• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 13

    Virus y más

    ...

    1. #1
      Usuario Avatar de daaam31
      Registrado
      may 2013
      Ubicación
      Argentina
      Mensajes
      24

      Virus y más

      Hola, qúe tal? Todo empezó la semana pasada, cuándo mi pc comenzó a tirarme pantalla azul de forma reiterada. Buscando en internet, como es costumbre, encontré de todo. Pero por lo que leía en varias páginas, todo apuntaba a un virus. Entonces decidí descargarme el Avast y analizar mi pc. Rápidamente detectó el siguiente virus "IDP.Generic.dbf3890b782a.3.2 | mssecsvc.exe | C:\Windows".
      La verdad que me preocupa bastante, ya que googleando un poco, se trata de una amenaza importante.
      Desde ya, espero la pronta respuesta de alguien, para lograr acabar con él.





      PD: No llegué a sacarle foto completa de la pantalla azul, pero dejo lo que pude sacar.

      http://prntscr.com/hozi04

    2. #2
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Via Lactea.
      Mensajes
      23.512

      Re: Virus y más

      Buenas daaam31.

      Para revisar tu maquina, sigue estos pasos, en el orden indicado y leyendo todo lo explicado.

      Paso 1.- Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus, mientras realizamos TODOS los pasos.

      Vamos a descargar en TU ESCRITORIO(y NO en otro lugar ) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :


      Una vez descargadas, desconectas tu equipo de Internet(apaga el router) << Muy Importante, y Cierras también cualquier otro programa que tengas abierto.

      Paso 2.- Ejecutas las herramientas de una en una y en el orden indicado :

      Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas "Ejecutar como Administrador" para Todos los programas.
      CCleaner.-
      • Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.
      • Úsalo primero su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.
      • Después usa su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).

      Malwarebytes.-
      • Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.
      • Realiza un Análisis Completo.
      • Seleccionando "TODOS a Cuarentena" para enviarlo a la cuarentena y Reinicias el sistema.
      • En el apartado del manual "Historial" encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta, para analizarlo.

      AdwCleaner.-
      • Ejecuta Adwcleaner.exe.
      • Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Limpiar.
      • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
      • Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
      • El informe también se puede encontrar en "C:\Program Files(x86)\AdwCleaner\AdwCleaner[C1].txt"

      Junkware Removal Tool.-
      • Ejecuta JRT.exe.
      • Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.
      • Si en algún momento te pide Reiniciar hazlo.
      • Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.
      • Copia y pega el contenido de JRT.txt en tu próxima respuesta.

      Farbar Recovery Scan Tool.-
      • Ejecuta FRST.exe.
      • En el mensaje de la ventana del Disclaimer, pulsamos Yes.
      • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el análisis.
      • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

      Paso 3.- Poner los informes en tu próxima respuesta de :

      • Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden.


      Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo.

      - Y nos cuentas como funciona tu equipo, en relación al problema planteado.

      Saludos, Javier.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de daaam31
      Registrado
      may 2013
      Ubicación
      Argentina
      Mensajes
      24

      Re: Virus y más

      Hola Javier_HF! Muchas gracias por responder de manera rápida. Aquí te dejo los resultados:

      alwarebytes
      www.malwarebytes.com

      -Detalles del registro-
      Fecha del análisis: 18/12/17
      Hora del análisis: 14:48
      Archivo de registro: b14bbe88-e41b-11e7-b03f-000000000000.json
      Administrador: Sí

      -Información del software-
      Versión: 3.3.1.2183
      Versión de los componentes: 1.0.262
      Versión del paquete de actualización: 1.0.0
      Licencia: Gratis

      -Información del sistema-
      SO: Windows 7 Service Pack 1
      CPU: x64
      Sistema de archivos: NTFS
      Usuario: Damy-PC\Damy

      -Resumen del análisis-
      Tipo de análisis: Análisis de amenazas
      Resultado: Completado
      Objetos analizados: 342878
      Amenazas detectadas: 5
      Amenazas en cuarentena: 5
      Tiempo transcurrido: 3 min, 7 seg

      -Opciones de análisis-
      Memoria: Activado
      Inicio: Activado
      Sistema de archivos: Activado
      Archivo: Activado
      Rootkits: Desactivado
      Heurística: Activado
      PUP: Detectar
      PUM: Detectar

      -Detalles del análisis-
      Proceso: 1
      RiskWare.Tool.CK, C:\WINDOWS\KMSERVICE.EXE, En cuarentena, [258], [133383],1.0.0

      Módulo: 1
      RiskWare.Tool.CK, C:\WINDOWS\KMSERVICE.EXE, En cuarentena, [258], [133383],1.0.0

      Clave del registro: 0
      (No hay elementos maliciosos detectados)

      Valor del registro: 0
      (No hay elementos maliciosos detectados)

      Datos del registro: 0
      (No hay elementos maliciosos detectados)

      Secuencia de datos: 0
      (No hay elementos maliciosos detectados)

      Carpeta: 0
      (No hay elementos maliciosos detectados)

      Archivo: 3
      RiskWare.Tool.CK, C:\WINDOWS\KMSERVICE.EXE, En cuarentena, [258], [133383],1.0.0
      Ransom.WannaCrypt, C:\WINDOWS\QERIUWJHRF, En cuarentena, [691], [398511],1.0.0
      Ransom.WannaCrypt, C:\WINDOWS\TASKSCHE.EXE, En cuarentena, [691], [398511],1.0.0

      Sector físico: 0
      (No hay elementos maliciosos detectados)


      (end)


      # AdwCleaner 7.0.5.0 - Logfile created on Mon Dec 18 17:57:56 2017
      # Updated on 2017/29/11 by Malwarebytes
      # Database: 11-29-2017.1
      # Running on Windows 7 Ultimate (X64)
      # Mode: scan
      # Support: https://www.malwarebytes.com/support

      ***** [ Services ] *****

      PUP.Optional.Legacy, Update service


      ***** [ Folders ] *****

      No malicious folders found.

      ***** [ Files ] *****

      No malicious files found.

      ***** [ DLL ] *****

      No malicious DLLs found.

      ***** [ WMI ] *****

      No malicious WMI found.

      ***** [ Shortcuts ] *****

      No malicious shortcuts found.

      ***** [ Tasks ] *****

      No malicious tasks found.

      ***** [ Registry ] *****

      No malicious registry entries found.

      ***** [ Firefox (and derivatives) ] *****

      No malicious Firefox entries.

      ***** [ Chromium (and derivatives) ] *****

      No malicious Chromium entries.

      *************************



      ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########


      # AdwCleaner 7.0.5.0 - Logfile created on Mon Dec 18 17:58:25 2017
      # Updated on 2017/29/11 by Malwarebytes
      # Running on Windows 7 Ultimate (X64)
      # Mode: clean
      # Support: https://www.malwarebytes.com/support

      ***** [ Services ] *****

      Deleted: Update service


      ***** [ Folders ] *****

      No malicious folders deleted.

      ***** [ Files ] *****

      No malicious files deleted.

      ***** [ DLL ] *****

      No malicious DLLs cleaned.

      ***** [ WMI ] *****

      No malicious WMI cleaned.

      ***** [ Shortcuts ] *****

      No malicious shortcuts cleaned.

      ***** [ Tasks ] *****

      No malicious tasks deleted.

      ***** [ Registry ] *****

      No malicious registry entries deleted.

      ***** [ Firefox (and derivatives) ] *****

      No malicious Firefox entries deleted.

      ***** [ Chromium (and derivatives) ] *****

      No malicious Chromium entries deleted.

      *************************

      ::Tracing keys deleted

      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Junkware Removal Tool (JRT) by Malwarebytes
      Version: 8.1.4 (07.09.2017)
      Operating System: Windows 7 Ultimate x64
      Ran by Damy (Administrator) on 18/12/2017 at 15:01:05,04
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




      File System: 37

      Successfully deleted: C:\ProgramData\mntemp (File)
      Successfully deleted: C:\Windows\system32\Tasks\update-S-1-5-21-3658655688-3574193487-3246829310-1000 (Task)
      Successfully deleted: C:\Windows\system32\Tasks\update-sys (Task)
      Successfully deleted: C:\Windows\Tasks\update-S-1-5-21-3658655688-3574193487-3246829310-1000.job (Task)
      Successfully deleted: C:\Windows\Tasks\update-sys.job (Task)
      Successfully deleted: C:\Users\Damy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\Damy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\17HVZH2M (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\Damy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\201BTWFH (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\Damy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5U9N0MUG (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\Damy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\Damy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\93OGH4YT (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\Damy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\Damy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JXGCU35Y (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\Damy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\Damy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q3F6DXEW (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\Damy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QT5RGPZK (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\Damy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RF0F7WRP (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\Damy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T5B4OBNC (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\Damy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U9USCZ6D (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\Damy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XSV2Z34S (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\Damy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZLLZ3VOD (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\17HVZH2M (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\201BTWFH (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5U9N0MUG (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\93OGH4YT (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JXGCU35Y (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q3F6DXEW (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QT5RGPZK (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RF0F7WRP (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T5B4OBNC (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U9USCZ6D (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XSV2Z34S (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZLLZ3VOD (Temporary Internet Files Folder)



      Registry: 0





      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Scan was completed on 18/12/2017 at 15:04:52,79
      End of JRT log
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~





      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-12-2017
      Ran by Damy (administrator) on DAMY-PC (18-12-2017 15:06:00)
      Running from C:\Users\Damy\Desktop
      Loaded Profiles: Damy (Available Profiles: Damy)
      Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Español (España, internacional)
      Internet Explorer Version 11 (Default browser: Chrome)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: ***********************************************************************************************************

      ==================== Processes (Whitelisted) =================

      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

      (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
      (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
      () C:\Program Files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe
      (Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
      (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
      (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
      (Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
      (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
      (Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.225\WsAppService.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
      (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
      (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
      (Microsoft Corporation) C:\Windows\System32\dllhost.exe

      ==================== Registry (Whitelisted) ===========================

      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

      HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297272 2017-12-11] (Apple Inc.)
      HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-12-18] (AVAST Software)
      HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
      HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare)
      HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
      HKU\S-1-5-21-3658655688-3574193487-3246829310-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10249048 2017-12-01] (Piriform Ltd)

      ==================== Internet (Whitelisted) ====================

      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

      Hosts: Hosts file not detected in the default directory
      Tcpip\Parameters: [DhcpNameServer] 181.47.248.145 200.115.192.89 200.115.192.90
      Tcpip\..\Interfaces\{02C87515-2B71-4F77-816F-77F6632C1327}: [NameServer] 8.8.8.8,8.8.4.4
      Tcpip\..\Interfaces\{02C87515-2B71-4F77-816F-77F6632C1327}: [DhcpNameServer] 192.168.1.1
      Tcpip\..\Interfaces\{7A89360D-FD38-44F6-B3E4-87E2C330E492}: [DhcpNameServer] 181.47.248.145 200.115.192.89 200.115.192.90
      Tcpip\..\Interfaces\{7BE10FC0-A97A-485F-8DCE-165DE94D4EC9}: [DhcpNameServer] 172.20.10.1

      Internet Explorer:
      ==================
      HKU\S-1-5-21-3658655688-3574193487-3246829310-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-ar/?ocid=iehp
      SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
      BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-12-18] (AVAST Software)
      BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
      BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
      BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-12-18] (AVAST Software)
      BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)

      FireFox:
      ========
      FF DefaultProfile: kv90kc9m.default
      FF ProfilePath: C:\Users\Damy\AppData\Roaming\Mozilla\Firefox\Profiles\kv90kc9m.default [2017-12-18]
      FF Extension: (Tampermonkey) - C:\Users\Damy\AppData\Roaming\Mozilla\Firefox\Profiles\kv90kc9m.default\Extensions\[email protected] [2017-12-15]
      FF Extension: (Avast Online Security) - C:\Users\Damy\AppData\Roaming\Mozilla\Firefox\Profiles\kv90kc9m.default\Extensions\[email protected] [2017-12-18]
      FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
      FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
      FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
      FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
      FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
      FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
      FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
      FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-12-05] (NVIDIA Corporation)
      FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-12-05] (NVIDIA Corporation)
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
      FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
      FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)

      Chrome:
      =======
      CHR HomePage: Default -> hxxp://www.google.com.ar/
      CHR StartupUrls: Default -> "hxxps://www.google.com/"
      CHR Profile: C:\Users\Damy\AppData\Local\Google\Chrome\User Data\Default [2017-12-18]
      CHR Extension: (Presentaciones) - C:\Users\Damy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
      CHR Extension: (Documentos) - C:\Users\Damy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
      CHR Extension: (Google Drive) - C:\Users\Damy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-10]
      CHR Extension: (YouTube) - C:\Users\Damy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-10]
      CHR Extension: (Tampermonkey) - C:\Users\Damy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-12-15]
      CHR Extension: (Hojas de cálculo) - C:\Users\Damy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
      CHR Extension: (Documentos de Google sin conexión) - C:\Users\Damy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-10]
      CHR Extension: (AdBlock) - C:\Users\Damy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-12-06]
      CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Damy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-21]
      CHR Extension: (Gmail) - C:\Users\Damy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-10]
      CHR Extension: (Chrome Media Router) - C:\Users\Damy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-14]
      CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
      CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

      ==================== Services (Whitelisted) ====================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-11-27] (Apple Inc.)
      S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7549928 2017-12-18] (AVAST Software)
      R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-12-18] (AVAST Software)
      S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6988296 2017-12-04] ()
      R2 D_Link_DWA-125_WPS; C:\Program Files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe [53248 2010-07-12] () [File not signed]
      S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [395024 2016-12-07] (EasyAntiCheat Ltd)
      U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-09-19] (Hi-Rez Studios) [File not signed]
      S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2016-08-13] () [File not signed]
      R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
      R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-15] (NVIDIA Corporation)
      S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-15] (NVIDIA Corporation)
      R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [463664 2017-12-05] (NVIDIA Corporation)
      R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [460736 2017-11-15] (NVIDIA Corporation)
      S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2134848 2017-12-09] (Electronic Arts)
      R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3014472 2017-12-09] (Electronic Arts)
      R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10888944 2017-04-25] (TeamViewer GmbH)
      S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
      R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.225\WsAppService.exe [473824 2017-05-05] (Wondershare)

      ===================== Drivers (Whitelisted) ======================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2010-05-29] ()
      R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [183584 2017-12-18] (AVAST Software)
      R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [321032 2017-12-18] (AVAST Software s.r.o.)
      R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [198968 2017-12-18] (AVAST Software s.r.o.)
      R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343288 2017-12-18] (AVAST Software s.r.o.)
      R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57728 2017-12-18] (AVAST Software s.r.o.)
      S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [47008 2017-12-18] (AVAST Software)
      R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [148288 2017-12-18] (AVAST Software)
      R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110376 2017-12-18] (AVAST Software)
      R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84416 2017-12-18] (AVAST Software)
      R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1026232 2017-12-18] (AVAST Software)
      R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [455376 2017-12-18] (AVAST Software)
      R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [203976 2017-12-18] (AVAST Software)
      R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [364464 2017-12-18] (AVAST Software)
      S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-01-07] (Disc Soft Ltd)
      S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-01-07] (Disc Soft Ltd)
      R0 FACEIT; C:\Windows\System32\Drivers\FACEIT.sys [9311176 2017-12-09] ()
      R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2017-12-18] (Malwarebytes)
      S3 netr28ux; C:\Windows\System32\DRIVERS\Dnetr28ux.sys [1617472 2011-04-28] (Ralink Technology Corp.)
      S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-11-15] (NVIDIA Corporation)
      R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50624 2017-11-15] (NVIDIA Corporation)
      R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2017-11-15] (NVIDIA Corporation)
      S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]
      S3 EasyAntiCheatSys; \??\C:\Windows\system32\drivers\EasyAntiCheat.sys [X]
      S1 ESEADriver2; \??\C:\Users\Damy\AppData\Local\Temp\ESEADriver2.sys [X] <==== ATTENTION
      S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
      S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
      S3 VGPU; System32\drivers\rdvgkmd.sys [X]

      ==================== NetSvcs (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


      ==================== One Month Created files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-12-18 15:06 - 2017-12-18 15:07 - 000015378 _____ C:\Users\Damy\Desktop\FRST.txt
      2017-12-18 15:05 - 2017-12-18 15:06 - 000000000 ____D C:\FRST
      2017-12-18 15:05 - 2017-12-18 15:05 - 000006181 _____ C:\Users\Damy\Desktop\JRT123.txt
      2017-12-18 15:04 - 2017-12-18 15:04 - 000006181 _____ C:\Users\Damy\Desktop\JRT.txt
      2017-12-18 15:00 - 2017-12-18 15:00 - 000001130 _____ C:\Users\Damy\Desktop\AdwCleaner[C0].txt
      2017-12-18 14:58 - 2017-12-18 14:58 - 000000957 _____ C:\Users\Damy\Desktop\AdwCleaner[S0].txt
      2017-12-18 14:56 - 2017-12-18 14:58 - 000000000 ____D C:\AdwCleaner
      2017-12-18 14:56 - 2017-12-18 14:56 - 000001749 _____ C:\Users\Damy\Desktop\Malware.txt
      2017-12-18 14:48 - 2017-12-18 14:48 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
      2017-12-18 14:48 - 2017-12-18 14:48 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
      2017-12-18 14:48 - 2017-12-18 14:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
      2017-12-18 14:48 - 2017-11-29 09:11 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys
      2017-12-18 14:41 - 2017-12-18 14:41 - 002392064 _____ (Farbar) C:\Users\Damy\Desktop\FRST64.exe
      2017-12-18 14:41 - 2017-12-18 14:41 - 001790024 _____ (Malwarebytes) C:\Users\Damy\Desktop\JRT.exe
      2017-12-18 14:40 - 2017-12-18 14:40 - 008187336 _____ (Malwarebytes) C:\Users\Damy\Desktop\AdwCleaner.exe
      2017-12-18 14:39 - 2017-12-18 14:39 - 083316440 _____ (Malwarebytes ) C:\Users\Damy\Desktop\mb3-setup-consumer-3.3.1.2183-1.0.262-1.0.3374.exe
      2017-12-18 06:36 - 2017-12-18 06:36 - 000001922 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
      2017-12-18 06:36 - 2017-12-18 06:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
      2017-12-18 06:35 - 2017-12-18 05:52 - 000365168 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
      2017-12-18 06:24 - 2017-12-18 14:48 - 000003954 _____ C:\Users\Damy\Desktop\111.txt
      2017-12-18 05:54 - 2017-12-18 05:54 - 000000000 ___HD C:\$AV_ASW
      2017-12-18 05:54 - 2017-12-18 05:54 - 000000000 ____D C:\Users\Damy\AppData\Roaming\AVAST Software
      2017-12-18 05:53 - 2017-12-18 06:35 - 000003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
      2017-12-18 05:53 - 2017-12-18 05:53 - 000455376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
      2017-12-18 05:53 - 2017-12-18 05:53 - 000000000 ____D C:\Program Files\Common Files\Avast Software
      2017-12-18 05:53 - 2017-12-18 05:52 - 001026232 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
      2017-12-18 05:53 - 2017-12-18 05:52 - 000364464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
      2017-12-18 05:53 - 2017-12-18 05:52 - 000343288 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
      2017-12-18 05:53 - 2017-12-18 05:52 - 000321032 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
      2017-12-18 05:53 - 2017-12-18 05:52 - 000203976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
      2017-12-18 05:53 - 2017-12-18 05:52 - 000198968 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
      2017-12-18 05:53 - 2017-12-18 05:52 - 000183584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
      2017-12-18 05:53 - 2017-12-18 05:52 - 000148288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
      2017-12-18 05:53 - 2017-12-18 05:52 - 000110376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
      2017-12-18 05:53 - 2017-12-18 05:52 - 000084416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
      2017-12-18 05:53 - 2017-12-18 05:52 - 000057728 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
      2017-12-18 05:53 - 2017-12-18 05:52 - 000047008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
      2017-12-18 05:52 - 2017-12-18 05:52 - 000000000 ____D C:\Program Files\AVAST Software
      2017-12-18 05:51 - 2017-12-18 05:51 - 000000000 ____D C:\Users\Damy\Downloads\APREM2017_v17.8.2318_CG
      2017-12-18 05:42 - 2017-12-18 05:48 - 252350271 _____ C:\Users\Damy\Downloads\APREM2017_v17.8.2318_CG.rar
      2017-12-16 00:39 - 2017-12-16 00:39 - 000000000 _____ C:\Users\Damy\Downloads\initdebug.nfo
      2017-12-15 22:41 - 2017-12-18 05:36 - 000000000 ____D C:\Program Files (x86)\SpeedFan
      2017-12-15 22:41 - 2017-12-15 22:41 - 002218504 _____ C:\Users\Damy\Downloads\instspeedfan451.exe
      2017-12-15 22:41 - 2017-12-15 22:41 - 000000971 _____ C:\Users\Damy\Desktop\SpeedFan.lnk
      2017-12-15 22:41 - 2017-12-15 22:41 - 000000045 _____ C:\Windows\SysWOW64\initdebug.nfo
      2017-12-15 22:41 - 2017-12-15 22:41 - 000000000 ____D C:\Users\Damy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
      2017-12-15 21:28 - 2017-12-15 21:28 - 000001030 _____ C:\Users\Public\Desktop\VLC media player.lnk
      2017-12-13 22:55 - 2017-12-13 22:55 - 000001747 _____ C:\Users\Public\Desktop\iTunes.lnk
      2017-12-13 22:55 - 2017-12-13 22:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
      2017-12-13 22:55 - 2017-12-13 22:55 - 000000000 ____D C:\Program Files\iPod
      2017-12-13 22:54 - 2017-12-13 22:55 - 000000000 ____D C:\Program Files\iTunes
      2017-12-13 04:16 - 2017-12-13 04:17 - 082064711 _____ C:\Users\Damy\Downloads\VID_20171124_47814.mp4
      2017-12-12 18:00 - 2017-12-12 18:00 - 011204152 _____ (Piriform Ltd) C:\Users\Damy\Downloads\ccsetup538.exe
      2017-12-11 21:51 - 2017-12-11 21:51 - 000000000 ____D C:\Program Files (x86)\VulkanRT
      2017-12-11 21:51 - 2017-12-05 16:36 - 000137200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
      2017-12-11 21:51 - 2017-09-13 20:20 - 000798008 _____ C:\Windows\SysWOW64\vulkan-1.dll
      2017-12-11 21:51 - 2017-09-13 20:20 - 000490296 _____ C:\Windows\SysWOW64\vulkaninfo.exe
      2017-12-11 21:51 - 2017-09-13 20:19 - 000927544 _____ C:\Windows\system32\vulkan-1.dll
      2017-12-11 21:51 - 2017-09-13 20:19 - 000591160 _____ C:\Windows\system32\vulkaninfo.exe
      2017-12-11 21:45 - 2017-12-05 18:17 - 040238576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
      2017-12-11 21:45 - 2017-12-05 18:17 - 036301384 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
      2017-12-11 21:45 - 2017-12-05 18:17 - 035156368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
      2017-12-11 21:45 - 2017-12-05 18:17 - 029345592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
      2017-12-11 21:45 - 2017-12-05 18:17 - 023266584 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
      2017-12-11 21:45 - 2017-12-05 18:17 - 019039792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
      2017-12-11 21:45 - 2017-12-05 18:17 - 016851768 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
      2017-12-11 21:45 - 2017-12-05 18:17 - 015027984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
      2017-12-11 21:45 - 2017-12-05 18:17 - 013867656 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
      2017-12-11 21:45 - 2017-12-05 18:17 - 013255032 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
      2017-12-11 21:45 - 2017-12-05 18:17 - 011782096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
      2017-12-11 21:45 - 2017-12-05 18:17 - 010883744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
      2017-12-11 21:45 - 2017-12-05 18:17 - 003808144 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
      2017-12-11 21:45 - 2017-12-05 18:17 - 003347952 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
      2017-12-11 21:45 - 2017-12-05 18:17 - 001989944 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438859.dll
      2017-12-11 21:45 - 2017-12-05 18:17 - 001674736 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438859.dll
      2017-12-11 21:45 - 2017-12-05 18:17 - 001135464 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
      2017-12-11 21:45 - 2017-12-05 18:17 - 001099848 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
      2017-12-11 21:45 - 2017-12-05 18:17 - 001031984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
      2017-12-11 21:45 - 2017-12-05 18:17 - 000981816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
      2017-12-11 21:45 - 2017-12-05 18:17 - 000933360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
      2017-12-11 21:45 - 2017-12-05 18:17 - 000885496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
      2017-12-11 21:45 - 2017-12-05 18:17 - 000616432 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
      2017-12-11 21:45 - 2017-12-05 18:17 - 000527288 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
      2017-12-11 21:45 - 2017-12-05 18:17 - 000505928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
      2017-12-11 21:45 - 2017-12-05 18:17 - 000446216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
      2017-12-11 21:45 - 2017-12-05 18:17 - 000407064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
      2017-12-11 21:45 - 2017-12-05 18:17 - 000171712 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
      2017-12-11 21:45 - 2017-12-05 18:17 - 000154208 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
      2017-12-11 21:45 - 2017-12-05 18:17 - 000149736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
      2017-12-11 21:45 - 2017-12-05 18:17 - 000132072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
      2017-12-11 20:04 - 2017-12-11 20:04 - 000000000 ____D C:\Users\Damy\.fontconfig
      2017-12-11 20:03 - 2017-12-11 20:03 - 000000000 ____D C:\Users\Damy\AppData\Local\converter
      2017-12-11 20:01 - 2017-12-14 15:16 - 000000000 ____D C:\Program Files (x86)\Movavi Video Converter 18 Premium
      2017-12-11 20:01 - 2017-12-11 20:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movavi Video Converter 18 Premium
      2017-12-11 20:01 - 2017-12-11 20:01 - 042517901 _____ C:\Users\Damy\Downloads\Movavi Video Converter 18 Premium.rar
      2017-12-11 20:01 - 2017-12-11 20:01 - 000004935 _____ C:\ProgramData\vfiakfjk.zeu
      2017-12-11 20:01 - 2017-12-11 20:01 - 000001151 _____ C:\Users\Public\Desktop\Movavi Video Converter 18 Premium.lnk
      2017-12-11 20:01 - 2017-12-11 20:01 - 000000000 ____D C:\ProgramData\Movavi Video Converter 18
      2017-12-11 20:01 - 2017-12-11 20:01 - 000000000 ____D C:\ProgramData\Movavi
      2017-12-11 01:44 - 2011-06-06 00:01 - 000000909 _____ C:\Users\Damy\Downloads\Importante para la utilización de este archivo.txt
      2017-12-10 21:30 - 2017-12-10 21:30 - 000000000 ____D C:\Users\Damy\AppData\Local\_VideoEditor
      2017-12-10 21:28 - 2017-12-10 21:28 - 000005051 _____ C:\ProgramData\czchsjpj.srw
      2017-12-10 21:28 - 2017-12-10 21:28 - 000000000 ____D C:\ProgramData\Movavi Video Editor 12
      2017-12-10 21:23 - 2017-12-11 20:11 - 000000000 ____D C:\Users\Damy\AppData\Local\Movavi
      2017-12-10 21:23 - 2017-12-10 21:23 - 000004990 _____ C:\ProgramData\ubnmeoaw.nlb
      2017-12-10 21:23 - 2017-12-10 21:23 - 000000000 ____D C:\Users\Damy\AppData\Local\VideoEditor
      2017-12-10 21:23 - 2017-12-10 21:23 - 000000000 ____D C:\ProgramData\Movavi Video Editor 14
      2017-12-09 03:30 - 2017-12-09 03:30 - 000000000 ____D C:\Users\Damy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESEA
      2017-12-09 03:29 - 2017-12-09 03:29 - 118497864 _____ C:\Users\Damy\Downloads\ESEAClientInstall.exe
      2017-12-09 01:21 - 2017-12-09 01:21 - 009311176 _____ C:\Windows\system32\Drivers\FACEIT.sys
      2017-12-08 05:32 - 2017-12-08 05:32 - 000000000 ____D C:\Users\Damy\AppData\Roaming\EasyAntiCheat
      2017-12-08 03:09 - 2017-12-17 03:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
      2017-12-06 22:34 - 2017-12-06 22:34 - 000000000 ____D C:\Users\Damy\AppData\Local\Apple
      2017-12-05 05:16 - 2017-12-11 08:04 - 000000000 ____D C:\Users\Damy\Downloads\Sca
      2017-12-05 02:59 - 2017-12-05 02:59 - 000000000 ____D C:\Users\Damy\AppData\Local\UnrealEngine
      2017-12-05 02:59 - 2017-12-05 02:59 - 000000000 ____D C:\Users\Damy\AppData\Local\TslGame
      2017-12-01 19:01 - 2017-12-01 19:01 - 000000000 ____D C:\Users\Damy\AppData\Local\Wondershare
      2017-12-01 19:00 - 2017-12-01 19:08 - 000000000 ____D C:\Users\Damy\Documents\Wondershare Filmora
      2017-11-30 15:14 - 2017-12-05 18:17 - 018208784 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
      2017-11-30 15:14 - 2017-11-27 22:55 - 001991016 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438843.dll
      2017-11-30 15:14 - 2017-11-27 22:55 - 001674552 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438843.dll
      2017-11-30 15:07 - 2017-11-15 22:41 - 000057792 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
      2017-11-30 15:07 - 2017-11-15 22:41 - 000050624 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
      2017-11-24 20:46 - 2017-12-05 05:17 - 000000000 ____D C:\Users\Damy\Downloads\Sabri
      2017-11-24 15:41 - 2017-11-25 03:19 - 000000000 ____D C:\Users\Damy\Desktop\Auto

      ==================== One Month Modified files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-12-18 15:01 - 2016-07-10 16:48 - 000000000 ____D C:\ProgramData\NVIDIA
      2017-12-18 15:00 - 2016-11-17 13:18 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
      2017-12-18 14:59 - 2009-07-14 02:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2017-12-18 14:58 - 2009-07-14 01:45 - 000016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      2017-12-18 14:58 - 2009-07-14 01:45 - 000016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      2017-12-18 14:48 - 2017-10-29 14:47 - 000000000 ____D C:\ProgramData\Malwarebytes
      2017-12-18 14:48 - 2017-10-29 14:47 - 000000000 ____D C:\Program Files\Malwarebytes
      2017-12-18 14:48 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\inf
      2017-12-18 14:47 - 2017-03-28 23:47 - 000000000 ____D C:\Users\Damy\AppData\Roaming\TS3Client
      2017-12-18 14:47 - 2016-07-12 02:35 - 000000000 ____D C:\Windows\Minidump
      2017-12-18 14:47 - 2016-07-10 14:43 - 000000000 ____D C:\Program Files (x86)\Steam
      2017-12-18 06:26 - 2016-09-12 15:17 - 000001832 _____ C:\Users\Damy\Desktop\23.txt
      2017-12-18 06:01 - 2017-05-12 15:08 - 000000000 ____D C:\Users\Damy\AppData\LocalLow\Mozilla
      2017-12-18 05:53 - 2016-07-12 04:02 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
      2017-12-18 05:52 - 2016-07-12 03:57 - 000000000 ____D C:\ProgramData\AVAST Software
      2017-12-17 03:09 - 2017-04-06 22:36 - 000001270 _____ C:\Users\Public\Desktop\Skype.lnk
      2017-12-15 21:32 - 2017-11-15 01:11 - 000001832 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FACEIT.lnk
      2017-12-15 21:32 - 2017-11-15 01:11 - 000001820 _____ C:\Users\Public\Desktop\FACEIT.lnk
      2017-12-15 21:32 - 2017-11-15 01:10 - 000000000 ____D C:\Program Files\FACEIT
      2017-12-15 21:32 - 2017-06-06 16:03 - 000000000 ____D C:\Users\Damy\AppData\Roaming\FACEIT
      2017-12-15 21:30 - 2017-03-13 15:10 - 000000000 ____D C:\Users\Damy\AppData\Roaming\vlc
      2017-12-15 18:39 - 2017-03-28 23:47 - 000000000 ____D C:\Program Files\TeamSpeak 3 Client
      2017-12-14 02:22 - 2016-07-10 16:38 - 000002153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2017-12-14 00:41 - 2016-11-22 17:10 - 000000174 _____ C:\Users\Damy\Desktop\juegos.txt
      2017-12-13 23:11 - 2016-07-27 22:17 - 000000975 _____ C:\Users\Damy\Desktop\arcv.txt
      2017-12-12 22:39 - 2016-07-19 15:20 - 000000000 ____D C:\Users\Damy\AppData\Local\CrashDumps
      2017-12-12 22:37 - 2017-10-25 14:11 - 000003872 _____ C:\Windows\System32\Tasks\CCleaner Update
      2017-12-12 22:37 - 2017-04-18 15:41 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
      2017-12-12 20:52 - 2017-09-16 16:44 - 000004332 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
      2017-12-12 20:52 - 2017-06-02 18:10 - 000004496 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
      2017-12-12 20:52 - 2016-07-28 20:49 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
      2017-12-12 20:52 - 2016-07-28 20:49 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
      2017-12-12 20:52 - 2016-07-28 20:49 - 000000000 ____D C:\Windows\SysWOW64\Macromed
      2017-12-12 20:52 - 2016-07-28 20:49 - 000000000 ____D C:\Windows\system32\Macromed
      2017-12-12 15:10 - 2017-04-27 12:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
      2017-12-12 15:10 - 2017-04-27 12:52 - 000000000 ____D C:\Program Files (x86)\Wondershare
      2017-12-11 21:52 - 2016-08-30 17:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
      2017-12-11 21:52 - 2016-07-10 16:45 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
      2017-12-11 21:51 - 2016-07-10 16:48 - 000000000 ____D C:\Users\Damy\AppData\Local\NVIDIA
      2017-12-11 20:04 - 2016-07-10 16:19 - 000000000 ____D C:\Users\Damy
      2017-12-11 08:04 - 2016-08-13 18:33 - 000000000 ____D C:\Users\Damy\Downloads\Office 2010
      2017-12-10 00:02 - 2017-06-02 02:24 - 000000000 ____D C:\Users\Damy\AppData\Roaming\Origin
      2017-12-09 22:29 - 2016-07-10 17:58 - 000000000 ____D C:\ProgramData\Origin
      2017-12-09 18:33 - 2017-06-02 02:24 - 000000000 ____D C:\Program Files (x86)\Origin
      2017-12-09 14:39 - 2017-05-12 15:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
      2017-12-09 03:02 - 2017-05-12 15:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
      2017-12-08 03:08 - 2016-08-19 18:42 - 000000000 ___RD C:\Program Files (x86)\Skype
      2017-12-08 03:08 - 2016-08-19 18:42 - 000000000 ____D C:\ProgramData\Skype
      2017-12-08 03:07 - 2016-08-19 18:42 - 000000000 ____D C:\Users\Damy\AppData\Roaming\Skype
      2017-12-08 02:13 - 2017-03-25 12:29 - 000000000 ____D C:\Program Files\FACEIT Client
      2017-12-05 18:17 - 2017-07-09 03:07 - 019526696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
      2017-12-05 18:17 - 2017-02-21 20:10 - 000492232 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
      2017-12-05 18:17 - 2016-08-30 17:09 - 000046182 _____ C:\Windows\system32\nvinfo.pb
      2017-12-05 18:17 - 2016-08-19 03:04 - 003799032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
      2017-12-05 18:17 - 2016-07-10 16:36 - 022257256 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
      2017-12-05 18:17 - 2016-07-10 16:36 - 004285704 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
      2017-12-05 16:56 - 2017-02-21 19:59 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
      2017-12-05 16:32 - 2016-07-10 16:46 - 005966696 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
      2017-12-05 16:32 - 2016-07-10 16:46 - 002589168 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
      2017-12-05 16:32 - 2016-07-10 16:46 - 001766288 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
      2017-12-05 16:32 - 2016-07-10 16:46 - 000607304 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
      2017-12-05 16:32 - 2016-07-10 16:46 - 000450352 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
      2017-12-05 16:32 - 2016-07-10 16:46 - 000122768 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
      2017-12-05 16:32 - 2016-07-10 16:46 - 000082744 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
      2017-12-05 03:00 - 2016-07-10 17:41 - 000000000 ____D C:\Users\Damy\AppData\Local\NVIDIA Corporation
      2017-12-05 01:21 - 2016-10-04 13:02 - 000000344 _____ C:\Users\Damy\Desktop\pumas.txt
      2017-12-03 00:26 - 2009-07-14 06:31 - 000751356 _____ C:\Windows\system32\perfh00A.dat
      2017-12-03 00:26 - 2009-07-14 06:31 - 000160398 _____ C:\Windows\system32\perfc00A.dat
      2017-12-03 00:26 - 2009-07-14 02:13 - 001687288 _____ C:\Windows\system32\PerfStringBackup.INI
      2017-12-02 14:39 - 2016-07-29 12:23 - 000450088 _____ C:\Windows\system32\FNTCACHE.DAT
      2017-12-01 19:08 - 2016-09-14 02:21 - 000000000 ____D C:\Users\Damy\AppData\Local\Ubisoft Game Launcher
      2017-12-01 19:03 - 2016-07-29 12:32 - 000113136 _____ C:\Users\Damy\AppData\Local\GDIPFONTCACHEV1.DAT
      2017-12-01 19:03 - 2016-07-10 16:56 - 000000000 ____D C:\Users\Damy\AppData\Roaming\Adobe
      2017-12-01 19:02 - 2017-04-27 12:52 - 000000000 ____D C:\ProgramData\Wondershare
      2017-12-01 14:19 - 2016-07-10 16:45 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
      2017-11-30 21:13 - 2016-07-14 17:32 - 000000000 ____D C:\Users\Damy\AppData\Local\Popcorn-Time-CE
      2017-11-30 19:10 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\system32\NDF
      2017-11-30 15:07 - 2017-05-22 23:09 - 000003814 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-11-30 15:07 - 2017-02-21 19:59 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-11-30 15:07 - 2017-02-21 19:59 - 000003798 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-11-30 15:07 - 2017-02-21 19:59 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-11-30 15:07 - 2017-02-21 19:59 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-11-30 15:07 - 2017-02-21 19:59 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-11-30 15:07 - 2017-02-21 19:59 - 000003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-11-30 15:07 - 2017-02-21 19:59 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-11-30 15:07 - 2017-02-21 19:59 - 000001416 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
      2017-11-30 15:07 - 2016-07-10 16:35 - 000000000 ____D C:\Program Files\NVIDIA Corporation
      2017-11-28 03:09 - 2016-11-16 00:48 - 000000000 ____D C:\Users\Damy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
      2017-11-25 10:01 - 2017-05-12 15:08 - 000000000 ____D C:\Users\Damy\AppData\Roaming\Mozilla
      2017-11-25 09:40 - 2016-07-10 16:46 - 007874971 _____ C:\Windows\system32\nvcoproc.bin

      ==================== Files in the root of some directories =======

      2016-11-23 13:39 - 2016-11-23 13:39 - 000000253 _____ () C:\Users\Damy\AppData\Roaming\ANICONFIG_{02C87515-2B71-4F77-816F-77F6632C1327}.ini
      2016-08-30 15:14 - 2017-01-07 15:20 - 000099384 _____ () C:\Users\Damy\AppData\Roaming\inst.exe
      2016-08-30 15:14 - 2017-01-07 15:20 - 000007859 _____ () C:\Users\Damy\AppData\Roaming\pcouffin.cat
      2016-08-30 15:14 - 2017-01-07 15:20 - 000001167 _____ () C:\Users\Damy\AppData\Roaming\pcouffin.inf
      2016-08-30 15:14 - 2017-01-07 15:20 - 000000055 _____ () C:\Users\Damy\AppData\Roaming\pcouffin.log
      2016-08-30 15:14 - 2017-01-07 15:20 - 000082816 _____ (VSO Software) C:\Users\Damy\AppData\Roaming\pcouffin.sys
      2016-08-26 02:34 - 2016-10-23 02:24 - 000007616 _____ () C:\Users\Damy\AppData\Local\Resmon.ResmonCfg
      2017-04-26 23:33 - 2017-04-26 23:33 - 000000003 _____ () C:\Users\Damy\AppData\Local\updater.log
      2017-04-26 23:33 - 2017-05-06 15:44 - 000000425 _____ () C:\Users\Damy\AppData\Local\UserProducts.xml

      Some files in TEMP:
      ====================
      2017-12-15 22:42 - 2017-12-18 05:36 - 000192512 _____ () C:\Users\Damy\AppData\Local\Temp\sfamcc00001.dll

      ==================== Bamital & volsnap ======================

      (There is no automatic fix for files that do not pass verification.)

      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\SysWOW64\wininit.exe => File is digitally signed
      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\SysWOW64\explorer.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\SysWOW64\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll => File is digitally signed
      C:\Windows\SysWOW64\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\SysWOW64\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

      LastRegBack: 2017-12-10 18:22

      ==================== End of FRST.txt ============================

    4. #4
      Usuario Avatar de daaam31
      Registrado
      may 2013
      Ubicación
      Argentina
      Mensajes
      24

      Re: Virus y más

      Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-12-2017
      Ran by Damy (18-12-2017 15:07:37)
      Running from C:\Users\Damy\Desktop
      Windows 7 Ultimate Service Pack 1 (X64) (2016-07-10 19:19:31)
      Boot Mode: Normal
      ==========================================================


      ==================== Accounts: =============================

      Administrador (S-1-5-21-3658655688-3574193487-3246829310-500 - Administrator - Disabled)
      Damy (S-1-5-21-3658655688-3574193487-3246829310-1000 - Administrator - Enabled) => C:\Users\Damy
      HomeGroupUser$ (S-1-5-21-3658655688-3574193487-3246829310-1002 - Limited - Enabled)
      Invitado (S-1-5-21-3658655688-3574193487-3246829310-501 - Limited - Disabled)

      ==================== Security Center ========================

      (If an entry is included in the fixlist, it will be removed.)

      AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
      AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

      ==================== Installed Programs ======================

      (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

      Actualización de NVIDIA 31.0.1.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.0.1.0 - NVIDIA Corporation) Hidden
      Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 22.0.0.153 - Adobe Systems Incorporated)
      Adobe Flash Player 28 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 28.0.0.126 - Adobe Systems Incorporated)
      Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
      Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
      Apple Application Support (32 bits) (HKLM-x32\...\{BC7C46A4-D7A7-48EC-A98C-32A7762B5EFA}) (Version: 6.2.1 - Apple Inc.)
      Apple Application Support (64 bits) (HKLM\...\{F0C4B709-8BF4-4A72-B527-12E7BF5482F8}) (Version: 6.2.1 - Apple Inc.)
      Apple Mobile Device Support (HKLM\...\{BD6778C5-6FA5-492A-ADD6-E706339C2A7B}) (Version: 11.0.2.4 - Apple Inc.)
      Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
      Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.8.2318 - AVAST Software)
      Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
      CCleaner (HKLM\...\CCleaner) (Version: 5.38 - Piriform)
      CPUID CPU-Z 1.77 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
      D-Link DWA-125 (HKLM-x32\...\{E45CACFE-0576-4375-A84F-C34B99A7B652}) (Version: - D-Link)
      EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
      ESEA Client (HKU\S-1-5-21-3658655688-3574193487-3246829310-1000\...\ESEA) (Version: 5.0.0.0 - E-Sports Entertainment LLC)
      FACEIT 0.12.0 (HKLM\...\1b460c18-2611-5297-a1a8-4f35160a268c) (Version: 0.12.0 - FACEIT Ltd.)
      FACEIT Client version 1.0 (HKLM\...\{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1) (Version: 1.0 - FACEIT LTD)
      Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.6.321 - Foxit Software Inc.)
      Gamersclub Anti Cheat (HKLM-x32\...\{C14C05CA-F9F5-45C3-9C23-43E10AF71897}) (Version: 1.00 - EMACLab)
      Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.84 - Google Inc.)
      Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
      HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.0.7.4 - Hi-Rez Studios)
      Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
      iTunes (HKLM\...\{F61FB85E-C890-4876-B33C-065550BDAAFC}) (Version: 12.7.2.60 - Apple Inc.)
      League of Legends (HKLM-x32\...\{11B6CA74-0359-4E8B-9729-1902B9ADD29C}) (Version: 4.1.2 - Riot Games) Hidden
      League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
      Lightshot-5.4.0.10 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.10 - Skillbrains)
      Malwarebytes versión 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
      Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
      Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
      Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
      Microsoft Visual C++ vNext Redistributable (x64) - 14.10.24629 (HKLM-x32\...\{c60f2e5a-912d-426c-a6b1-8a80bebab424}) (Version: 14.10.24629.0 - Microsoft Corporation)
      Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
      Movavi Video Converter 18 Premium (HKLM-x32\...\Movavi Video Converter 18 Premium) (Version: 18.1.0 - Movavi)
      Mozilla Firefox 57.0.2 (x64 es-AR) (HKLM\...\Mozilla Firefox 57.0.2 (x64 es-AR)) (Version: 57.0.2 - Mozilla)
      Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.2 - Mozilla)
      NVIDIA Controlador de 3D Vision 388.59 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.59 - NVIDIA Corporation)
      NVIDIA Controlador de audio HD 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
      NVIDIA Controlador de gráficos 388.59 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.59 - NVIDIA Corporation)
      NVIDIA Controlador de la controladora 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
      NVIDIA GeForce Experience 3.11.0.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.11.0.73 - NVIDIA Corporation)
      NVIDIA Software del sistema PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
      Origin (HKLM-x32\...\Origin) (Version: 10.5.8.11002 - Electronic Arts, Inc.)
      Panel de control de NVIDIA 388.59 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.59 - NVIDIA Corporation) Hidden
      Paquete de idioma de Microsoft .NET Framework 4.5 ESN (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.50709 - Microsoft Corporation)
      Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
      Popcorn Time Community (HKLM-x32\...\{F9BC7890-4FE5-4391-8C59-CD0C556EF115}) (Version: 0.4.0 - YTS.ph) <==== ATTENTION
      Popcorn-Time (HKU\S-1-5-21-3658655688-3574193487-3246829310-1000\...\Popcorn-Time) (Version: 0.3.10 - Popcorn Time)
      Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6728 - Realtek Semiconductor Corp.)
      Skype versión 8.12 (HKLM-x32\...\Skype_is1) (Version: 8.12 - Skype Technologies S.A.)
      SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
      swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
      TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.3 - TeamSpeak Systems GmbH)
      TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.77242 - TeamViewer)
      Uplay (HKLM-x32\...\Uplay) (Version: 22.2 - Ubisoft)
      VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
      Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
      WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
      Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)

      ==================== Custom CLSID (Whitelisted): ==========================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-18] (AVAST Software)
      ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-18] (AVAST Software)
      ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-18] (AVAST Software)
      ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2016-03-09] (Foxit Software Inc.)
      ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-03] (Alexander Roshal)
      ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-03] (Alexander Roshal)
      ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-18] (AVAST Software)
      ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
      ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-12-05] (NVIDIA Corporation)
      ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-18] (AVAST Software)
      ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
      ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-03] (Alexander Roshal)
      ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-03] (Alexander Roshal)

      ==================== Scheduled Tasks (Whitelisted) =============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      Task: {0AED86E8-934D-4774-9F08-4C3F2163D2C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-10] (Google Inc.)
      Task: {1B1B1E0E-BDC1-4ED3-8F48-7FB3DE6BD120} - System32\Tasks\{786E5498-14B6-44F6-B736-2C75B29964C3} => C:\Program Files (x86)\Origin Games\FIFA 17\FIFA17.exe
      Task: {1EEA407C-8B0F-44E4-ABEF-F1D7A53639BD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-12] (Adobe Systems Incorporated)
      Task: {1FA84343-373A-4533-AD46-BF7F93B9585D} - System32\Tasks\{6D94FC6E-89FD-43A2-AC09-CF86A745B57A} => C:\Program Files (x86)\Origin\Origin.exe [2017-12-09] (Electronic Arts)
      Task: {2EFE04FC-F89A-4CD4-9E8D-C64714AB9742} - System32\Tasks\{7283DD40-2B39-45BD-94B7-DBB7CC12DFA8} => C:\Program Files (x86)\Origin Games\FIFA 16\fifa16.exe
      Task: {45D1678B-B949-418A-B549-4016C5B98DD8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-10] (Google Inc.)
      Task: {48642ED5-01D2-4D7D-833D-E77F7EE33A63} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-11-15] (NVIDIA Corporation)
      Task: {570CA71D-26F2-4061-B4EC-3FCA028466BF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-11-15] (NVIDIA Corporation)
      Task: {5AC50F94-03DA-42E1-86B3-644EDF0D889C} - System32\Tasks\FACEIT Client => C:\Program Files\FACEIT Client\faceitclient.exe [2017-12-08] ()
      Task: {61DF48A5-E733-4CDE-A8FB-E89D6A812B6E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-11-15] (NVIDIA Corporation)
      Task: {628AF7D1-C9E6-417B-BB94-F362414D0E19} - System32\Tasks\{22582ED6-DF82-42A2-9D4F-C1C54DF64AEB} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Hi-Rez Studios\HiRezGamesDiagAndSupport.exe" -c uninstall=0
      Task: {6C1A52FB-4107-4D5F-8D89-13F312FC77A1} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
      Task: {6F4F8760-1D81-42CE-A164-D42303BF5213} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-11-15] (NVIDIA Corporation)
      Task: {897EB89F-74D5-4864-82CF-F9CED207AABB} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-12-18] (AVAST Software)
      Task: {8A6BDD4E-69A9-4AC8-A2AC-D23A6644B038} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-12-01] (Piriform Ltd)
      Task: {9CEC8972-786F-4D25-9492-3E84FB4276AC} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-11-15] (NVIDIA Corporation)
      Task: {AA89AF1A-FC4E-46F7-AF0F-EA5AACC2C2EF} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-11-15] (NVIDIA Corporation)
      Task: {AC32D95D-C329-407F-9110-E2B5475D0E34} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-11-15] (NVIDIA Corporation)
      Task: {B00CA186-CDE3-41A9-9113-D8AF2DD72F01} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-12-01] (Piriform Ltd)
      Task: {C064012C-9234-4EDD-BC43-1D003D7F0085} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_126_pepper.exe [2017-12-12] (Adobe Systems Incorporated)
      Task: {E8FACFFD-C630-4585-8FFA-A9D8113E3FC4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
      Task: {EB856060-3E66-4E3E-A065-D66E01514408} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-11-15] (NVIDIA Corporation)
      Task: {F14277D2-5DA8-4047-8E43-F45CD356F15A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2017-12-18] (AVAST Software)
      Task: {F490ABDD-08CA-47A1-AD04-AAC73D4F94A1} - System32\Tasks\{94D67F1A-04D4-4409-B49B-13F53B6832E0} => C:\Windows\system32\pcalua.exe -a C:\Users\Damy\Desktop\InsHelper.exe -d C:\Users\Damy\Desktop
      Task: {FDBEC0CA-E97B-4B7A-8726-CC7BFFEFE1C4} - System32\Tasks\{D427E1E4-73BA-4865-864F-E2E3958837D7} => C:\Program Files (x86)\Origin Games\FIFA 16\fifa16.exe

      (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


      ==================== Shortcuts & WMI ========================

      (The entries could be listed to be restored or removed.)


      ShortcutWithArgument: C:\Users\Damy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\76f9e4d33b60b312\Popcorn-Time.lnk -> C:\Users\Damy\AppData\Local\Popcorn-Time\Popcorn-Time.exe (The NWJS Community) -> --user-data-dir="C:\Users\Damy\AppData\Local\Popcorn-Time\User Data" --profile-directory=Default --app-id=hecfofbbdfadifpemejbbdcjmfmboohj

      ==================== Loaded Modules (Whitelisted) ==============

      2010-01-30 02:40 - 2010-01-30 02:40 - 004254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
      2017-11-30 18:54 - 2017-11-30 18:54 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
      2017-11-30 18:54 - 2017-11-30 18:54 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
      2016-07-10 16:23 - 2010-07-12 14:39 - 000053248 _____ () C:\Program Files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe
      2016-07-12 03:38 - 2016-07-12 03:38 - 000062168 _____ () C:\Program Files\CCleaner\branding.dll
      2017-12-01 12:23 - 2017-12-01 12:23 - 000087936 _____ () C:\Program Files\CCleaner\lang\lang-1034.dll
      2017-12-18 14:48 - 2017-11-29 09:11 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
      2017-02-21 19:59 - 2017-11-15 22:41 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
      2017-12-18 05:52 - 2017-12-18 05:52 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
      2017-12-18 05:52 - 2017-12-18 05:52 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
      2017-12-18 05:52 - 2017-12-18 05:52 - 000237808 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
      2017-12-18 05:52 - 2017-12-18 05:52 - 000244584 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
      2017-12-18 05:52 - 2017-12-18 05:52 - 000151104 _____ () C:\Program Files\AVAST Software\Avast\network_notifications.dll
      2017-12-18 14:14 - 2017-12-18 14:14 - 005766800 _____ () C:\Program Files\AVAST Software\Avast\defs\17121800\algo.dll
      2017-12-18 05:52 - 2017-12-18 05:52 - 000710056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
      2017-12-18 05:52 - 2017-12-18 05:52 - 000245608 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
      2017-12-18 05:52 - 2017-12-18 05:52 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
      2017-12-18 05:52 - 2017-12-18 05:52 - 000235816 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
      2017-02-21 19:59 - 2017-11-15 22:41 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll

      ==================== Alternate Data Streams (Whitelisted) =========

      (If an entry is included in the fixlist, only the ADS will be removed.)


      ==================== Safe Mode (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

      ==================== Association (Whitelisted) ===============

      (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


      ==================== Internet Explorer trusted/restricted ===============

      (If an entry is included in the fixlist, it will be removed from the registry.)


      ==================== Other Areas ============================

      (Currently there is no automatic fix for this section.)

      HKU\S-1-5-21-3658655688-3574193487-3246829310-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Damy\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
      DNS Servers: Media is not connected to internet.
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
      Windows Firewall is disabled.

      ==================== MSCONFIG/TASK MANAGER disabled items ==

      MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Damy\AppData\Local\Akamai\netsession_win.exe"
      MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
      MSCONFIG\startupreg: D-Link D-Link DWA-125 => C:\Program Files (x86)\D-Link\DWA-125 revA\AirNCFG.exe
      MSCONFIG\startupreg: FACEIT => "C:\Program Files\FACEIT\FACEIT.exe"
      MSCONFIG\startupreg: Gaijin.Net Agent => "C:\Users\Damy\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe"
      MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
      MSCONFIG\startupreg: Lightshot => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
      MSCONFIG\startupreg: PlaysTV => "C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe" --startup
      MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

      ==================== FirewallRules (Whitelisted) ===============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      FirewallRules: [{EAA3163A-46DB-4340-A395-E6155555533E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
      FirewallRules: [{F39E6371-46D9-4816-8C49-C9B29988ABF9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
      FirewallRules: [{829D3AB0-9C8A-4B96-9F32-FC31E2E6CB82}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
      FirewallRules: [{EC77B2F7-3546-4800-AF55-021463CF84E9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
      FirewallRules: [{C3AC2E74-BFF9-46CA-A9BA-C75FFA595B40}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
      FirewallRules: [{AE9B3D3A-DEBC-46FE-9884-DBC390425F08}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
      FirewallRules: [{94CB0278-C68E-4EC5-ACA0-42F486817E81}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
      FirewallRules: [{0D3C2C34-4259-4C4D-AF9E-7FE508EDF81A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
      FirewallRules: [{4ACDCCEB-B5DE-4D66-9401-49883D80E7B4}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
      FirewallRules: [{2BB0378A-8022-4A21-BCDF-53E0E318EB4E}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
      FirewallRules: [{76C1BDCD-54EA-4E07-ACED-311B5E5B7D65}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      FirewallRules: [{E4C0AFED-964D-4DDB-9010-671F8EF91E76}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      FirewallRules: [{1A1265DF-1F43-4AC8-A1EE-186173E29A17}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
      FirewallRules: [{08D87EDA-6BF0-4D15-B980-35B7591C19D1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
      FirewallRules: [{29158AD4-673A-438D-BF2C-BDF3FE34D6E0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
      FirewallRules: [{B14479F6-1C5E-4AF0-BF21-D984CC07FF78}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
      FirewallRules: [{55CAA442-4922-4CFF-B556-387DFE899AA5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
      FirewallRules: [{E2805932-1F52-442C-A55F-A7E90B968A95}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
      FirewallRules: [{4C71F5BF-3CBB-4D1F-A1ED-ABAE971788B9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      FirewallRules: [{23788554-5516-4DAB-A44E-2825694F11AB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      FirewallRules: [{C4F2D7E6-7FD9-4DDA-8364-E02FC75A7C72}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      FirewallRules: [{8652BBCF-701D-45B5-A4E5-C76358C0ECFA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      FirewallRules: [{7928A19F-965A-4DE9-9A6E-C818294CF95A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
      FirewallRules: [{9610F3D6-44F9-4E18-A0E0-9514282FCC8B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
      FirewallRules: [{C1D9D5A2-5802-469D-85E9-6E2261F46FE1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
      FirewallRules: [{E37D9374-8A9F-48B9-A894-95963574D6AB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
      FirewallRules: [{0149C76D-D2E4-4177-B5AD-D07CED47722F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
      FirewallRules: [{460E5F96-760A-413D-9F1A-FD62DB142D1E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
      FirewallRules: [{B31C352F-249E-48F4-ADF4-CC64F9484A1D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Paladins\Binaries\Win32\HirezBridge.exe
      FirewallRules: [{8927ECF7-57C8-454E-A85D-A43F3838894D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Paladins\Binaries\Win32\HirezBridge.exe
      FirewallRules: [{C2CDE51B-27BD-41D4-963D-86C2F365BDD1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      FirewallRules: [{077247F5-B13A-45DE-A7BF-F300C99A3455}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
      FirewallRules: [{EDDD84C0-D701-47C1-A65D-D15BE40461FA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
      FirewallRules: [{F33812A8-3E1C-4FD3-8968-1539E025EE82}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
      FirewallRules: [{CE339C17-5D56-489C-BF25-91A129CDE7B7}] => (Allow) C:\Program Files\iTunes\iTunes.exe
      FirewallRules: [{24EBD88B-26BC-4AC4-9A2A-331307110F0E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      FirewallRules: [{2286D57F-C9D9-4A5E-BA93-124977B1F3DA}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
      FirewallRules: [{39577432-3862-46AA-80BC-C4E2F53BE211}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe

      ==================== Restore Points =========================

      13-12-2017 23:12:26 Se ha instalado DirectX
      18-12-2017 15:01:08 JRT Pre-Junkware Removal

      ==================== Faulty Device Manager Devices =============

      Name:
      Description:
      Class Guid:
      Manufacturer:
      Service:
      Problem: : The drivers for this device are not installed. (Code 28)
      Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

      Name: ESEADriver2
      Description: ESEADriver2
      Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
      Manufacturer:
      Service: ESEADriver2
      Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
      Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
      Devices stay in this state if they have been prepared for removal.
      After you remove the device, this error disappears.Remove the device, and this error should be resolved.

      Name: NIC de Gigabit de Ethernet PCI-E de la familia Realtek RTL8168C(P)/8111C(P) (NDIS 6.20)
      Description: NIC de Gigabit de Ethernet PCI-E de la familia Realtek RTL8168C(P)/8111C(P) (NDIS 6.20)
      Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
      Manufacturer: Realtek
      Service: RTL8167
      Problem: : This device is disabled. (Code 22)
      Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

      Name: BAPIDRV
      Description: BAPIDRV
      Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
      Manufacturer:
      Service: BAPIDRV
      Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
      Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
      Devices stay in this state if they have been prepared for removal.
      After you remove the device, this error disappears.Remove the device, and this error should be resolved.


      ==================== Event log errors: =========================

      Application errors:
      ==================
      Error: (12/18/2017 02:56:10 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
      Description: No se puede inicializar el índice.

      Detalles:
      El catálogo del índice de contenido está dañado. (HRESULT : 0xc0041801) (0xc0041801)

      Error: (12/18/2017 02:56:10 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
      Description: No se puede inicializar la aplicación.

      Contexto: aplicación Windows

      Detalles:
      El catálogo del índice de contenido está dañado. (HRESULT : 0xc0041801) (0xc0041801)

      Error: (12/18/2017 02:56:10 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
      Description: No se puede inicializar el objeto Recopilador.

      Contexto: aplicación Windows, catálogo SystemIndex

      Detalles:
      El catálogo del índice de contenido está dañado. (HRESULT : 0xc0041801) (0xc0041801)

      Error: (12/18/2017 02:56:10 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
      Description: No se puede inicializar el complemento <Search.TripoliIndexer>.

      Contexto: aplicación Windows, catálogo SystemIndex

      Detalles:
      No se ha encontrado el elemento. (HRESULT : 0x80070490) (0x80070490)

      Error: (12/18/2017 02:56:07 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
      Description: No se puede inicializar el complemento <Search.JetPropStore>.

      Contexto: aplicación Windows, catálogo SystemIndex

      Detalles:
      El catálogo del índice de contenido está dañado. (HRESULT : 0xc0041801) (0xc0041801)

      Error: (12/18/2017 02:56:07 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
      Description: El servicio Windows Search no puede cargar la información del almacén de propiedades.

      Contexto: aplicación Windows, catálogo SystemIndex

      Detalles:
      La base de datos del índice de contenido está dañada. (HRESULT : 0xc0041800) (0xc0041800)

      Error: (12/18/2017 02:56:07 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
      Description: El servicio Windows Search se está deteniendo porque hay un problema con el indizador: The catalog is corrupt.

      Detalles:
      El catálogo del índice de contenido está dañado. (HRESULT : 0xc0041801) (0xc0041801)

      Error: (12/18/2017 02:56:07 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
      Description: El servicio de búsqueda detectó archivos de datos dañados en el índice {id=4700}. Este servicio intentará corregir este problema automáticamente mediante la nueva generación del índice.

      Detalles:
      El catálogo del índice de contenido está dañado. (HRESULT : 0xc0041801) (0xc0041801)

      Error: (12/18/2017 02:56:07 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
      Description: El servicio Windows Search no puede abrir el almacén de propiedades de Jet.

      Detalles:
      0x%08x (0xc0041800 - La base de datos del índice de contenido está dañada. (HRESULT : 0xc0041800))

      Error: (12/18/2017 02:56:06 PM) (Source: ESENT) (EventID: 455) (User: )
      Description: Windows (4444) Windows: Error -1811 al abrir un archivo de registro C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00038.log.


      System errors:
      =============
      Error: (12/18/2017 03:01:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
      Description: El servicio NVIDIA LocalSystem Container terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.

      Error: (12/18/2017 03:01:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
      Description: El servicio NVIDIA Display Container LS terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 1000 milisegundos: Reiniciar el servicio.

      Error: (12/18/2017 02:59:45 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
      Description: Error al intentar leer el archivo local de hosts.

      Error: (12/18/2017 02:58:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
      Description: El servicio Origin Web Helper Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

      Error: (12/18/2017 02:58:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
      Description: El servicio Protección de software terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio.

      Error: (12/18/2017 02:58:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
      Description: El servicio Wondershare Application Framework Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

      Error: (12/18/2017 02:58:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
      Description: El servicio Servicio de uso compartido de red del Reproductor de Windows Media terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.

      Error: (12/18/2017 02:58:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
      Description: El servicio NVIDIA LocalSystem Container terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.

      Error: (12/18/2017 02:58:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
      Description: El servicio Apple Mobile Device Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 60000 milisegundos: Reiniciar el servicio.

      Error: (12/18/2017 02:58:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
      Description: El servicio Servicio del iPod se terminó de manera inesperada. Esto ha sucedido 1 veces.


      CodeIntegrity:
      ===================================
      Date: 2016-07-28 20:45:10.655
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\360Box64.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2016-07-28 20:45:10.085
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\360AntiHacker64.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2016-07-28 20:45:06.035
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\360AvFlt.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2016-07-28 19:49:17.107
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2016-07-28 19:48:32.131
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2016-07-28 19:48:31.866
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2016-07-28 1935.544
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2016-07-28 19:09:57.256
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2016-07-28 19:09:57.006
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2016-07-28 18:44:03.669
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.


      ==================== Memory info ===========================

      Processor: Intel(R) Core(TM) i5-3330 CPU @ 3.00GHz
      Percentage of memory in use: 21%
      Total physical RAM: 8157.21 MB
      Available physical RAM: 6367.05 MB
      Total Virtual: 16312.6 MB
      Available Virtual: 14599.78 MB

      ==================== Drives ================================

      Drive c: () (Fixed) (Total:298.08 GB) (Free:146.79 GB) NTFS
      Drive d: () (Fixed) (Total:74.43 GB) (Free:68.73 GB) NTFS

      ==================== MBR & Partition Table ==================

      ========================================================
      Disk: 0 (MBR Code: Windows 7 or 8) (Size: 74.5 GB) (Disk ID: 8D1C8D1C)
      Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
      Partition 2: (Not Active) - (Size=74.4 GB) - (Type=07 NTFS)

      ========================================================
      Disk: 1 (Size: 298.1 GB) (Disk ID: B1B2B1B2)
      Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)

      ==================== End of Addition.txt ============================

    5. #5
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Via Lactea.
      Mensajes
      23.512

      Re: Virus y más

      Hola.

      Bien y ahora haces lo siguiente, descarga e instala este programa >> Manual de Revo Uninstaller, lee y revisa bien su funcionamiento.
      Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas "Ejecutar como Administrador" tanto para hacer la instalación como al ejecutar el programa.
      Y úsalo para desinstalar todos los programas que encuentres que se llamen o tengan en su nombre, cualquiera de estas denominaciones :

      Popcorn Time Community
      Popcorn-Time
      Cuando Revo te pida, que selecciones el método de desinstalación, seleccionas "Avanzado".

      Si durante el proceso te solicita "Reiniciar" NO lo hagas, dile que NO y deja que Revo siga trabajando.

      Cuando termines todos los procesos de desinstalación ya Reinicias tú el ordenador.

      Nos comentas como sigue el problema inicial.

      Saludos.
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    6. #6
      Usuario Avatar de daaam31
      Registrado
      may 2013
      Ubicación
      Argentina
      Mensajes
      24

      Re: Virus y más

      Hola.

      Ya realicé los pasos que me dijiste sin ningún inconveniente.
      Quería comentarte que luego de realizar los primeros pasos que me dijiste la primera vez, no me tiró más pantalla azul. Pero hoy por la tarde, el Avast se abrió y detectó al mismo tiempo 10 amenazas, todas con el mismo nombre. Te dejo captura, para que veas. Muchas gracias!

      http://prntscr.com/hput7g

    7. #7
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Via Lactea.
      Mensajes
      23.512

      Re: Virus y más

      Hola.

      Esa infección que detecta AVAST, según se ve en la imagen, corresponde al escudo web que incorpora, por tanto debió ser algo que detecto mientras estabas navegando y quedo correctamente controlado por AVAST.

      Que navegador estabas usando cuando ocurrió ese incidente.??
      Como sigue el problema que inicialmente planteaste.??
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    8. #8
      Usuario Avatar de daaam31
      Registrado
      may 2013
      Ubicación
      Argentina
      Mensajes
      24

      Re: Virus y más

      Hola.
      Me llama poderosamente la atención, que me salta constantemente y no ingreso a ningún sitio web. Uso el navegador google chrome.
      En referencia al primer problema planteado, no sufrí otro inconveniente. Creo que quedó solucionado.
      Mi duda surge, en si están relacionados estos problemas que te cuento, ya que buscando en internet ambos tenían los mismos "peligros".
      Gracias.

    9. #9
      Moderador Gral.
      Avatar de @Javier_HF
      Registrado
      jun 2006
      Ubicación
      Via Lactea.
      Mensajes
      23.512

      Re: Virus y más

      Veamos..... si entiendo bien, esos mensajes de AVAST te salieron sin tu estar conectado a Internet con un navegador.??
      Quien no lo intenta no lo consigue | ;-)

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    10. #10
      Usuario Avatar de daaam31
      Registrado
      may 2013
      Ubicación
      Argentina
      Mensajes
      24

      Re: Virus y más

      Nono, tenía el navegador abierto, pero no estaba en ninguna página que pueda ser potencialmente peligrosa

    Página 1 de 2 12 ÚltimoÚltimo