micro Devices)
      S3 DIRECTIO; C:\Program Files\PerformanceTest\DirectIo64.sys [31376 2015-03-10] ()
      R2 eamon; C:\Windows\System32\DRIVERS\eamon.sys [141728 2009-02-06] (ESET)
      R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [132464 2009-02-06] (ESET)
      R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [163400 2009-02-06] (ESET)
      R3 Epfwndis; C:\Windows\system32\DRIVERS\Epfwndis.sys [33608 2009-02-06] (ESET)
      R2 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [44944 2009-02-06] (ESET)
      R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-08-24] ()
      S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2017-06-29] (LogMeIn Inc.)
      R3 iaLPSS2_GPIO2; C:\Windows\system32\DRIVERS\iaLPSS2_GPIO2.sys [84264 2015-07-20] (Intel Corporation)
      R3 iusb3adp; C:\Windows\System32\drivers\iusb3adp.sys [37672 2015-07-31] (Intel)
      R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [192960 2017-09-24] (Malwarebytes)
      R3 MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [101824 2017-09-24] (Malwarebytes)
      R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [45472 2017-09-24] (Malwarebytes)
      R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [253888 2017-09-24] (Malwarebytes)
      R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [94144 2017-09-24] (Malwarebytes)
      S3 SensorsServiceDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-28] (Microsoft Corporation)
      R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2015-01-13] (TuneUp Software)
      S3 vmusbmouse; C:\Windows\System32\drivers\vmusbmouse.sys [26320 2015-08-11] (VMware, Inc.)
      S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
      S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
      S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
      S3 wovad_micarray; C:\Windows\system32\drivers\womic.sys [35328 2017-05-06] (Windows (R) Win 7 DDK provider)
      S3 AndNetDiag; \SystemRoot\system32\DRIVERS\lgandnetdiag64.sys [X]
      S3 ANDNetModem; \SystemRoot\system32\DRIVERS\lgandnetmodem64.sys [X]
      S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
      S3 MSICDSetup; \??\D:\CDriver64.sys [X]
      S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
      S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]

      ==================== NetSvcs (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


      ==================== One Month Created files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-09-24 17:34 - 2017-09-24 17:34 - 000016165 _____ C:\Users\Usuario\Desktop\FRST.txt
      2017-09-24 17:33 - 2017-09-24 17:34 - 000000000 ____D C:\FRST
      2017-09-24 17:31 - 2017-09-24 17:32 - 002399744 _____ (Farbar) C:\Users\Usuario\Desktop\FRST64.exe
      2017-09-24 17:26 - 2017-09-24 17:28 - 000000000 ____D C:\AdwCleaner
      2017-09-24 17:25 - 2017-09-24 17:25 - 000000700 _____ C:\Users\Usuario\Desktop\JRT.txt
      2017-09-24 17:23 - 2017-09-24 17:26 - 008182736 _____ (Malwarebytes) C:\Users\Usuario\Downloads\AdwCleaner.exe
      2017-09-24 17:22 - 2017-09-24 17:22 - 009826968 _____ (Piriform Ltd) C:\Users\Usuario\Downloads\ccsetup534.exe
      2017-09-24 17:21 - 2017-09-24 17:21 - 001790024 _____ (Malwarebytes) C:\Users\Usuario\Downloads\JRT.exe
      2017-09-24 17:18 - 2017-09-24 17:18 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\AVG
      2017-09-24 17:17 - 2017-09-24 17:17 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\ATI
      2017-09-24 17:13 - 2017-09-24 17:13 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\ESET
      2017-09-24 16:43 - 2017-09-24 17:29 - 000253888 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
      2017-09-24 16:43 - 2017-09-24 17:29 - 000101824 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
      2017-09-24 16:43 - 2017-09-24 17:29 - 000094144 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
      2017-09-24 16:43 - 2017-09-24 17:29 - 000045472 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
      2017-09-24 16:43 - 2017-09-24 16:43 - 000192960 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
      2017-09-24 16:43 - 2017-09-24 16:43 - 000001895 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
      2017-09-24 16:43 - 2017-09-24 16:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
      2017-09-24 16:42 - 2017-09-24 16:42 - 000000000 ____D C:\ProgramData\Malwarebytes
      2017-09-24 16:42 - 2017-09-24 16:42 - 000000000 ____D C:\Program Files\Malwarebytes
      2017-09-24 16:42 - 2017-08-24 11:27 - 000077440 _____ C:\Windows\system32\Drivers\mbae64.sys
      2017-09-24 16:37 - 2017-09-24 16:42 - 068408664 _____ (Malwarebytes ) C:\Users\Usuario\Downloads\mb3-setup-35891.35891-3.2.2.2029.exe
      2017-09-24 16:35 - 2017-09-24 16:38 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\FileZilla
      2017-09-24 16:35 - 2017-09-24 16:36 - 001625848 _____ C:\Users\Usuario\fy_nuketown.bsp
      2017-09-24 15:21 - 2017-09-24 15:21 - 000000000 ____D C:\Users\Usuario\Downloads\Mapas TTT Update
      2017-09-22 11:45 - 2017-09-22 11:45 - 000000000 ____D C:\Users\Usuario\Documents\My Games
      2017-09-22 11:44 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
      2017-09-21 16:53 - 2017-09-21 16:53 - 000000222 _____ C:\Users\Usuario\Desktop\Outlast.url
      2017-09-21 16:31 - 2017-09-24 17:29 - 000000000 ____D C:\Program Files (x86)\Steam
      2017-09-21 16:31 - 2017-09-21 16:31 - 000000987 _____ C:\Users\Public\Desktop\Steam.lnk
      2017-09-21 16:31 - 2017-09-21 16:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
      2017-09-21 16:29 - 2017-09-21 16:29 - 001446792 _____ C:\Users\Usuario\Downloads\SteamSetup (1).exe
      2017-09-21 15:03 - 2017-09-21 15:03 - 000067839 _____ C:\Users\Usuario\Documents\Sin título.wma
      2017-09-21 14:56 - 2017-09-21 14:56 - 000000000 ____D C:\Users\Usuario\.android
      2017-09-21 14:41 - 2017-09-21 14:42 - 001608320 _____ C:\Users\Usuario\Downloads\wo_mic_client_setup.exe
      2017-09-21 14:41 - 2017-09-21 14:41 - 000248912 _____ C:\Users\Usuario\Downloads\wo_mic_driver_signed.exe
      2017-09-20 00:24 - 2017-09-20 00:24 - 000014058 _____ C:\Users\Usuario\galileoorishinal.cfg
      2017-09-20 00:10 - 2017-09-20 00:10 - 000000196 _____ C:\Users\Usuario\mapcycle.txt
      2017-09-19 23:54 - 2017-09-19 23:54 - 000000000 ____D C:\Users\Usuario\Downloads\fy_nuketown
      2017-09-17 19:59 - 2017-09-20 00:23 - 000014036 _____ C:\Users\Usuario\galileo.cfg
      2017-09-17 03:09 - 2017-09-17 03:09 - 001126676 _____ C:\Users\Usuario\Downloads\fy_nuketown.rar
      2017-09-17 03:06 - 2017-09-17 03:07 - 001472928 _____ C:\Users\Usuario\Downloads\cs-1795-de_westwood.rar
      2017-09-17 02:38 - 2017-09-17 02:40 - 020645745 _____ C:\Users\Usuario\Downloads\Mapas TTT Update.zip
      2017-09-17 02:01 - 2017-09-17 02:01 - 000007132 _____ C:\Users\Usuario\Downloads\mutemenu.amxx
      2017-09-17 01:31 - 2017-09-17 01:31 - 000000536 _____ C:\Users\Usuario\Downloads\timeprojector.zip
      2017-09-17 01:30 - 2017-09-17 01:30 - 000003520 _____ C:\Users\Usuario\timeleft.txt
      2017-09-17 01:26 - 2017-09-17 01:26 - 000006776 _____ C:\Users\Usuario\time.txt
      2017-09-16 21:52 - 2017-09-16 21:52 - 000014852 _____ C:\Users\Usuario\mapsmenu.sma
      2017-09-16 21:52 - 2017-09-16 21:52 - 000007438 _____ C:\Users\Usuario\mapchooser.sma
      2017-09-16 21:52 - 2017-09-16 21:52 - 000006223 _____ C:\Users\Usuario\nextmap.sma
      2017-09-16 21:51 - 2017-09-16 21:51 - 000005396 _____ C:\Users\Usuario\mapchooser.amxx
      2017-09-16 21:50 - 2017-09-16 21:50 - 000007558 _____ C:\Users\Usuario\mapchooser.txt
      2017-09-16 21:50 - 2017-09-16 21:50 - 000002029 _____ C:\Users\Usuario\nextmap.txt
      2017-09-16 21:35 - 2017-09-16 21:35 - 000000000 ____D C:\Users\Usuario\Downloads\amxmodx-1.8.2-base-windows
      2017-09-16 21:34 - 2017-09-16 21:35 - 003255170 _____ C:\Users\Usuario\Downloads\amxmodx-1.8.2-base-windows.zip
      2017-09-16 21:33 - 2017-09-16 21:33 - 001966725 _____ C:\Users\Usuario\Downloads\AMXX_Studio_1.4.3_final.zip
      2017-09-16 21:33 - 2017-09-16 21:33 - 000000000 ____D C:\Users\Usuario\Downloads\AMXX_Studio_1.4.3_final
      2017-09-16 21:18 - 2017-09-16 21:18 - 000000000 ____D C:\Users\Usuario\Downloads\galileo_1_1_290
      2017-09-16 21:15 - 2017-09-16 21:15 - 000001738 _____ C:\Users\Usuario\plugins1.ini
      2017-09-16 21:03 - 2017-09-17 02:02 - 000001748 _____ C:\Users\Usuario\plugins.ini
      2017-09-16 20:53 - 2017-09-16 20:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMX Mod X
      2017-09-16 20:51 - 2017-09-16 20:53 - 010999725 _____ C:\Users\Usuario\Downloads\amxmodx-installer-1.8.2.exe
      2017-09-16 20:51 - 2017-09-16 20:51 - 000030470 _____ C:\Users\Usuario\Downloads\galileo_1_1_290.zip
      2017-09-16 20:34 - 2017-09-16 20:46 - 000000340 _____ C:\Users\Usuario\Downloads\motd.txt
      2017-09-16 20:29 - 2017-09-16 20:47 - 000000340 _____ C:\Users\Usuario\motd.txt
      2017-09-15 20:24 - 2017-09-17 20:07 - 000001953 _____ C:\Users\Usuario\users.ini
      2017-09-15 20:13 - 2017-09-24 15:49 - 000000492 _____ C:\Users\Usuario\maps.ini
      2017-09-15 20:04 - 2017-09-16 21:57 - 000005010 _____ C:\Users\Usuario\amxx.cfg
      2017-09-15 20:04 - 2017-09-16 21:02 - 000001060 _____ C:\Users\Usuario\configs.ini
      2017-09-15 20:03 - 2017-09-15 20:04 - 000025390 _____ C:\Users\Usuario\titles.txt
      2017-09-15 19:57 - 2017-09-22 18:21 - 000001171 _____ C:\Users\Usuario\server.cfg
      2017-09-15 19:56 - 2017-09-17 20:02 - 000003701 _____ C:\Users\Usuario\config.cfg
      2017-09-15 19:56 - 2017-09-15 19:56 - 000000431 _____ C:\Users\Usuario\listenserver.cfg
      2017-09-15 19:42 - 2017-09-15 19:42 - 000001088 _____ C:\Users\Usuario\custommenuitems.cfg
      2017-09-15 19:38 - 2017-09-15 20:24 - 000001550 _____ C:\Users\Usuario\ttt_mod.ini
      2017-09-15 19:33 - 2017-09-15 20:24 - 000016021 _____ C:\Users\Usuario\ttt_mod.cfg
      2017-09-15 19:33 - 2017-09-15 20:12 - 000002170 _____ C:\Users\Usuario\plugins-ttt.ini
      2017-09-12 22:17 - 2017-09-12 22:20 - 000007838 _____ C:\Users\Usuario\dproto.cfg
      2017-09-11 17:58 - 2017-09-11 17:58 - 000270430 _____ C:\Users\Usuario\Downloads\sXeInjectedServer9.8.2.8forLinux.tar.bz2
      2017-09-11 16:53 - 2017-09-11 16:53 - 000000001 _____ C:\Users\Usuario\Downloads\Counter_Strike_1_6_2017-09-11.screenlog
      2017-09-10 23:51 - 2017-09-10 23:51 - 000000000 ____D C:\Users\Usuario\scripting
      2017-09-10 23:51 - 2017-09-10 23:51 - 000000000 ____D C:\Users\Usuario\data
      2017-09-10 23:50 - 2017-09-10 23:51 - 000000000 ____D C:\Users\Usuario\configs
      2017-09-10 23:01 - 2017-09-10 23:01 - 000000000 ____D C:\Users\Usuario\Downloads\compilado
      2017-09-10 22:46 - 2017-09-10 22:47 - 000000000 ____D C:\Users\Usuario\Downloads\ttt main
      2017-09-10 22:44 - 2017-09-10 22:45 - 000000000 ____D C:\Users\Usuario\Downloads\TTT Adonds
      2017-09-10 22:38 - 2017-09-10 22:39 - 000000000 ____D C:\Users\Usuario\Downloads\TTT Resources
      2017-09-10 19:25 - 2017-09-10 19:46 - 000000600 _____ C:\Users\Usuario\AppData\Local\PUTTY.RND
      2017-09-10 19:18 - 2017-09-10 19:20 - 003048960 _____ C:\Users\Usuario\Downloads\putty-64bit-0.70-installer.msi
      2017-09-10 18:31 - 2017-09-10 18:31 - 000153366 _____ C:\Users\Usuario\Downloads\dproto_0_9_87.rar
      2017-09-10 18:15 - 2017-09-10 18:19 - 000000000 ____D C:\Users\Usuario\AppData\Local\FileZilla
      2017-09-10 18:15 - 2017-09-10 18:15 - 000002998 _____ C:\Windows\System32\Tasks\LaunchChromeTask111
      2017-09-10 18:15 - 2017-09-10 18:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
      2017-09-10 18:15 - 2017-09-10 18:15 - 000000000 ____D C:\Program Files\FileZilla FTP Client
      2017-09-10 18:12 - 2017-09-10 18:15 - 008743848 _____ (Tim Kosse) C:\Users\Usuario\Downloads\FileZilla_3.27.1_win64-setup_bundled3.exe
      2017-09-10 01:15 - 2017-09-10 01:15 - 000000000 ____D C:\Users\Usuario\Downloads\orpheu-files-2.6.3
      2017-09-10 01:11 - 2017-09-10 01:11 - 000000000 ____D C:\Users\Usuario\Downloads\amxmodx-1.8.2-base-linux
      2017-09-10 01:10 - 2017-09-10 01:11 - 002906215 _____ C:\Users\Usuario\Downloads\amxmodx-1.8.2-base-linux.tar.gz
      2017-09-10 01:05 - 2017-09-10 01:06 - 002241216 _____ (FileZilla Project) C:\Users\Usuario\Downloads\FileZilla_Server-0_9_60_2.exe
      2017-09-10 01:03 - 2017-09-10 01:03 - 000288782 _____ C:\Users\Usuario\Downloads\orpheu-files-2.6.3.zip
      2017-08-30 20:03 - 2017-08-30 20:03 - 014829994 _____ C:\Users\Usuario\Downloads\sXe Injected 17.1 by Alta-Fruta.rar
      2017-08-30 19:11 - 2017-08-30 19:11 - 000364451 _____ C:\Users\Usuario\Downloads\sXeInjectedServer9.8.2.8forWindows (6).zip

      ==================== One Month Modified files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-09-24 17:34 - 2015-09-01 12:31 - 000003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2792719491-1547399323-934514574-1001
      2017-09-24 17:34 - 2014-03-18 07:08 - 001829802 _____ C:\Windows\system32\PerfStringBackup.INI
      2017-09-24 17:34 - 2014-03-18 06:29 - 000809912 _____ C:\Windows\system32\perfh00A.dat
      2017-09-24 17:34 - 2014-03-18 06:29 - 000166708 _____ C:\Windows\system32\perfc00A.dat
      2017-09-24 17:34 - 2013-08-22 10:36 - 000000000 ____D C:\Windows\Inf
      2017-09-24 17:29 - 2017-03-02 23:04 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
      2017-09-24 17:29 - 2017-03-02 23:04 - 000000000 __SHD C:\Users\Usuario\IntelGraphicsProfiles
      2017-09-24 17:29 - 2013-08-22 11:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2017-09-24 17:12 - 2013-08-22 10:25 - 000262144 ___SH C:\Windows\system32\config\BBI
      2017-09-24 16:35 - 2015-09-01 12:21 - 000000000 ____D C:\Users\Usuario
      2017-09-24 16:27 - 2017-04-22 22:16 - 000000000 ____D C:\Program Files (x86)\LG Electronics
      2017-09-24 16:27 - 2016-02-15 09:30 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
      2017-09-24 15:36 - 2017-05-13 21:32 - 000000000 ____D C:\Program Files (x86)\sXe Injected
      2017-09-21 20:38 - 2013-08-22 12:36 - 000000000 ____D C:\Windows\system32\NDF
      2017-09-20 00:25 - 2017-03-12 08:53 - 000000000 ____D C:\Users\Usuario\AppData\Local\CrashDumps
      2017-09-17 22:10 - 2017-03-13 15:07 - 000000000 ____D C:\Users\Usuario\AppData\Local\ElevatedDiagnostics
      2017-09-10 19:30 - 2015-09-01 12:28 - 000000000 ____D C:\Windows\system32\appmgmt
      2017-09-10 08:24 - 2015-09-01 12:22 - 000000000 ____D C:\Users\Usuario\AppData\Local\Packages
      2017-08-31 22:03 - 2015-09-01 18:28 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
      2017-08-30 20:03 - 2017-07-18 19:29 - 000001059 _____ C:\Users\Usuario\Desktop\Injected Anti-cheat.lnk
      2017-08-28 19:31 - 2015-09-01 17:44 - 000002225 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2017-08-27 18:13 - 2017-03-13 21:50 - 000000000 ____D C:\Users\Usuario\Desktop\disc braian
      2017-08-27 18:13 - 2017-03-12 10:09 - 000000000 ____D C:\Users\Usuario\Desktop\recuperar
      2017-08-25 15:52 - 2015-09-01 18:01 - 000000000 ____D C:\Fraps

      ==================== Files in the root of some directories =======

      2017-09-10 19:25 - 2017-09-10 19:46 - 000000600 _____ () C:\Users\Usuario\AppData\Local\PUTTY.RND
      2017-05-20 19:24 - 2017-05-20 19:24 - 000000057 _____ () C:\ProgramData\Ament.ini
      2016-02-15 09:34 - 2016-02-15 09:34 - 000000000 ____H () C:\ProgramData\DP45977C.lfl

      Some files in TEMP:
      ====================
      2017-07-09 01:11 - 2017-07-09 01:11 - 000010520 _____ () C:\Users\Usuario\AppData\Local\Temp\BullseyeCoverage-x86-3.dll

      ==================== Bamital & volsnap ======================

      (There is no automatic fix for files that do not pass verification.)

      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\SysWOW64\explorer.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\SysWOW64\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll => File is digitally signed
      C:\Windows\SysWOW64\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\SysWOW64\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

      LastRegBack: 2017-09-22 10:54

      ==================== End of FRST.txt ============================

    5. #5
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      24.919

      Re: HBPix Duda y ayuda

      Hola Aportador!



      Sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :

      • Para hacerlo descarga >> DelFix en tu escritorio.
        • Doble clic para ejecutarlo.(Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")
        • Marca unicamente la casilla "Create registry backup".
      • Pulsar en Run.

        Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.


      A continuación inicia tu equipo desde el >> Modo Seguro de Windows con función de red.

      Si tu SO es Windows 8/8.1/10 usa el 2º MÉTODO: de esta Faq de Windows 8 (aplicable a Windows 10) >> ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.


      Con los demás programas cerrados ve a >> Inicio >> Ejecutar >> y escribe notepad.exe.

      Ahora copia y pega estos archivos dentro del Notepad: (Se excluye la palabra código)

      Código:
      Start
      CreateRestorePoint:
      CloseProcesses:
      
      HKU\S-1-5-21-2792719491-1547399323-934514574-1001\...\MountPoints2: {280fac85-5886-11e5-8267-806e6f6e6963} - "E:\DVDSetup.exe" 
      HKU\S-1-5-21-2792719491-1547399323-934514574-1001\...\MountPoints2: {7c5060dd-ffb4-11e6-827e-806e6f6e6963} - "D:\DVDSetup.exe" 
      HKU\S-1-5-21-2792719491-1547399323-934514574-1001\...\MountPoints2: {9b4aa006-f63c-11e6-826c-806e6f6e6963} - "D:\DVDSetup.exe" 
      FF Extension: (Eset Plugin) - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2015-09-01] [not signed]
      CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-12]
      S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
      S3 MSICDSetup; \??\D:\CDriver64.sys [X]
      S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
      S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]
      2017-09-24 17:29 - 2017-03-02 23:04 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
      ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
      AlternateDataStreams: C:\ProgramData:NT [40]
      AlternateDataStreams: C:\ProgramData:NT2 [432]
      AlternateDataStreams: C:\Users\All Users:NT [40]
      AlternateDataStreams: C:\Users\All Users:NT2 [432]
      AlternateDataStreams: C:\ProgramData\Application Data:NT [40]
      AlternateDataStreams: C:\ProgramData\Application Data:NT2 [432]
      AlternateDataStreams: C:\ProgramData\Datos de programa:NT [40]
      AlternateDataStreams: C:\ProgramData\Datos de programa:NT2 [432]
      AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
      AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [432]
      AlternateDataStreams: C:\Users\Usuario\Datos de programa:NT [40]
      AlternateDataStreams: C:\Users\Usuario\Datos de programa:NT2 [432]
      AlternateDataStreams: C:\Users\Usuario\AppData\Roaming:NT [40]
      AlternateDataStreams: C:\Users\Usuario\AppData\Roaming:NT2 [432]
      
      CMD: ipconfig /flushdns
      CMD: ipconfig /renew
      CMD: bitsadmin /reset /allusers
      RemoveProxy:
      EmptyTemp:
      Hosts:
      end
      • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

      Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

      ATENCION!!!! El siguiente Script de reparación fue hecho específicamente por un miembro del staff para este usuario, si tiene un problema similar por favor abra su propio tema para recibir ayuda personalizada. Usar Scripts de otros usuarios puede causar daños a su equipo

      • Ejecutas Frst.exe.
      • Presionas el botón Fix y aguardas a que termine.
      • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
      • Lo pegas en tu próxima respuesta.


      Pon el reporte y comenta como sigue el problema.

      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.